Phase 3: Software Development Review (Release Candidate)
Process Overview
The purpose of the Software Development review (Phase 3) is to ensure that a Release Candidate is ready for verification testing. This review validates that coding, integration, and test planning have been completed, and that the software package meets the criteria to proceed to Phase 4 (Software Verification).
According to GP-012, Phase 3 follows agile and iterative development methodology, producing a Release Candidate with complete documentation and updated Design History File (DHF).
| Information |
|---|
| Device name | Legit.Health Plus (hereinafter, the device) |
| Model and type | NA |
| Version | 1.1.0.0 |
| Basic UDI-DI | 8437025550LegitCADx6X |
| Certificate number (if available) | MDR 792790 |
| EMDN code(s) | Z12040192 (General medicine diagnosis and monitoring instruments - Medical device software) |
| GMDN code | 65975 |
| EU MDR 2017/745 | Class IIb |
| EU MDR Classification rule | Rule 11 |
| Novel product (True/False) | TRUE |
| Novel related clinical procedure (True/False) | TRUE |
| SRN | ES-MF-000025345 |
- Project title: Legit.Health Plus Version 1.1.0.0
- Project manager: JD-007 (Technical Manager)
- Review date: 2025-01-03
- Reviewers: JD-001 (General Manager), JD-003 (Design & Development Manager), JD-007 (Technical Manager), JD-004 (Quality Manager & PRRC)
Planning
| Phase | Object | Done |
|---|
| Phase 1 Product Design Review | Establish input data | ✓ |
| Phase 2 Software Design Review | SRs, Architectural Design and UI Prototypes | ✓ |
| Phase 3 Software Development | Coding, integration and test plan | ✓ |
| Phase 4 Software Verification Review | Software version verified and residual anomalies | |
| Phase 5 Product Validation Review | Validation activities, Technical Documentation and DHF | |
Previous Reserves
All reserves from Phase 2 have been addressed and closed.
| N° | Issue from Phase 2 | Resolution | Status |
|---|
| - | No reserves | - | - |
- Version: 1.1.0.0
- Git tag:
v1.1.0.0
- Sha commit:
{{ sha }}
- Build date: 2026-01-03
Version Objectives
This is the initial release (Version 1.1.0.0) of Legit.Health Plus, which includes:
- AI/ML models for dermatological condition assessment
- Dermatological condition coverage as per intended use
- User interface for clinical workflows
- Cybersecurity controls per GP-030
- Regulatory compliance for EU MDR and FDA requirements
Change Request
N/A - This is the initial release of Legit.Health Plus (Version 1.1.0.0). Change requests per GP-023 only apply to modifications of an existing released product.
Software Development Outputs Checklist
Implementation Status
| Component | Status | Evidence | Comments |
|---|
| All Software Requirements implemented | ✓ | Implementation traceable via commit sha linked to SRS Issues | Complete implementation verified |
| Software architecture realized | ✓ | Architecture implemented as designed in R-TF-012-029 Software Architecture Description | Architecture consistency maintained |
| Risk control measures implemented | ✓ | Controls from R-TF-013-002 Risk Management Record implemented in code | All safety controls in place |
| Security controls implemented | ✓ | Controls from R-TF-030-004 Cyber Security Risk Matrix implemented | Cybersecurity measures active |
| AI/ML components developed | ✓ | Per R-TF-028-005 AI Development Report | ML models trained and integrated |
| SOUP components integrated | ✓ | All SOUP from R-TF-012-019 SOUPs verified and integrated | SOUP functioning correctly |
| API implemented | ✓ | API requirements implemented per SRS | API is ready for usability testing |
Development Process Compliance
| Activity | Status | Evidence | Comments |
|---|
| Code reviews performed | ✓ | All commits reviewed and approved | Quality gates passed |
| Unit testing completed | ✓ | s3://legit-health-plus/software-tests/v1.1.0.0/01_development_verification/unit_tests/ | Test coverage meets requirements |
| Integration testing completed | ✓ | s3://legit-health-plus/software-tests/v1.1.0.0/01_development_verification/integration_tests// | Components integrated successfully |
| Configuration management maintained | ✓ | Per R-TF-012-030 Software Configuration Management Plan | Version control and branching strategy followed |
| Traceability maintained | ✓ | PR → SRS → Implementation linkage via GitHub | Full traceability chain intact |
Test Plan Readiness
Verification Test Planning
| Document | Status | Reference | Comments |
|---|
| Software Test Plan | ✓ | R-TF-012-033 Software Test Plan | Test strategy and test cases ready |
| Software Test Description | ✓ | R-TF-012-034 Software Test Description | Detailed test procedures ready for execution |
| Test environment prepared | ✓ | Pre-production environment configured and validated | Environment ready for testing |
| Test data prepared | ✓ | Test datasets available | Data meets testing requirements |
| Regression test strategy defined | ✓ | Regression approach documented in test plan | Critical paths identified for regression |
AI/ML Integration Status
Note: AI/ML development was completed in Phase 2 per GP-028. Phase 3 focuses solely on integrating the validated AI/ML algorithms into the software system.
| Activity | Status | Reference | Comments |
|---|
| AI/ML package received from Phase 2 | ✓ | R-TF-028-006 AI Release Report | Complete validated algorithm package delivered by JD-017 |
| AI/ML algorithms integrated | ✓ | Integration per R-TF-028-006 specifications | SDK/models integrated into software per release specifications |
| AI/ML integration tested | ✓ | Integration tests verify correct algorithm behavior | Algorithms function as specified in software environment |
| AI Risk controls implemented | ✓ | R-TF-028-011 AI Risk Assessment controls integrated | AI-specific risk controls active in software |
AI/ML Phase 2 Completion Verified: All AI/ML development, validation, and documentation were completed in Phase 2. The software team has integrated the validated algorithm package during Phase 3.
Parallel Procedures Progress
Risk Management
| Activity | Status | Evidence | Comments |
|---|
| Risk Management Record updated | ✓ | R-TF-013-002 Risk Management Record | All identified risks documented and controlled |
| Risk controls implemented and verified | ✓ | Controls traceable to implementation | Risk mitigation measures active |
| New risks identified during development | ✓ | Any new risks added to risk matrix | Risk assessment up to date |
Cybersecurity
| Activity | Status | Evidence | Comments | Responsible |
|---|
| Security controls implemented | ✓ | R-TF-030-004 Cyber Security Risk Matrix | All security requirements implemented | JD-007 |
| Threat mitigation measures active | ✓ | R-TF-030-001 Cyber Security Management Plan | Security posture improved | JD-007 |
| Vulnerability assessments ongoing | ✓ | Security testing planned for Phase 4 | Ready for penetration testing | JD-007 |
Usability
| Activity | Status | Evidence | Comments |
|---|
| Formative usability evaluation completed | ✓ | R-TF-025-003 User interface evaluation plan | Formative feedback incorporated |
| UI implementation reflects usability findings | ✓ | R-TF-025-002 Identification of characteristics for safety and use errors | Interface optimized based on feedback |
| Summative usability testing planned | ✓ | R-TF-025-004 Summative evaluation protocol | Ready for final usability validation |
Clinical Evaluation
| Activity | Status | Evidence | Comments |
|---|
| Clinical data collection ongoing | ✓ | Per R-TF-015-008 Clinical Development Plan | Clinical evaluation in progress |
| Clinical investigation planned | ✓ | Study protocols prepared | Ready for clinical validation Phase 5 |
Release Candidate Quality Gates
| Quality Gate | Status | Comments |
|---|
| All SRS implemented | ✓ | Implementation complete and traceable |
| Code quality standards met | ✓ | Linting, formatting, and code review passed |
| Unit test coverage adequate | ✓ | Coverage meets minimum requirements |
| Integration tests passed | ✓ | All components integrated successfully |
| Build process successful | ✓ | Release candidate built without errors |
| No critical bugs open | ✓ | All critical issues resolved |
| Configuration management compliant | ✓ | Version control and release tagging correct |
| Documentation updated | ✓ | DHF current with development documentation |
Design History File (DHF) Status
| Item | Status | Comments |
|---|
| All development artifacts documented | ✓ | Complete documentation trail maintained |
| Traceability matrix updated | ✓ | PR → SRS → Implementation → Test Cases |
| Change control records complete | N/A | Initial release - GP-023 applies only to modifications of released products |
| DHF organized and accessible | ✓ | Documentation readily available for review |
IEC 62304 Compliance (Development Phase)
| Requirement | Status | Evidence |
|---|
| 5.4 Detailed design documented (if Class C) | N/A | Class B - detailed design optional |
| 5.5 Software unit implementation and verification | ✓ | Unit tests executed and passed |
| 5.6 Software integration and testing | ✓ | Integration strategy followed, tests passed |
| Problem resolution process followed | ✓ | Bug tracking and resolution via GitHub Issues |
Reserves and Pending Actions
| N° | Issue / Action Required | Owner | Targeted Date | Status |
|---|
| - | No reserves identified at this phase | - | - | - |
Conclusion
Review Outcome: The Phase 3 Software Development review has been successfully completed.
Assessment:
- Release Candidate 1.1.0.0 has been built successfully
- All Software Requirements have been implemented and are traceable
- Software architecture has been realized as designed
- Risk control measures and security controls are implemented
- AI/ML components have been developed and integrated
- Code quality gates have been passed
- Integration testing completed successfully
- Test plans and test descriptions are ready for verification
- Parallel procedures (risk management, cybersecurity, usability, clinical) are progressing appropriately
- Design History File is up to date and complete
- Configuration management is compliant
- No critical open issues remain
Decision: The Release Candidate is approved to proceed to Phase 4: Software Verification.
Next Steps:
- Software Testing Team to execute verification testing per R-TF-012-033 Software Test Plan
- Document test results in R-TF-012-035 Software Test Report
- Identify and assess any residual anomalies
- Prepare for Phase 4 verification review
Approved by:
Signature meaning
The signatures for the approval process of this document can be found in the verified commits at the repository for the QMS. As a reference, the team members who are expected to participate in this document and their roles in the approval process, as defined in Annex I Responsibility Matrix of the GP-001, are:
- Author: Team members involved
- Reviewer: JD-003, JD-004
- Approver: JD-001