Software Requirements List
Contents
Software Requirements List#
This document is related to your product. You somehow need to associate it with it. The easiest way would be to just put all product-related documents into a folder in your QMS so that the association is clear. Alternatively, you could mention the related product and version here, but then you’d have to update the version here any time you do a new release. Painful!
This is a list of your software requirements. If you have multiple software systems (you probably have a backend and a frontend), you can use the “Software System” column. The categories are the 62304 categories from section 5.2.2. Risk Control Measure? is just a yes/no field. And the related risk IDs refer to the risk IDs from your risk table.
Of course, you could also use your own tool like Jira or GitHub issues. Just ensure that the content (i.e., the columns shown here) is roughly the same.
Mapping of Standard Requirements to Document Sections#
Classes |
IEC 62304:2006 Section |
Document Section |
|---|---|---|
A, B, C |
5.2.1, 5.2.2, 5.2.3 |
1 |
ISO 13485:2016 Section |
Document Section |
|---|---|
7.2.1 |
(All) |
7.3.3 |
(All) |
IEC 62366-1:2015 Section |
Title |
Document Section |
|---|---|---|
5.2 |
Identify User Interface characteristics related to Safety and potential Use Errors |
1 |
5.6 |
Establish User Interface Specification |
1 |
1. Software Requirements#
While the 62034 “only” requires you to document Software Requirements, the 13485 also wants you to document higher-level customer requirements. You could solve that by having a two-stage hierarchy of requirements: On the first level, you’d have user stories (= the 13485 customer requirements), and beneath that, for each user story, you’d have more technical specifications (= 62304 software requirements).
There’s no great way to display this in a table, so for now, this table only solves the problem of defining software requirements. Feel free to create a second table for user stories, or just cram them into this one (good luck).
ID |
Software System |
Category |
Description |
Risk Control Measure? |
Related Risk IDs |
|---|---|---|---|---|---|
1 |
App |
Functional |
On first launch, show introduction |
No |
|
2 |
App |
User Interface |
Use user locale (language) |
No |
1 (Risk ID) |
3 |
App |
Functional |
Average CPU usage < 2% |
No |
|
4 |
Backend |
Security |
Store passwords as hashes |
Yes |
|
5 |
Backend |
Interface |
Expose a REST API, handle JSON |
No |