Legacy Medical Device Software Remediation

Assessment, remediation planning and technical support for legacy software under IEC 62304 expectations

Many medical device manufacturers operate legacy software that has grown over years and no longer matches current documentation, architecture descriptions or verification expectations.

This becomes critical when software has to be maintained, transferred, extended, prepared for audit, or aligned with IEC 62304 and related quality expectations.

Radius Z supports focused remediation activities: technical assessment, architecture reconstruction, remediation planning, verification review and targeted engineering support.

Typical situations

  • legacy codebase with unclear software item boundaries
  • software architecture not reflected in current documentation
  • missing or weak traceability between requirements, software items and tests
  • insufficient unit, integration or regression test coverage
  • product changes accumulated without structured software documentation updates
  • need to determine whether documentation update is sufficient or refactoring is required

Service phases

Phase 1 - Technical Assesment
 
  • review of available software documentation and selected code areas
  • reconstruction of relevant architecture and software structure
  • assessment of software item boundaries and technical documentation consistency
  • review of current verification landscape
  • identification of major remediation gaps and priorities
Phase 2 - Remediation Design
 
  • definition of remediation scope and priorities
  • distinction between documentation-only updates and required code changes
  • verification improvement concept
  • prioritized remediation backlog
  • proposal for phased execution
Phase 3 - Technical Remediation Support
 
  • support for internal engineering teams during remediation
  • targeted architecture and refactoring guidance
  • support in restructuring verification activities
  • review of technical implementation decisions
  • contribution to documentation and engineering alignment
Typical outcome: controlled technical progress with reduced remediation risk

Device class note

For software safety classes B and C, remediation often goes beyond documentation updates and may require technical restructuring, verification redesign and targeted code changes. The actual scope depends on device context, software complexity and existing engineering assets.

Commercial model

Typical commercial setup

  • Initial Technical Assessment - from EUR 7,900
  • Assessment + Remediation Plan - typically EUR 16,000 to 20,000
  • Ongoing Technical Support - from EUR 135/hour

Final scope depends on device class, codebase size, documentation quality and existing verification assets.

CTA

Start with a focused assessment

A short initial discussion is usually enough to determine whether a focused assessment makes sense and what material should be reviewed first.

Contact:

Konstantin Mirny, k.mirny@radius-z.de, +49 1635 9293 01