R-TF-012-034 — Software Test Description
Document Information
| Field | Value |
|---|---|
| Product / System | Medical Device API |
| Release version | {release_version} (TBD) |
| Commit SHA | {commit_sha} (TBD) |
| Test management system | TestRail — Project “Medical Device”, Suite “Master” |
| Prepared by | {name} (TBD) |
| Date | {yyyy-mm-dd} (TBD) |
| Reviewed/Approved by | {name} (TBD) |
| Review/Approval date | {yyyy-mm-dd} (TBD) |
Purpose
This document provides the controlled test case inventory (“what tests exist”) used to verify the software requirements for the release identified above.
This document is intentionally non-duplicative:
- The verification strategy, governance, execution rules, evidence expectations, environments, and retention are defined in R-TF-012-033 — Software Test Plan.
- The test specifications (preconditions, expected results, required evidence, requirement mapping, etc.) are maintained as controlled records in TestRail.
Scope
In scope for this Test Description:
- Verification test cases for the Medical Device API (all TestRail sections used for requirements verification).
- Commissioning (operational readiness) test cases executed for the deployed release, aligned with the commissioning records set (R-TF-029-001/002/003).
Out of scope:
- Test execution results (those are captured in TestRail runs and in the evidence pack).
- Defect reports (tracked separately as defined in the Test Plan).
Terms and Definitions
- Test case: A controlled specification of verification steps and objective pass/fail criteria, including required evidence and requirement linkage.
- Test run: An execution instance of a selected set of test cases for a specific purpose and environment, producing execution results and evidence.
- Test plan (TestRail object): A container grouping multiple runs for the same
{release_version}and environment, supporting a structured verification campaign. - Commissioning: Operational readiness verification of the deployed release prior to enabling/confirming clinical use in the target environment, executed under controlled conditions and recorded in R-TF-029-00X.
Test Case Inventory and Control Method
Authoritative source
- The authoritative test specifications are the TestRail test cases in Project “Medical Device”.
Controlled inventory snapshot
- For each release verification campaign, the test case inventory is captured as a controlled export (CSV) and stored alongside the Software Test Plan annexes and/or the release evidence pack.
- This document is considered complete only when its annexes (listed below) are stored together with it in the QMS record set.
Coverage statement
- Completeness of requirements coverage is demonstrated through the Traceability Matrix (Annex B) and its linkage to the TestRail test case identifiers and requirement IDs.
References
- R-TF-012-033 — Software Test Plan (verification strategy, governance, environments, evidence packs, retention).
- R-TF-029-001 Deployment and Configuration Commissioning Record
- R-TF-029-002 Functional and Interface Commissioning Record
- R-TF-029-003 Clinical Workflow and Operational Readiness Commissioning Record
- Test case inventory sources (controlled exports):
- Annex A — TestRail Test Case Export (Verification)
- Annex B — Traceability matrix export (requirements ↔ test cases)
- Annex C — Commissioning test case list/export
Signature meaning
The signatures for the approval process of this document can be found in the verified commits at the repository for the QMS. As a reference, the team members who are expected to participate in this document and their roles in the approval process, as defined in Annex I Responsibility Matrix of the GP-001, are:
- Author: Team members involved
- Reviewer: JD-003, JD-004
- Approver: JD-001
Annexes
Annex A — TestRail Test Case Export (Verification)
Controlled export of all verification test cases used as the basis for requirement verification.
- File: Annex_B_TestRail_Test_Case_Export.csv
- Content expectation (minimum): TestRail Case ID, Title, Section, Test Level, Test Type, Automation status, NRT membership, Primary Requirement ID, Requirement IDs.
Annex B — Traceability Matrix Export (Requirements ↔ Test Cases)
Controlled export demonstrating complete and reviewable mapping between software requirements and test cases.
| SRS Id | SRS Name | Test Case Id | Test Case Title | Test Case URL | Test Id | Test URL | Status |
|---|---|---|---|---|---|---|---|
| SRS-7PJ | Network Service Exposure | C50 | Verify the API service accepts incoming HTTP requests on the designated network port | View | T105 | View | Passed |
| SRS-AQM | Standard HTTP Status Code Usage | C62 | Verify API returns 200 HTTP status codes for successful requests | View | T106 | View | Passed |
| SRS-BYJ | JSON Data Interchange Format | C68 | Verify API processes JSON requests and returns JSON responses with correct Content-Type headers | View | T107 | View | Passed |
| SRS-DW0 | User Authentication Endpoint Implementation | C77 | Verify successful user authentication and token generation via the POST /auth/login endpoint | View | T109 | View | Passed |
| SRS-D3N | Provision of Clinical Parameter Endpoints | C73 | Verify retrieval and filtering of clinical signs data via /clinical/severity-experts endpoint | View | T108 | View | Passed |
| SRS-LBS | URL-Based API Versioning | C106 | Verify API endpoints are accessible via URL paths prefixed with the major and minor version identifier | View | T110 | View | Passed |
| SRS-MZC | Request Body Size Limitation | C110 | Verify the API returns HTTP 413 when the request body exceeds the configured maximum size | View | T111 | View | Passed |
| SRS-Q9M | Clinical Signs Analysis Endpoint Implementation | C124 | Verify POST /clinical/severity-assessment returns quantified results for valid image and sign list | View | T112 | View | Passed |
| SRS-RXK | Diagnostic Support Endpoint Implementation | C128 | Verify the diagnosis-support endpoint accepts valid images and returns diagnostic analysis | View | T113 | View | Passed |
| SRS-ZQO | Concurrent API Version Support | C162 | Verify simultaneous availability and processing of requests across distinct API versions | View | T114 | View | Skipped |
| SRS-ID7 | Input Data Validation | C330 | Verify API rejects malformed inputs with standardized 422 Unprocessable Entity responses | View | T115 | View | Passed |
| SRS-EH4 | Security-Safe Error Handling | C331 | Verify API returns sanitized error responses with appropriate HTTP status codes and no internal details | View | T116 | View | Passed |
| SRS-AQM | Standard HTTP Status Code Usage | C454 | Verify API returns 401 HTTP status codes for wrong login requests | View | T272 | View | Passed |
| SRS-AQM | Standard HTTP Status Code Usage | C455 | Verify API returns 422 HTTP status code when invalid data is submitted | View | T273 | View | Passed |
| SRS-GER | System Behavior on Internal Component Failure. | C456 | Verification of controlled 503 response and graceful degradation during downstream service failure. | View | T300 | View | Passed |
| SRS-6KE | API Health Check Endpoint | C169 | Verify health check endpoint returns unhealthy when some service is unavailable | View | T121 | View | Passed |
| SRS-6KE | API Health Check Endpoint | C46 | Verify the public health endpoint returns HTTP 200 and status OK when operational | View | T118 | View | Passed |
| SRS-BA6 | Display the legal information about this medical device | C66 | Verify retrieval of mandatory legal information, UDI, and regulatory metadata via API | View | T119 | View | Passed |
| SRS-Z24 | API Documentation Endpoint | C159 | Verify availability of OpenAPI specification and interactive documentation endpoints | View | T120 | View | Passed |
| SRS-Q3Q | Generate an aggregated ICD probability distribution from a set of images | C255 | Verify API returns aggregated ICD probability distribution with structured code details in studyAggregate array | View | T122 | View | Passed |
| SRS-0AB | Generate per-image ICD analysis with explainability heat map | C256 | Verify response includes per-image ICD probabilities and heat maps for the top five categories | View | T123 | View | Passed |
| SRS-58W | Include entropy score in report | C258 | Verify response includes normalized entropy score between 0 and 1 in findings | View | T125 | View | Passed |
| SRS-71I | Include the indicator of needing a high priority referral in the report | C260 | Verify report response includes highPriorityReferral score within riskMetrics object | View | T127 | View | Passed |
| SRS-8HY | Include the indicator of malignancy in the report | C261 | Verify report response includes malignantConditionProbability score within riskMetrics object | View | T128 | View | Passed |
| SRS-D08 | Include the indicator of the image presenting a pigmented lesion in the report | C262 | Verify report response includes pigmentedLesion score within riskMetrics object | View | T129 | View | Passed |
| SRS-JLM | Include the indicator of the presence of a condition in the report | C263 | Verify report response includes anyConditionProbability score within riskMetrics object | View | T130 | View | Passed |
| SRS-KAS | Include the indicator of needing an urgent referral in the report | C264 | Verify report response includes urgentReferral score within riskMetrics object | View | T131 | View | Passed |
| SRS-K7M | Orchestrate diagnosis support workflow | C265 | Verify diagnosis workflow returns ranked ICD-11 codes, binary indicators, and explainability maps for valid images | View | T132 | View | Passed |
| SRS-A9F | Wound Bed Tissue - Epithelial | C266 | Verify epithelial tissue classification returns right presence prediction and confidence score | View | T133 | View | Passed |
| SRS-B3Z | Inflammatory Pattern Identification | C267 | Verify API returns Hurley stage and inflammatory status with associated probabilities for valid image input | View | T134 | View | Passed |
| SRS-B6L | Wound Bed Tissue - Necrotic | C268 | Verify tissue wound bed necrotic classification returns right presence prediction and confidence score | View | T135 | View | Passed |
| SRS-B8N | Pustule Intensity Quantification | C269 | Verify pustule classification returns right intensity and confidence | View | T136 | View | Passed |
| SRS-A4W | Inflammatory Nodular Lesion Quantification | C270 | Verify inflammatory nodular lesion detector return correct counts and bounding boxes for drainning tunnels | View | T137 | View | Passed |
| SRS-A6T | Delimited Wound Edges Assessment | C271 | Verify wound borders delimited classification returns right presence prediction and confidence score | View | T138 | View | Passed |
| SRS-C1R | Serous Exudate Assessment | C272 | Verify wound exudation serous classification returns right presence prediction and confidence score | View | T139 | View | Passed |
| SRS-D7N | Purulent Exudate Assessment | C274 | Verify wound exudation purulent classification returns right presence prediction and confidence score | View | T141 | View | Passed |
| SRS-D9T | Maceration Surface Quantification | C275 | Verify wound maceration segmentation analysis returns segmentation masks and the right percentage of surface affected | View | T142 | View | Passed |
| SRS-E4R | Erythema Intensity Quantification | C276 | Verify erythema classification returns right intensity and confidence | View | T143 | View | Passed |
| SRS-Y6F | Crusting Intensity Quantification | C277 | Verify crusting classification returns right intensity and confidence | View | T144 | View | Passed |
| SRS-F2K | Thickened Wound Edges Assessment | C278 | Verify thickened wound borders classification returns right presence prediction and confidence score | View | T145 | View | Passed |
| SRS-T3K | Induration Intensity Quantification | C279 | Verify induration classification returns right intensity and confidence | View | T146 | View | Passed |
| SRS-F6J | Hair Loss Surface Quantification | C280 | Verify hair loss segmentation analysis returns segmentation masks and the right percentage of surface affected | View | T147 | View | Passed |
| SRS-G3P | Wound Perilesional Erythema Assessment | C281 | Verify wound perilesional erythema classification returns right presence prediction and confidence score | View | T148 | View | Passed |
| SRS-G9R | Wound Stage Classification | C282 | Verify wound stage classification returns right score and confidence metrics from a valid wound image | View | T149 | View | Passed |
| SRS-H5K | Erythema Surface Quantification | C283 | Verify erythema segmentation analysis returns segmentation masks and the right percentage of surface affected | View | T150 | View | Passed |
| SRS-H9X | Lichenification Intensity Quantification | C284 | Verify lichenification classification returns right intensity and confidence | View | T151 | View | Passed |
| SRS-I7T | Wound Affected Tissue - Intact Skin | C285 | Verify wound affected tissues intact classification returns right presence prediction and confidence score | View | T152 | View | Passed |
| SRS-J5P | Hair Follicle Quantification | C286 | Verify API returns follicle count, bounding boxes, and confidence scores for a valid scalp image | View | T153 | View | Passed |
| SRS-J9V | Indistinguishable Wound Edges Assessment | C287 | Verify wound borders indistinguishable classification returns right presence prediction and confidence score | View | T154 | View | Passed |
| SRS-K3H | Wound Affected Tissue - Subcutaneous | C288 | Verify wound affected tissues subcutaneous classification returns right presence prediction and confidence score | View | T155 | View | Passed |
| SRS-K4U | Orthopedic Material Surface Quantification | C289 | Verify wound orthopedic material segmentation analysis returns segmentation masks and the right percentage of surface affected | View | T156 | View | Passed |
| SRS-L4W | Damaged Wound Edges Assessment | C290 | Verify wound borders damaged classification returns right presence prediction and confidence score | View | T157 | View | Passed |
| SRS-L8Y | Biofilm and Slough Surface Quantification | C291 | Verify wound biofilm material segmentation analysis returns segmentation masks and the right percentage of surface affected | View | T158 | View | Passed |
| SRS-M2L | Xerosis Intensity Quantification | C292 | Verify xerosis classification returns right intensity and confidence | View | T159 | View | Passed |
| SRS-M6P | Granulation Tissue Surface Quantification | C293 | Verify wound granulation segmentation analysis returns segmentation masks and the right percentage of surface affected | View | T160 | View | Passed |
| SRS-N2C | Bone Surface Segmentation | C294 | Verify wound bone segmentation analysis returns segmentation masks and the right percentage of surface affected | View | T161 | View | Passed |
| SRS-N5Q | Swelling Intensity Quantification | C295 | Verify swelling classification returns right intensity and confidence | View | T162 | View | Passed |
| SRS-N8W | Wound Affected Tissue - Dermis-Epidermis | C296 | Verify wound exudation serous classification returns right presence prediction and confidence score | View | T163 | View | Passed |
| SRS-O5M | Wound Affected Tissue - Muscle | C297 | Verify wound affected tissues muscle classification returns right presence prediction and confidence score | View | T164 | View | Passed |
| SRS-L3X | Skin Surface Segmentation | C298 | Verify skin segmentation analysis returns segmentation masks and the right percentage of surface affected | View | T165 | View | Passed |
| SRS-Z5N | Hive Lesion Quantification | C299 | Verify hive detector return correct counts and bounding boxes for hives | View | T166 | View | Passed |
| SRS-Z8P | Biofilm-Compatible Tissue Assessment | C300 | Verify wound biofilm tissue classification returns right presence prediction and confidence score | View | T167 | View | Passed |
| SRS-P4X | Wound Bed Tissue - Slough | C302 | Verify tissue wound bed slough classification returns right presence prediction and confidence score | View | T169 | View | Passed |
| SRS-P9W | Desquamation Intensity Quantification | C303 | Verify desquamation classification returns right intensity and confidence | View | T170 | View | Passed |
| SRS-Q1L | Hypopigmentation or Depigmentation Surface Quantification | C304 | Verify hypopigmentation segmentation analysis returns segmentation masks and the right percentage of surface affected | View | T171 | View | Passed |
| SRS-Q8Z | Diffuse Wound Edges Assessment | C305 | Verify wound borders diffused classification returns right presence prediction and confidence score | View | T172 | View | Passed |
| SRS-R3W | Wound Bed Surface Quantification | C306 | Verify wound bed segmentation analysis returns segmentation masks and the right percentage of surface affected | View | T173 | View | Passed |
| SRS-R7C | Oozing Intensity Quantification | C307 | Verify oozing classification returns right intensity and confidence | View | T174 | View | Passed |
| SRS-S2V | Wound Affected Tissue - Bone | C308 | Verify wound affected tissues bone classification returns right presence prediction and confidence score | View | T175 | View | Passed |
| SRS-S8M | Acneiform Lesion Type Quantification | C309 | Verify acneiform detector return correct counts and bounding boxes for papules, pustules, spots | View | T176 | View | Passed |
| SRS-T6H | Wound AWOSI Score Quantification | C310 | Verify AWOSI classification returns right score and confidence metrics from a valid wound image | View | T177 | View | Passed |
| SRS-T9U | Wound Bed Tissue - Closed | C311 | Verify tissue wound bed closed classification returns right presence prediction and confidence score | View | T178 | View | Passed |
| SRS-U4M | Perilesional Maceration Assessment | C312 | Verify wound perilesional maceration classification returns right presence prediction and confidence score | View | T179 | View | Passed |
| SRS-U8Z | Nail Lesion Surface Quantification | C313 | Verify nail lesion segmentation analysis returns segmentation masks and the right percentage of surface affected | View | T180 | View | Passed |
| SRS-V1D | Excoriation Intensity Quantification | C314 | Verify excoriation classification returns right intensity and confidence | View | T181 | View | Passed |
| SRS-V7Q | Necrosis Surface Quantification | C315 | Verify wound necrosis segmentation analysis returns segmentation masks and the right percentage of surface affected | View | T182 | View | Passed |
| SRS-W3R | Hyperpigmentation Surface Quantification | C316 | Verify hyperpigmentation segmentation analysis returns segmentation masks and the right percentage of surface affected | View | T183 | View | Passed |
| SRS-W9K | Bloody Exudate Assessment | C317 | Verify wound bloody exudation classification returns right presence prediction and confidence score | View | T184 | View | Passed |
| SRS-X5B | Fibrinous Exudate Assessment | C318 | Verify wound exudation fibrinous classification returns right presence prediction and confidence score | View | T185 | View | Passed |
| SRS-X8Q | Follicular and Inflammatory Pattern Identification | C319 | Verify follicular and inflammatory pattern identification returns right result | View | T186 | View | Passed |
| SRS-Y2E | Wound Bed Tissue - Granulation | C320 | Verify wound tissue wound bed granulation classification returns right presence prediction and confidence score | View | T187 | View | Passed |
| SRS-W6T | Orchestrate Clinical Signs Analysis Workflow | C321 | Verify generation of structured clinical assessment report with quantified results for requested signs via API | View | T188 | View | Passed |
| SRS-E1V | Body Surface Segmentation | C325 | Verify body surface segmentation analysis returns segmentation masks and the right percentage of surface affected | View | T193 | View | Passed |
| SRS-S8M | Acneiform Lesion Type Quantification | C446 | Verify acneiform detector return correct counts and bounding boxes for nodules, pustules and scabs | View | T264 | View | Passed |
| SRS-S8M | Acneiform Lesion Type Quantification | C447 | Verify acneiform detector return correct counts and bounding boxes for scabs, comedones, papules and pustules | View | T265 | View | Passed |
| SRS-Z5N | Hive Lesion Quantification | C448 | Verify hive detector return correct counts and bounding boxes for hives (second image) | View | T266 | View | Passed |
| SRS-A4W | Inflammatory Nodular Lesion Quantification | C449 | Verify inflammatory nodular lesion detector return correct counts and bounding boxes for non drainning tunnels | View | T267 | View | Passed |
| SRS-A4W | Inflammatory Nodular Lesion Quantification | C450 | Verify inflammatory nodular lesion detector return correct counts and bounding boxes for nodules | View | T268 | View | Passed |
| SRS-H2V | Head Detection | C323 | Verify head detection returns right bounding boxes and heads count inside an image | View | T191 | View | Passed |
| SRS-9ZT | The product classifies the image's modality | C327 | Verify API returns ""clinical"" for image modality category when a skin image is provided | View | T195 | View | Passed |
| SRS-O93 | The product checks the image's clinical domain | C328 | Verify API returns image domain category equals to ""dermatological"" and confidence score for a skin image | View | T196 | View | Passed |
| SRS-Y5W | The product checks the image quality with the Dermatological Image Quality Assessment (DIQA) algorithm | C329 | Verify API returns dermatological image quality score, interpretation, and acquisition feedback | View | T197 | View | Passed |
| SRS-9ZT | The product classifies the image's modality | C451 | Verify API returns ""dermoscopic"" for image modality category when a skin image is provided | View | T269 | View | Passed |
| SRS-O93 | The product checks the image's clinical domain | C452 | Verify API returns image domain category equals to ""non_dermatological"" and confidence score for a dog image | View | T270 | View | Passed |
| SRS-F05 | Generate FHIR DiagnosticReport Base Structure | C453 | Verify FHIR DiagnosticReport base structure for a segmenter | View | T271 | View | Passed |
| SRS-1KW | Secure Communication Protocol Enforcement | C332 | Verify API accepts requests over HTTPS using TLS 1.2 or 1.3 | View | T198 | View | Passed |
| SRS-1KW | Secure Communication Protocol Enforcement | C333 | Verify API rejects or redirects unencrypted HTTP requests | View | T199 | View | Passed |
| SRS-28X | Implement progressive delays between failed login attempts | C335 | Verify progressive increase in enforced delay across consecutive failed authentication attempts | View | T201 | View | Passed |
| SRS-28X | Implement progressive delays between failed login attempts | C336 | Verify delay resets upon successful authentication | View | T202 | View | Passed |
| SRS-A25 | Role-Based Access Control (RBAC) with Least Privilege Principle to restrict users to essential functions | C337 | Verify successful access to permitted endpoints for an authorized role | View | T203 | View | Passed |
| SRS-A25 | Role-Based Access Control (RBAC) with Least Privilege Principle to restrict users to essential functions | C338 | Verify access denial for endpoints outside the assigned role scope | View | T204 | View | Passed |
| SRS-A2B | API Rate Limiting | C339 | Verify HTTP 403 response when request volume exceeds defined threshold | View | T205 | View | Passed |
| SRS-A2B | API Rate Limiting | C340 | Verify request acceptance after rate limit time window expiration | View | T206 | View | Passed |
| SRS-MM8 | Generated JWTs must have an expiration date | C341 | Verify generated authentication tokens include the expiration claim | View | T207 | View | Passed |
| SRS-MM8 | Generated JWTs must have an expiration date | C342 | Verify access denial for requests using an expired JWT | View | T208 | View | Passed |
| SRS-SDZ | Use hashed and salted passwords | C343 | Verify generation of authentication token using valid credentials | View | T209 | View | Passed |
| SRS-SDZ | Use hashed and salted passwords | C344 | Verify rejection of authentication requests with invalid credentials | View | T210 | View | Passed |
| SRS-SDZ | Use hashed and salted passwords | C345 | Verify password update functionality and subsequent authentication | View | T211 | View | Passed |
| SRS-TPK | Lock accounts after five failed attempts | C346 | Verify account lockout enforcement after threshold reached | View | T212 | View | Passed |
| SRS-TPK | Lock accounts after five failed attempts | C347 | Verify failed attempt counter reset on successful login | View | T213 | View | Passed |
| SRS-TPK | Lock accounts after five failed attempts | C348 | Verify administrative manual account unlock capability | View | T214 | View | Passed |
| SRS-U8M | Enforce strong password policies (min. 12 characters, complexity rules, expiration policies) | C349 | Verify enforcement of password complexity and length constraints | View | T215 | View | Passed |
| SRS-U8M | Enforce strong password policies (min. 12 characters, complexity rules, expiration policies) | C350 | Verify authentication behavior for expired passwords | View | T216 | View | Passed |
| SRS-WER | Endpoint Access Control | C351 | Verify protected endpoints allow access with a valid OAuth 2.0 Bearer token | View | T217 | View | Passed |
| SRS-WER | Endpoint Access Control | C352 | Verify protected endpoints reject requests lacking a valid token with 401 Unauthorized | View | T218 | View | Passed |
| SRS-WER | Endpoint Access Control | C353 | Verify public endpoints are accessible without an Authorization header | View | T219 | View | Passed |
| SRS-WGF | AES-256 encryption for data at rest | C354 | Verify AES-256 encryption configuration for data storage | View | T220 | View | Passed |
| SRS-X9J | Conduct periodic access reviews to verify permissions align with job functions | C355 | Verify authorized administrator can retrieve current user information for review | View | T221 | View | Passed |
| SRS-X9J | Conduct periodic access reviews to verify permissions align with job functions | C356 | Verify authorized administrator can revoke permissions during access review | View | T222 | View | Passed |
| SRS-IC4 | Software and Configuration Integrity Verification | C357 | Verify successful execution and audit logging of system integrity checks | View | T223 | View | Passed |
| SRS-BK7 | Encrypted Backup and Integrity Verification | C363 | Verify backup generation | View | T225 | View | Passed |
| SRS-BK7 | Encrypted Backup and Integrity Verification | C364 | Verify automated backup generation | View | T226 | View | Passed |
| SRS-CCD | Intrusion Prevention and Malicious Traffic Detection | C366 | Verify blocking of anomalous high-frequency request bursts | View | T228 | View | Passed |
| SRS-F05 | Generate FHIR DiagnosticReport Base Structure | C368 | Verify FHIR DiagnosticReport base structure for a detector | View | T230 | View | Passed |
| SRS-FMG | Record Analysis Duration in Report | C369 | Verify analysisDuration field population in DiagnosticReport | View | T231 | View | Passed |
| SRS-JC6 | The product provides a final image validity summary | C370 | Verify isAssessable is true when domain and quality criteria are met | View | T232 | View | Passed |
| SRS-JC6 | The product provides a final image validity summary | C371 | Verify isAssessable is false when image quality is unacceptable | View | T233 | View | Passed |
| SRS-JC6 | The product provides a final image validity summary | C372 | Verify isAssessable is false when image is non-dermatological | View | T234 | View | Passed |
| SRS-K6N | Map Per-Image Analysis to a dedicated object in the report | C373 | Verify single image analysis maps to structured object in imageAnalyses array | View | T235 | View | Passed |
| SRS-K6N | Map Per-Image Analysis to a dedicated object in the report | C374 | Verify multiple image analyses map to distinct objects in imagingAnalysis array | View | T236 | View | Passed |
| SRS-H3J | Deterministic Response Schemas | C375 | Verify response structure compliance with OpenAPI success schema | View | T237 | View | Passed |
| SRS-H3J | Deterministic Response Schemas | C376 | Verify response structure compliance with OpenAPI error schema | View | T238 | View | Passed |
| SRS-W5Z | Assign DiagnosticReport Identifier | C377 | Verify Assignment of Official Identifier to DiagnosticReport | View | T239 | View | Passed |
| SRS-W5Z | Assign DiagnosticReport Identifier | C378 | Verify Uniqueness of Generated DiagnosticReport Identifiers | View | T240 | View | Passed |
| SRS-D6W | Accurate Time Synchronization | C382 | Verify System Timestamp Accuracy via API Response Headers | View | T244 | View | Passed |
| SRS-D6W | Accurate Time Synchronization | C383 | Verify System Time Synchronization and Accuracy Status | View | T245 | View | Passed |
| SRS-SI2 | Secure Audit Trail Access Interface | C388 | Verify Role-Based Access Control for Audit Trail Interface | View | T247 | View | Passed |
| SRS-SI2 | Secure Audit Trail Access Interface | C389 | Verify Audit Trail Search and Export Capabilities | View | T248 | View | Passed |
| SRS-T5P | Audit Record Integrity Protection | C391 | Verify audit records cannot be modified or deleted via API | View | T249 | View | Passed |
| SRS-PU2 | Comprehensive Event Auditing | C395 | Verify audit trail generation for authentication lifecycle and security anomalies | View | T251 | View | Passed |
| SRS-U2P | Consolidated Audit Record Content | C398 | Verify audit record completeness for successful API event | View | T252 | View | Passed |
| SRS-U2P | Consolidated Audit Record Content | C399 | Verify audit record completeness for failed API event | View | T253 | View | Passed |
| SRS-PU2 | Comprehensive Event Auditing | C410 | Verify audit trail generation for clinical data creation events | View | T255 | View | Passed |
| SRS-T95 | Audit System Failure Handling | C413 | Audit record preservation during database unavailability | View | T258 | View | Passed |
| SRS-BWB | Performance and Latency | C416 | Verify p95 API latency remains under 10 seconds during nominal load | View | T261 | View | Passed |
Annex C — Commissioning Test Case List / Export
Controlled list of commissioning test cases used to verify operational readiness of the deployed release, aligned with commissioning records R-TF-029-001/002/003.
- File: Annex_C_TestRail_Test_Commissioning_Export.csv
- Content expectation (minimum): TestRail Case ID, Title, Section, Test Level, Test Type, Automation status, NRT membership