Testing desktop/ web application versus testing software/firmware on medical device, I get to follow different methods/ procedure. Even though in broader sense these are included in Software Testing Life Cycle (STLC), but may vary with terms and terminology. For Medical Device testing, I usually follow Verification, Testing and then Validation procedure. There is no hard and fast rule, but it seems fairly reasonable depending on the SDLC, environment and the product i'm working on.
Following I'll be trying to give description about those terms.
Verification is a process of evaluating software to determine whether the products of a given development phase satisfy the conditions imposed at the start of that phase. It is concerned about whether software is error-free, well designed, documented, etc. It often does not require executing the code. Rather it involves human based checking of documents and files. It is not about finding issues with the software. It popularly defined as "Are we building the system right?".
During our software development, we verify whether the requirement analysis was done correctly, whether the design we are going to implement serve the purpose of the software etc. Verification includes, Code inspection, consistency checking, static analysis. Verification do include testing but also includes reviews and other activities that have nothing to do with testing.
Testing, according to David Vogel, "it is one of several verification activities, intended to confirm that software development output meets its input requirement. " Testing does not cover design issues, requirement issues, documentation issues and many other like this. It is more functional oriented related to the software. Testing mostly done on specific method/ features/ usecases. During the testing, we do not look into the other issues that we do in verification stage.
Validation is process of checking whether it satisfies specified requirement. It can be done during or at the end of the software development process. It involves executing the codes. It can be also defined as "Are we building the right system?". Assuming that software specs were correct, validation ensures product actually meets users's requirements.
Validation is like a big umbrella. Underneath it includes Planning, Evaluation, Risk Analysis, Testing. So, it is involved through out the whole process of software life cycle. It's the complete coverage. [1]
Relationship- Validation, verification and testing
I could not resist myself quoting from the book that just explains these things so perfectly. As David A. Vogel described in his book with a Venn Diagram (which he explained in his book),
"Validation
is represented by outer ring of the diagram and wholly includes
the verification and testing activities
and yet there are validation activities that are neither verification nor
testing activities. Verification activities are those which verify
that individual design inputs have been properly addressed at each phase
of the life cycle. Verification includes some testing. Testing
verified that individual requirements have been implemented correctly." [2]
He also gave an visual representation for the software validation coverage as follows:
Figure: software validation coverage (Photo credit- David A Vogel) |
Sources:
For more details, anyone is interested, then follow my two sources. Buy the book of David Vogel, you will get more explanation and related topics and references.
[1] The difference between Verification and Validation
[2] Medical Device Software Verification, Validation, and Compliance, by David A Vogel
[3] I. Sommerville, , Software engineering, Addison – Wesley, eighth Edition, 2007.
[2] Medical Device Software Verification, Validation, and Compliance, by David A Vogel
[3] I. Sommerville, , Software engineering, Addison – Wesley, eighth Edition, 2007.