Skip to main content
QMSQMS
QMS
  • Welcome to your QMS
  • Quality Manual
  • Procedures
  • Records
  • Legit.Health Plus Version 1.1.0.0
    • Index
    • Overview and Device Description
    • Information provided by the Manufacturer
    • Design and Manufacturing Information
      • Product Requirement Specification (PRS)
      • Software Requirement Specification (SRS)
      • R-TF-012-019 SOUPs
      • R-TF-012-023 Software Development Plan
      • R-TF-012-030 Software Configuration Management Plan
      • Review meetings
      • R-TF-012-033 Software Tests Plan
      • R-TF-012-037 Labeling and IFU Requirements
      • deprecated
    • GSPR
    • Benefit-Risk Analysis and Risk Management
    • Product Verification and Validation
    • Post-Market Surveillance
  • Legit.Health Plus Version 1.1.0.1
  • Licenses and accreditations
  • Applicable Standards and Regulations
  • Grants
  • Pricing
  • Public tenders
  • Legit.Health Plus Version 1.1.0.0
  • Design and Manufacturing Information
  • Software Requirement Specification (SRS)

Software Requirement Specification (SRS)

View:
CodeNameDescriptionSoftware SystemCategoryDerived from PRS
SRS-0ABGenerate per-image ICD analysis with explainability heat map

In addition to the aggregated analysis (SRS-Q3Q), the software shall generate a separate analysis for each individual dermatological image provided in the input set. This collection of per-image analyses shall be returned within the imagingAnalysis array of the output structure.

For each result in the imagingAnalysis array, the system shall provide:

  1. A list of potential ICD categories with their corresponding probabilities for that specific image.
  2. For the first five ICD categories listed in this per-image result, an associated explainability object must be generated.
  3. This explainability object must contain a heatMap, which includes the Base64-encoded image data of the map, its contentType, and a descriptive title.
Processor, Report Builder, OrchestratorFunctional
  • PRS-8QJ: Generate an interpretative probability distribution of possible ICD categories by analysing images
SRS-1KWSecure Communication Protocol Enforcement

To ensure all data is protected during transit, the system's network-accessible API shall enforce secure communication protocols. The system shall perform the following actions:

  1. Require HTTPS: The system shall only accept and process API requests that are transmitted over a secure channel using the HTTPS protocol.
  2. Redirect HTTP to HTTPS: The system shall reject any incoming API requests made over unencrypted HTTP. This rejection ensures that no sensitive data, including credentials or Protected Health Information (PHI), is ever transmitted in clear text.
Not specifiedSecurity, Input and output, interfaces
  • PRS-9F2: Cybersecurity & continuous threat detection
SRS-1XRInclude model sensitivity in report

The software shall include the validated sensitivity value of the AI model version used for the analysis in the final report. This numeric value must be placed within a performanceIndicator object in the response output.

Report BuilderFunctional
  • PRS-8QJ: Generate an interpretative probability distribution of possible ICD categories by analysing images
SRS-28XImplement progressive delays between failed login attempts

To slow the rate of automated brute-force attacks, the system shall impose a mandatory time delay after each failed login attempt. This delay shall increase progressively with each subsequent consecutive failure for a specific user account.

For example, the first failed attempt may have no delay, while the second introduces a small delay, and each following attempt imposes a significantly longer one before the user can try again. This throttling mechanism works in conjunction with the account lockout policy (SRS-TPK) to provide a layered defense. The delay counter shall be reset to zero upon a successful login. The sequence and duration of these delays shall be configurable by an administrator.

Authentication ServiceSecurity
  • PRS-9F2: Cybersecurity & continuous threat detection
SRS-2VAThe product checks the image quality with the Dermatological Image Quality Assessment (DIQA) algorithm

The product shall integrate and utilize the AI LABS's Dermatological Image Quality Assessment (DIQA) algorithm to evaluate the technical quality of each ingested image.

For each image, the system shall produce the following outputs based on the DIQA analysis:

  • A numerical quality score.
  • A boolean acceptability flag, determined by comparing the score against a configurable and version-controlled threshold.
  • A qualitative interpretation text (e.g., "Poor", "Good", "Excellent") corresponding to the score.
Processor, Orchestrator, Report BuilderFunctional, Input and output, interfaces
  • PRS-7XK: Assess image adequacy on ingestion
SRS-36USystem Information Endpoint Implementation

The software shall implement and expose the GET / endpoint for retrieving basic system information. This endpoint shall return fundamental system details, including service status and version information.

Orchestrator, Processor, Report BuilderFunctional, Input and output, interfaces
  • PRS-1V6: Expose the device's functionality through a versioned, network-accessible API
SRS-58WInclude entropy score in report

The software shall calculate and include the normalized entropy value for the analysis within the performanceIndicator object. This value allows the user to assess the uncertainty of the AI model's predictions. The entropy score must be normalized to a range of 0 to 1, where 0 indicates complete certainty and 1 indicates maximum uncertainty.

Processor, Report BuilderFunctional
  • PRS-8QJ: Generate an interpretative probability distribution of possible ICD categories by analysing images
SRS-66OInclude model specificity in report

The software shall include the validated specificity value of the AI model version used for the analysis in the final report. This numeric value must be placed within the performanceIndicator object in the response output.

Report BuilderFunctional
  • PRS-8QJ: Generate an interpretative probability distribution of possible ICD categories by analysing images
SRS-6KEAPI Health Check Endpoint

The software shall provide a public, unauthenticated health check endpoint at GET /health. This endpoint is intended for use by automated monitoring and load balancing systems.

  1. Endpoint behavior: When a request is made to this endpoint, the system shall perform a quick, internal check to verify its operational status.
  2. Healthy response: If the system is healthy and ready to serve traffic, it shall respond with an HTTP 200 OK status code and a JSON body indicating the status, such as {"status": "ok"}.
  3. Unhealthy response: If the system detects an internal issue and is not able to serve traffic correctly, it shall respond with an appropriate server error status code (e.g., 503 Service Unavailable).
API Gateway, OrchestratorMaintenance, Functional
  • PRS-1V6: Expose the device’s functionality through a versioned, network-accessible API
SRS-6ORSecurity Event Auditing

The software shall specifically record all significant security-related events to ensure that potentially malicious or unauthorized activities are logged for later review.

  1. Changes to permissions: Any change to a user's roles or permissions shall be recorded. The audit entry shall include the identity of the administrator making the change, the identity of the affected user, and the specific change made.
  2. API Key management: The creation or revocation of API keys shall be recorded. The audit entry shall specify the user who performed the action and the identifier of the API key affected.
  3. Detected security anomalies: Any security anomaly detected by the system (e.g., repeated failed logins from a single IP, attempted access to unauthorized resources) shall be recorded. The entry shall include all relevant contextual data about the detected anomaly.
User Management Service, API Gateway, Security Anomaly Detection Service, Audit ServiceSecurity, Functional
  • PRS-0MC: Comprehensive secure audit trails for user interactions
SRS-70BEmbed Performance and Clinical Indicators in FHIR Report

The system shall embed overall analysis quality and clinical indicator metrics as custom objects within the DiagnosticReport.

  • The system shall create and populate the performanceIndicator object at the root level, containing metrics such as sensitivity, specificity, and entropy.
  • The system shall create and populate the clinicalIndicator object at the root level, containing metrics such as hasCondition, malignancy, and urgentReferral probabilities.
Report BuilderFunctional
  • PRS-5LJ: Support health data interoperability using the HL7 FHIR standard
SRS-71IInclude the indicator of needing a high priority referral in the report

The device shall invoke the corresponding processor to include the highPriorityReferral score in the final report. This value, indicating the calculated need for a high-priority referral, must be placed within the clinicalIndicator object.

Processor, Report BuilderFunctional, Data definition and databases
  • PRS-8QJ: Generate an interpretative probability distribution of possible ICD categories by analysing images
SRS-7AQDevice Information Endpoint Implementation

The software shall implement and expose the GET /device-information endpoint for retrieving device specifications. This endpoint shall return comprehensive device information including hardware specifications, software versions, and system capabilities.

Orchestrator, Processor, Report BuilderFunctional, Input and output, interfaces
  • PRS-1V6: Expose the device's functionality through a versioned, network-accessible API
SRS-7PJNetwork Service Exposure

The software shall operate as a persistent network service, continuously listening on the designated network port (typically port 443 for HTTPS) for incoming API requests. This ensures the device's functionality is consistently available and accessible over the network to authorized client applications.

API Gateway, OrchestratorFunctional, Input and output, interfaces
  • PRS-1V6: Expose the device’s functionality through a versioned, network-accessible API
SRS-8HYInclude the indicator of malignancy in the report

The device shall invoke the corresponding processor to include the malignancy probability in the final report. This value, representing the likelihood of malignancy for the detected condition, must be placed within the clinicalIndicator object.

Processor, Report BuilderFunctional
  • PRS-8QJ: Generate an interpretative probability distribution of possible ICD categories by analysing images
SRS-8QREncapsulate Proprietary Data

The system shall ensure that proprietary metrics or data points not defined in the standard FHIR specification are clearly separated from standard FHIR elements to maintain interoperability.

To achieve this, any such data point (e.g., AI confidence scores, custom score contributions, or wheals count) shall be nested within a dedicated object named additionalData. This approach maintains the structural validity of the FHIR resource while allowing for the inclusion of extended, device-specific information.

Report BuilderFunctional
  • PRS-5LJ: Support health data interoperability using the HL7 FHIR standard
SRS-8RNMap Aggregated Diagnostic Conclusions to FHIR

The system shall map the final, aggregated probability distribution into the DiagnosticReport to represent the overall analysis outcome.

  1. Populate conclusion array: The system shall populate the conclusion array at the root of the DiagnosticReport.
  2. Structure each entry: Each element in this array represents a potential condition. For each condition, the system shall create an object containing:
    • A code object with a nested coding array that holds the ICD-11 code, version, and display name.
    • A text field holding the human-readable name of the condition.
    • A probability field containing the numerical probability score for that condition.
Report BuilderFunctional
  • PRS-8QJ: Generate an interpretative probability distribution of possible ICD categories by analysing images
  • PRS-5LJ: Support health data interoperability using the HL7 FHIR standard
SRS-9APEmbed Object Detection Results in FHIR Report

When a clinical signs analysis involves object detection models (e.g., hair follicle quantification, inflammatory lesion counting, pustule detection), the system shall embed the list of all detected features and their coordinates into the DiagnosticReport.

Within the object of the relevant clinical sign analysis result, the system shall create and populate a detection array. Each element in this array represents a single detected object and shall contain:

  • A code object identifying the type of clinical feature detected (e.g., hair follicle, inflammatory nodule, pustule, wheal).
  • A box object containing the coordinates of the detection's bounding box.
  • A confidence field with the numerical confidence score of the detection (0-1 range).
  • When applicable, a class field for multi-class detections (e.g., nodule, abscess, draining tunnel, non-draining tunnel).
Report BuilderFunctional
  • PRS-2ZB: Measure severity by combining image analysis and user-reported values in scoring systems
  • PRS-5LJ: Support health data interoperability using the HL7 FHIR standard
SRS-9ZTThe product classifies the image's modality

The product shall utilize an Image Modality Classifier algorithm to automatically classify each ingested image into one of the predefined modalities (e.g., 'Clinical', 'Dermoscopic').

For each image, the system shall produce the following outputs:

  • A numerical confidence score for each potential modality (e.g., aiConfidenceClinical, aiConfidenceDermoscopic).
  • A final modality value field, which shall be set to the name of the modality that has the highest confidence score.
Orchestrator, ProcessorsFunctional, Input and output, interfaces
  • PRS-7XK: Assess image adequacy on ingestion
SRS-A25Role-Based Access Control (RBAC) with Least Privilege Principle to restrict users to essential functions

Authorization mechanisms must be enforced for "all users" — this refers to any entity interacting with the system. It is needed to enforce role-based or attribute-based access control not just for human logins but also for inter-service communications. For example:

  • Ensuring that a microservice with a “report builder” role can only access the endpoints and data it is authorized to handle.
  • Preventing a compromised or otherwise unauthorized service from bypassing standard user authorization flows.
API Gateway, Orchestrator, ProcessorsSecurity
  • PRS-9F2: Cybersecurity & continuous threat detection
SRS-A2BAPI Rate Limiting

To ensure API stability and protect against abuse or denial-of-service attacks, the software shall implement a rate-limiting mechanism. This mechanism shall enforce defined thresholds for the number of requests a client can make within a specified time window. Requests exceeding this threshold shall be rejected with a 429 Too Many Requests HTTP status code.

API GatewaySecurity, Functional
  • PRS-9F2: Cybersecurity & continuous threat detection
SRS-A4WInflammatory Nodular Lesion Quantification

Upon user-initiated request to quantify inflammatory nodular lesions from a dermatological image, the system shall execute the Inflammatory Nodular Lesion Quantification model. The system shall perform the following actions:

  1. Multi-class object detection: Analyze the input image to detect and classify hidradenitis suppurativa lesions into four categories: nodules, abscesses, non-draining tunnels, and draining tunnels.

  2. Generate outputs:

    • Nodule count: Total number of detected nodules
    • Abscess count: Total number of detected abscesses
    • Non-draining tunnel count: Total number of detected non-draining tunnels
    • Draining tunnel count: Total number of detected draining tunnels
    • Bounding boxes: Detection boxes with class labels and confidence scores

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in IHS4 scoring and hidradenitis suppurativa assessment workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-A57Audit Trail Data Retention Policy

The system shall define and enforce a data retention policy for audit trails, including procedures for secure archiving and disposal after the required retention period.

  1. Configurable retention period: The system shall allow authorized administrators to configure the retention period for audit trails to comply with applicable regulatory requirements and organizational policies.
  2. Automated archiving: After the active retention period expires, the system shall automatically archive the audit trail files to a secure, long-term, and low-cost storage medium. Archived data must remain accessible for retrieval by authorized personnel.
  3. Secure disposal: The system shall include a mechanism for the secure and permanent disposal of audit trail archives once their total mandated retention period has passed. The disposal process must be irreversible and logged.
Audit Service, Data Storage Layer, Archiving ServiceSecurity, Compliance, Infrastructure
  • PRS-0MC: Comprehensive secure audit trails for user interactions
SRS-A6TDelimited Wound Edges Assessment

Upon user-initiated request to assess delimited wound edges from a dermatological wound image, the system shall execute the Delimited Wound Edges Assessment model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of well-defined wound boundaries.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and healing prognosis workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-A9FWound Bed Tissue - Epithelial

Upon user-initiated request to assess epithelial tissue from a dermatological wound image, the system shall execute the Wound Bed Tissue: Epithelial model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of epithelialization in the wound bed.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and healing phase assessment workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-AM6Authentication Event Auditing

The software shall specifically record all authentication events to provide a detailed log of access attempts to the system.

  1. Successful Logins: Every successful login attempt shall be recorded. The audit entry shall include the user's identity, timestamp, and the source IP address of the request.
  2. Failed Logins: Every failed login attempt shall be recorded. The audit entry shall include the attempted username (if available), timestamp, and the source IP address.
  3. Logouts: Every user-initiated logout shall be recorded, capturing the user's identity and the timestamp of the event.
Authentication Service, Audit Service, API Gateway, User Interface (UI)Security, Functional
  • PRS-0MC: Comprehensive secure audit trails for user interactions
  • PRS-9F2: Cybersecurity & continuous threat detection
SRS-AQMStandard HTTP Status Code Usage

The software shall use standard HTTP status codes to communicate the outcome of an API request. This provides a standardized, machine-readable mechanism for clients to handle request outcomes. This includes, but is not limited to:

  • 2xx for successful requests (e.g., 200 OK).
  • 4xx for client-side errors (e.g., 400 Bad Request, 401 Unauthorized, 404 Not Found, 422 Unprocessable Entity).
  • 5xx for server-side errors (e.g., 500 Internal Server Error).
API Gateway, OrchestratorInput and output, interfaces, Alarms, warnings, and messages
  • PRS-1V6: Expose the device’s functionality through a versioned, network-accessible API
SRS-B3ZInflammatory Pattern Identification

Upon user-initiated request to perform Hurley staging and inflammatory activity classification from a dermatological image, the system shall execute the Inflammatory Pattern Identification model. The system shall perform the following actions:

  1. Multi-task classification: Analyze the input image to simultaneously perform two classification tasks:

    • Hurley staging: Classify severity into Stage I, II, or III
    • Inflammatory activity: Binary classification as Non-Inflammatory or Inflammatory

  2. Generate outputs for Hurley staging:

    • Hurley stage: Predicted stage (Stage I, Stage II, or Stage III)
    • Probability distribution: Confidence scores across three Hurley stages
    • Hurley stage confidence: Overall confidence score (0-1 range)

  3. Generate outputs for inflammatory status:

    • Inflammatory status: Binary classification (Non-Inflammatory or Inflammatory)
    • Inflammatory probability: Probability score for inflammatory activity (0-1 range)

  4. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in hidradenitis suppurativa assessment, Hurley staging, HS severity evaluation, disease activity monitoring, treatment selection, IHS4 scoring, and HS-PGA assessment workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-B6LWound Bed Tissue - Necrotic

Upon user-initiated request to assess necrotic tissue from a dermatological wound image, the system shall execute the Wound Bed Tissue: Necrotic model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of necrotic tissue in the wound bed.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and debridement planning workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-B8NPustule Intensity Quantification

Upon user-initiated request to quantify pustule intensity from a dermatological image, the system shall execute the Pustule Intensity Quantification model. The system shall perform the following actions:

  1. Generate probability distribution: Analyze the input image to produce a normalized probability vector p = [p₀, p₁, ..., p₉] across 10 ordinal intensity categories (0-9), where each pᵢ represents the probability that pustule formation belongs to category i, and the sum equals 100%.

  2. Calculate continuous severity score: Derive a continuous pustule severity score using weighted expected value: ŷ = Σ(i × pᵢ) for i = 0 to 9, accounting for the full probability distribution rather than only the most likely class.

  3. Provide confidence score: Output a confidence score (0-1 range) indicating the model's certainty in the prediction.

  4. Clinical context support: The outputs shall serve as objective input components for healthcare professionals to compute validated composite severity indices including GPPGA and PPPASI.

Processor, OrchestratorFunctional, Performance
  • PRS-2ZB: Quantitative assessment of dermatological visual sign intensity
SRS-BA6Display the legal information about this medical device

The device shall display the legal information about this medical device according to FDA and MDR regulations:

  • Intended purpose
  • Warning indicating that the user manual must be read and use the device as described
  • UDI: The Unique Device Identifier
  • Quantity:
  • Manufacturer information: the company name and address.
  • Date of manufacture: date of the software release.
  • Contact info
  • Country of manufacture:
  • CE:
  • CE certification body: 2797.
  • User manual: symbol followed the clickable link to the user manual
  • MD: Symbol that indicates that this software is a medical device.
  • Version
API, BackendRegulatory
  • PRS-3YH: Compliance with MDR
  • PRS-6DP: Compliance with FDA
SRS-BWBPerformance and Latency

To be suitable for point-of-care use, the software shall ensure that the 95th percentile (p95) latency for all API endpoints, under nominal load conditions, remains below 10.000 milliseconds. Nominal load conditions shall be defined and documented in the system's test plan.

API Gateway, Orchestrator, ProcessorFunctional
  • PRS-1V6: Expose the device’s functionality through a versioned, network-accessible API
SRS-BYJJSON Data Interchange Format

The software shall use JSON (JavaScript Object Notation) as the exclusive data interchange format for all API request and response bodies. The system must correctly set the Content-Type header to application/json in all responses that contain a body. The system shall also correctly parse inbound requests that specify a Content-Type of application/json.

Orchestrator, Processor, Report BuilderInput and output, interfaces, Data definition and databases
  • PRS-1V6: Expose the device’s functionality through a versioned, network-accessible API
SRS-C1RSerous Exudate Assessment

Upon user-initiated request to assess serous exudate from a dermatological wound image, the system shall execute the Serous Exudate Assessment model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of serous (clear/watery) exudate in wounds.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and exudate characterization workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-C7KInflammatory Lesion Quantification

Upon user-initiated request to quantify inflammatory lesions from a dermatological image, the system shall execute the Inflammatory Lesion Quantification model. The system shall perform the following actions:

  1. Object detection: Analyze the input image to detect and count general inflammatory skin lesions.

  2. Generate outputs:

    • Inflammatory lesion count: Total number of detected inflammatory lesions
    • Bounding boxes: Detection boxes with confidence scores

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in PASI, EASI, and inflammatory dermatoses assessment workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-D08Include the indicator of the image presenting a pigmented lesion in the report

The device shall invoke the corresponding processor to include the pigmentedLesion probability in the final report. This value, representing the likelihood that a detected lesion is pigmented, must be placed within the clinicalIndicator object.

Processor, Report BuilderFunctional
  • PRS-8QJ: Generate an interpretative probability distribution of possible ICD categories by analysing images
SRS-D2QGenerate an unified report of ICD class distributions

The software shall combine the aggregated ICD probability distribution (as defined in SRS-Q3Q) and the per-image analyses (as defined in SRS-0AB) into a single, unified JSON response object.

This response object must contain, at its root level:

  • A conclusion key, holding the aggregated results.
  • An imagingAnalysis key, holding the array of individual image reports, each with its own ICD distribution and explainability heat map.

The system must ensure both components are present in the final output delivered to the user for a given analysis request.

Report Builder, OrchestratorFunctional, Input and output, interfaces
  • PRS-8QJ: **
SRS-D3NProvision of Clinical Parameter Endpoints

The software shall be extended to include new API endpoints for providing clinical master data to client applications under the /params/ path. These endpoints shall be protected and versioned consistently with the rest of the API.

  1. Body sites endpoint: The system shall implement a GET /params/body-sites endpoint.

    • This endpoint shall return a complete, static list of all available body sites.
    • Each object in the returned array shall contain a code and a name object with multilingual translations.

  2. Clinical signs endpoint: The system shall implement a GET /params/clinical-signs endpoint.

    • This endpoint shall return a complete list of all supported clinical signs, sourced from the system's master data.

  3. Questionnaires endpoint: The system shall implement a GET /params/questionnaires endpoint.

    • This endpoint shall require a mandatory pathology query parameter.
    • It shall return a filtered list of questionnaire objects that are relevant to the specified pathology.
    • If the pathology is not found or has no associated questionnaires, the endpoint shall return an empty array.
API Gateway, OrchestratorFunctional, Input and output, interfaces
  • PRS-1V6: Expose the device’s functionality through a versioned, network-accessible API
SRS-D6WAccurate Time Synchronization

The system's internal clock shall be periodically synchronized with a trusted and secure Network Time Protocol (NTP) source to ensure the accuracy and reliability of all timestamps used in audit records and throughout the system.

  1. NTP synchronization: The device's operating system shall be configured to synchronize its clock with one or more designated, secure, and highly-available NTP servers.
  2. Synchronization frequency: Clock synchronization shall occur at a pre-configured, regular interval sufficient to prevent significant clock drift and maintain time accuracy within a defined tolerance.
  3. Trusted time source: The NTP source(s) must be verified as trusted and secure to prevent malicious time-shifting attacks.
  4. Failure handling: The system shall log any failures to synchronize with the NTP source and implement a fail-safe mechanism, such as falling back to a secondary NTP server.
Operating System Layer, Audit Service, All services that generate timestampsSecurity, Infrastructure, Data Integrity
  • PRS-0MC: Comprehensive secure audit trails for user interactions
SRS-D7NPurulent Exudate Assessment

Upon user-initiated request to assess purulent exudate from a dermatological wound image, the system shall execute the Purulent Exudate Assessment model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of purulent exudate indicating wound infection.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and infection detection workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-D9TMaceration Surface Quantification

Upon user-initiated request to quantify periwound maceration from a dermatological wound image, the system shall execute the Maceration Surface Quantification model. The system shall perform the following actions:

  1. Three-class segmentation: Analyze the input image to generate a segmentation mask with classes: Background, Maceration, and Healthy Periwound.

  2. Generate outputs:

    • Segmentation mask: Pixel-level delineation of maceration extent
    • Maceration percentage: Percentage of periwound maceration
    • Absolute maceration area: Surface area in cm² (when calibration is available)

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment, moisture management, dressing selection, and AWOSI scoring workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-DW0User Authentication Endpoint Implementation

The software shall implement and expose the POST /login endpoint for user authentication and token generation. This endpoint shall handle user credentials validation and return appropriate authentication tokens.

Orchestrator, Processor, Report BuilderFunctional, Input and output, interfaces
  • PRS-1V6: Expose the device's functionality through a versioned, network-accessible API
SRS-E1VBody Surface Segmentation

Upon user-initiated request to segment anatomical body regions from a dermatological image, the system shall execute the Body Surface Segmentation model. The system shall perform the following actions:

  1. Multi-class segmentation: Analyze the input image to generate a 5-class segmentation mask delineating: Background, Head/Neck, Upper Extremities, Trunk, and Lower Extremities.

  2. Generate outputs:

    • Segmentation mask: Pixel-level class labels for each anatomical region
    • Regional BSA percentages: Body surface area percentage for each body region
    • Total BSA affected: Total body surface area affected when combined with lesion segmentation

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals to compute PASI, EASI, BSA calculations, and burn assessments.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-E4RErythema Intensity Quantification

Upon user-initiated request to quantify erythema intensity from a dermatological image, the system shall execute the Erythema Intensity Quantification model. The system shall perform the following actions:

  1. Generate probability distribution: Analyze the input image to produce a normalized probability vector p = [p₀, p₁, ..., p₉] across 10 ordinal intensity categories (0-9), where each pᵢ represents the probability that erythema belongs to category i, and the sum equals 100%.

  2. Calculate continuous severity score: Derive a continuous erythema severity score using weighted expected value: ŷ = Σ(i × pᵢ) for i = 0 to 9, accounting for the full probability distribution rather than only the most likely class.

  3. Provide confidence score: Output a confidence score (0-1 range) indicating the model's certainty in the prediction.

  4. Clinical context support: The outputs shall serve as objective input components for healthcare professionals to compute validated composite severity indices including PASI, EASI, SCORAD, GPPGA, and PPPASI.

Processor, OrchestratorFunctional, Performance
  • PRS-2ZB: Quantitative assessment of dermatological visual sign intensity
SRS-F05Generate FHIR DiagnosticReport Base Structure

Upon receiving aggregated analysis data, the system shall create the base structure for the clinical report by instantiating a standard FHIR resource.

  1. Instantiate resource: The system shall initialize a FHIR object with the resourceType set to DiagnosticReport.
  2. Populate root-level properties: The system shall populate the resource's root-level properties with fixed, non-transactional data to ensure consistency and interoperability:
    • It shall set the status field to preliminary.
    • It shall set the category field to the code IMG (Diagnostic Imaging) from the http://terminology.hl7.org/CodeSystem/v2-0074 code system.
    • It shall populate the code field with the LOINC codes 100063-7 and 10206-1 to designate the report as a "Skin condition analysis".
Report BuilderFunctional
  • PRS-5LJ: Support health data interoperability using the HL7 FHIR standard
SRS-F2KThickened Wound Edges Assessment

Upon user-initiated request to assess thickened wound edges from a dermatological wound image, the system shall execute the Thickened Wound Edges Assessment model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of hyperkeratotic or rolled (thickened) wound edges.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and debridement planning workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-F6JHair Loss Surface Quantification

Upon user-initiated request to quantify hair loss from a dermatological image, the system shall execute the Hair Loss Surface Quantification model. The system shall perform the following actions:

  1. Three-class segmentation: Analyze the input image to generate a segmentation mask with classes: Hair, No Hair, and Non-Scalp.

  2. Generate outputs:

    • Segmentation mask: Pixel-level delineation of hair loss areas
    • Hair loss percentage: Percentage of scalp surface with hair loss

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in SALT, APULSI, and alopecia assessment workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-F9LFitzpatrick Skin Type Identification

Upon user-initiated request to identify Fitzpatrick skin type from a dermatological image, the system shall execute the Fitzpatrick Skin Type Identification model. The system shall perform the following actions:

  1. Multi-class classification: Analyze the input image to classify skin into Fitzpatrick phototypes (I-VI).

  2. Generate outputs:

    • Fitzpatrick type: Predicted skin type (Type I, II, III, IV, V, or VI)
    • Probability distribution: Confidence scores for each Fitzpatrick type
    • Confidence score: Overall model certainty (0-1 range)

  3. Clinical context support: The outputs shall enable equitable model performance monitoring, bias detection, and performance stratification across diverse populations, ensuring clinical models operate within their validated domains.

Processor, OrchestratorFunctional, Performance
  • PRS-7XK: Assess image adequacy on ingestion
SRS-FMGRecord Analysis Duration in FHIR Report

The system shall record the total processing time of the analysis workflow within the DiagnosticReport. It shall populate the custom analysisDuration field at the root of the report with the total workflow time, expressed in seconds.

Report BuilderFunctional
  • PRS-5LJ: Support health data interoperability using the HL7 FHIR standard
SRS-G3PWound Perilesional Erythema Assessment

Upon user-initiated request to assess wound perilesional erythema from a dermatological wound image, the system shall execute the Wound Perilesional Erythema Assessment model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of perilesional erythema around the wound.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and infection detection workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-G9RWound Stage Classification

Upon user-initiated request to classify wound stage from a dermatological wound image, the system shall execute the Wound Stage Classification model. The system shall perform the following actions:

  1. Multi-class classification: Analyze the input image to assign wounds to standardized stages (0, I, II, III, IV).

  2. Generate outputs:

    • Wound stage: Predicted stage classification (Stage 0, Stage I, Stage II, Stage III, or Stage IV)
    • Probability distribution: Confidence scores across all five stage categories
    • Confidence score: Overall model certainty (0-1 range)

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment, NPUAP staging, and treatment planning workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-H2VHead Detection

Upon user-initiated request to detect heads from an input image, the system shall execute the Head Detection model. The system shall perform the following actions:

  1. Object detection: Analyze the input image to detect and localize heads for patient counting, quality control, and privacy protection workflows.

  2. Generate outputs:

    • Head count: Total number of detected heads in the image
    • Bounding boxes: Detection boxes with confidence scores for each detected head
    • Multi-patient flag: Binary indicator when more than one head is detected

  3. Clinical context support: The outputs shall enable privacy protection (identifying images with multiple subjects), image quality control, patient counting, and multi-patient detection workflows, ensuring clinical models receive single-patient images as intended.

Processor, OrchestratorFunctional, Performance
  • PRS-7XK: Assess image adequacy on ingestion
SRS-H3JDeterministic Response Schemas

For any given valid request, the software shall return a JSON response body that strictly adheres to the corresponding success or error schema defined in the components/schemas section of the OpenAPI specification. The structure of the response shall be deterministic, predictable, and consistently maintained across all instances of the service.

Orchestrator, Report Builder, ProcessorData definition and databases, Input and output, interfaces
  • PRS-1V6: Expose the device’s functionality through a versioned, network-accessible API
SRS-H5KErythema Surface Quantification

Upon user-initiated request to quantify erythema surface area from a dermatological wound image, the system shall execute the Erythema Surface Quantification model. The system shall perform the following actions:

  1. Three-class segmentation: Analyze the input image to generate a segmentation mask with classes: Background, Erythema, and Non-Erythema Wound.

  2. Generate outputs:

    • Segmentation mask: Pixel-level delineation of erythema extent
    • Erythema percentage: Percentage of erythema relative to total wound area
    • Absolute erythema area: Surface area in cm² (when calibration is available)

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment, infection surveillance, and AWOSI scoring workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-H5SEmbed Explainability Mechanisms in FHIR Report

The system shall embed the generated explainability mechanisms into the DiagnosticReport to allow users to supervise the AI's operation.

For each condition listed in a per-image conclusion (within the imagingAnalysis array), the system shall include an explainability object if a mechanism is available. This object shall contain a heatMap object, which includes the image data (as Base64), contentType, height, width, and colorModel.

Report BuilderFunctional
  • PRS-8QJ: Generate an interpretative probability distribution of possible ICD categories by analysing images
  • PRS-5LJ: Support health data interoperability using the HL7 FHIR standard
SRS-H9XLichenification Intensity Quantification

Upon user-initiated request to quantify lichenification intensity from a dermatological image, the system shall execute the Lichenification Intensity Quantification model. The system shall perform the following actions:

  1. Generate probability distribution: Analyze the input image to produce a normalized probability vector p = [p₀, p₁, ..., p₉] across 10 ordinal intensity categories (0-9), where each pᵢ represents the probability that lichenification belongs to category i, and the sum equals 100%.

  2. Calculate continuous severity score: Derive a continuous lichenification severity score using weighted expected value: ŷ = Σ(i × pᵢ) for i = 0 to 9, accounting for the full probability distribution rather than only the most likely class.

  3. Provide confidence score: Output a confidence score (0-1 range) indicating the model's certainty in the prediction.

  4. Clinical context support: The outputs shall serve as objective input components for healthcare professionals to compute validated composite severity indices including EASI and SCORAD.

Processor, OrchestratorFunctional, Performance
  • PRS-2ZB: Quantitative assessment of dermatological visual sign intensity
SRS-I7TWound Affected Tissue - Intact Skin

Upon user-initiated request to assess intact skin presence from a dermatological wound image, the system shall execute the Wound Affected Tissue: Intact Skin model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine whether the wound area shows intact (unbroken) skin.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment, healing assessment, and NPUAP staging workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-J5PHair Follicle Quantification

Upon user-initiated request to quantify hair follicles from a dermatological scalp image, the system shall execute the Hair Follicle Quantification model. The system shall perform the following actions:

  1. Object detection: Analyze the input image to detect and localize individual hair follicles on the scalp.

  2. Generate outputs:

    • Follicle count: Total number of detected hair follicles
    • Bounding boxes: Spatial coordinates for each detected follicle
    • Detection confidence: Confidence score (0-1 range) for each detection

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in androgenetic alopecia assessment, alopecia areata evaluation, telogen effluvium monitoring, hair transplantation planning, and treatment monitoring workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-J9VIndistinguishable Wound Edges Assessment

Upon user-initiated request to assess indistinguishable wound edges from a dermatological wound image, the system shall execute the Indistinguishable Wound Edges Assessment model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of severely compromised edges where boundaries cannot be determined.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and critical wound identification workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-JC6The product provides a final image validity summary

The product shall aggregate the results from all individual image adequacy assessments to produce a final, single boolean isValid flag.

This flag shall be set to true if, and only if, all of the following conditions are met:

  • The image quality assessment (per SRS-024) results in an acceptable flag of true.
  • The clinical domain validation (per SRS-025) results in an isDermatological flag of true.

If any of these conditions are not met, the isValid flag shall be set to false, and no further clinical analysis (e.g., PRS-8QJ, PRS-2ZB) shall be performed on the image.

Not specifiedFunctional, Input and output, interfaces
  • PRS-7XK: Assess image adequacy on ingestion
SRS-JLMInclude the indicator of the presence of a condition in the report

The device shall invoke the corresponding processor to include the hasCondition probability in the final report. This value, representing the likelihood that the image contains any relevant dermatological condition, must be placed within the clinicalIndicator object.

Processor, Report BuilderFunctional
  • PRS-8QJ: Generate an interpretative probability distribution of possible ICD categories by analysing images
SRS-K3HWound Affected Tissue - Subcutaneous

Upon user-initiated request to assess subcutaneous tissue involvement from a dermatological wound image, the system shall execute the Wound Affected Tissue: Subcutaneous model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of subcutaneous tissue involvement in wounds.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment, depth assessment, and NPUAP staging workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-K4UOrthopedic Material Surface Quantification

Upon user-initiated request to quantify exposed orthopedic hardware from a dermatological wound image, the system shall execute the Orthopedic Material Surface Quantification model. The system shall perform the following actions:

  1. Three-class segmentation: Analyze the input image to generate a segmentation mask with classes: Background, Orthopedic Material, and Wound Tissue.

  2. Generate outputs:

    • Segmentation mask: Pixel-level delineation of exposed orthopedic hardware
    • Orthopedic material percentage: Percentage of exposed orthopedic material relative to wound area
    • Absolute orthopedic area: Surface area in cm² (when calibration is available)
    • Hardware exposure alert: Binary flag for surgical consultation

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment, surgical revision planning, device complication evaluation, and infection risk assessment workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-K6NMap Per-Image Analysis to FHIR

The system shall structure the results from each individual image analysis into a dedicated object and place it within the imagingAnalysis array of the DiagnosticReport.

Each object in this array shall contain all data specific to a single image's analysis, including:

  • A mediaValidity object detailing the results of the image adequacy assessment, including quality, domain, and modality checks.
  • A conclusion array containing the ranked probability distribution specific to that image.
Report BuilderFunctional
  • PRS-7XK: Assess image adequacy on ingestion
  • PRS-5LJ: Support health data interoperability using the HL7 FHIR standard
SRS-K7MICD Category Distribution and Binary Indicators

Upon user-initiated request to analyze a dermatological image, the system shall execute the ICD Category Distribution and Binary Indicators model. The system shall perform the following integrated actions:

  1. Compute ICD-11 probability distribution: Analyze the input image (and optional clinical metadata including age, sex, and body site) to generate a normalized probability vector across all supported ICD-11 categories, where probabilities sum to 100%.

  2. Generate top-5 ranked output: Extract and present the five ICD-11 categories with the highest probabilities, each accompanied by its ICD-11 code and confidence score, to support differential diagnosis.

  3. Calculate binary indicators: Using a dermatologist-validated mapping matrix, compute six binary indicators by aggregating probabilities across clinically meaningful category groups:

    • Malignant indicator: Probability of confirmed malignancy (melanoma, squamous cell carcinoma, basal cell carcinoma)
    • Pre-malignant indicator: Probability of conditions with malignant potential (actinic keratosis, Bowen's disease)
    • Associated with malignancy indicator: Probability of benign/inflammatory conditions with frequent overlap or mimicry of malignant presentations
    • Pigmented lesion indicator: Probability that lesion belongs to pigmented subgroup
    • Urgent referral indicator: Probability requiring dermatological evaluation within 48 hours
    • High-priority referral indicator: Probability requiring evaluation within 2 weeks

  4. Generate explainability outputs: Produce pixel-level attention indicators (heat maps or saliency masks) that highlight image regions most influential to each predicted category, enabling clinical supervision.

Processor, OrchestratorFunctional, Performance
  • PRS-8QJ: Generate an interpretative probability distribution of possible ICD categories by analysing images
SRS-KA3Orchestrate diagnosis support workflow

Upon receiving a diagnosis support request via the API, the system shall orchestrate the end-to-end processing workflow. The system shall perform the following integrated actions:

  1. Parse request: The system shall parse the incoming request to extract the set of one or more dermatological images.
  2. Invoke processors: The system shall sequentially invoke the required processors to handle the request.
    • First, it shall execute pre-processing processors responsible for image adequacy assessment (PRS-7XK) and input validation (PRS-1V6).
    • Upon successful pre-processing, it shall call the appropriate AI analysis processor to generate the probability distributions and explainability heat maps.
  3. Aggregate data: The system shall aggregate the results returned from the AI analysis processor, which includes both the aggregated probabilities and the per-image analyses.
  4. Invoke report builder: The system shall pass the aggregated data to the Report Builder microservice to assemble the final, structured clinical report as defined in software requirements SRS-Q3Q, SRS-0AB, and SRS-D2Q.
  5. Return response: The system shall return the final, structured report.
OrchestratorFunctional
  • PRS-8QJ: Generate an interpretative probability distribution of possible ICD categories by analysing images
SRS-KASInclude the indicator of needing an urgent referral in the report

The device shall invoke the corresponding processor to include the urgentReferral score in the final report. This value, indicating the calculated need for an urgent referral, must be placed within the clinicalIndicator object.

Processor, Report BuilderFunctional, Data definition and databases
  • PRS-8QJ: Generate an interpretative probability distribution of possible ICD categories by analysing images
SRS-L3XSkin Surface Segmentation

Upon user-initiated request to segment skin regions from an input image, the system shall execute the Skin Surface Segmentation model. The system shall perform the following actions:

  1. Binary segmentation: Analyze the input image to detect and isolate skin regions from non-skin background.

  2. Generate outputs:

    • Segmentation mask: Binary mask delineating skin regions (skin vs. background)
    • Skin region percentage: Percentage of image covered by skin
    • Confidence score: Overall segmentation quality metric

  3. Clinical context support: The outputs shall enable preprocessing, region-of-interest (ROI) extraction, and skin detection for downstream clinical models, ensuring they analyze appropriate skin regions.

Processor, OrchestratorFunctional, Performance
  • PRS-7XK: Assess image adequacy on ingestion
SRS-L4WDamaged Wound Edges Assessment

Upon user-initiated request to assess damaged wound edges from a dermatological wound image, the system shall execute the Damaged Wound Edges Assessment model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of compromised or damaged wound margins.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and healing prognosis workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-L8YBiofilm and Slough Surface Quantification

Upon user-initiated request to quantify biofilm and slough from a dermatological wound image, the system shall execute the Biofilm and Slough Surface Quantification model. The system shall perform the following actions:

  1. Three-class segmentation: Analyze the input image to generate a segmentation mask with classes: Background, Biofilm/Slough, and Other Wound Tissue.

  2. Generate outputs:

    • Segmentation mask: Pixel-level delineation of biofilm/slough extent
    • Biofilm/Slough percentage: Percentage of biofilm/slough relative to total wound area
    • Absolute biofilm/slough area: Surface area in cm² (when calibration is available)

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment, debridement planning, TIME framework evaluation, and AWOSI scoring workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-LBSURL-Based API Versioning

The software shall implement a URL routing mechanism that incorporates the API version directly into the request path. All API endpoint paths must be prefixed with a version identifier following the format /vX.Y/, where X represents the major version and Y represents the minor version. The system shall route requests to the appropriate implementation based on this version prefix.

API Gateway, OrchestratorFunctional, Input and output, interfaces
  • PRS-1V6: Expose the device’s functionality through a versioned, network-accessible API
SRS-M2LXerosis Intensity Quantification

Upon user-initiated request to quantify xerosis (dryness) intensity from a dermatological image, the system shall execute the Xerosis Intensity Quantification model. The system shall perform the following actions:

  1. Generate probability distribution: Analyze the input image to produce a normalized probability vector p = [p₀, p₁, ..., p₉] across 10 ordinal intensity categories (0-9), where each pᵢ represents the probability that xerosis belongs to category i, and the sum equals 100%.

  2. Calculate continuous severity score: Derive a continuous xerosis severity score using weighted expected value: ŷ = Σ(i × pᵢ) for i = 0 to 9, accounting for the full probability distribution rather than only the most likely class.

  3. Provide confidence score: Output a confidence score (0-1 range) indicating the model's certainty in the prediction.

  4. Clinical context support: The outputs shall serve as objective input components for healthcare professionals to compute validated composite severity indices including SCORAD and EASI.

Processor, OrchestratorFunctional, Performance
  • PRS-2ZB: Quantitative assessment of dermatological visual sign intensity
SRS-M6PGranulation Tissue Surface Quantification

Upon user-initiated request to quantify angiogenesis and granulation tissue from a dermatological wound image, the system shall execute the Granulation Tissue Surface Quantification model. The system shall perform the following actions:

  1. Three-class segmentation: Analyze the input image to generate a segmentation mask with classes: Background, Granulation, and Other Wound Tissue.

  2. Generate outputs:

    • Segmentation mask: Pixel-level delineation of granulation tissue extent
    • Granulation percentage: Percentage of granulation tissue relative to total wound area
    • Absolute granulation area: Surface area in cm² (when calibration is available)

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment, wound bed preparation, healing prediction, and AWOSI scoring workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-MM8Generated JWTs must have an expiration date

To limit the window of opportunity for session hijacking, all JSON Web Tokens (JWTs) issued by the system shall include a mandatory expiration claim (exp).

This is a critical security measure because a token without an expiration date, if compromised, could grant an attacker indefinite access to a user's account. By enforcing a finite lifetime, the token automatically becomes invalid after a set period, forcing re-authentication and ensuring that stolen tokens have a limited use. The system shall validate this claim upon every request and reject any token that is expired. The token's lifespan shall be configurable by an administrator.

Authentication ServiceSecurity
  • PRS-9F2: Cybersecurity & continuous threat detection
SRS-MZCRequest Body Size Limitation

To protect system resources and prevent potential denial-of-service vectors, the software shall enforce a maximum size limit for incoming request bodies. This is especially critical for endpoints that accept image data. Requests with a body size exceeding the configured limit shall be rejected, and the system shall return a 413 Payload Too Large HTTP status code.

API Gateway, OrchestratorSecurity, Input and output, interfaces
  • PRS-1V6: Expose the device’s functionality through a versioned, network-accessible API
SRS-N2CBone, Cartilage, or Tendon Surface Quantification

Upon user-initiated request to quantify exposed deep structures from a dermatological wound image, the system shall execute the Bone, Cartilage, or Tendon Surface Quantification model. The system shall perform the following actions:

  1. Three-class segmentation: Analyze the input image to generate a segmentation mask with classes: Background, Deep Structures (bone/cartilage/tendon), and Soft Tissue.

  2. Generate outputs:

    • Segmentation mask: Pixel-level delineation of exposed deep structures
    • Deep structure percentage: Percentage of exposed bone/cartilage/tendon relative to wound area
    • Absolute deep structure area: Surface area in cm² (when calibration is available)
    • Osteomyelitis risk alert: Binary flag for urgent surgical consultation

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment, osteomyelitis risk evaluation, urgent surgical consultation planning, amputation risk assessment, and AWOSI scoring workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-N5QSwelling Intensity Quantification

Upon user-initiated request to quantify swelling (edema/papulation) intensity from a dermatological image, the system shall execute the Swelling Intensity Quantification model. The system shall perform the following actions:

  1. Generate probability distribution: Analyze the input image to produce a normalized probability vector p = [p₀, p₁, ..., p₉] across 10 ordinal intensity categories (0-9), where each pᵢ represents the probability that swelling belongs to category i, and the sum equals 100%.

  2. Calculate continuous severity score: Derive a continuous swelling severity score using weighted expected value: ŷ = Σ(i × pᵢ) for i = 0 to 9, accounting for the full probability distribution rather than only the most likely class.

  3. Provide confidence score: Output a confidence score (0-1 range) indicating the model's certainty in the prediction.

  4. Clinical context support: The outputs shall serve as objective input components for healthcare professionals to compute validated composite severity indices including SCORAD, EASI, and UAS7.

Processor, OrchestratorFunctional, Performance
  • PRS-2ZB: Quantitative assessment of dermatological visual sign intensity
SRS-N7PBody Site Identification

Upon user-initiated request to identify anatomical body site from a dermatological image, the system shall execute the Body Site Identification model. The system shall perform the following actions:

  1. Multi-class classification: Analyze the input image to identify the anatomical body site location.

  2. Generate outputs:

    • Body site classification: Predicted anatomical location from predefined body site taxonomy
    • Probability distribution: Confidence scores for each body site category
    • Confidence score: Overall model certainty (0-1 range)

  3. Clinical context support: The outputs shall provide anatomical context for clinical analysis, enable site-specific model selection, support proper documentation, and ensure clinical models operate within their validated anatomical domains.

Processor, OrchestratorFunctional, Performance
  • PRS-7XK: Assess image adequacy on ingestion
SRS-N8WWound Affected Tissue - Dermis-Epidermis

Upon user-initiated request to assess dermis-epidermis involvement from a dermatological wound image, the system shall execute the Wound Affected Tissue: Dermis-Epidermis model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of partial-thickness skin loss involving dermis and/or epidermis.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment, depth assessment, and NPUAP staging workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-O5MWound Affected Tissue - Muscle

Upon user-initiated request to assess muscle tissue involvement from a dermatological wound image, the system shall execute the Wound Affected Tissue: Muscle model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of muscle tissue involvement or exposure in wounds.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment, depth assessment, and NPUAP staging workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-O93The product checks the image's clinical domain

The product shall utilize a Clinical Domain Classifier algorithm to automatically assess whether an ingested image belongs to the dermatological domain.

For each image, the system shall produce the following outputs based on this analysis:

  • A numerical AI confidence score representing the probability that the image is dermatological.
  • A boolean isDermatological flag. This flag shall be set to true if the confidence score exceeds a configurable and version-controlled threshold, and false otherwise.
Not specifiedFunctional, Input and output, interfaces
  • PRS-7XK: Assess image adequacy on ingestion
SRS-P2YAcneiform Inflammatory Pattern Identification

Upon user-initiated request to classify acne severity using IGA from a dermatological image, the system shall execute the Acneiform Inflammatory Pattern Identification model. The system shall perform the following actions:

  1. Tabular classification: Analyze tabular data (inflammatory lesion counts and density from object detection model outputs) to classify acne severity using the IGA scale (0-4).

  2. Generate outputs:

    • IGA grade: Predicted grade (0=Clear, 1=Almost Clear, 2=Mild, 3=Moderate, 4=Severe)
    • Probability distribution: Confidence scores for each IGA grade

  3. Dependencies: This model requires outputs from the Inflammatory Lesion Quantification model (lesion count and density metrics).

  4. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in IGA assessment and acne evaluation workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-P4XWound Bed Tissue - Slough

Upon user-initiated request to assess slough tissue from a dermatological wound image, the system shall execute the Wound Bed Tissue: Slough model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of slough (devitalized tissue) in the wound bed.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and debridement planning workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-P9WDesquamation Intensity Quantification

Upon user-initiated request to quantify desquamation (scaling) intensity from a dermatological image, the system shall execute the Desquamation Intensity Quantification model. The system shall perform the following actions:

  1. Generate probability distribution: Analyze the input image to produce a normalized probability vector p = [p₀, p₁, ..., p₉] across 10 ordinal intensity categories (0-9), where each pᵢ represents the probability that desquamation belongs to category i, and the sum equals 100%.

  2. Calculate continuous severity score: Derive a continuous desquamation severity score using weighted expected value: ŷ = Σ(i × pᵢ) for i = 0 to 9, accounting for the full probability distribution rather than only the most likely class.

  3. Provide confidence score: Output a confidence score (0-1 range) indicating the model's certainty in the prediction.

  4. Clinical context support: The outputs shall serve as objective input components for healthcare professionals to compute validated composite severity indices including PASI, GPPGA, and PPPASI.

Processor, OrchestratorFunctional, Performance
  • PRS-2ZB: Quantitative assessment of dermatological visual sign intensity
SRS-PU2User Action Auditing

The software shall automatically generate a secure audit trail entry for every action initiated by a user through any of the system's external interfaces.

  1. Scope of auditing: An audit trail entry shall be generated for any user-initiated operation that results in the creation, modification, deletion, or viewing of data (including patient data, analysis results, and system logs), or changes to system configuration (such as user permissions).
  2. Interface coverage: This requirement applies to all external interfaces through which a user can interact with the system, including but not limited to the network-accessible API and any graphical user interfaces (GUIs).
  3. Automation: The generation of the audit entry shall be an automatic and integral part of the action's execution flow, ensuring that no user action goes unrecorded.
API Gateway, Authentication Service, Audit ServiceSecurity, Functional
  • PRS-0MC: Comprehensive secure audit trails for user interactions
SRS-Q1LHypopigmentation or Depigmentation Surface Quantification

Upon user-initiated request to quantify pigmentary loss from a dermatological image, the system shall execute the Hypopigmentation or Depigmentation Surface Quantification model. The system shall perform the following actions:

  1. Three-class segmentation: Analyze the input image to generate a segmentation mask with classes: Normal Skin, Hypopigmented or Depigmented, and Background.

  2. Generate outputs:

    • Segmentation mask: Pixel-level delineation of pigmentary loss areas
    • Pigmentary loss percentage: Percentage of skin surface affected by pigmentary loss

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in VASI, VETF, and vitiligo assessment workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-Q3QGenerate an aggregated ICD probability distribution from an image

The software shall process a set of one or more dermatological images. For the provided image set, the system shall return a single, aggregated list of potential ICD categories as a probability distribution.

Each element in the returned list shall correspond to a single ICD category and must contain:

  • The calculated probability for that category.
  • The official ICD code, display name, system identifier, and version, structured within a code object as seen in the API output specification.

This corresponds to the conclusion array in the root of the JSON output.

Processor, Report Builder, OrchestratorFunctional
  • PRS-2ZB: Measure severity by combining image analysis and user-reported symptoms in scoring systems
SRS-Q8ZDiffuse Wound Edges Assessment

Upon user-initiated request to assess diffuse wound edges from a dermatological wound image, the system shall execute the Diffuse Wound Edges Assessment model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of poorly defined or diffuse wound boundaries.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and infection detection workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-Q9MClinical Signs Analysis Endpoint Implementation

The software shall implement and expose the POST /clinical-signs-analysis endpoint for quantitative assessment of dermatological visual signs and structural features. This endpoint shall:

  1. Accept API requests containing:

    • A dermatological image in supported formats (JPEG, PNG)
    • A list of clinical signs to be evaluated (e.g., erythema, desquamation, induration, pustule, crusting, xerosis, swelling, oozing, excoriation, lichenification, wound characteristics, tissue involvement)

  2. Process the request by invoking the clinical signs analysis workflow orchestrator (as defined in SRS-W6T) which shall:

    • Validate image adequacy for AI analysis
    • Execute the appropriate AI model processors for each requested clinical sign
    • Aggregate results from all invoked models

  3. Return a structured response containing:

    • Individual clinical sign quantification results with probability distributions, continuous scores, or binary classifications as applicable
    • Confidence scores for each analysis
    • Explainability outputs when available
    • Processing metadata including model versions and timestamps
    • Appropriate HTTP status codes and error messages for validation failures or processing errors
Orchestrator, Processor, Report BuilderFunctional, Input and output, interfaces
  • PRS-1V6: Expose the device's functionality through a versioned, network-accessible API
  • PRS-2ZB: Quantitative assessment of dermatological visual sign intensity
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-R3WWound Bed Surface Quantification

Upon user-initiated request to quantify wound bed surface area from a dermatological wound image, the system shall execute the Wound Bed Surface Quantification model. The system shall perform the following actions:

  1. Binary segmentation: Analyze the input image to generate a segmentation mask with classes: Background and Wound Bed.

  2. Generate outputs:

    • Segmentation mask: Pixel-level delineation of wound boundaries
    • Total wound area: Surface area in cm² (calibrated)
    • Wound perimeter: Perimeter length in cm
    • Maximum length: Longest wound dimension in cm
    • Maximum width: Perpendicular width measurement in cm

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment, wound measurement, healing rate tracking, and AWOSI scoring workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-R7COozing Intensity Quantification

Upon user-initiated request to quantify oozing/exudation intensity from a dermatological image, the system shall execute the Oozing Intensity Quantification model. The system shall perform the following actions:

  1. Generate probability distribution: Analyze the input image to produce a normalized probability vector p = [p₀, p₁, ..., p₉] across 10 ordinal intensity categories (0-9), where each pᵢ represents the probability that oozing belongs to category i, and the sum equals 100%.

  2. Calculate continuous severity score: Derive a continuous oozing severity score using weighted expected value: ŷ = Σ(i × pᵢ) for i = 0 to 9, accounting for the full probability distribution rather than only the most likely class.

  3. Provide confidence score: Output a confidence score (0-1 range) indicating the model's certainty in the prediction.

  4. Clinical context support: The outputs shall serve as objective input components for healthcare professionals to compute validated composite severity indices including SCORAD.

Processor, OrchestratorFunctional, Performance
  • PRS-2ZB: Quantitative assessment of dermatological visual sign intensity
SRS-R8DDomain Validation

Upon user-initiated request to validate image domain from an input image, the system shall execute the Domain Validation model. The system shall perform the following actions:

  1. Multi-class classification: Analyze the input image to classify it into one of three domains: non-skin, skin clinical, or skin dermoscopic.

  2. Generate outputs:

    • Domain classification: Predicted domain (Non-Skin, Skin Clinical, or Skin Dermoscopic)
    • Probability distribution: Confidence scores for each domain category
    • Confidence score: Overall model certainty (0-1 range)

  3. Clinical context support: The outputs shall enable proper image routing to appropriate clinical models, quality control, and domain classification workflows, ensuring clinical models operate within their validated input domains.

Processor, OrchestratorFunctional, Performance
  • PRS-7XK: Assess image adequacy on ingestion
SRS-RXKDiagnostic Support Endpoint Implementation

The software shall implement and expose the POST /diagnosis-support endpoint for providing diagnostic analysis of images. This endpoint shall process medical images and return diagnostic insights and analysis results for diagnostic support.

Orchestrator, Processor, Report BuilderFunctional, Input and output, interfaces
  • PRS-1V6: Expose the device's functionality through a versioned, network-accessible API
SRS-S2VWound Affected Tissue - Bone

Upon user-initiated request to assess bone involvement from a dermatological wound image, the system shall execute the Wound Affected Tissue: Bone model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of bone involvement or exposure in wounds.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment, depth assessment, NPUAP staging, and osteomyelitis risk evaluation workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-S8MAcneiform Lesion Type Quantification

Upon user-initiated request to quantify acne lesions from a dermatological image, the system shall execute the Acneiform Lesion Type Quantification model. The system shall perform the following actions:

  1. Multi-class object detection: Analyze the input image to detect and classify acne lesions into five categories: papules, pustules, cysts, comedones, and nodules.

  2. Generate outputs:

    • Papule count: Total number of detected papules
    • Pustule count: Total number of detected pustules
    • Cyst count: Total number of detected cysts
    • Comedone count: Total number of detected comedones
    • Nodule count: Total number of detected nodules
    • Bounding boxes: Detection boxes with class labels and confidence scores

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in GAGS, IGA, ASI, and acne assessment workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-SDZUse hashed and salted passwords

Because the software must authenticate users and securely manage their credentials (both at rest and in transit), it falls squarely under the need to protect and periodically refresh authenticators. Specifically, the REST API uses username and password credentials to generate tokens that must remain confidential, be changeable from default values, and be securely stored.

Authentication ServiceSecurity
  • PRS-9F2: Cybersecurity & continuous threat detection
SRS-SI2Secure Audit Trail Access Interface

The system shall provide a secure, access-controlled interface for authorized personnel to review, search, and export the audit trails.

  1. Role-Based access control: Access to the audit trail interface shall be strictly limited to users with specific, pre-defined administrative roles (e.g., "Auditor", "System Administrator").
  2. Functionality: The interface shall allow authorized users to perform at least the following actions:
    • Search: Search and filter audit records based on criteria such as user identity, date range, event type, and IP address.
    • Review: View the detailed content of individual audit records.
    • Export: Export search results in a standardized, machine-readable format (e.g., CSV, JSON) for external analysis and reporting.
  3. Auditing of access: All access to and actions performed within the audit trail review interface (including searches and exports) shall themselves be logged in the audit trail, creating a meta-audit log.
Audit Service, User Interface (UI), API Gateway, Authentication ServiceSecurity, Functional, Maintenance
  • PRS-0MC: Comprehensive secure audit trails for user interactions
SRS-T3KInduration Intensity Quantification

Upon user-initiated request to quantify induration (thickness/infiltration) intensity from a dermatological image, the system shall execute the Induration Intensity Quantification model. The system shall perform the following actions:

  1. Generate probability distribution: Analyze the input image to produce a normalized probability vector p = [p₀, p₁, ..., p₉] across 10 ordinal intensity categories (0-9), where each pᵢ represents the probability that induration belongs to category i, and the sum equals 100%.

  2. Calculate continuous severity score: Derive a continuous induration severity score using weighted expected value: ŷ = Σ(i × pᵢ) for i = 0 to 9, accounting for the full probability distribution rather than only the most likely class.

  3. Provide confidence score: Output a confidence score (0-1 range) indicating the model's certainty in the prediction.

  4. Clinical context support: The outputs shall serve as objective input components for healthcare professionals to compute validated composite severity indices including PASI, GPPGA, and PPPASI.

Processor, OrchestratorFunctional, Performance
  • PRS-2ZB: Quantitative assessment of dermatological visual sign intensity
SRS-T5PTamper-Evident Audit Records

The software shall ensure that all stored audit records are cryptographically sealed to make them tamper-evident, guaranteeing the integrity of the audit trail.

  1. Cryptographic sealing: Each audit record, or batch of records, shall be cryptographically hashed upon being written. The resulting hash shall be securely stored alongside the record(s).
  2. Chain of integrity: To prevent tampering with the sequence of events, the cryptographic seal of each new audit record (or batch) shall incorporate the hash of the preceding record, creating a verifiable and unbroken chain of evidence.
  3. Integrity verification: The system shall provide a mechanism for authorized administrators to verify the integrity of the audit trail by recalculating and comparing the cryptographic seals. Any mismatch shall be flagged as a potential tampering event.
Audit Service, Data Storage LayerSecurity, Data Integrity
  • PRS-0MC: Comprehensive secure audit trails for user interactions
SRS-T6HWound AWOSI Score Quantification

Upon user-initiated request to quantify wound severity using AWOSI from a dermatological wound image, the system shall execute the Wound AWOSI Score Quantification model. The system shall perform the following actions:

  1. Ordinal regression: Analyze the input image to quantify wound severity using the AWOSI scale (0-20).

  2. Generate outputs:

    • AWOSI score: Predicted ordinal score ranging from 0 to 20
    • Probability distribution: Confidence scores across the ordinal scale
    • Confidence score: Overall model certainty (0-1 range)

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in AWOSI scoring, wound assessment, and severity stratification workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-T8YWrite-Once Audit Storage

The system shall implement write-once storage for all audit files to prevent any modification or overwriting of existing audit records once they have been written.

  1. Immutability: Once an audit record is committed to the storage medium, it shall be immutable. No API or system process shall allow for the alteration of a previously written record.
  2. Append-Only operations: The audit log shall function as an append-only ledger. New records may be added, but existing records cannot be changed or deleted through normal system operations.
  3. Protection against overwriting: The system must ensure that log rotation or other file management processes do not overwrite existing, archived audit files before their retention period has expired.
Audit Service, Data Storage LayerSecurity, Infrastructure
  • PRS-0MC: Comprehensive secure audit trails for user interactions
SRS-T95Audit System Failure Handling

In the event of an audit system failure, the primary device functionality shall enter a fail-safe state to prevent any unaudited activity.

  1. Failure detection: The system must be able to detect a failure in the audit logging mechanism in real-time. A failure is defined as the inability of the Audit Service to receive, process, or securely store an audit record.
  2. Fail-Safe state: Upon detection of an audit system failure, the system shall immediately enter a pre-defined fail-safe state. This state must, at a minimum, consist of:
    • Halting all operations that require auditing until the audit service is restored.
    • Alternatively, providing a clear, unambiguous, and persistent warning to any active user that their actions are not being recorded.
  3. Resumption of normal operations: The system shall only exit the fail-safe state and resume normal operations once the audit service is fully restored and its operational integrity is verified. The transition out of the fail-safe state must itself be a logged event.
Audit Service, Monitoring & Alerting Service, All services that generate audit eventsSecurity, System Resilience, Functional
  • PRS-0MC: Comprehensive secure audit trails for user interactions
SRS-T9UWound Bed Tissue - Closed

Upon user-initiated request to assess wound closure from a dermatological wound image, the system shall execute the Wound Bed Tissue: Closed model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine whether the wound bed is closed (healed) or open.

  2. Generate outputs:

    • Binary prediction: "Closed" or "Open"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and healing outcomes evaluation workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-TPKLock accounts after five failed attempts

To protect against brute-force and credential-stuffing attacks, the system shall implement an automatic account lockout policy. A user's account shall be locked after five (5) consecutive failed login attempts.

Once an account is locked, any further login attempts for that account shall be denied, even if the credentials are correct. The failed attempt counter shall be reset to zero upon a successful login. The system shall also provide a mechanism for a system administrator to manually unlock a user's account.

The number of attempts before lockout and the duration of the lockout period shall be configurable by an administrator.

Authentication ServiceSecurity
  • PRS-9F2: Cybersecurity & continuous threat detection
SRS-U2PConsolidated Audit Record Content

Each audit trail entry shall be a single, consolidated, and structured record containing a complete set of information for every logged event.

  • Mandatory fields: Every audit record must contain at least the following fields:
    • Actor identity: The verified identity (e.g., username, system process ID) of the actor that initiated the event.
    • Actor role: The role associated with the actor at the time of the event.
    • Timestamp: A precise timestamp from a trusted time source, indicating when the event occurred.
    • Event type: A clear and consistent description of the type of event (e.g., user.login.success, data.view, security.permissions.update).
    • System response: The outcome or response from the system to the event (e.g., success, failure, HTTP status code).
    • Contextual data: Relevant contextual data that helps to understand the event, such as the source IP address or the user session ID.
Audit Service, All services that generate audit eventsSecurity, Data Integrity
  • PRS-0MC: Comprehensive secure audit trails for user interactions
SRS-U4MPerilesional Maceration Assessment

Upon user-initiated request to assess perilesional maceration from a dermatological wound image, the system shall execute the Perilesional Maceration Assessment model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of moisture-related damage in periwound skin.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and moisture management workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-U8MEnforce strong password policies (min. 12 characters, complexity rules, expiration policies)

In the setup, users must send a username and password to the /login endpoint to obtain an access token. Therefore, the medical device does rely on password-based authentication at a fundamental level.

Authentication ServiceSecurity
  • PRS-9F2: Cybersecurity & continuous threat detection
SRS-U8QHigh Availability and Load Balancing Support

The software shall be designed to operate in a horizontally-scalable, high-availability configuration. Each application instance must be stateless, not storing any session-specific data locally between requests. This design allows for incoming API traffic to be distributed across multiple server instances by a load balancer, ensuring system stability, scalability, and uninterrupted service during single-node failures or rolling updates.

Orchestrator, Application InstanceInstallation, Maintenance
  • PRS-1V6: Expose the device’s functionality through a versioned, network-accessible API
SRS-U8ZNail Lesion Surface Quantification

Upon user-initiated request to quantify nail lesions from a dermatological image, the system shall execute the Nail Lesion Surface Quantification model. The system shall perform the following actions:

  1. Three-class segmentation: Analyze the input image to generate a segmentation mask with classes: Healthy Nail, Lesion, and Background.

  2. Generate outputs:

    • Segmentation mask: Pixel-level delineation of nail lesion areas
    • Nail lesion percentage: Percentage of nail surface affected by lesions

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in NAPSI scoring, nail psoriasis assessment, and onychomycosis evaluation workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-V1DExcoriation Intensity Quantification

Upon user-initiated request to quantify excoriation (scratch damage) intensity from a dermatological image, the system shall execute the Excoriation Intensity Quantification model. The system shall perform the following actions:

  1. Generate probability distribution: Analyze the input image to produce a normalized probability vector p = [p₀, p₁, ..., p₉] across 10 ordinal intensity categories (0-9), where each pᵢ represents the probability that excoriation intensity belongs to category i, and the sum equals 100%.

  2. Calculate continuous severity score: Derive a continuous excoriation severity score using weighted expected value: ŷ = Σ(i × pᵢ) for i = 0 to 9, accounting for the full probability distribution rather than only the most likely class.

  3. Provide confidence score: Output a confidence score (0-1 range) indicating the model's certainty in the prediction.

  4. Clinical context support: The outputs shall serve as objective input components for healthcare professionals to compute validated composite severity indices including EASI and SCORAD.

Processor, OrchestratorFunctional, Performance
  • PRS-2ZB: Quantitative assessment of dermatological visual sign intensity
SRS-V4QSurface Area Quantification

Upon user-initiated request to quantify surface area from a dermatological image with reference markers, the system shall execute the Surface Area Quantification model. The system shall perform the following actions:

  1. Multi-stage pipeline processing: Analyze the input image using depth-aware surface area quantification with reference marker detection and calibration.

  2. Generate outputs:

    • Calibrated surface area: Absolute area measurements in cm² based on reference marker calibration
    • Depth estimation: Distance-to-camera estimation for area correction
    • Calibration confidence: Confidence score indicating reliability of calibration

  3. Clinical context support: The outputs shall enable accurate BSA calculations, surface area measurements, and calibration for downstream segmentation models, ensuring quantitative measurements are properly scaled.

Processor, OrchestratorFunctional, Performance
  • PRS-7XK: Assess image adequacy on ingestion
SRS-V7QNecrosis Surface Quantification

Upon user-initiated request to quantify necrotic tissue from a dermatological wound image, the system shall execute the Necrosis Surface Quantification model. The system shall perform the following actions:

  1. Three-class segmentation: Analyze the input image to generate a segmentation mask with classes: Background, Necrosis, and Other Wound Tissue.

  2. Generate outputs:

    • Segmentation mask: Pixel-level delineation of necrotic tissue extent
    • Necrosis percentage: Percentage of necrotic tissue relative to total wound area
    • Absolute necrosis area: Surface area in cm² (when calibration is available)

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment, urgent debridement planning, infection risk evaluation, and AWOSI scoring workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-W3RHyperpigmentation Surface Quantification

Upon user-initiated request to quantify hyperpigmentation from a dermatological image, the system shall execute the Hyperpigmentation Surface Quantification model. The system shall perform the following actions:

  1. Three-class segmentation: Analyze the input image to generate a segmentation mask with classes: Normal Skin, Hyperpigmented, and Background.

  2. Generate outputs:

    • Segmentation mask: Pixel-level delineation of hyperpigmentation areas
    • Hyperpigmentation percentage: Percentage of skin surface affected by hyperpigmentation

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in MASI, mMASI, melasma assessment, and post-inflammatory hyperpigmentation (PIH) assessment workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-W5ZAssign FHIR DiagnosticReport Identifier

The system shall assign a persistent, unique identifier to every generated DiagnosticReport to ensure traceability.

  1. Generate unique value: The system shall generate a unique identifier (e.g., a UUID) for the report.
  2. Populate identifier object: The system shall populate the identifier object within the DiagnosticReport resource:
    • The generated unique value shall be placed in the identifier.value field.
    • The identifier.use field shall be set to the fixed string official.
Report BuilderFunctional
  • PRS-5LJ: Support health data interoperability using the HL7 FHIR standard
SRS-W6TOrchestrate Clinical Signs Analysis Workflow

Upon receiving a clinical signs analysis request via the API, the system shall orchestrate the end-to-end processing workflow for quantitative assessment of dermatological visual signs and structural features. The system shall perform the following integrated actions:

  1. Parse Request: The system shall parse the incoming request to identify the list of clinical signs to be calculated (e.g., erythema, desquamation, induration, wound characteristics) and the associated input image data.

  2. Invoke Pre-processing Processors: The system shall sequentially invoke the required processors to validate and prepare the request:

    • First, it shall execute the image adequacy assessment processor as defined in PRS-7XK to ensure the input image meets quality standards for AI analysis.
    • Upon successful image adequacy validation, it shall proceed to the next step.

  3. Invoke AI Model Processors: Based on the list of requested clinical signs, the system shall invoke the appropriate AI model processors in parallel or sequentially as needed:

    • For intensity quantification signs (erythema, desquamation, induration, pustule, crusting, xerosis, swelling, oozing, excoriation, lichenification), it shall invoke processors implementing PRS-2ZB requirements.
    • For structural features and morphometry assessments (wound edges, exudate types, tissue involvement, lesion characteristics), it shall invoke processors implementing PRS-3TC requirements.
    • For ICD-11 classification requests, it shall invoke the processor implementing PRS-8QJ requirements.
    • Each invoked processor shall return its analysis results including probability distributions, continuous scores, binary classifications, segmentation masks, object counts, or multi-class predictions as applicable.

  4. Aggregate Data: The system shall aggregate the raw data returned from all executed AI model processors, organizing results by clinical sign type and ensuring all requested analyses are included in the aggregated dataset.

  5. Invoke Report Builder: The system shall pass the aggregated data to the Report Builder microservice to assemble the final, structured clinical assessment report containing:

    • Individual clinical sign quantification results with confidence scores
    • Derived composite scores when applicable
    • Explainability outputs and supporting metadata
    • Compliance information and regulatory disclosures

  6. Return Response: The system shall return the final, structured report as the response to the initial API request, formatted according to the API specification and including appropriate status codes and error handling.

OrchestratorFunctional
  • PRS-2ZB: Quantitative assessment of dermatological visual sign intensity
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
  • PRS-8QJ: ICD-11 category distribution with binary indicators
  • PRS-7XK: Image adequacy assessment for AI analysis suitability
SRS-W9KBloody Exudate Assessment

Upon user-initiated request to assess bloody exudate from a dermatological wound image, the system shall execute the Bloody Exudate Assessment model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of bloody or hemorrhagic exudate in wounds.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and tissue fragility assessment workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-WEREndpoint Access Control

Because the software offers a user-facing interface over which handles sensitive medical data and provides functionality that could affect patient care, it must ensure that only authorized and properly authenticated individuals use the system. Thus, the software shall protect all API endpoints by requiring a valid, unexpired OAuth 2.0 Bearer token in the Authorization header of the request. The only exceptions to this rule shall be the public endpoints explicitly designed for authentication (/login) and basic system discovery (/). The system shall reject any request to a protected endpoint that lacks a valid token with a 401 Unauthorized status code.

API Gateway, OrchestratorSecurity
  • PRS-1V6: Expose the device’s functionality through a versioned, network-accessible API
SRS-WGFAES-256 encryption for data at rest

To ensure the confidentiality of sensitive information, all data at rest shall be protected using, at a minimum, AES-256 encryption.

This requirement applies to all sensitive data stored by the system, including patient data, system audit logs, and configuration files. This ensures that in the event of a physical or logical breach of the storage medium, the data remains unreadable to unauthorized parties. The implementation within the AWS DocumentDB database must have encryption at rest enabled and properly configured.

Authentication ServiceSecurity
  • PRS-9F2: Cybersecurity & continuous threat detection
SRS-X5BFibrinous Exudate Assessment

Upon user-initiated request to assess fibrinous exudate from a dermatological wound image, the system shall execute the Fibrinous Exudate Assessment model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of fibrinous exudate indicating normal healing response.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and exudate characterization workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-X8QFollicular and Inflammatory Pattern Identification

Upon user-initiated request to identify HS phenotype from a dermatological image, the system shall execute the Follicular and Inflammatory Pattern Identification model. The system shall perform the following actions:

  1. Multi-class classification: Analyze the input image to identify hidradenitis suppurativa phenotype as follicular, inflammatory, or mixed.

  2. Generate outputs:

    • Phenotype classification: Predicted phenotype (Follicular, Inflammatory, or Mixed)
    • Probability distribution: Confidence scores for each phenotype category
    • Confidence score: Overall model certainty (0-1 range)

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in hidradenitis suppurativa assessment, Martorell classification, and HS phenotyping workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-X9JConduct periodic access reviews to verify permissions align with job functions

To enforce the principle of least privilege and mitigate the risk of "privilege creep," the system must provide functionality to conduct periodic access reviews. As users change roles and responsibilities, their access rights must be re-evaluated. The system shall provide tools for authorized administrators or managers to review the permissions assigned to users. This process must allow reviewers to easily see which permissions are granted to each user and verify that they align with their current job function. The system must also facilitate the modification or revocation of any permissions deemed excessive or unnecessary based on the review's findings.

Authentication ServiceSecurity
  • PRS-9F2: Cybersecurity & continuous threat detection
SRS-Y2EWound Bed Tissue - Granulation

Upon user-initiated request to assess granulation tissue from a dermatological wound image, the system shall execute the Wound Bed Tissue: Granulation model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of healthy granulation tissue in the wound bed.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and healing prognosis evaluation workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-Y31Audit Tampering Detection and Logging

The system shall provide a mechanism to immediately detect and log any attempt to alter or delete audit files, ensuring the integrity of the audit trail is actively monitored.

  1. Continuous integrity monitoring: The system shall continuously or periodically run an integrity check on the audit trail by verifying the cryptographic seals of the audit records.
  2. Automated alerting: If an integrity check fails, indicating a potential alteration or deletion of an audit record, the system shall immediately generate a high-priority security alert to notify designated administrators.
  3. Logging of tampering events: The detection of a potential tampering event shall itself be logged in a separate, secure, and high-visibility system log. This log entry must include details of the integrity failure, such as the timestamp of the detection and the specific audit record or batch that failed verification.
Audit Service, Security Anomaly Detection Service, Monitoring & Alerting ServiceSecurity, Data Integrity
  • PRS-0MC: Comprehensive secure audit trails for user interactions
SRS-Y5WDermatology Image Quality Assessment (DIQA)

Upon user-initiated request to assess dermatological image quality, the system shall execute the Dermatology Image Quality Assessment (DIQA) model. The system shall perform the following actions:

  1. Regression analysis: Analyze the input image to assess quality on a 0-10 scale for clinical acceptability.

  2. Generate outputs:

    • Overall quality score: Continuous score from 0 (unacceptable) to 10 (excellent quality)
    • Dimension subscores: Individual quality scores for specific dimensions (e.g., focus, lighting, framing, resolution)

  3. Clinical context support: The outputs shall enable proper functioning of clinical models by ensuring they receive appropriate inputs within validated quality thresholds, supporting quality control and telemedicine workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-7XK: Assess image adequacy on ingestion
SRS-Y6FCrusting Intensity Quantification

Upon user-initiated request to quantify crusting intensity from a dermatological image, the system shall execute the Crusting Intensity Quantification model. The system shall perform the following actions:

  1. Generate probability distribution: Analyze the input image to produce a normalized probability vector p = [p₀, p₁, ..., p₉] across 10 ordinal intensity categories (0-9), where each pᵢ represents the probability that crusting intensity belongs to category i, and the sum equals 100%.

  2. Calculate continuous severity score: Derive a continuous crusting severity score using weighted expected value: ŷ = Σ(i × pᵢ) for i = 0 to 9, accounting for the full probability distribution rather than only the most likely class.

  3. Provide confidence score: Output a confidence score (0-1 range) indicating the model's certainty in the prediction.

  4. Clinical context support: The outputs shall serve as objective input components for healthcare professionals to compute validated composite severity indices including EASI and SCORAD.

Processor, OrchestratorFunctional, Performance
  • PRS-2ZB: Quantitative assessment of dermatological visual sign intensity
SRS-Z24API Documentation Endpoint

To facilitate integration and troubleshooting, the software shall expose its API definition to authorized users. The system shall provide the machine-readable OpenAPI 3.1 specification file at a dedicated endpoint (e.g., /openapi.json). Additionally, the system shall expose a user-friendly, interactive documentation interface at /docs.

API Gateway, OrchestratorInput and output, interfaces, Maintenance
  • PRS-1V6: Expose the device’s functionality through a versioned, network-accessible API
SRS-Z5NHive Lesion Quantification

Upon user-initiated request to quantify hive lesions from a dermatological image, the system shall execute the Hive Lesion Quantification model. The system shall perform the following actions:

  1. Object detection: Analyze the input image to detect and count urticarial wheals (hives).

  2. Generate outputs:

    • Hive count: Total number of detected hives
    • Bounding boxes: Detection boxes with confidence scores

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in UAS7, UCT, and urticaria assessment workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-Z8PBiofilm-Compatible Tissue Assessment

Upon user-initiated request to assess biofilm-compatible tissue from a dermatological wound image, the system shall execute the Biofilm-Compatible Tissue Assessment model. The system shall perform the following actions:

  1. Binary classification: Analyze the input image to determine the presence or absence of visual indicators of biofilm presence in wound tissue.

  2. Generate outputs:

    • Binary prediction: "Present" or "Absent"
    • Confidence score (0-1 range) indicating the model's certainty in the classification

  3. Clinical context support: The outputs shall serve as objective input components for healthcare professionals in wound assessment and biofilm detection workflows.

Processor, OrchestratorFunctional, Performance
  • PRS-3TC: Quantitative assessment of dermatological structural features and lesion morphometry
SRS-ZQOConcurrent API Version Support

The software shall be designed to serve multiple API versions (e.g., /v1.0/, /v1.1/, /v2.0/) concurrently from the same production environment. This ensures that the introduction of a new API version, whether minor or major, does not cause service interruptions for clients integrated with older, still-supported versions.

API Gateway, OrchestratorFunctional, Maintenance
  • PRS-1V6: Expose the device’s functionality through a versioned, network-accessible API
Previous
Product Requirement Specification (PRS)
Next
R-TF-012-019 SOUPs
All the information contained in this QMS is confidential. The recipient agrees not to transmit or reproduce the information, neither by himself nor by third parties, through whichever means, without obtaining the prior written permission of Legit.Health (AI LABS GROUP S.L.)