How Ketryx Works: Product Design Philosophy and Framework

For most companies, releasing FDA-regulated software products is very difficult due to fragmented, siloed tools and high levels of manual work required to ensure quality and compliance. As a result, they release software updates infrequently — sometimes just once or twice a year. 

Ketryx reduces complexity by connecting disparate tools and providing automation that allows MedTechs to move as fast as less regulated companies like Netflix. This is made possible by our connected lifecycle management (CLM) platform’s simple yet powerful product design principles. 

This article will explore these design principles and offer transparency into how our platform works, including a look at the backend data model and framework that power Ketryx. 

What does Ketryx do? 

Ketryx was founded to help developers in highly regulated industries release safe, high-quality software at the same speed as unregulated industries. To that end, our CLM platform allows teams to connect the tools they’re already using to ensure traceability, automatically generate evidence, and enforce engineering controls throughout the product lifecycle.  

“Ketryx has allowed us to channel our hardware and software engineers’ existing set of development, testing, and documentation practices directly into the generation of compliant documentation with minimal additional burden. This has allowed us to remain agile while delivering high-quality products.” – Alexander Chan, VP of Analytics and Machine Learning at Beacon Biosignals

Core design principles 

Ketryx is built on four core principles that shape how our platform works and deliver maximum value to customers: 

1. Minimalist and interoperable with best-of-breed tools.
2. Real-time, end-to-end traceability. 
3. Automated evidence generation. 
4. Compliance by design. 

Minimalist and interoperable with best-of-breed tools 

Unlike most software lifecycle management solutions and electronic quality management systems which require you to jump back and forth between tools, Ketryx centers around best-of-breed dev tool integration. Our platform seamlessly connects with the tools developers already use (e.g., Jira, GitHub, Bitbucket) to facilitate compliance, reducing the need for them to switch between unfamiliar tools or manually transfer data between systems. Allowing developers to use their preferred tools is crucial for employee satisfaction and productivity, as it empowers them to work efficiently within familiar environments. In this way, it is invisible to developers as it enables teams to conduct their optimized workflows in their preferred systems. Ketryx is in the background documenting, tracing, and enforcing. 

A big issue with other PLM and ALM solutions is that they add complexity due to all of the new features and processes they introduce to the organization. Ketryx, on the other hand, was designed to serve as a lightweight layer that sits on top of existing tools to provide connection and automation. Our platform doesn’t interrupt essential workflows, and it reduces complexity rather than adding to the noise. 

The core of the Ketryx system can be configured in flexible ways to facilitate compliance with an organization's QMS across various connected systems. While the default configuration is tailored towards IEC 62304, Ketryx can be configured to account for additional standards like ISO 14971 and 13485, as well as a wide range of organization- or project-specific workflows and constraints. 

Whereas ALMs and PLMs were designed to allow companies to practice validation digitally, Ketryx facilitates agile digital validation. This next-generation approach prioritizes product release speed as much as safety and compliance. 

Real-time, end-to-end traceability 

Both internal teams and external bodies like the FDA require a comprehensive understanding of how everything in a medical device software product is connected. To achieve this, many MedTech companies currently have to document everything twice — once in their ALM and once in their dev tools. This is because traditional ALMs take a static, “walled garden” approach in which teams have to either utilize the functional capabilities of the ALM or manually import data from other systems. This type of design creates a system that lacks real-time visibility into the full tech stack leading to low productivity, duplicate work, and a higher risk of errors. 

Ketryx, on the other hand, was designed to streamline traceability by automatically creating relationships across different documents and systems (e.g., the requirements and architecture that live in Jira and the software detailed design and automated tests that live in a Git repository). Because Ketryx is designed to connect to any, and all, development systems, the platform is able to maintain a real-time requirements traceability matrix across all connected systems with no manual work required. 

Automated evidence generation 

Unlike other tools where you have to manually generate evidence separate from developer tools and format it to meet compliance requirements, Ketryx was designed to allow teams to automatically generate evidence documents and Part 11-compliant audit trails directly from connected dev tools. Since Ketryx was purpose-built for the MedTech industry, generated documents are structured to meet IEC 62304 requirements. Additionally, the platform automatically captures each change in any record so you can easily see what has changed between versions. This is a huge productivity booster, as developers in regulated environments often spend a significant amount of time on documentation and related tasks (e.g., manually copying and pasting data between systems). 

Ketryx provides flexibility for evidence generation through its configuration capabilities, allowing teams to tailor documentation outputs according to their specific quality procedures. This ensures that the format and structure of generated documents align with internal and regulatory expectations. Linking configuration settings to evidence generation allows teams to customize and standardize their documentation, whether it's a design history file (DHF), risk management documentation, or traceability matrix. 

Compliant by design 

Most systems rely on manual referencing and enforcement of procedures. In contrast, Ketryx is compliant by design, which means that it was built to embed compliance directly into tools and workflows so that teams cannot deviate from their standard operating procedures. Embedded engineering controls (aka developer guardrails) within connected systems like Jira ensure compliance with crucial standards, such as IEC 62304. 

These controls bridge the gap between standard operating procedures and development, accelerating product release cycles by preventing deviation, speeding up approval cycles, and reducing the need for additional V&V cycles. In addition, automated QMS enforcement raises quality by preventing mistakes commonly associated with manual enforcement of QMS procedures. This makes both developers and QA/RA teams happy — developers can practice agile development within their preferred tools and quality professionals have peace of mind that their procedures are being followed to the letter.  

How does Ketryx make these design principles a reality? 

Now that you understand what Ketryx was designed to do, let’s examine the data model that makes these goals a reality. 

Understanding the Ketryx data model 

These are the core building blocks of the Ketryx platform.

‍External system: In Ketryx, an external system refers to any software that integrates with Ketryx to support product development, such as Jira, GitHub, or other DevOps tools. The Ketryx data model is built around the connectivity of these best-of-breed systems. 

Items (short for “configuration items”) are the building blocks of a system. An item is any component or asset that is tracked and managed across the system. It could be a requirement, specification, or a test case, each uniquely identified and associated with metadata for traceability. Because configuration items are a core part of IEC 62304, Ketryx uses these entities to configure developer tools like Jira to be 62304-compliant. For example, rather than using “stories” and “epics,” Ketryx uses requirements, specifications, risk controls, and more. 

‍

Each item represents a task or task phase, with multiple representing a series of tasks that make up a release milestone. This system helps you keep projects moving swiftly by inputting project milestones to mark progress and keep every member of your team coordinated as you build. 

Records capture specific details about actions or changes made to items. They are vital for compliance and are automatically generated and logged during software development activities. This is vital for evidence generation, as Ketryx automates the audit trails that are required for compliance purposes. 

State refers to the current status of a configuration item in its lifecycle. For instance, an item could be in an "open," "in progress," "resolved," or “closed” state depending on its approval stage. In the data model illustration, the recursive loop indicates that an item's state can change over time based on various triggers or conditions. The loop reflects the dynamic and evolving nature of an item's lifecycle in the system, where an item may go through different states multiple times as it is reviewed, updated, and re-evaluated. This ensures that Ketryx can continually enforce QMS procedures while maintaining compliance and accuracy of the records.

In an external system, a new thing can either be created or changed. In the case of a new thing (e.g., a requirement in Jira), Ketryx creates an item in the system and a first record of it. For all changes to that item, a new record is created and associated with that item. So, every item may have many records to show the state of that item at any particular point in time. 

In addition to tracking changes through records, each state change for an item can trigger specific workflows and validations within Ketryx to ensure that each change adheres to the organization’s predefined rules and processes Together, these components enable: 

• Traceability and documentation: Records track everything that happens across complex systems (i.e., an audit trail) and establish relationships among items that are part of the development process. This information is used to automatically generate a configurable DHF. 
• Enforcement: Certain state changes, like deploying before all items are approved, are prevented based on a rule engine. This forces developers to follow SOPs and prevents them from taking non-compliant actions. 

Consider a MedTech company developing cardiac imaging software. At the outset, a new requirement is introduced, necessitating additional testing for compatibility with different types of hardware used in healthcare facilities. Using Ketryx, this requirement is entered as a new item with an initial record reflecting its inclusion. As the development team starts building the software, each iteration of testing and subsequent design modification generates new records linked to this item, continuously capturing state changes as tasks are managed in Jira. Ketryx captures each change, ensuring the software’s development adheres to the company’s QMS procedures and preventing non-compliant actions (e.g., closing an item without receiving design verification from an approved member of the organization). 

Ketryx and the V-model  

In the verification and validation model, there is a corresponding testing activity for each development activity. As product requirements are defined, there are accompanying validation test cases and executions. Similarly, as software item specifications are defined, there are accompanying verification test cases and executions. 

Configuration items in Ketryx map to the V-model. Requirement items answer the question, “What does the product do?” and specifications answer the question, “How does it do it?” Once those questions are answered, the product is developed to meet the “what” and “how,” along with verification and validation activities to provide documented proof. Because each configuration item is a part of the V-model, Ketryx governs the system as a whole and makes sure developers never deviate from the configured procedures.

Achieve next-generation compliance with Ketryx 

Because of the increasing demand to prioritize safety and speed, companies can no longer afford to rely on outdated, manual processes that slow down software releases and introduce the possibility of human error. Ketryx is the game-changer MedTech companies need to navigate the complexities of FDA-regulated software development in an agile way. By connecting systems to impose control on preferred DevTools, automate evidence generation, and ensure compliance, Ketryx eliminates inefficiencies and allows teams to focus on innovation without compromising safety or quality. 

Ready to see Ketryx in action? Book a demo to discover how top MedTech companies are accelerating the release of safer, validated software with our CLM platform.