Silvana Togneri MacMahon scite author profile

Silvana Togneri MacMahon

5Publications

40Citation Statements Received

76Citation Statements Given

How they've been cited

How they cite others

Affiliations

Science Foundation Ireland, Dundalk Institute of Technology, Dublin City University

Publications

Order By: Most citations

Revising IEC 80001-1: Risk management of health information technology systems

MacMahon

Cooper²,

McCaffery

2018

Computer Standards & Interfaces

View full text Add to dashboard Cite

IEC 80001-1 was published in 2010 and is now undergoing revision. Feedback gathered on the adoption of the standard has revealed a number of barriers that have impacted its adoption. The standard provides requirements related to the roles, responsibilities and activities that need to be performed for the risk management of medical IT networks. One reported barrier is a lack of drivers to motivate Top Management to implement the standard. In addition, there is a lack of alignment between IT and biomedical engineering departments within hopitals. Finally, the IEC 80001-1 standard was considered to be too complicated and complex to implement. This paper presents the barriers identified in the feedback and presents an approach to the revision of the standard as a process based standard following the structure outlined in ISO/IEC Directives Annex SL and aligned risk management standards as a means to overcome these barriers.

show abstract

Assessing a Hospital's Medical IT Network Risk Management Practice with 80001-1

Hegarty¹,

MacMahon²,

Byrne³

et al. 2014

Biomedical Instrumentation & Technology

View full text Add to dashboard Cite

Medical device interoperability has been identified as a key way of decreasing healthcare costs while improving patient care. 1 This has led to a shift toward placing more medical devices onto information technology (IT) networks. However, placing medical devices onto an IT network may lead to additional risks to safety, effectiveness and security of the devices, the network, and the data. ANSI/AAMI/IEC 80001-1 addresses the roles, responsibilities, and activities that need to be carried out when managing these risks. In this article, we describe an exercise undertaken to assess the medical IT network risk management practice implemented within a hospital to control risk associated with a clinical information system (CIS). The level of compliance with the 80001-1 standard was determined using an assessment framework developed by the Regulated Software Research Centre. The purpose of this exercise was to test and inform the development of an assessment method that is part of the assessment framework for this standard. The exercise also sought to identify how the management of such an existing CIS project meets the requirements of 80001-1.

show abstract

Taxonomy‐based testing and validation of a new defect classification for health software

Rajaram

Loane

MacMahon

et al. 2018

J Software Evolu Process

View full text Add to dashboard Cite

Defect‐based testing is a powerful tool for finding errors in software. Many software manufacturers avoid this method because it requires a detailed defect taxonomy that is expensive to construct and difficult to validate. The Association for the Advancement of Medical Instrumentation is developing SW91, a defect taxonomy to be published as a standard for health software. This paper details three methods to validate SW91 for its comprehensiveness. The initial validations of SW91 were conducted via mapping vulnerabilities from the common weakness enumeration and a dataset from a medical device software development company in Ireland. Taxonomy‐based testing is another validation method proposed in this research, and its applicability was investigated using empirical data from a medical device software development company in Ireland. Finally, the paper details future plans to implement taxonomy‐based testing to improve software quality in medical device software and to validate SW91. This validation will focus on the efficiency, reliability, and ability to perform useful analyses and defect coverage of SW91.

show abstract

Development of a Process Assessment Model for Assessing Medical IT Networks against IEC 80001-1

MacMahon

McCaffery

Eagles³

et al. 2012

View full text Add to dashboard Cite

Abstract. Increasingly medical devices are being designed to allow them to exchange information over an IT network. However incorporating a medical device into an IT network can introduce risks which can impact the safety, effectiveness and security of the medical device. Medical devices are stringently tested according to regulation during the design and manufacture process. However until the introduction of IEC 80001-1: Application of Risk Management for IT-Networks incorporating Medical Devices, no standard addressed the risks of incorporating a medical device into an IT network. In order to perform an assessment (which is compliant with ISO/IEC 15504-2) of an IT network against IEC 80001-1, a Process Assessment Model is required. Based on the relationship between IEC 80001-1 and ISO/IEC 20000-1, this paper examines how the TIPA transformation process developed by Public Research Centre Henri Tudor was used to develop a process assessment model (TIPA PAM) for ISO/IEC 20000-1. It also examines how a process assessment model can be developed following that transformation process to assess Medical IT networks against IEC 80001-1.

show abstract

A Multivocal Literature Review of Function-as-a-Service (FaaS) Infrastructures and Implications for Software Developers

Grogan

Mulready

McDermott

et al. 2020

View full text Add to dashboard Cite

In this paper, we provide an analysis of Function as a Service (FaaS) infrastructures. FaaS is an important, emerging category of cloud computing, which requires that software applications are designed and deployed using distributed, highly-decoupled service-based architectures, one example of which is the microservices architecture paradigm. FaaS is associated with on-demand functionality and allows developers to build applications without the overhead associated with server management. As such, FaaS is a type of serverless provisioning model wherein a provider dynamically manages and allocates machine resources, with the developers deploying source code into a production environment. This research provides an analysis of scalability, cost, execution times, integration support, and the constraints associated with FaaS services provided by several vendors: AWS Lambda, Google Cloud Functions, and Azure Functions. We discuss the implications of the findings for software developers.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.