Certification is certainly a can of worms. In the past a strong case
has been made for certification to ensure public safety. Electrical
components in the US are certified by Underwriter's Laboratory (UL),
electrical installations are certified by passing a local inspection
process, and more to the point clinical trials software is certified by
an FDA process.
See here for an interesting document on how to test software.
http://www.fda.gov/cdrh/comp/guidance/938.html#_Toc517237962
The gist of it is that a given set of inputs should always yield the
same outputs, and that testing happens in phases:
The software developer tests (or sub contracts the test)
The installation at the user site is tested (usually by the software
company or installer)
Changes are tested
In particular, the requirements for testing are flexible and one can
'self-certify' if needed. Here is the excerpt:
"Validation activities should be conducted using the basic quality
assurance precept of "independence of review." Self-validation is
extremely difficult. When possible, an independent evaluation is always
better, especially for higher risk applications. Some firms contract out
for a third-party independent verification and validation, but this
solution may not always be feasible. Another approach is to assign
internal staff members that are not involved in a particular design or
its implementation, but who have sufficient knowledge to evaluate the
project and conduct the verification and validation activities. Smaller
firms may need to be creative in how tasks are organized and assigned in
order to maintain internal independence of review."
One can see from the description of how an 'internal' validation should
take place that the open source world could very well implement
cross-validation schemes.
Finally if software is developed with unit test capabilities, it is
quite easy to repeat unit tests upon software modification, so this does
not become much of a burden either.
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/openhealth/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
