Encoding applications with a high degree of integrity, in the real world, usually involves jumping through a bunch of QA hoops. Sometimes these hoops actually have something to do with the proper use of the software.
The US medical device industry is regulated by the FDA. They publish a set of rules regarding “design,” which includes all software development. These rules are generally consistent with the ISO 9000 standard for steroids. You should have a bunch of documents that are written, marked by reviewers, updated with commentary on the review, and signed by the senior manager. Since the rules are backed by law, the FDA wants to see evidence that these records were not tampered with, for example, by writing the “expected result” of the test after you saw what the result of the test was. Thus, you need to either block the fully protected CM system, or all of this must be signed and dated on paper (including the source code). FDA inspectors have real enforcement powers;if they see fit, they can check your source code with an armed federal marshal. However, they are not software specialists: their job is not to judge the quality of your code, just to make sure that you follow all the rules.
DO-178B, ISO-9000 . . , FAA QA, FDA.
, , , , . , , , . , , , , , " " " " .
, , , , . . , , , , , .