Software development in regulated environment
Software development for applications where security plays a central role is a challenging activity. Let's take the example of applications such as automotive, railway, medical devices. In these cases, the coding activity represents only a minimum part of the aim of the project. The documentation, testing and validation part can also take up to 85% of the activities involved in the development. In particular, the "product" resulting from the development could be subject to certification for its "general availability" to the market. There are regulations and norms (i.e., IEC 62304) that dictate the requirements to follow in such cases. While this exercise can look complex, the famous V-Model can help the organization in managing it. There, an organization can easily map the necessary process steps and documentation needed to control the development and realization of the product. An Agile based organization can adopt this model for example by assuring that the...