FDA Medical Device Cybersecurity Consulting Services

When it comes to the cybersecurity of medical devices, the ultimate stakeholders are the patients. It is critically important they have confidence in the amazing new innovations and technologies becoming widely available.  It is a must that these technologies are cyber-secure.

The new FDA cybersecurity mandates are changing the landscape for medical device manufacturers. Cybersecurity is no longer a nice to have. The FDA will refuse to accept 510(k) submissions that don’t meet their new guidelines for cybersecurity.

Cybersecurity for medical devices requires the implementation of key security features with a foundation in a hardware-based root of trust.  BG Networks provides cybersecurity workshops, security assessments, design services, automation tools, and penetration testing solutions to ensure the security of your device and to enable compliance with FDA cybersecurity mandates. Services include:

  • Security assessments to define requirements based on FDA mandates
  • Cybersecurity workshops to provide training and a detailed understanding of FDA mandates
  • Automation tools to implement security features that take advantage of hardware-based security capabilities
  • Software testing & penetration testing
  • Post-development secure key management and software updates

In March 2023, the FDA updated their Refuse to Accept Policy for Cyber Devices. We can help ensure that your implementation addresses the most recent FDA requirements. For more information on the FDA mandates, see our FDA Medical Device Cybersecurity Requirements: New Mandate & Enforcement Schedule blog.

Medical Collage2 Medical Collage2

Risks – Threats – Vulnerabilities

BG Networks provides risk assessments based on FDA Cybersecurity Guidance. Risk assessments address security needs based on device capability and are used to provide specific recommendations to address the unique risks of the individual device.

We can provide a top-down STRIDE-based set of threat scenarios or a bottom-up vulnerability analysis. In a vulnerability analysis, what we will look for includes:

GENERAL VULNERABILITIES

  • Buffer overflow
  • Code injection
  • Denial of service
  • Exploitation of of CVEs
  • Incorrect default permissions
  • Improper access control
  • Improper authentication
  • Improper input validation
  • Man-in-the-middle attacks
  • Use of hard coded credentials
  • Weak cryptographic implementations
  • Software version roll back
  • Improper key and software management
  • Introduction of vulnerabilities from 3rd party devices

SPECIFIC VULNERABILITIES

  • Unauthenticated code executed after boot
  • Debug ports not closed ( JTAG, USB, UART )
  • Processor misconfiguration opening a debug port
  • Unencrypted code in flash dumped reverse engineered
  • Unencrypted software update leads to plain text code listing
  • Hard-coded keys in source code used to decrypt user certificates
  • Unused and unprotected RAM
  • Kicking the watch dog
  • Abuse of diagnostic management features
  • Fixing vulnerabilities throughout the chain of distribution
  • Abuse of diagnostic management features
  • Safety critical messages that are not authenticated
  • Direct interfaces between wireless and safety critical ECUs
  • Manipulation sensors signals for autonomous vehicle control

From Cybersecurity Goals to Development to Test

Once the risk assessment is completed, we will help with the setting of cybersecurity goals, defining the cybersecurity concept, and refining the requirements. At that point we will have the understanding needed to implement cybersecurity controls in software.

We have a focus on the implementation of cybersecurity in resource constrained embedded processors. The building blocks of cybersecurity include secure boot, secure software updates, secure passwords, authentication, and secure communications which we will implement utilizing secure features built into the microprocessor. Code written will be compliant to MISRA C guidelines.

We’ll also provide testing for the code we have written, including static code analysis, coverage testing, interface testing, and resource usage evaluation. To improve efficiency and coverage, an automated test environment is available.

Post-Development Secure Key Management and Software Updates

BG Networks offers post-development consulting services for secure key management and software updates. In terms of key management, we specialize in helping organizations deploy solutions for cryptographic key generation and distribution, manage private Certificate Authorities (CA), and deploy large scale symmetric and asymmetric key management. For code signing and software protection we’ll help identify and set up the right controls to keep code secure, to create centrally managed workflows to ensure the correct code is signed/encrypted, and to deploy solutions for code signing with Hardware Security Module (HSM)-based encryption.

We have partnered with Mendor.io to support over the air software updates to enable postmarket updates and patches to mitigate any software vulnerabilities discovered after a device has been deployed.