Software life cycle: What is meant by this?

The Medical Device Regulation (MDR) (like the Medical Device Directive (MDD) and thus the Medical Devices Act before it) requires manufacturers to comply with life cycle processes for their software. IEC 62304 and IEC 82304 also refer to software life cycle processes. But what is a software life cycle?

The software life cycle includes all phases a software device goes through, from the initial idea to decommissioning. 

It is, therefore, not just about software development: 

IEC 62304, on the other hand, defines the term software development life cycle model as a conceptual structure spanning the life of the software from definition of its requirements to its release, which: 

  • identifies the PROCESS, ACTIVITIES and TASKS involved in development of MEDICAL DEVICE SOFTWARE, 
  • describes the sequence of and dependency between ACTIVITIES and TASKS, and 
  • identifies the milestones at which the completeness of specified DELIVERABLES is verified. 

In its definition, IEC 62304 thus limits the term software life cycle to the first phase, software development, although the standard also defines requirements for other processes (see below). 

IEC 82304 addresses the whole life cycle including post-market activities like maintenance, decommissioning and disposal of the software. 

Phase 1: Software development 

Many process models are known and used for software development. These include the waterfall model, the V-model, agile process models and the Rational Unified Process

IEC 62304 does not prescribe a specific software life cycle model. It considers agile process models to be adequate, even if it seems to be more closely aligned with a V-model (at least as a documentation model): regardless of which process model a manufacturer uses for the development of its software, the documentation must contain the usual artifacts at the end of the software development: 

Phase 2: Software maintenance 

Most errors reported in error databases (e.g., by the BfArM or the FDA) do not concern the initial software development but the next phase in the software life cycle, the maintenance

According to the FDA, 79% of all errors are caused in the maintenance phase. Accordingly, standards such as IEC 62304 or the FDA's guidance documents require that there are also defined process models for maintenance. 

Put simply, software maintenance should go through the same phases as initial software development. Ideally, the tests can be run as regression tests to ensure that as few new bugs as possible are added during the maintenance phase. 

Phase 3: Decommissioning 

The last phase that software goes through during its life cycle is decommissioning. This is often done by replacing it with another device. 

Other processes in the life cycle 

IEC 62304 includes other processes in the software life cycle, such as the risk management process, the problem resolution process and configuration management. We see the problem resolution process as an integral part of software development and maintenance. This process ensures that errors are analyzed, trends are evaluated, and the appropriate measures (correction, reporting to authorities, etc.) are taken. The configuration management process is designed to ensure that no unauthorized changes are made to the code (customers cannot call the developer directly) and that it is possible to trace which artefacts in which version are part of a software release at any time. 


Change history 

  • 2024-01-22: References to IEC 82304 added 
  • 2015-05-02: Initial creation of the article 


Daniel Reinsch

Find out what Johner Institute can do for you

A quick overview: Our


Learn More Pfeil_weiß

Always up to date: Our


Learn More Pfeil_grau

Privacy settings

We use cookies on our website. Some of them are essential, while others help us improve this website and your experience.