Skip to main content

Key Takeaways from the first Safety-critical Software Meetup in Boston

The Boston Safety-critical software and AI/ML Meetup’s first discussion on regulated cloud development and the FDA had three key takeaways: the importance of validation, being prepared for the changing cloud environment, and building a safety-focused software community for better patient outcomes.
Erez Kaminski
August 11, 2023
April 13, 2023
4 minutes read

The Boston Safety-critical software and AI/ML Meetup held its first event at MIT’s iHQ, where everyone from experts to newcomers gathered to learn about regulated cloud development and hear from Paul Jones, founder of the FDA’s software engineering lab. Our group aims to address the lack of accessible information on building complex safety-critical systems using AI/ML and cloud-based technologies. Boston's tech, medicine, and biotech communities inspired me to create the Meetup group, providing a platform for collaboration and knowledge sharing. Thank you to the MIT Sloan AI & ML Club for helping organize the event!

The evening started with a discussion on regulated cloud development, where we addressed how developers can navigate the regulatory landscape and meet compliance requirements while building and deploying cloud-based applications. Maintaining strict data security and privacy measures to protect sensitive information and prioritize documentation can be tricky—but absolutely essential—in this intersection between the connected cloud environment and safety-critical data. 

The evening ended with a Q&A session with Paul Jones, former head of the FDA software engineering lab. The conversation ranged from the FDA's role in regulating cloud software to practical steps to manage requirements. Paul provided an overview of the FDA's guidelines for software development, including how the agency approaches the development and evaluation of new products. The crowd was very responsive; there was plenty of back-and-forth that covered topics such as ChatGPT and the automotive industry. 

It was an evening of connecting and learning, and here are my three key takeaways: 

  1. Validation is key: In a nutshell, the FDA wants you to document what the software is supposed to do and provide evidence that it does that. This is what validation is all about.


Sounds simple, right? Paul explained that the FDA expects to see proof of current best practices, documentation, and rigorous testing to prepare software for the market. Once your device is on the market, they want to see well-documented and proactive post-market surveillance. True end-to-end documentation of every step and change is an absolute necessity to ensure patient safety. 

  1. The field of cloud development is changing quickly, and you must be prepared to build software ready to tackle this ever-changing environment.

FDA guidance documents are written as general guidelines that require software teams to use best practices and have the ability to manage change safely. With the connected environment of the cloud, the ability to secure and change is key for the future of software in medical devices. 

  1. Building a software community focused on safety is a necessity that will lead to better patient outcomes and better software tools. 

With several dozen people crowded into the room, it was clear that safety is a major concern in the software industry. People from industries ranging from medical devices to automotive sat down to address the major questions and concerns of software development because they know the consequences of bad software. Death and permanent harm are always in the back of their minds. 

Teaching software teams about regulatory development, the latest practices, and the reasons for securing reliable and changeable software products will improve patient health in the long term, and the community that shares best practices and philosophies in social spaces will be the one that provides major breakthroughs in how software tools are built and discussed. 

The evening in Boston was filled with engaging conversation and debate, and I invite any members of the Meetup group to suggest topics for future gatherings. Together, the Boston software community can continue to learn, share, and grow for the betterment of safety-critical development.  

If you're interested in learning more about cloud software development and regulatory compliance, I highly recommend joining the Boston Safety-critical Software and AI/ML Meetup group. And if you're in Boston, come join us in person for even more exciting discussions!