Safety and Security Processes for Medical Device Software
Dr Fergal Mc Caffery
Director of the Regulated Software Research Centre in Dundalk Institute of Technology
Doctoral Researcher in the Regulated Software Research Group at Dundalk Institute of Technology
Given the complexity of modern day medical devices, it is important to ensure the safety and security of such devices. Failure of a medical device could result in potential harm to people. It is therefore important that medical device software is developed in line with regulatory standards and guidelines. The integration of medical devices, mobile medical apps and the prevalence of the IoT in the healthcare industry means sensitive health data flows across various applications, technologies and networks including public and open networks. This change in data flow exposes health data to greater attack surfaces and cyber-attacks are becoming a much larger threat as this is a vulnerability that cybercriminals identify and are actively exploiting. There is limited guidance for developers in the medical device, mobile medical app and IoT health domain on how to apply information security through implementing regulatory driven security controls into the development process, that address the security requirement to keep health data in flow secure.
This presentation discusses a safety and security framework that could be implemented when developing software for the safety critical medical device domain.