Safety-oriented design of in-house software for new techniques: A case study using a model-based 4DCT protocol.

Purpose: In-house software is commonly employed to implement new imaging and therapy techniques before commercial solutions are available. Risk analysis methods, as detailed in the TG-100 report of the American Association of Physicists in Medicine, provide a framework for quality management of processes but offer little guidance on software design. In this work, we examine a novel model-based four-dimensional computed tomography (4DCT) protocol using the TG-100 approach and describe two additional methods for promoting safety of the associated in-house software.

Methods: To implement a previously published model-based 4DCT protocol, in-house software was necessary for tasks such as synchronizing a respiratory signal to computed tomography images, deformable image registration (DIR), model parameter fitting, and interfacing with a treatment planning system. A process map was generated detailing the workflow. Failure modes and effects analysis (FMEA) was performed to identify critical steps and guide quality interventions. Software system safety was addressed through writing "use cases," narratives that characterize the behavior of the software, for all major operations to elicit safety requirements. Safety requirements were codified using the easy approach to requirements syntax (EARS) to ensure testability and eliminate ambiguity.

Results: Sixty-one failure modes were identified and assigned risk priority numbers using FMEA. Resultant quality management interventions include integration of a comprehensive reporting and logging system into the software, mandating daily and monthly equipment quality assurance procedures, and a checklist to be completed at image acquisition. Use cases and resulting safety requirements informed the design of needed in-house software as well as a suite of tests performed during the image generation process.

Conclusions: TG-100 methods were used to construct a process-level quality management program for a 4DCT imaging protocol. Two supplemental tools from the field of requirements engineering facilitated elicitation and codification of safety requirements that informed the design and testing of in-house software necessary to implement the protocol. These general tools can be applied to promote safety when in-house software is needed to bring new techniques to the clinic.