Due to rising cyber-attacks of medical facilities and hospitals, Cybersecurity is one of the most scrutinized part of FDA PMA and 510k submissions. Ensuring your device does not have cybersecurity vulnerabilities that may affect the safety, effectiveness, and security the device is a critical mandate of the CDRH as part of executive order 14028 to improve the Nation's Cybersecurity.

Understanding the FDA Premarket Cybersecurity requirements is a challenge.  Most medical device manufacturers do not have device cybersecurity experts with experience with FDA submissions. At Promenade Software, our team of over 25 software engineers includes cybersecurity specialists that can help. We have provided consultation services to dozens of companies to get through this hurdle.

Our templates and questionnaires will help you document your cybersecurity controls and illuminate weaknesses and vulnerabilities you might have in your system. We will assist you in your risk management file, helping you create a threat model and cybersecurity risk analysis. We will review your test plan to verify that you have covered the necessary verification requirements.

Below are components of the cybersecurity design history file:

• Design Features and Controls Documentation
• System Cybersecurity Diagram with interfaces and communications pathways
• Threat Modeling
• Cybersecurity Hazard Analysis
• Test plan and reports proving adequacy of cybersecurity controls
• CBOM and associated known vulnerability report