Quality Training

Cybersecurity for Medical Devices - UL2900

Objectives

This programme covers various aspects of medical device cybersecurity and will review the UL2900 standards that support evidence based assurance that medical device manufacturers have addressed cybersecurity in their processes and designs.

Over 3-day the expert cybersecurity analyst will cover UL2900-1 (focused On Network Connectable Devices) and UL2900-2-1 (focused On Connected Medical Devices) which aim to ensure manufacturers develop stronger cybersecurity competencies, improve on process, and secure products and systems.


Delivery:
The course material is delivered over 2 half-day virtual sessions, followed by a half-day Q&A session to embed the learning and discuss real world application.

• 15 Feb 2022 - 13:30 - 17:30 / Session 1 - Introduction to Security Concepts & the UL2900 Standard
• 16 Feb 2022 - 13:30 - 17:30 / Session 2 - Risk Controls, Risk Management & continuation of UL2900 Standard
• 17 Feb 2022 - 13:00 - 17:30 / Session 3 - Q&A

Content includes

Core Security Concepts

• Basic Risk Management Concepts
• Policy Decomposition
• Data Classification and Categorisation

UL 2900-2-1:

• Product Documentation
• Product Design Documentation
• Documentation for Product Use
• General
• Access Control, User Authentication and User Authorization
• Remote Communication
• Cryptography
• Product Management
• Vendor Product Risk Management Process
• Known Vulnerability Testing
• Malware Testing
• Malformed Input Testing (Fuzz Testing)
• Structured Penetration Testing
• Software Weakness Analysis
• Static Source Code Analysis
• Static Binary and Byte Code Analysis

Who should attend

Regulatory Professionals

• Software Developers
• Product Security Engineers
• System Engineers
• Product Managers
• Project Managers
• Product Test and Validation engineers

  Delivered By

  Kishore Sharma, Cyber Security Analyst with UL

  Upcoming dates:

  No training dates available at the moment.