Overview

Medical Device Cybersecurity for Engineers and Manufacturers, Second Edition removes the mystery from cybersecurity engineering and regulatory processes and practices, showing medical device manufacturers how to produce and maintain devices that meet evolving regulatory expectations and reduce cybersecurity risks to business and patients. It represents a complete guide for medical device manufacturers seeking to implement lifecycle processes that secure their premarket and postmarket activities.   This step-by-step guide educates manufacturers about the implementation of security best practices in accordance with industry standards and expectations, advising the reader about everything from high-level concepts to real-world solutions and tools. It focuses on the security aspects of every lifecycle phase of the product, including concept, design, implementation, supply chain, manufacturing, postmarket maintenance, and end of life. It details the practices, processes, and outputs necessary to create a secure medical device capable of gaining regulatory approval and meeting market entry requirements.   Reflecting rapid industry developments, regulatory changes, and technology advances, this new edition equips manufacturers with the knowledge to produce secure products that meet regulatory and market requirements while anticipating threats from sophisticated cyber adversaries. It's an indispensable resource for a wide range of professionals involved in medical device manufacturing, including engineering management, software/firmware engineers, business managers, regulatory professionals, contract manufacturers, FDA regulators, product/project managers, sales and marketing teams, and healthcare delivery organizations.

Full Product Details

Author:   Axel Wirth ,  Christopher Gates ,  Jason Smith
Publisher:   Artech House Publishers
Imprint:   Artech House Publishers
Edition:   2nd Unabridged edition
ISBN:  

9781630819910

ISBN 10:   1630819913
Pages:   410
Publication Date:   31 October 2024
Audience:   Professional and scholarly ,  Professional & Vocational
Format:   Hardback
Publisher's Status:   Active
Availability:   In Print  
This item will be ordered in for you from one of our suppliers. Upon receipt, we will promptly dispatch it out to you. For in store availability, please contact us.

Table of Contents

Foreword   1. Why Secure Medical Devices? 1.1. Why a 2nd Edition?   2. Establishing Cybersecurity Focus Within the MDM 2.1. Security Governance 2.2. Building a Security-Capable Organization 2.3. Security and Lifecycle Management – High-level Overview 2.4. Communicating Cybersecurity Needs, Costs, and Risks to Senior Leadership 2.5. Organizational Roles and Responsibilities 2.6. Regular Review of Security Maturity   3. Global Regulations and Standards 3.1. Regulatory Expectations in Major Markets 3.2. Consensus Standards 3.3. Harmonization and Alignment   4. Use Environments 4.1. Hospitals 4.2. Clinics, Doctors’ Offices, and Labs 4.3. Home Health Care 4.4. Military 4.5. Unregulated Environments   5. Supply Chain Management 5.1. Upstream Supply Chain Management 5.2 Security Criteria for Approved Supplier Lists 5.3 SBOM 5.4 Build Integrity and Attestation 5.5 Downstream Supply Chain Management 5.6 The Impact of Endemic Vulnerabilities   6. Secure Development and Production for Medical Device Manufacturers 6.1. Introduction 6.2. Secure Lifecycle Diagram Overview 6.3. Threats vs. Vulnerabilities 6.4. Securing Development Environments and Activities 6.5. Concept Phase 6.6. Planning Phase 6.7. Requirements Phase 6.8. Design Phase 6.9. Implementation Phase 6.10. Verification & Validation 6.11. Release Phase / Transfer to Production 6.12. Production   7. Documentation and Artifacts 7.1. Overview of Secure Development Deliverables 7.2 System Security Plan 7.3 Design Vulnerability Assessments 7.4 System Security Architecture 7.5. Interface Control Documents 7.6 Testing Reports 7.7 Software Bill of Materials (SBOM) 7.8 System Security Report 7.9 Labeling 7.10 Marketing and Sales Supporting Materials   8. Postmarket Vulnerability Management 8.1. Understanding FDA Expectations 8.2. Postmarket Surveillance 8.3. Updating Devices in the Field 8.4. Product Recalls 8.5. Managing End of Support (EOS) and End of Life (EOL)   9. Incident Response & Communications 9.1. Cybersecurity in Postmarket - Continuing Product Support 9.2. Incident Response 9.3. Communications 9.4. Communicating Cybersecurity Risks to Patients   10. Device Security Lifecycle for Healthcare Delivery Organizations 10.1 Pre-Procurement 10.2 Procurement 10.3 Deployment 10.4 Operations 10.5 Decommissioning 10.6 Special Scenarios   11. Aspects of IT Security in Medical Device Systems 11.1 Endpoint Security 11.2 Securing Communication Mediums 11.3 Hardware and Physical Interface Security 11.4. Hardening Common Operating Systems and Other Commercial Software 11.5. Utilizing Smart Phones and Other Off-the-Shelf or “Bring-Your-Own” Devices in Medical Device Systems 11.6. Smartphone Security 11.7. Software as a Medical Device (SaaMD) 11.8. Multifunction Products 11.9. Network Security 11.10 Chapter Conclusion: How are MDMs Making Use of These Technologies?   12. Applying Cryptography to Medical Device Systems 12.1 Overview of Cryptographic Concepts 12.2 Practical Implications and Applications of Cryptography Concepts   13. Cybersecurity Failures   14. Common Myths & Excuses   15. Appendices 15.1. Afterword to the 2nd Edition 15.2. Resources 15.3. Glossary 15.4.Index 15.5. Authors and Contributors

Reviews

Author Information

Axel Wirth holds a Master of Science in Engineering Management from Tufts University and a Bachelor of Science in Electrical, Electronics, and Communications Engineering from Düsseldorf University of Applied Sciences.

Tab Content 6

Author Website:  

Countries Available

All regions