- May 18-19, 2017
04:00 AM - 01:00 AM EDT
The Food and Drug Administration (FDA), in association with National Science Foundation (NSF) and Department of Homeland Security, Science and Technology (DHS, S&T) announced the following public workshop entitled “Cybersecurity of Medical Devices: A Regulatory Science Gap Analysis.” The purpose of this workshop was to examine opportunities for FDA engagement with new and ongoing research, catalyze collaboration among Health Care and Public Health (HPH), stakeholders to identify regulatory science challenges, discuss innovative strategies to address those challenges, and encourage proactive development of analytical tools, processes, and best practices by the stakeholder community to strengthen medical device cybersecurity.
- Date, Time and Location
- Federal Register Notice
- Additional Information
- Contact Us
This meeting was held May 18-19, 2017, beginning at 8:00 am - 5:00 pm at the following location:
FDA White Oak Campus
10903 New Hampshire Avenue
Bldg. 31, Room 1503
Silver Spring, MD, 20993
Regulatory Science is defined as the science of developing new tools, standards, and approaches to assess the safety, efficacy, quality, and performance of all FDA-regulated products. At the Center for Devices and Radiological Health (CDRH), regulatory science serves to accelerate improving the safety, effectiveness, performance and quality of medical devices and radiation-emitting products, and to facilitate innovative medical devices into the marketplace. The Regulatory Science Subcommittee of the CDRH Center Science Council assessed and prioritized the regulatory science gaps for medical devices based on input from CDRH Offices. Cybersecurity of medical devices was identified as one of the top ten regulatory science gaps. These new regulatory science tools, technologies, and approaches form the bridge to critical advances in public health.
FDA, NSF and DHS, S&T are therefore seeking input to create a framework to address the cybersecurity regulatory science gaps. The scope and nature of this cybersecurity regulatory science research framework is designed to be broad to foster collaboration across all interested stakeholders. The domain is defined by the intersection of safety and security in the design and evolution of medical devices. The objective of the workshop is to facilitate a discussion on the current state of regulatory science in the field of cybersecurity of medical devices, with a focus on patient safety.
The framework may include collaborative research conducted between federal agencies such as NSF, DHS, S&T, academia, medical device industry, and third party experts and other organizations with input from FDA. The collaborative research may include one or more of the following settings.
(a) Intramural cybersecurity research conducted within FDA;
(b) Extramural cybersecurity research in collaboration with other federal agencies (e.g., DHS, S&T); and
(c) Collaborative long term cybersecurity research conducted among federal agencies, NSF, academia, medical device industry, and third party experts and organizations.
- Preliminary Agenda for May 18-19 (PDF - 269KB)
- NSF & Medical Device Security/Privacy: Driving Future Research, Jeremy Epstein, MS
- Welcoming Remarks DHS, Daniel Massey, PhD
- Relationship Between Security, Patient Safety, and Usability, Pat Baird MS, MBA
- Ruminations on Challenges in Securing Medical Devices, Ken Hoyme, MSEE
- Using CVSS in Medical Device Security Risk Assessment, Penny Chase, MS and Steve Christey Coley, BS
- Building Cybersecurity Programs for Healthcare Technology: Our Only Security is Our Ability To Change, Rob Suarez, MS
- Even in Theory, Getting Medical Device Security Right is Difficult, Todd Carpenter, BS
- Security “Hygiene” for the Medical Industry, Anura Fernando, MSE
Please be advised that as soon as a transcript of the plenary session portion of the public workshop is available, it will be accessible at http://www.regulations.gov. It may be viewed at the Division of Dockets Management.
Dinesh Patwardhan, Ph.D., Food and Drug Administration, Center for Devices and Radiological Health, Food and Drug Administration, 10903 New Hampshire Ave, Bldg. 64 rm. 4076, Silver Spring MD 20993, email: email@example.com