Événements Ressources Contactez-nous Global | Français

Siemens Digital Industries Software

Rechercher Basculer la navigation

Siemens Digital Industries Software

Software for Medical Device Security

Up-close medical EKG machine

Security requirements need to have the same level of care and consideration applied to them as the functional and safety requirements. Security requirements are not only the right thing to do from a product standpoint, regulators worldwide are putting more emphasis on security concerns for medical devices with each passing year.

When considering the security requirements for your device, you should also consider the security expertise of your software suppliers, whether they are supplying proprietary software, open-source software or a combination thereof. Siemens Embedded Solutions has the products, services, knowhow and experience to help medical device developers succeed in developing their products quickly, safely, and securely. Siemens Embedded also has the expertise to help these developers satisfy reviewers and regulators, which means that Siemens Embedded’s products minimize risk and help to satisfy these demanding requirements.

Software for Medical Device Security

Security requirements need to have the same level of care and consideration applied to them as the functional and safety requirements. Security requirements are not only the right thing to do from a product standpoint, regulators worldwide are putting more emphasis on security concerns for medical devices with each passing year.

When considering the security requirements for your device, you should also consider the security expertise of your software suppliers, whether they are supplying proprietary software, open-source software or a combination thereof. Siemens Embedded Solutions has the products, services, knowhow and experience to help medical device developers succeed in developing their products quickly, safely, and securely. Siemens Embedded also has the expertise to help these developers satisfy reviewers and regulators, which means that Siemens Embedded’s products minimize risk and help to satisfy these demanding requirements.

Man at desk typing using 3 monitors

Embedded Software Products

Man at desk typing using 3 monitors

Siemens delivers embedded software products that enable device manufacturers to quickly design and build high quality connected devices, including those with rich user interfaces, cloud-based remote management, or requiring safety certification. Base technologies include Linux, the Nucleus real-time operating system, advanced multicore runtime, and IoT enablement and development tools.

Learn more

CVE Monitoring

The CVE (Common Vulnerabilities and Exposures) process is the main method of making available information-security vulnerabilities that are, almost entirely, a result of issues in software. With the ubiquity of open-source (especially Linux and popular add-on packages such as OpenSSL or SQLite) in medical device software, many of these vulnerabilities potentially affect these devices, but CVEs can be filed against any vulnerability and several have been filed against proprietary software as well. CVE monitoring is a process where new CVEs are evaluated against the modules in the device, allowing the device manufacturer to determine appropriate action when new CVEs are found. Regulatory bodies, including the FDA, are insisting on a strategy of managing CVEs both pre and post-release to satisfy security requirements for medical devices. While a manufacturer can perform these activities themselves, it is simpler and easier if you use a commercial distribution of this software, such as Sokol Flex OS, Sokol Omni OS, and Nucleus RTOS.

Diagram displaying CVE (Common Vulnerabilities and Exposures) example

FDA Guidance on Cybersecurity for Medical Devices

The FDA publishes significant guidance that touches on the security aspects of the software in Medical Devices; the two most important of which are the “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices”, and “Post-market Management of Cybersecurity in Medical Devices”. The documents cover the activities and expectations that the device manufacturer must consider both during the development of the device and after its release to keep the device and the data it is handling securely. The FDA also provides guidance for the use of Commercial-Off-The-Shelf (OTS) software in medical devices, which also touches on the security of the device by placing requirements on the OTS a developer might use on these devices. In all cases, the FDA requires a risk-based approach, where risks are assessed, and if the risk is significant (based on the class of the device), then is required to be mitigated for the software to be used. Mentor Embedded has significant experience in both product and service offerings to help customers mitigate the risk of the software used in their devices and pass regulatory approval.

Man flipping through file folders

Patient Privacy (HIPPA + EU GDPR)

It is well known that it is vital in all aspects of medicine to protect private patient data from those that are not authorized to access it. Laws such as HIPAA (Health Insurance Portability and Accountability Act) in the United States and the GDPR (General Data Protection Regulation) in Europe make these rules clear. These regulations apply equally to medical devices; when considering this in design, it is important not only to protect this data through the expected operation of the device but to protect it from security threats both known and unknown at the time of manufacture. Siemens Embedded can help customers fulfill privacy requirements both in terms of the design of the device’s security features and in protecting the device from newly found exploits that could impact customers and patients in the future.

Two medical personnel, one looking at chart on clipboard

Les logiciels embarqués vous intéressent ?

S'abonner aux actualités sur les logiciels embarqués

Erreur !

Nous sommes désolés, mais nous n'avons pas été en mesure de saisir vos informations. Veuillez réessayer.

Merci pour votre inscription ! C’est votre première inscription ? N’oubliez pas de répondre à l’e-mail que nous vous avons fait parvenir pour confirmer votre inscription.

Champ obligatoire Une adresse e-mail valide est requise
Champ obligatoire Valeur non valable ou trop longue

* Champ obligatoire

Solutions logicielles

Votre succès

Notre histoire

Contacts

Contactez-nous

Support technique produit

Préférences de communication

Bureaux dans le monde



Nous suivre

© Siemens 2022 Informations sur l’entreprise Règles d’acceptation des cookies Politique de confidentialité Conditions d’utilisation Identifiant numérique Signaler un piratage DMCA
© Siemens 2022 Informations sur l’entreprise Règles d’acceptation des cookies Politique de confidentialité Conditions d’utilisation Identifiant numérique Signaler un piratage DMCA
Close Video