Guest Column | October 18, 2021

New Plug-And-Play Guidances: Computerized Systems Validation And Audit Trail Requirements

By BioPhorum

iStock-1199243271

A plug-and-play approach can significantly impact how we design, build, and operate biopharmaceutical facilities. Yet, with such a new and innovative development, there are many challenges for industry to adopt the approach. This is why BioPhorum is working toward guidelines that enable plug-and-play for bioprocessing equipment.

Two recent documents typify BioPhorum’s approach to industry collaboration and standardization: Plug-And-Play Computerized Systems Validation Strategy and Plug-And-Play Audit Trail Requirements, which are summarized in this article.

Plug-And-Play Computerized Systems Validation Strategy

This guidance document aims to maximize the benefits of adopting the BioPhorum approach to interoperable, modular equipment assemblies (“skids”). It provides guidance for end users and suppliers of process orchestration layers (POLs) and process equipment assemblies (PEAs), so they can successfully demonstrate that their equipment complies with the interface specifications created by the BioPhorum Plug and Play team. It focuses on what needs to be tested and documented, not how a product performs (the PEA and POL supplier will define this). It is based on NAMUR’s Module Type Package (MTP) standard and a series of interface specifications created by the BioPhorum Plug and Play team. NAMUR is an automation systems interest group of the process industries based in Germany.

The guidance assumes that:

  • The PEA supplier will provide documentation assuring that the PEA complies with the plug-and-play interface specification.
  • The exchange of data via MTP will include access to all data collected by the PEA.
  • The approach will leverage the standardized nature of the interface to reduce the overall time and cost in the qualification of integrated unit operations supporting the standard.
  • The user knows that each skid adds load on the plant network. They must ensure the network can support the required number of plug-and-play units.
  • The normal user quality procurement processes will ensure the PEA will be suitable for the intended use, e.g., electrical and physical interface requirements.

Expectations of Stakeholder Groups

Process Equipment Supplier

Generation of the PEA requires the supplier to follow the Good Automation Manufacturing Process life cycle model and ensure that its internal quality procedures will be followed by full qualification documentation covering the system/product life cycle. The supplier will self-certify that the PEA has been created in line with the requirements of the defined class of equipment and will provide the full qualification documentation set. Each instance of the equipment will document that it is a certified replica of the supplier-qualified model.

The configuration will include the class and subclass of equipment to which it conforms. Each instance of the equipment will have a unique reference recorded with the software configuration build version, the MTP version number the system conforms to, and the plug-and-play class specification version reference.

All of this information must form part of the MTP definition of the equipment and be available to the POL when connected. The supplier will provide this with the instance documentation.

Process Orchestration System Supplier

The POL supplier will create an application capable of correctly and reliably interpreting MTP files and automatically creating the configuration necessary to connect to each instance of the PEA. It should meet the POL supplier’s quality procedures and its internal quality and version control procedures.

It is expected that the POL MTP application will create interface modules to the PEA phases to allow easy access from the POL recipe creation application with access to all the standard phases and parameters defined by the plug-and-play standard. The POL supplier will self-certify that the MTP application meets the requirements for MTP and each class of PEA. The end user will treat this application as standard system functionality, subject to the same level of testing as other standard features of the system.

It is anticipated that the POL supplier will also include tools for allowing easy connection and removal of the PEAs to suit process requirements and for monitoring and troubleshooting individual PEA connections. The POL will verify that the MTP and the plug-and-play standards used are compatible with the versions used in the POL and that the equipment is of the expected class and subclass for the process stage.

End User

The end user will be responsible for two main areas of computerized systems validation:

  • Verifying that the communications between the POL and the PEA have been correctly configured and data can be seamlessly shared between the systems, following initial connection and configuration.
  • Process validation of the manufacturing process recipe, i.e., that the equipment with the defined procedures and parameters manufactures the required product correctly.

Extensions to Standard Process Functionality

The plug-and-play standard provides a set of unit operations and phases covering much of the process functionality required for most biopharmaceutical manufacturing using single-use equipment. However, there may be a requirement for the equipment to perform customized functions that are not possible using standard functions.

Two types of extension functions are recognized: functional extensions, i.e., extended functionality provided by the PEA supplier to make the best use of their knowledge, equipment development, and expertise; and supplemental extensions requested by the user to cover non-standard process requirements. They may be treated differently from a validation perspective.

Governance

The plug-and-play standard is supported by NAMUR MTP (which provides a structure where the PEA definition can be encoded for incorporation into the POL) and Open Platform Communications Unified Architecture (OPC UA), which allows data exchange between the POL and the PEA. Changes to either of these standards may impact the operation of the plug-and-play standard and need monitoring.

We anticipate that the BioPhorum standard will ultimately be maintained and managed by an international standards group (such as the IEC). Until then, the Plug and Play team will maintain its links with the NAMUR MTP team to ensure developments in the underlying standards can be addressed to avoid compatibility issues.

Plug-And-Play Audit Trail Requirements

An audit trail needs to unambiguously capture any electronic changes to a system. Captured event data includes when, by whom, where, and what. It must be accessible to determine data integrity surrounding a production lot, and many consumers of audit log data need context to understand data sets relating to batch release.

Typically, equipment skids (MTP PEAs) must be treated as bespoke units when connected to control systems (MTP POLs). Unfortunately, packaged equipment vendors provide a random structure of audit trail messages, making integration of audit trail information complex and inconsistent. A standard is needed to define the interface for audit logs that fulfill all the objectives of EU GMP Annex 11 and FDA 21 CFR Part 11.

This is why BioPhorum has written a plug-and-play audit trail requirements specification that provides recommendations for biological manufacturing equipment. The specification will help NAMUR add the data integrity and audit capability required by the life sciences industry to the MTP standard. It also defines the audit trail requirements for the interface and actions on POLs and PEAs during normal operations (program/development changes and IT-related audit logs are out of scope).

When considering audit trails, it is important to understand the following terms:

  • Data integrity: The completeness, consistency, and accuracy of data. This data should be attributable, legible, contemporaneously recorded, original or a true copy, and accurate (ALCOA). Integrity is critical throughout the cGMP data life cycle.
  • Metadata: Structured information that describes, explains, or makes it easier to retrieve, use, or manage data. For example, “23” is meaningless without indicating the unit, e.g., “mg.” Data should be maintained throughout the record’s retention period with the metadata required to reconstruct the cGMP activity.
  • Audit trail: A secure, computer-generated, timestamped record that allows the reconstruction of the creation, modification, or deletion of an electronic record. Audit trails include those that track the creation, modification, or deletion of data, and actions at a record or system level.
  • Static and dynamic records: Static is used to indicate a fixed-data record (e.g., on paper) and dynamic means the record format allows interaction between the user and the record content.
  • Audit records from control systems: All entities of control systems are required to produce an audit trail to comply with FDA 21 CFR Part 11, EU Annex 11, and data integrity requirements.

Key requirements include:

  • End users should have procedures requiring review of audit trail data within the batch release process or as a periodic system review activity.
  • Data should be reviewed in the format in which they are collected (e.g., static or dynamic).
  • Data should not be able to be modified or deleted and must be retained.
  • Audit trails must be enabled for software systems and not disabled after an initial system configuration.
  • Audit trails must be identifiable and accessible with suitable read-only credentials.

The BioPhorum plug-and-play standard uses NAMUR MTP with OPC UA. The paper proposes a data model for the audit trail that fulfills regulatory requirements and the context needs of data analytics. The value of the BioPhorum audit data is the content and context of the information transferred. Two possible implementations are the following.

OPC UA Event Extension

The standard OPC UA event types do not wholly satisfy the BioPhorum audit data model requirements as they are not specific to the biotech industry. The BioPhorum specification proposes a specific audit event type based on the properties in the BioPhorum audit data model (but recognizes that this custom event may challenge existing technology providers).

A test was performed using the BioPhorum model, where a custom event was created using OPC UA software in Linux and tested with an OPC UA test client on another computer. The test was successful, and it was possible to capture accurate timestamps at the source.

JSON-LD Event

To use the audit trail, the end user is required to store the audits in a database. Audit logs could be stored in a vendor-neutral format such as JavaScript Object Notation for Linked Data (JSON-LD) files. Many control system entities can directly transfer JSON events. The BioPhorum audit data model could specify the common schema for the JSON-LD files, which higher-level systems could ingest. JSON events can be streamed directly to a unified event database.

This standard audit trail event model considers the requirements of regulation and analytical applications. It could be adopted by NAMUR MTP, which could then work with national standards bodies to enable IEC certification. By combining BioPhorum’s audit trail requirement specification with MTP, equipment and control systems providers can enhance interoperability and vastly reduce equipment installation times. Also, by providing good documentation to their customers’ quality systems, they can help customers to reduce their internal validation effort.