Medical Device Manufacturer Secure Development Lifecycle

Topics:
Company
This is some text inside of a div block.
FDA readiness
This is some text inside of a div block.
Axel Wirth
Axel Wirth

October 18, 2021

Medical Device Manufacturer Secure Development Lifecycle

Managing the software supply chain (including commercial, open source, and contracted components) within the Secure Software Development Lifecycle requires pre- and post-market management of cybersecurity starting with supplier candidate evaluation and selection, software and documentation delivery, to ongoing management during the device’s lifecycle.

A mature Secure Software Development Lifecycle program requires consideration and consistent management from premarket through postmarket.

Premarket activities include: defining security requirements, inclusion in architecture and design, implementation, and throughout testing and release for sale, all supported by the appropriate set of security documentation.

Postmarket activities include monitoring, vulnerability mitigation and management, software and documentation maintenance, and lifecycle-related customer communication.

During the postmarket phase, device owners and operators, typically a healthcare delivery organization (HDO), will require security-specific communication and support. They will define their security requirements during procurement and expect continual security maintenance (e.g., vulnerability disclosure, patching) during the device’s useful life until final decommission.

A mature Secure Software Development Lifecycle requires tight integration between engineering and release processes with supply chain and customer (HDO) needs, all supported by the appropriate security tools, technologies, processes, and training.

Want to learn more about developing medical devices that are secure by design? Reach out to us at info@medcrypt.com and discover how we help build devices that are secure by design.

Related articles

Understanding the Impact of the Pause in NVD Vulnerability Analysis and Exploring New Solutions
This is some text inside of a div block.

Understanding the Impact of the Pause in NVD Vulnerability Analysis and Exploring New Solutions

Tools & processes
This is some text inside of a div block.
Vulnerability management
This is some text inside of a div block.
MedISAO
MedISAO

May 29, 2024

Medical Device Cybersecurity - 2023 Learnings and 2024 Expectations
This is some text inside of a div block.

Medical Device Cybersecurity - 2023 Learnings and 2024 Expectations

All topics
This is some text inside of a div block.
Axel Wirth
Axel Wirth

December 18, 2023

Subscribe to Medcrypt news

Get the latest healthcare cybersecurity news right in your inbox.

We'll never spam you or sell your information

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.