Title :
A cybersecurity risk analysis methodology for medical devices
Author :
Jagannathan, Srinivasan ; Sorini, Adam
Author_Institution :
Exponent, Inc., Menlo Park, CA, USA
Abstract :
The U.S. Food and Drug Administration (FDA) has expressed an ongoing emphasis on cybersecurity considerations for medical devices. The FDA recently issued guidelines regarding cybersecurity management in premarket submissions. In this paper we present a brief overview of security frameworks, and develop a cybersecurity risk assessment methodology for medical devices. Our approach is essentially the application of a Preliminary Hazards Analysis study, customized to cybersecurity considerations. We illustrate this methodology using a typical, but hypothetical, medical device.
Keywords :
biomedical equipment; health hazards; risk analysis; security of data; FDA guidelines; US Food and Drug Administration; cybersecurity management; cybersecurity risk analysis methodology; cybersecurity risk assessment methodology; medical devices; preliminary hazards analysis; premarket submissions; security frameworks; Computer security; Guidelines; Hazards; Receivers; Software; Preliminary Hazards Analysis; cybersecurity management; information security; medical devices; risk assessment;
Conference_Titel :
Product Compliance Engineering (ISPCE), 2015 IEEE Symposium on
Conference_Location :
Chicago, IL
DOI :
10.1109/ISPCE.2015.7138706
