Intertech Engineering Associates, Inc.

Medical Device Cyber Security

Vulnerability Assessment, Cyber Security Risk Management, FDA Cyber Security Pre-Market and Post-Market Guidance Support

Intertech Engineering Associates, Inc have exclusively focused on the design, development, verification and validation of medical devices and equipment for over 30 years. We have combined that experience with our deep knowledge of safety critical software to develop a comprehensive response to the need for medical device Cyber Security. Unlike traditional security experts we understand connected embedded software and the best approaches to identifying risks and vulnerabilities at the device level. Further, we understand the unique risks for lapses in security in a medical environment, and appreciate the regulatory guidelines and constraints aimed at controlling those risks.

Vulnerability Assessment

Using our expertise of medical device software we have developed a defined process and suite of tools to challenge both connected and standalone devices for potential Cyber Security vulnerabilities. The framework of our process and tools is adaptable to the specific device use and connectivity modes. The assessment identifies the nature of the vulnerabilities, documents how the vulnerabilities were identified, and provides an assessment of potential impact on the device. This can be coupled with our Cyber Security risk management process to provide a comprehensive Cyber Security risk profile.

Cyber Security Risk Management

Assessing the risk and developing a response to Cyber Security vulnerabilities requires a structured and comprehensive approach. Intertech has extensive experience with medical device risk management and is an industry leader in software risk assessment. We have integrated this with our understanding of Cyber Security and software to develop a solution for medical device Cyber Security risk management. We assist with the end to end risk management process or can support your in-house team for all, or part of the process.

Pre and Post Market FDA Cyber Security Guidance Support

We apply our extensive experience with helping companies navigate complying with the FDA guidance’s on Cyber Security and other documents and standards, such as AAMI-TIR57, NIST Cyber Security Framework and UL-2900.

Defined pre-market approaches support:

  • Development of Cyber Security controls, design approach and planning
  • Assessing and addressing Cyber Security during the development process
  • Design stage vulnerability assessment, and requirements development
  • Off the shelf software Cyber Security assessment and validation
  • Cyber Security risk management, planning and assessment
  • Cyber Security risk mitigation approaches
  • Cyber Security mitigation testing and formal verification

Post Market assistance with:

  • On market product Cyber Security assessment, using Intertech’s defined framework to establish Common Vulnerability Scoring
  • On market product Cyber Security risk management, using a risk based approach to define necessary actions.
  • Development of Cyber Security management plan
  • Development and validation of Cyber Security enhancements
  • Identification of Cyber Security compensating controls, software or hardware
  • Management of on market product Cyber Security