Skip to main content
QMSQMS
QMS
  • Welcome to your QMS
  • Quality Manual
  • Procedures
  • Records
  • TF_Legit.Health_Plus
    • Legit.Health Plus TF index
    • Legit.Health Plus STED
    • Legit.Health Plus description and specifications
    • R-TF-001-007 Declaration of conformity
    • GSPR
    • Clinical
    • Design and development
    • Design History File (DHF)
      • Version 1.1.0.0
        • Requirements
        • Test plans
          • PLAN-001 Users submit their credentials to receive an access token
          • PLAN_002 Token expiration in user authentication process
          • PLAN_003 Account lockout for user authentication
          • PLAN_004 Enforcing HTTPS protocol for API communications
          • PLAN_005 Valid SSL/TLS certificates
          • PLAN_006 Rate limiting for anonymous users
          • PLAN_007 Rate limiting for authenticated users
          • PLAN_008 Logging and monitoring of rate limit violations
          • PLAN_009 Validation of request and response data against FHIR schemas
          • PLAN_010 Base64 encoded images are accepted
          • PLAN_011 Non-Base64 encoded images are rejected
          • PLAN_012 Diagnosis support endpoint accepts multiple images
          • PLAN_013 Improved accuracy with multiple images
          • PLAN_014: Password hashing during user registration
          • PLAN_015: Password hash comparison during login
          • PLAN_016: Registration of a new user by authorized individuals
          • PLAN_017 Specification of body zone for scoring systems requiring zone factor
          • PLAN_018 The device's API maintains an uptime of at least 99% over a one-month period
          • PLAN_019 API penetration testing with Intruder.io
        • Test runs
        • Review meetings
        • 🥣 SOUPs
    • IFU and label
    • Post-Market Surveillance
    • Quality control
    • Risk Management
  • Licenses and accreditations
  • External documentation
  • TF_Legit.Health_Plus
  • Design History File (DHF)
  • Version 1.1.0.0
  • Test plans
  • PLAN_018 The device's API maintains an uptime of at least 99% over a one-month period

PLAN_018 The device's API maintains an uptime of at least 99% over a one-month period

Description​

To ensure the API maintains at least 99% uptime during the test period, we'll use an internally developed Python program to monitor its availability within the deployed infrastructure.

This program continuously sends GET requests to the API's root endpoint of the medical device. It processes each response, logging key information in a local SQLite database: the date of the request, whether the communication was successful or not, and the HTTP status code of the response.

System requirements​

The software requirements to run this test are listed below:

  • Python >= 3.10

No special hardware is required.

Preconditions​

  • The entire system (including the reverse proxy, REST API, and all upstream services) is deployed, operational, and accessible online.
  • You have access to the "Legit Health" workspace on Bitbucket, as well as read permissions to clone the non-functional-testing repository.

Setup​

  • Before cloning or working with a Bitbucket Cloud repository using Git, you need to set up an SSH key on your computer. Select the guide that matches your operating system. You can skip this step if you have already configured SSH keys previously.

  • Clone the code repository, which contains the program for monitoring API availability, into your working directory. Run this command in your terminal:

    git clone git@bitbucket.org:legithealth/non-functional-testing.git

  • Change your working directory to the stability_testing directory within the cloned project.

  • To prevent software package conflicts, create a new Python virtual environment with this command:

    <Path-to-your-python-interpreter> -m venv .venv

    Replace <Path-to-your-python-interpreter> with the full path to the Python interpreter binary file on your system.

  • Once the virtual environment is created, activate it in your terminal session.

  • Install the required libraries (dependencies) for the program using the pip package manager:

    pip install -r requirements.txt

  • Create an .env file to set the necessary environment variables for the program. These variables include:

    • API_URL: The URL to access the device's API.
    • CHECK_INTERVAL_SECONDS: The interval at which the program sends a GET request to the API. This checking frequency should not exceed one minute (e.g., 30 seconds).
    • UPTIME_DATABASE_NAME: The name of the SQLite database file where the monitoring records will be stored.

Input data​

No test data is required.

Steps​

  1. After navigating to the stability_testing directory in the cloned repository and activating the virtual environment, start the monitoring service in the background by running this command:
python monitor.py
  1. Let the program to run uninterrupted for a month. During this time, periodically check the SQLite database located in the stability_testing directory, named according to the UPTIME_DATABASE_NAME environment variable.
  2. After one month, gracefully terminate the program and review the database entries.
  3. Extract, analyze and process the collected data to complete the following tasks:
    1. Count the total number of checks performed.
    2. Count the number of successful responses (status codes from 200 to 299).
    3. Calculate the uptime percentage using the formula: 
      Uptime percentage = (Number of successful responses / Total number of checks) × 100
  4. The repository includes a script to start a local server with a dashboard that shows some relevant metrics. This script automatically computes the metrics from the data recorded in the database during the API monitorization, such as the number of requests sent and the percentage of uptime. Optionally, you can launch the dashboard with the following command:
streamlit run web_ui.py

Expected outcome​

  • The monitoring program is running continuously for one month, sending GET requests to the API at the specified interval.
  • The database contains records of each request and the corresponding response information.
  • The total uptime, calculated as the percentage of successful requests out of the total requests sent, is at least 99% over the period of one month.

Verifies software requirements​

  • REQ_005

Risk control for​

    1. Interruption of service

Signature meaning

The signatures for the approval process of this document can be found in the verified commits at the repository for the QMS. As a reference, the team members who are expected to participate in this document and their roles in the approval process, as defined in Annex I Responsibility Matrix of the GP-001, are:

  • Tester: JD-017, JD-009, JD-004
  • Approver: JD-005
Previous
PLAN_017 Specification of body zone for scoring systems requiring zone factor
Next
PLAN_019 API penetration testing with Intruder.io
  • Description
  • System requirements
  • Preconditions
  • Setup
  • Input data
  • Steps
  • Expected outcome
  • Verifies software requirements
  • Risk control for
All the information contained in this QMS is confidential. The recipient agrees not to transmit or reproduce the information, neither by himself nor by third parties, through whichever means, without obtaining the prior written permission of Legit.Health (AI LABS GROUP S.L.)