WIBU-SYSTEMS

Perfection in Protection, Licensing, and Security

{{ moduleLabel }}
{{ label }}

Protecting Medical Device Endpoints

MarketingWIBU-SYSTEMS AG on January 18, 2017 at 8:06 AM

The US FDA recently published new recommendations for both manufacturers and regulators to address medical device cybersecurity. The final document, Postmarket Management of Cybersecurity in Medical Devices: Guidance for Industry and Food and Drug Administration Staff, was issued on December 28, 2016.

In its guidance, the FDA said it "recognizes that medical device cybersecurity is a shared responsibility among stakeholders including health care facilities, patients, providers, and manufacturers of medical devices. Failure to maintain cybersecurity can result in compromised device functionality, loss of data (medical or personal) availability or integrity, or exposure of other connected devices or networks to security threats. This in turn may have the potential to result in patient illness, injury or death."

The report further noted that "A growing number of medical devices are designed to be networked to facilitate patient care. Networked medical devices, like other networked computer systems, incorporate software that may be vulnerable to cybersecurity threats . . . . manufacturers are encouraged to address cybersecurity throughout the product lifecycle, including during the design, development, production, distribution, deployment and maintenance of the device."

In the wake of the ongoing security concerns surrounding the IoT, security by design is a concept that manufacturers of all types of connected devices, including medical equipment, are taking into consideration.

The best way to combat cyberthreats is for manufacturers to consider #cybersecurity throughout the total product lifecycle of a device.

Suzanne B. Schwartz, Associate director for Science and Strategic Partnerships, at the Center for Devices and Radiological Health, commented in the FDA Voice, that “The best way to combat these threats is for manufacturers to consider cybersecurity throughout the total product lifecycle of a device. In other words, manufacturers should build in cybersecurity controls when they design and develop the device to assure proper device performance in the face of cyber threats, and then they should continuously monitor and address cybersecurity concerns once the device is on the market and being used by patients.”

The endpoint security approach addresses several vulnerability areas:

  • physical security to prevent uncontrolled changes to or the removal of the endpoint
  • root of trust to provide confidence on the endpoint identity
  • integrity protection to ensure that the endpoint is in the configuration that enables it to perform its functions predictably
  • access control to ensure that proper identification, authentication and authorization protocols are performed
  • secure configuration and management control updates of security policies and configurations
  • monitoring and analysis including integrity checking, detecting malicious usage patterns or denial of service activities, and enforcing security policies and analytics
  • data protection to control data integrity, confidentiality and availability
  • security models and policies governing the implementation of security functions.

At Wibu-Systems, one of our major areas of focus is on the protection of medical device endpoints, where vulnerabilities may permit the unauthorized access, modification, or misuse. Our approach is to build multi-layered security measures directly into the design of sensors, PLCs, embedded devices, virtual systems or other connected endpoints.

For more details, Oliver Winzenried, President and CEO of WIBU-SYSTEMS AG, further explains the risks and rewards of endpoint security in his article, Protecting endpoint security of medical systems, published in Medical Device Developments magazine.

Login or register now and enjoy all the benefits of a community!

To get the whole functionality of IndustryArena Forum you need to login or register. This process is absolutely free.

Password forgotten?
Contact request
Guest Photo
Your message
The controller within the meaning of Art. 4(7) GDPR is: IndustryArena GmbH, Schneiderstr. 6, 40764 Langenfeld, Germany.
You may reach our data protection officer under [email protected].

Purpose of processing
We process your personal data concerning the use of the contact form and the communication with the company of the newsroom as well as the transmission of your data to this company in accordance to Art. 6 (1a) GDPR. This constitutes a legitimate interest for us in accordance to Art. 6 (1f) GDPR.

Recipient of the data
Within our organization, those units gain access to your data, which are necessary to fulfil the above purposes.
Personal data will only be transmitted to third parties if this is necessary for the aforementioned purposes or if another legal basis exists. If necessary, we conclude the corresponding data protection agreements with third parties, in particular pursuant to Art. 28 GDPR.

Data storing
Your data will be transmitted to the company of the newsroom for further processing. The period of storing is the duration of the processing of your request by the respective company.

Select contact person

Newsroom Logo

Design options

  • Title text color:
  • Content background:
  • Content text color:
  • Navigation background:
  • Tab text color:
  • Active tab text color:
  • Link text color:
  • Active link text color:
  • Background image Background color:

    How do you want to position the background-image?

    Please note: Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.

    Set the link for the background image

  • Banner

    How do you like to align the banner?

    Please note: Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.

    Set the link for the banner

  • Skyscraper

    Set the link for the skyscraper

Please note:

Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.