From 2351c1e5aa7629d5fcbc5619ba85097baa81e0c7 Mon Sep 17 00:00:00 2001 From: David Gregorczyk <54440227+d-gregorczyk@users.noreply.github.com> Date: Wed, 21 Jun 2023 08:38:10 +0200 Subject: [PATCH 1/7] #154 Add SES req in volume 1. (#168) * #154 Add SES req in volume 1. * #154 Remove requirement remnants. * #154 Add BPKP reference. --- CHANGELOG.md | 1 + .../use-cases/tf1-ch-c-use-case-stad.adoc | 18 ++- .../tf1-ch-c-use-case-stad.adoc.orig | 113 ++++++++++++++++++ ...3.2.10-mdib-efficiency-considerations.adoc | 4 + 4 files changed, 135 insertions(+), 1 deletion(-) create mode 100644 asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc.orig create mode 100644 asciidoc/volume3/mdib-efficieny/tf3-ch-8.3.2.10-mdib-efficiency-considerations.adoc diff --git a/CHANGELOG.md b/CHANGELOG.md index 02b214d..fb9d63f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,6 +17,7 @@ Each section shall contain a list of action items of the following format: `> may decide to limit user notification of technical *And* The device will periodically attempt to reconnect to the <> and <> -*And* Based on a <>'s risk management, the device may be disconnected entirely from the <> network. \ No newline at end of file +==== Safety, Effectiveness & Security Considerations and Requirements + +.R1500 +[sdpi_requirement#r1500,sdpi_req_level=shall] +**** +The <> of a <> shall consider the risk of workflow interruption due to misaligned clocks. + +.Notes +[%collapsible] +==== + +NOTE: Clocks of <>s run apart due to lack of synchronization with NTP servers, different clock drifts or cyberattacks. + +NOTE: This requirement supplements RR1162 in <>: _The MANUFACTURER of an SDC BASE CONSUMER SHALL consider the RISKs resulting from erroneous timestamps._ + +==== +**** \ No newline at end of file diff --git a/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc.orig b/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc.orig new file mode 100644 index 0000000..a4b79fb --- /dev/null +++ b/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc.orig @@ -0,0 +1,113 @@ +[#vol1_clause_appendix_c_use_case_stad,sdpi_offset=2] +=== Use Case Feature {var_use_case_id}: <> (<>) + +// NOTE: See use case labels in document-declarations.adoc + +==== Narrative +Nurse Jean attaches a ventilator to the medical device network in the ICU. It automatically obtains the correct time. + +==== Benefits +Automatically acquiring the time saves the user from spending time entering the time into the device. It also guarantees that the correct time will be entered. +It is also important for all devices to have a consistent time since the data being exported to consuming devices and systems will use the time stamps from the device to mark the time that the clinical data was acquired. Since this is part of the clinical record, accuracy is very important. + +==== Technical View + +.<> (<>) -- Technical View + +image::../images/vol1-diagram-use-case-stad-tech-view.svg[align=center] + +[#vol1_clause_appendix_c_use_case_stad_technical_precondition] +==== Technical Pre-Conditions + +*Given* All devices communicate using a common <> protocol + +*And* A Time Source (TS) Service is on the <> network + +[#vol1_clause_appendix_c_use_case_stad_scenarios] +==== Scenarios + +===== Scenario: <> {var_use_case_id}.1 - Device is connected to the MD LAN network with a Time Source service + +*Given* Device has detected at least one <> + +*When* The <> is operational + +*Then* The device will synchronize its time with the <> + + +===== Scenario: <> {var_use_case_id}.2 - Device is connected to the MD LAN network with a TS Service and a user wants to change the device's time + +*Given* Device has detected at least one <> + +*When* The <> is operational + +*And* The user attempts to change the time on the device manually + +*Then* The device will disable the ability to change its time manually + + +===== Scenario: <> {var_use_case_id}.3 - Device is connected to the MD LAN network and cannot connect to a TS Service + +*Given* Device has just connected to the <> network and has not detected any <>s + +*When* The <> is not operational or inaccessible + +*Then* The device will not participate on the <> network until it detects and connects to a <> + +===== Scenario: <> {var_use_case_id}.4 - Devices are operational in the MD LAN network but cannot access the TS Service + +*Given* Device is operational on the <> network + +*When* The <> is no longer operational or otherwise inaccessible + +*Then* The device will rely on its internal clock for time synchronization + +*And* The device will provide the accuracy of its clock in its <> + +*And* The device will periodically attempt to reconnect to the <> + +*And* The device will notify the user about the fact, that the <> cannot be reached + +<<<<<<< HEAD +==== Safety, Effectiveness & Security Considerations and Requirements + +.R1500 +[sdpi_requirement#r1500,sdpi_req_level=shall] +**** +The <> of a <> shall consider the risk of workflow interruption due to misaligned clocks. + +.Notes +[%collapsible] +==== +NOTE: Clocks of <>s run apart due to lack of synchronization with NTP servers, different clock drifts or cyberattacks. + +NOTE: Typically, a <> assumes that system functionality in general may not be available due to loss of network connections, and risks are mitigated accordingly. +==== +**** +======= +*And* The device will create a log entry noting the disconnection from the <> + +*And* The ability to change the device time manually will remain disabled + +NOTE: Device internal clocks are usually accurate enough to bridge short periods of time when no time-servers are accessible. Manual time synchronization is considered too inaccurate for SDC System Functionality. + +NOTE: By using the device's clock accuracy, a consumer can decide if received data is accurate enough for its use case. This may cause the consumer to disconnect from the device. + +NOTE: A <> may decide to limit user notification of technical issues to certain user groups (e.g., biomed). + +===== Scenario: <> {var_use_case_id}.5 - Devices are operational in the MD LAN network but cannot access the TS Service and clock drift is unacceptable + +*Given* Device is operational on the <> network + +*And* The <> is no longer operational or otherwise inaccessible + +*When* The clock drift of the device exceeds an internal threshold + +*Then* The device will notify the user that time synchronization is no longer functional, which may limit the availability of SDC System Functionality + +*And* The device will create a log entry noting inaccurate time synchronization + +*And* The device will periodically attempt to reconnect to the <> and <> + +*And* Based on a <>'s risk management, the device may be disconnected entirely from the <> network. +>>>>>>> master diff --git a/asciidoc/volume3/mdib-efficieny/tf3-ch-8.3.2.10-mdib-efficiency-considerations.adoc b/asciidoc/volume3/mdib-efficieny/tf3-ch-8.3.2.10-mdib-efficiency-considerations.adoc new file mode 100644 index 0000000..8beb1e6 --- /dev/null +++ b/asciidoc/volume3/mdib-efficieny/tf3-ch-8.3.2.10-mdib-efficiency-considerations.adoc @@ -0,0 +1,4 @@ +[#vol3_clause_mdib_efficiency_considerations] +===== MDIB Efficiency Considerations + +The \ No newline at end of file From a13a18fb5ff4f7944eef85edbdb67ccebd2822f2 Mon Sep 17 00:00:00 2001 From: Feiler Date: Thu, 15 Jun 2023 10:40:50 +0200 Subject: [PATCH 2/7] #30 Forbid manual TS Service configuration --- CHANGELOG.md | 3 ++- .../use-cases/tf1-ch-c-use-case-stad.adoc | 21 ++++++++++++++----- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fb9d63f..99efd3a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,9 +19,10 @@ Each section shall contain a list of action items of the following format: `> -===== Scenario: <> {var_use_case_id}.2 - Device is connected to the MD LAN network with a TS Service and a user wants to change the device's time +===== Scenario: <> {var_use_case_id}.2 - Device is connected to the MD LAN network and a user wants to change the device's time -*Given* Device has detected at least one <> - -*When* The <> is operational +*Given* Device is operational in <> network -*And* The user attempts to change the time on the device manually +*When* The user attempts to change the time on the device manually *Then* The device will disable the ability to change its time manually +==== Safety, Effectiveness & Security Considerations and Requirements + +.R1510 +[sdpi_requirement#r1510,sdpi_req_level=shall] +**** +A <> shall not allow manual configuration of its internal clock. + +.Notes +[%collapsible] +==== +NOTE: Manual change of the devices clock is not even allowed as a backup in case of the <> not being available. This is done since manual configuration introduces a risk of having plausible but still inaccurate timestamps, that may confuse clinicians. +==== +**** ===== Scenario: <> {var_use_case_id}.3 - Device is connected to the MD LAN network and cannot connect to a TS Service From 060119f2c20587855de688be4029dc7c1f333da9 Mon Sep 17 00:00:00 2001 From: Feiler Date: Thu, 15 Jun 2023 13:28:37 +0200 Subject: [PATCH 3/7] #30 fix wrong number in heading --- asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc b/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc index e1f99d7..75562cf 100644 --- a/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc +++ b/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc @@ -35,7 +35,7 @@ image::../images/vol1-diagram-use-case-stad-tech-view.svg[align=center] *Then* The device will synchronize its time with the <> -===== Scenario: <> {var_use_case_id}.2 - Device is connected to the MD LAN network and a user wants to change the device's time +===== Scenario: <> {var_use_case_id}.1 - Device is connected to the MD LAN network and a user wants to change the device's time *Given* Device is operational in <> network From 8de37c9208b440df463cc8b51c8c9648c17e2135 Mon Sep 17 00:00:00 2001 From: Feiler Date: Thu, 15 Jun 2023 15:23:39 +0200 Subject: [PATCH 4/7] #30 fix review findings --- asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc b/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc index 75562cf..41db28a 100644 --- a/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc +++ b/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc @@ -43,17 +43,17 @@ image::../images/vol1-diagram-use-case-stad-tech-view.svg[align=center] *Then* The device will disable the ability to change its time manually -==== Safety, Effectiveness & Security Considerations and Requirements +====== Safety, Effectiveness & Security Considerations and Requirements .R1510 [sdpi_requirement#r1510,sdpi_req_level=shall] **** -A <> shall not allow manual configuration of its internal clock. +A <> shall not allow manual configuration of its internal clock while the device is is operational in <> network. .Notes [%collapsible] ==== -NOTE: Manual change of the devices clock is not even allowed as a backup in case of the <> not being available. This is done since manual configuration introduces a risk of having plausible but still inaccurate timestamps, that may confuse clinicians. +NOTE: Manual change of the devices clock is not even allowed as a backup in case of the <> not being available. This is done since manual configuration would lead to plausible but still inaccurate timestamps. ==== **** From b35bd81a7c78a7530e3f4b75d87fec47bc1a7427 Mon Sep 17 00:00:00 2001 From: AnnaFeiler <113893906+AnnaFeiler@users.noreply.github.com> Date: Wed, 21 Jun 2023 11:19:06 +0200 Subject: [PATCH 5/7] Update asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc fix typos Co-authored-by: David Gregorczyk <54440227+d-gregorczyk@users.noreply.github.com> --- asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc b/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc index 41db28a..4d69f51 100644 --- a/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc +++ b/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc @@ -48,7 +48,7 @@ image::../images/vol1-diagram-use-case-stad-tech-view.svg[align=center] .R1510 [sdpi_requirement#r1510,sdpi_req_level=shall] **** -A <> shall not allow manual configuration of its internal clock while the device is is operational in <> network. +A <> shall not allow manual configuration of its internal clock while the device is operational in an <> network. .Notes [%collapsible] From bdece202821ec02b6d162eaeece431c453c6ace6 Mon Sep 17 00:00:00 2001 From: AnnaFeiler <113893906+AnnaFeiler@users.noreply.github.com> Date: Wed, 21 Jun 2023 11:19:50 +0200 Subject: [PATCH 6/7] Update asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc Co-authored-by: David Gregorczyk <54440227+d-gregorczyk@users.noreply.github.com> --- asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc b/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc index 4d69f51..b97a308 100644 --- a/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc +++ b/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc @@ -53,7 +53,7 @@ A <> shall not allow manual configurat .Notes [%collapsible] ==== -NOTE: Manual change of the devices clock is not even allowed as a backup in case of the <> not being available. This is done since manual configuration would lead to plausible but still inaccurate timestamps. +NOTE: Since manual time adjustments of the device's internal clock would lead to plausible but still inaccurate timestamps, this requirement also prohibits manual adjustments when the <> is not available. ==== **** From 5267e0195c2909a9c5febfdd3b2d39125466a0b0 Mon Sep 17 00:00:00 2001 From: Feiler Date: Wed, 21 Jun 2023 11:54:05 +0200 Subject: [PATCH 7/7] #30 fix wrong section number --- asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc b/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc index b97a308..69c9dd9 100644 --- a/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc +++ b/asciidoc/volume1/use-cases/tf1-ch-c-use-case-stad.adoc @@ -35,7 +35,7 @@ image::../images/vol1-diagram-use-case-stad-tech-view.svg[align=center] *Then* The device will synchronize its time with the <> -===== Scenario: <> {var_use_case_id}.1 - Device is connected to the MD LAN network and a user wants to change the device's time +===== Scenario: <> {var_use_case_id}.2 - Device is connected to the MD LAN network and a user wants to change the device's time *Given* Device is operational in <> network