Making Agile Work in Highly Regulated Environments
Highly regulated industries-avionics suppliers, medical device companies, and pharmaceutical manufacturers-must meet rigorous quality standards to ensure their products are not a danger to the general public. Although compliance has traditionally been achieved with heavyweight waterfall or V-model development methodologies, you can implement agile-or lean-agile-development practices that adhere to standards-based regulations while reducing the risk and improving software quality and reliability. Colin Doyle identifies the constraints that agile and lean-agile software development approaches must address: traceability to clearly defined requirements, formal risk analysis and mitigation, and separation of roles between development and validation. Colin describes ways to leverage agile practices within regulatory constraints, offering specific examples from the commercial avionics standard DO-178B and FDA CDRH software validation guidelines. Take back specific recommendations for implementing agile and lean-agile practices that work within formal standards and demonstrate to regulatory agencies or auditors that appropriate processes are defined and followed.