Case Study Details

  • Home
  • Device FDA Submission

Case Study Information

  • Project Name: Device FDA Submission
  • Service: Regulatory Submission & Go to Market Support
  • Client: Private
  • Complete Date: 2020

Performed key cybersecurity activities in preparation for a US FDA submission, for a medical device and medical device data system.

This project was required to support the regulatory submission and approval of a medical device and medical device data systems, as US FDA requires various cybersecurity activities during a submission.

Device FDA Submission

The project involved the following:
  • Executing a threat model workshop with key internal stakeholders, which involved a whiteboarding session to document the architecture and overlay threats and areas to protect (assets)
  • Developing architecture and data flow diagrams
  • Documenting the threat model
  • Documenting cybersecurity design input and system level requirements, based on the architecture and key attributes of the solution
  • Reviewing static application security testing and software composition analysis test results and supporting the development teams on items requiring remediation
  • Performing a product security risk assessment on all identified gaps, utilizing the Common Vulnerability Scoring System (CVSS)
  • Supported the preparation of the regulatory submission package to the US FDA