00098 Cybersecurity in Medical Devices- Designing for Security

00098 Cybersecurity in Medical Devices- Designing for Security

Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions

4B. Designing for Security
FDA will assess the adequacy of the device’s security based on the device’s ability to provide and implement the security objectives below throughout the system architecture.
Security Objectives:
· Authenticity, which includes integrity;
· Authorization;
· Availability;
· Confidentiality; and
· Secure and timely updatability and patchability.

Premarket submissions should include information that describes how the above security objectives are addressed by and integrated into the device design. The extent to which security requirements, architecture, supply chain, and implementation are needed to meet these objectives will depend on:
· the device’s intended use and indications for use;
· the presence and functionality of its electronic data interfaces;
· its intended and actual environment of use;
· the type of cybersecurity vulnerabilities present;
· the exploitability of the vulnerabilities; and
· the risk of patient harm due to vulnerability exploitation.
SPDF processes aim to reduce the number and severity of vulnerabilities and thereby reduce the
exploitability of a device and the associated risk of patient harm. Because exploitation of known vulnerabilities or weak cybersecurity controls should be considered reasonably foreseeable failure modes for systems, these factors should be addressed in the device design. The benefit of following an SPDF is that a device is more likely to be secure by design, such that the device is designed from the outset to be secure within its system and/or network of use.