IT Security for Medical Devices
We develop safe and secure software for your medical devices. We use our experience in the development of life-sustaining products and our knowledge of risk management, functional safety and cybersecurity.
We develop safe and secure software for your medical devices. We use our experience in the development of life-sustaining products and our knowledge of risk management, functional safety and cybersecurity.
Expertise 'Security'
Security over the Entire Life Cycle
Digital transformation and networking are opening up new possibilities for patient care in medical technology. The flip side of the coin: increasing connectivity increases the attack surface for threats from cyber criminals. Your users rely on medical devices being protected against manipulation that could affect diagnoses and treatment. Active protection of your medical devices against attackers is necessary to protect patients and their sensitive data.
Notified bodies and approval authorities have recognized the relevance of the topic and are now demanding extensive measures and proof of cybersecurity.
For these reasons, we consider IT security to be an integral part of software development and postmarket monitoring.
How We Work We work with you to create a threat model to find out what risk control measures are necessary. In addition to this cybersecurity risk assessment, we analyze which capabilities the software needs to achieve certain security goals - such as integrity or confidentiality - in all phases of the product life cycle. It is important to us that the security measures do not have a negative impact on usability or patient safety.
Security Testing We test whether the measures - e.g. the use of encryption and signatures - are also effective in security testing. This also includes pen testing carried out by external experts.
Our processes implement the requirements of standards such as IEC 81001-5-1 or FDA guidance documents on cybersecurity. We use these to create the evidence so that there are no delays in the approval of your product. Our extensive practical experience with approval procedures, particularly in Europe and North America, helps us to do this.
Post Market New vulnerabilities may become known after the market launch. In order to be able to detect and evaluate these promptly, we can monitor the list of software components used - the software bill of materials - automatically and with the aid of tools.
Concepts for Your Project Do you have questions about requirements, implementation or verification in the area of IT security? Get in touch with us and let's get talking!