Skip to Main Content
Device Security
graphic representation of cybersecurity

How (and When) to Integrate Cybersecurity into Med Device Design

Posted by Battelle Insider on Jul 10, 2017

Connected medical devices offer many advantages to both patients and health professionals – but they also present several challenges for device manufacturers. 

As our devices connect to other devices, software ecosystems, networks or the internet at large, the risks of malware and ransomware attacks increase significantly. That’s a serious problem — hacked medical devices endanger patient lives, compromise business plans and destroy profitability. 

With threats looming large, many hospital purchasing agents now write cybersecurity requirements into purchasing contracts and expect written documentation of the cybersecurity plan. This rapid shift has leaders at many medical device companies learning how to adapt on the fly. 

Many find themselves asking: when is the right time, or the ideal time, to bring cybersecurity considerations into our product development process?

The answer? All the time. 

Here’s when (and how) to involve cybersecurity considerations and measures at key milestones in the product development lifecycle. 

Create a Security-Minded Culture on Your Team

This is something you can, and should, do outside of a specific project. Security must be something the whole team is thinking about all the time. 

One impactful way to do this is to shift the mindset amongst your engineers and designers. Lead them to operate under the assumption that the device they’ll be creating will be placed within a hostile environment, exposed to attacks regularly, from proficient hackers with advanced skills. 

This challenge may help them to think critically and differently about their plans. 

Before Design, Identify Potential Emerging Threats

Market research is a common step that happens early on during any product development process – but often, security measures are not a part of this analysis. 

Have your team, or a cybersecurity expert, conduct research and analysis to understand the current and emerging threats that may pose danger to the type of product that you are creating.  

Integrate a Threat Profile During Product Design

During the design process, develop a device-specific threat assessment that characterizes, models and measures threats specific to your device.  
Threat profiling involves defining and ranking potential cybersecurity threats based on the physical and software attributes of the device. Risks can be rated on a one-to-ten scale based on the probability and potential consequences of each potential threat, including cyber harm and patient harm.

You should profile the following components of your device:

  • Points of connection
  • Operating systems
  • Methods for updating code
  • Data storage method
  • Data transmission
Creating a threat assessment will empower your team to make design decisions that minimize security risks, rather than increase exposure to threats. For example, your team may be thinking of utilizing Bluetooth as a means to transmit data. However, your profile reveals that transmitting data via Bluetooth has a specific set of known risks for data integrity and privacy – taking your team back to the engineering table to determine an alternative solution.

Don’t have the skillset to do this in-house? Many don’t. Cybersecurity experts can help define the unique threat profile for the device early in the design process based on your device requirements. 

Conduct a Vulnerability Assessment at the Prototype Stage

Once you have a prototype of your medical device, it’s time to introduce vulnerability testing. This type of testing is important to build a risk management analysis of the hardware and software vulnerabilities that may exist on your device. 

The tests to run on your device may include: 
  • Penetration Testing: where security experts try to break into your device
  • Fuzz Testing: flooding a device with massive amounts of mutated data to uncover the potential for abnormal behavior, crashes, or data corruption.
Why do this now? Catching these weaknesses or vulnerabilities early on will prevent a failure that suspends FDA approval or purchase from a prospective customer. 

Have a Plan in Place for Updating the Device After Market Release

It’s also critical to have a documented plan in place for updating your device beyond market release. 

This plan should identify how the device will be updated as new security threats are identified, or as the software ecosystem surrounding the device changes. For example, an update to an operating system or browser on a computer that connects to a genetic sequencer may necessitate updates to the code of the sequencer itself. Newly discovered viruses may also drive software updates. 

Developers must have a plan to make security updates securely, without opening up new vulnerabilities.

Moving Beyond Best Practices

No device is ever 100% secure, but medical device developers who integrate cybersecurity throughout their development process will be well prepared to address and mitigate potential data security risks. 

A comprehensive approach to cybersecurity will go a long way towards protecting the privacy and integrity of patient data, building trust among your device users and buyers, and reducing liabilities.