NumPy

General Information

Field	Value
Package Name	numpy (NumPy)
Manufacturer / Vendor	NumPy Community / NumFOCUS (NumPy organization and contributors)
Software Category	Library
Primary Documentation	Documentation, GitHub, PyPI
Programming Language(s)	Python, C
License	BSD-3-Clause
Deployed Version(s)	>=1.26.0 (version-locked at 2.3.5, 2.4.0, and 2.4.1 across microservices)
Most Recent Available Version	2.4.1
Last Review Date	2026-01-27

Overview

NumPy is the fundamental package for scientific computing with Python. It provides a powerful N-dimensional array object, sophisticated broadcasting functions, tools for integrating C/C++ and Fortran code, and useful linear algebra, Fourier transform, and random number capabilities. NumPy brings the computational power of languages like C and Fortran to Python while maintaining ease of use. With over 31,000 GitHub stars, it is the de facto standard for numerical computing in the Python ecosystem and forms the foundation upon which nearly all scientific Python libraries are built.

Within the medical device software, NumPy serves as the foundational numerical computing layer that underpins all image processing, machine learning inference, and statistical operations. It is integrated throughout the legithp-expert framework and all AI expert microservices. Specifically, NumPy is used for:

• Image data representation: All images are stored as NDArray[np.uint8] arrays with shape (H, W, 3) for RGB data, providing a standardized pixel representation across the computer vision infrastructure
• Mask operations: Segmentation masks are represented as 2D np.uint8 arrays with probabilistic values (0-255), enabling contour extraction, coverage calculations, and overlay rendering
• Array interoperability: Bidirectional conversion between NumPy arrays, PIL Image objects, and PyTorch tensors via np.array(), Image.fromarray(), and tensor operations
• Probability distributions: Managing classification outputs with np.float64 precision for skin condition probability distributions, including entropy calculation and mean aggregation across multi-view predictions
• Test-time augmentation: Stacking multiple augmented image views using np.stack() for ensemble predictions
• Explainability support: GradCAM++ saliency maps are generated as NumPy arrays with float values (0-1) for clinical interpretation

The library was selected for its industry-standard status as the foundation of the scientific Python ecosystem, seamless integration with PyTorch and PIL/Pillow, comprehensive array manipulation capabilities, well-optimized C code providing performance critical for real-time inference, and permissive BSD licensing compatible with commercial medical device software.

Functional Requirements

The following functional capabilities of this SOUP are relied upon by the medical device software.

Requirement ID	Description	Source / Reference
FR-001	Represent multi-dimensional arrays with typed elements (uint8, float32, float64)	numpy.ndarray class, numpy.dtype
FR-002	Convert Python sequences and PIL images to NumPy arrays	numpy.array() function
FR-003	Create zero-filled arrays for mask initialization	numpy.zeros() function
FR-004	Create arrays filled with specified values	numpy.full() function
FR-005	Stack multiple arrays along new dimensions for batch processing	numpy.stack() function
FR-006	Conditional element selection based on boolean conditions	numpy.where() function
FR-007	Pad arrays with specified border values for image preprocessing	numpy.pad() function
FR-008	Compute mean values across arrays for probability aggregation	numpy.mean() function
FR-009	Compute variance for color channel analysis	numpy.var() function
FR-010	Compute natural logarithm for Shannon entropy calculation	numpy.log() function
FR-011	Clamp array values within specified bounds	numpy.clip() function
FR-012	Flip arrays along specified axes for augmentation	numpy.flip() function
FR-013	Generate random samples for pixel sampling optimization	numpy.random.choice() function
FR-014	Perform exact and approximate array comparison for testing	numpy.array_equal(), numpy.allclose()
FR-015	Sum array elements for coverage and counting operations	numpy.sum() function

Performance Requirements

The following performance expectations are relevant to the medical device software.

Requirement ID	Description	Acceptance Criteria
PR-001	Array operations shall complete within acceptable API latency bounds	Array operations do not dominate inference latency
PR-002	Memory allocation shall scale linearly with array dimensions	No memory leaks during repeated array operations
PR-003	Numerical operations shall maintain IEEE 754 floating-point precision	No loss of precision affecting probability calculations
PR-004	Array type conversions (uint8/float32/float64) shall preserve data fidelity	No data loss or corruption during type conversions
PR-005	Random sampling operations shall provide statistically representative distributions	Pixel sampling produces representative color statistics

Hardware Requirements

The following hardware dependencies or constraints are imposed by this SOUP component.

Requirement ID	Description	Notes / Limitations
HR-001	Sufficient system memory for array data	Memory requirements scale with array dimensions (height × width × channels)
HR-002	x86-64 or ARM64 processor architecture	Pre-built wheels available for common platforms
HR-003	CPU with SIMD support for optimized operations	SSE/AVX on x86-64, NEON on ARM64 for vectorized operations

Software Requirements

The following software dependencies and environmental assumptions are required by this SOUP component.

Requirement ID	Description	Dependency / Version Constraints
SR-001	Python runtime environment	Python >=3.10
SR-002	C library for low-level array operations	System libc (bundled in wheels)
SR-003	BLAS/LAPACK for linear algebra (optional)	OpenBLAS or Intel MKL if available

Known Anomalies Assessment

This section evaluates publicly reported issues, defects, or security vulnerabilities associated with this SOUP component and their relevance to the medical device software.

Anomaly Reference	Status	Applicable	Rationale	Reviewed At
CVE-2021-41495 (Null pointer dereference in numpy.sort)	Fixed	No	Affects NumPy <1.22.2; the device uses version-locked 2.3.5–2.4.1 which includes the fix. Vendor notes attack requires exhausting memory, which implies attacker is already privileged	2026-01-27
CVE-2021-41496 (Buffer overflow in array_from_pyobj)	Fixed	No	Affects NumPy <1.22.0; the device uses version-locked 2.3.5–2.4.1 which includes the fix. The device does not use the affected Fortran interface functions	2026-01-27
CVE-2021-34141 (Incomplete string comparison)	Fixed	No	Affects NumPy <1.22.0; the device uses version-locked 2.3.5–2.4.1 which includes the fix. Vendor states behavior is "completely harmless"	2026-01-27
CVE-2019-6446 (Pickle deserialization arbitrary code execution)	Fixed	No	Affects NumPy <1.16.3; the device uses version-locked 2.3.5–2.4.1 which includes the fix. Disputed as it requires loading untrusted pickle files; the device does not load external .npy files	2026-01-27

NumPy is actively maintained by the NumPy community under the NumFOCUS fiscal sponsorship, with a robust security response process. The project maintains a security policy with Tidelift partnership for coordinated vulnerability disclosure. According to the Snyk vulnerability database, all known high-severity vulnerabilities have been addressed in versions prior to 1.22.2.

The device's usage pattern minimizes attack surface exposure:

• No external data loading: The device does not use numpy.load() to load .npy or .npz files from external sources; all arrays are created programmatically from validated image data
• Version locking: Requirements lock files pin NumPy to versions 2.3.5, 2.4.0, and 2.4.1 across microservices, ensuring reproducible and auditable deployments with all known security vulnerabilities addressed
• Input validation: All image data is validated at API boundaries before being converted to NumPy arrays
• No pickle operations: The device does not use NumPy's pickle-based serialization; model weights use PyTorch's serialization with weights_only=True
• Controlled array dimensions: Image dimensions are bounded by API input validation, preventing denial-of-service via excessive memory allocation
• Type safety: Extensive use of numpy.typing.NDArray type hints ensures array operations receive expected data types

Risk Control Measures

The following risk control measures are implemented to mitigate potential security and operational risks associated with this SOUP component:

• Version locking via requirements_lock.txt files ensures reproducible, auditable deployments with known-secure versions
• All array data originates from validated API inputs or internal computations
• No external NumPy file loading or pickle deserialization
• Array dimension bounds enforced at API boundaries
• Type validation at domain entity boundaries (Image, Mask, SaliencyMap classes)

Assessment Methodology

The following methodology was used to identify and assess known anomalies:

• Sources consulted:

  • National Vulnerability Database (NVD) search for "numpy"
  • GitHub Security Advisories for numpy/numpy
  • NumPy security policy
  • Snyk vulnerability database
  • CVE Details for NumPy
  • PyPI package security reports

• Criteria for determining applicability:

  • Vulnerability must affect deployed versions (2.3.5, 2.4.0, 2.4.1)
  • Vulnerability must be exploitable in the device's operational context (image processing, inference pipelines)
  • Attack vector must be reachable through the device's interfaces (no external file loading, no untrusted pickle data)
  • Input validation and version constraints must not already mitigate the vulnerability

Signature meaning

The signatures for the approval process of this document can be found in the verified commits at the repository for the QMS. As a reference, the team members who are expected to participate in this document and their roles in the approval process, as defined in Annex I Responsibility Matrix of the GP-001, are:

• Author: Team members involved
• Reviewer: JD-003, JD-004
• Approver: JD-001