Ecosystem

Connected & Cyber-Physical Devices

The full cybersecurity stack for connected medical devices: SBOMs, threat modeling, secure-by-design, vulnerability disclosure, and the FDA, IMDRF, and HSCC guidance that defines today's expectations.

43 terms

Regulatory1

Breakthrough Device Designation(BDD)

Cybersecurity39

AAMI SW96
AAMI TIR57
Common Vulnerabilities and Exposures(CVE)
Common Vulnerability Scoring System(CVSS)
Coordinated Vulnerability Disclosure(CVD)
Cryptographic Agility
CycloneDX
De-Identification of Health Data
Hardcoded Credentials
HIPAA(HIPAA)
HITECH Act(HITECH)
HSCC Joint Security Plan(HSCC JSP)
IEC 80001-1
IEC 81001-5-1
IMDRF Principles and Practices for Medical Device Cybersecurity
ISO/IEC 27001(ISO 27001)
Legacy Device Cybersecurity
Manufacturer Disclosure Statement for Medical Device Security(MDS2)
NIST Cybersecurity Framework(NIST CSF)
NIST SP 800-53 / 800-171(NIST 800-53/171)
Over-the-Air Updates(OTA)
OWASP IoT and Embedded Application Security
Patchability
Penetration Testing
PHI and ePHI
Premarket Cybersecurity Submission
Refuse to Accept (Cybersecurity)(RTA (cyber))
SAST and DAST
Section 524B of the FD&C Act(524B)
Secure Boot
Secure Product Development Framework(SPDF)
Side-Channel Attack
Software Bill of Materials(SBOM)
Software Safety Case
SPDX(SPDX)
STRIDE Threat Model(STRIDE)
Threat Modeling
Vulnerability Exploitability eXchange(VEX)
Zero Trust Architecture(ZTA)

Clinical & Trials1

Serious Adverse Event(SAE)

Software & AI2

Predetermined Maintenance vs PCCP
Secure-by-Design (Devices)

Other ecosystems

Regulated Pathways AI / ML in Devices Software Lifecycle Quality System Clinical Evidence Post-Market & Safety Global Markets Hospital Buyer & Reimbursement Startup Lifecycle Strategic Landscape Manufacturing & Supply