Medical Device Manufacturer Secure Development Lifecycle

Topics:
Company
This is some text inside of a div block.
FDA readiness
This is some text inside of a div block.
Axel Wirth
Axel Wirth

October 18, 2021

Medical Device Manufacturer Secure Development Lifecycle

Managing the software supply chain (including commercial, open source, and contracted components) within the Secure Software Development Lifecycle requires pre- and post-market management of cybersecurity starting with supplier candidate evaluation and selection, software and documentation delivery, to ongoing management during the device’s lifecycle.

A mature Secure Software Development Lifecycle program requires consideration and consistent management from premarket through postmarket.

Premarket activities include: defining security requirements, inclusion in architecture and design, implementation, and throughout testing and release for sale, all supported by the appropriate set of security documentation.

Postmarket activities include monitoring, vulnerability mitigation and management, software and documentation maintenance, and lifecycle-related customer communication.

During the postmarket phase, device owners and operators, typically a healthcare delivery organization (HDO), will require security-specific communication and support. They will define their security requirements during procurement and expect continual security maintenance (e.g., vulnerability disclosure, patching) during the device’s useful life until final decommission.

A mature Secure Software Development Lifecycle requires tight integration between engineering and release processes with supply chain and customer (HDO) needs, all supported by the appropriate security tools, technologies, processes, and training.

Want to learn more about developing medical devices that are secure by design? Reach out to us at info@medcrypt.com and discover how we help build devices that are secure by design.

Related articles

Navigating the Evolving Landscape of Medical Device Cybersecurity
This is some text inside of a div block.

Navigating the Evolving Landscape of Medical Device Cybersecurity

Thought leadership
This is some text inside of a div block.

December 4, 2024

Top 5 Things People Get Wrong About SBOM Generation
This is some text inside of a div block.

Top 5 Things People Get Wrong About SBOM Generation

Vulnerability management
This is some text inside of a div block.
Tools & processes
This is some text inside of a div block.
Thought leadership
This is some text inside of a div block.
Jobe Naff
Jobe Naff

October 30, 2024

Cybersecurity in FDA CDRH’s Proposed Guidance List for Fiscal Year 2025
This is some text inside of a div block.

Cybersecurity in FDA CDRH’s Proposed Guidance List for Fiscal Year 2025

FDA readiness
This is some text inside of a div block.
Regulatory
This is some text inside of a div block.
Thought leadership
This is some text inside of a div block.
Axel Wirth
Axel Wirth

October 28, 2024

Subscribe to Medcrypt news

Get the latest healthcare cybersecurity news right in your inbox.

We'll never spam you or sell your information