PROFILPELAJAR.COM

Software of unknown pedigree (SOUP) is software that was developed with a unknown process or methodology, or which has unknown or no safety-related properties.^[1] In the medical device development standard IEC 62304, SOUP expands to software of unknown provenance, and in some contexts uncertain is used instead of unknown, but any combination of unknown/uncertain and provenance/pedigree refer to the same concept; all with the same abbreviation.

The term SOUP is often used in the context of safety-critical and high integrity systems such as medical software – especially in a medical device.

A risk that SOUP poses is that it cannot be relied upon to perform safety-related functions, and it may prevent other software, hardware or firmware from performing their safety-related functions. Addressing the risk involves insulating the safety-involved parts of a system from potentially undesirable effects caused by the SOUP.^[2]

Rather than prohibiting SOUP, additional controls are often imposed to mitigate risk. Practices may include static program analysis and review of the vendor's development process, design artifacts, and safety guidance.^[3]

References

^ Felix Redmill (2001). "The COTS Debate in Perspective". In Udo Voges (ed.). Proceedings of the 20th International Conference on Computer Safety, Reliability and Security, SAFECOMP 2001, Budapest, Hungary, September 26–28, 2001. Springer. pp. 122. ISBN 978-3-540-42607-3.
^ Hall, Ken (June 1, 2010). "Developing Medical Device Software to IEC 62304". EMDT - European Medical Device Technology. Retrieved 2012-12-11.
^ Hobbs, Chris (2011-11-01). "Device makers can take COTS, but only with clear SOUP". Medical Design. Archived from the original on 2013-01-23.

Software of unknown pedigree

References

Further reading