Meeting FDA Cybersecurity Requirements with Medcrypt Guardian & RTI Connext

‍By Akkshaj Singh, RTI and Felix Adusei and Om Mahida, Medcrypt

In today’s rapidly evolving healthcare landscape, the integration of modern medical devices with advanced connectivity features and artificial intelligence (AI) capabilities has become essential. However, this interconnectedness introduces new risks and vulnerabilities, making medical devices prime targets for cyberattacks. The consequences of such attacks extend beyond immediate patient safety concerns, posing significant business risks that include regulatory non-compliance, reputational damage, and potential legal liabilities.

FDA’s Cybersecurity Enforcement

In 2023, the PATCH Act amended the Food, Drug & Cosmetic Act (FD&C), granting the FDA explicit legal authority to enforce cybersecurity requirements for medical devices. In October 2023, the FDA began actively enforcing new cybersecurity regulations, issuing Additional Information Needed Notices (AINN) to Medical Device Manufacturers (MDMs) failing to meet required security standards.

Key points of FDA enforcement include:

1. Secure by Design: Cybersecurity must be a core consideration from the beginning of device development. Cybersecurity controls should address the needs of secure interoperability for safe and effective data exchange.
2. Comprehensive Security Controls: Manufacturers must implement robust security controls, focusing on four critical areas:

• Authentication: Ensuring only authorized users and devices can access the system.
• Authorization: Defining and enforcing appropriate access levels.
• Confidentiality: Protecting sensitive data from unauthorized disclosure.
• Integrity: Ensuring data and system functions remain unaltered and trustworthy.

There are an average of fifteen cybersecurity-related concerns per letter in deficiency letters addressing cybersecurity issues, as reported by the FDA. This high number indicates that many manufacturers are struggling to meet the FDA’s cybersecurity requirements across multiple aspects of their device development and security implementation processes.

Navigating Cybersecurity Requirements

The FDA’s guidelines emphasize the importance of a security architecture that incorporates cybersecurity risks and controls throughout the device’s lifecycle.

Key elements include:

• Establishing security objectives: authentication, authorization, confidentiality, and integrity, and applying the principles of least privileges
• Ensuring devices can be updated as new threats emerge
• Implementing a Secure Product Development Framework (SPDF)
• Implementing strong encryption for data both in transit and at rest

Common technical challenges include:

• Developing comprehensive threat models across interfaces, use cases, and operational states
• Establishing a root-of-trust to secure the device’s foundation
• Implementing best practices for encryption and access controls
• Ensuring robust authentication and authorization mechanisms

The Medcrypt and RTI Solution

Medcrypt’s Guardian works side-by-side with RTI Connext’s Security Extensions to provide a comprehensive solution (Figure 1). This integrated solution ensures that medical device manufacturers can effectively secure their devices and meet FDA requirements, potentially avoiding the numerous deficiencies that many are currently facing. With this integrated approach, you can:

1. Provision unique keys & certificates for devices in manufacturing and in the field, supporting strong authentication and authorization controls
2. Protect data in transit and at rest through robust encryption and authentication, addressing the FDA’s concerns about data confidentiality and integrity
3. Monitor all security-related activities, providing ongoing visibility and control to maintain the integrity of your devices and systems

By leveraging the combined expertise of Medcrypt and RTI, medical device manufacturers can navigate the complex landscape of cybersecurity regulations, mitigate business risks, and focus on what they do best: innovating to improve patient care. Our solution is designed to help you address potential deficiencies before they become issues, streamlining your path to FDA approval and as well as global market access.

Medcrypt Guardian Overview

The Medcrypt device security suite consists of Medcrypt Guardian’s library and cloud infrastructure. The combination of these two facilitate scalable device provisioning workflows and Public Key Infrastructure (PKI) operations. Together, they play an important role in establishing a device’s cryptographic identity to enable trust, authentication, data security, and secure communication between devices and any other system that is either connected or disconnected from the network.

Medcrypt Guardian

Guardian has a software library which offers an easy-to-use API for asymmetric key generation and identity provisioning. The library achieves this by parsing a secure configuration profile and subsequently producing a request for certificates to be generated by the cloud component of Guardian.

Once the request has been processed by the cloud infrastructure, the certificates generated are returned back to the device where they, along with the previously generated keys, can be used for cryptographic functions such as signing and encrypting data for device authentication and transport security. The Guardian Library is designed with portability, flexibility, and modularity at its core. Bindings are available for several languages including C++, C, C#, and Java. In some cases, custom bindings can be developed for customers after consultation.

Medcrypt’s cloud-based platform can service requests directly from devices, enrolling them into the appropriate trust hierarchies and generating device certificates. The configuration-driven Provisioning Workflow System (PWS) allows medical device manufacturers to comply with industry best practices concerning PKI and zero-trust, without the concern of managing a complicated and costly backend infrastructure.

Once a device has successfully provisioned using Guardian, it can then use its trusted keys to:

• Establish secure inter-device connections (East-West).
• Establish secure connections with servers, including cloud servers (North-South).
• Sign and verify critical data payloads, etc.
• Regenerate its keys and certificates via reprovisioning while maintaining its unique identity.

One of the key benefits of Guardian is devices can be provisioned whether they have connectivity, or are totally disconnected from the outside world, meeting the constraints often faced in the healthcare industry.

RTI Connext: Data-Centric Security

Connectivity is at the core of new data-driven technologies that are transforming surgical robotics, patient monitoring, critical care, and medical imaging. The world’s leading MedTech companies rely on RTI for secure, reliable, and real-time data sharing across their distributed applications, devices and networks.

RTI Connext® provides a standards-based, proven software connectivity framework for securing communication interfaces, independent of network location or transport. It enables zero-trust security for data in motion to support next-generation surgical and integrated digital healthcare solutions.

RTI Connext Security Extensions enable “least privilege” access to data in motion, independent of transport or network location. Because the communication framework is “data-aware” by design, data is only shared on a need-to-know basis with authorized applications. This data-centric, decentralized architecture requires no central brokers and provides data isolation-enabling features for flexible, secure and reliable architecture.

Connext enables fine-grained configurability of security controls to be applied to data in motion. Built-in control plug-ins include authentication, cryptography, access control, data tagging and security logging to create a “zero trust” environment. “Deny-by-default” permissions may be established based on the data and use case, and optimized for system performance across internal and external communication interfaces (Figure 2).

The need for this level of control is essential to incorporate cybersecurity considerations for complex data sharing across interfaces and interoperable functionality. This capability is specifically called out in the latest FDA premarket guidance. Connext simplifies the configuration of advanced security controls and enables resilient and scalable security architectures as product features and integration requirements evolve.

RTI Connext Security Extensions are able to take advantage of keys and certificates provisioned by Guardian in order to protect data in transit, either between devices or between separate applications running on the same device. The Connext framework goes beyond basic authentication and encryption to provide highly configurable access control and built-in logging to most security information and event management (SIEM) platforms.

Summary

Ensuring the cybersecurity of modern medical devices is a complex but critical task that demands a proactive, security-first approach. The latest FDA guidelines provide a structured framework for manufacturers, offering a clear path forward. However, implementing these standards requires more than just compliance; it requires a deep understanding of both the technology and the evolving threat landscape. By integrating robust security measures throughout the design, development, and lifecycle of medical devices, companies can not only meet regulatory requirements but also safeguard patient safety and data in an increasingly connected world. Medcrypt and RTI offer a proven, integrated solution to streamline and fortify security to meet these requirements, ensuring comprehensive medical device security across product lifecycles.

Ready to enhance your device security?

Address cybersecurity deficiencies before they become an issue. Visit Medcrypt’s Guardian page to learn more and start a demo.

To learn more about RTI, visit our healthcare page, or download a trial version to Connext.

‍