IEC 62304 for developer tools that are packaged with final product.

SiMD has some features/tools that are packaged with final product to support the field service in debugging issues at customer site. These tools require special credentials that are not available to standard users. In this scenario is it required that IEC 62304 processes are applied to these tools ? We are currently missing requirements for these, hence risk management activities are not done on these tools, FMEA is missing too. What is the best approach to handle this scenario ? Would rationale/justification work from audit perspective ?

 

Question not related to any exam or course.

 

First off, compliance to 62304 is not "required" for anyone. Compliance to standards is always optional. It is usually the best regulatory path forward, and getting through a regulatory review might be an uphill battle, but you aren't required.

62304 is for medical device software. If your tools are stand-alone and just for your install / service folks, they're not considered medical device software (unless they are required for the end users to operate). So, no, you would not be even expected to comply with 62304 for these tools. If they are built into the SiMD software, you may have some regulatory issues.

62304 really just outlines basic good software engineering for the most part so following it is a pretty good idea, regardless.

If they are stand-alone tools, there is a good case that you should validate them, regardless. What gives you assurance they are doing what you intend? How do you know that updates won't cause issues?