Smart, Reliable, Secure, and
Compliant Medical Devices

Start the Conversation

How do you protect medical devices and monitor exposure to cybersecurity risks?
Can you accurately see and fix vulnerabilities affecting third-party software such as open source components in your medical device products?
How do you ensure Software of Unknown Provenance (SOUP) is not putting your customers and their patients at risk?
How do you bring new products to market quickly and cost-effectively while meeting the latest security standards and compliance requirements?

Accelerate Time-to-Market for Industry-Leading
Medical Devices Running Embedded Linux

Meet cybersecurity standards at product launch and keep products secure for their entire lifecycle

Integrate best practice security features

Timesys’ VigiShield Secure by Design Services enable rapid development of mission-critical, secure components for embedded medical devices.

Timesys VigiShield Secure by Design services
Timesys Cybersecurity Solutions enable you to simplify meeting medical device cybersecurity standards

Boost security standard compliance

Simplify meeting IEC 62304, FDA Premarket and Postmarket Security Guidance, and the new NEMA MDS2 Requirements

Provide more accurate and streamlined vulnerability (CVE) management

Unique SCA features, optimized for embedded systems, providing more accurate and streamlined vulnerability (CVE) management and long term maintenance

Timesys Vigiles Vulnerability Monitoring and Management
Timesys Linux OS and BSP Maintenance service

Update & maintain security of your Linux OS/BSPs throughout the device lifecycle

Timesys’ embedded system Software Engineering Services enable rapid development of mission-critical, secure components for Industrial Control Systems, Industrial Internet of Things and Industrial Autonomous Control Systems

Deliver new products to market on time and
under budget with strong security

Timesys is the partner of choice for the industry’s leading Medical Device Manufacturers (MDMs). Our solutions and services enable you to rapidly develop products that meet the most demanding security requirements.

Medical device security is critical. A successful cybersecurity attack can put patients at risk, compromise health care outcomes and violate privacy laws. Health Delivery Organizations (HDOs) increasingly demand MDMs to meet strong cybersecurity requirements and maintain that security over time.

Gone are the days when an MDM could freeze a medical device’s software at product launch and never update it. Device connectivity is now the norm, and hundreds of new vulnerabilities are uncovered every week, putting devices and HDOs at risk of compromise.

Timesys offers development and security maintenance solutions that ensure your medical devices running embedded Linux are launched with the most secure software components and that they can be kept secure throughout their production lifecycles.

Streamline and simplify compliance with medical device security standards and regulations

FDA Guidance (FDA-2018-D-3443) for Premarket submissions, such as 510(k):

  • Cybersecurity measures during the design and development of medical devices
  • Identification of assets, threats, and vulnerabilities
  • Ensure trusted content by maintaining code, data, and execution integrity
  • Maintain confidentiality of data

FDA Guidance (FDA-2015-D-5105) for Postmarket Management of Cybersecurity:

  • Monitoring cybersecurity information sources
  • Monitoring third party software components for new vulnerabilities throughout the device’s total product lifecycle
  • Understanding, assessing and detecting presence and impact of a vulnerability
  • Validation for software updates and patches that are used to remediate vulnerabilities, including those related to off-the-shelf software
  • Deploying mitigations that address cybersecurity risk early and prior to exploitation

NEMA Requirements for Manufacturer Disclosure Statement for Medical Device Security:

  • Generate a Software Bill of Materials (SBOM) and provide a process to update it as specified in MDS2
  • Implement device hardening, security updates, remote updates, security of third-party components and other cybersecurity controls specified in MDS2

IEC 62304: Software Life Cycle Processes

  • Processes for managing medical device software risks, maintenance and trouble resolution
  • Identify and manage cybersecurity risks for Software of Unknown Provenance (SOUP)

Secure By Design

Vigishield Secure By Design Services

A custom Yocto security feature meta-layer developed by Timesys and delivered with supporting services to accelerate and simplify an MDM’s implementation of:

  • Secure boot and chain of trust
  • Encrypted storage
  • Secure firmware updates
  • Device security hardening: Bootloader, kernel and user space
  • Protected hardware ports: JTAG, serial
  • Secure world/trusted software development (e.g.: OP-TEE software)
  • Tamper protection
  • Key and certificate management
  • Industry security standard compliance

Stay Secure

Vigiles Vulnerability Management Solution

Software-as-a-service toolset developed by Timesys to provide:

  • Embedded Linux security maintenance tools for your developers
  • Automatic generation of an accurate Software Bill of Materials (SBOM) for medical devices running embedded Linux
  • Accurate vulnerability detection with SBOM filtering
  • Integration with Yocto, Buildroot, Timesys Factory build systems
  • Accurate, curated meta-data on software components for higher rates of vulnerability identification and accuracy, with fewer false positives
  • Streamlined remediation of vulnerabilities with efficient collaboration

Linux OS and BSP Maintenance

Our turnkey BSP Lifecycle Maintenance Service bringing our team of embedded system software experts to manage all aspects of maintaining the OS of your embedded Linux BSPs. We take care of:

  • Monitoring and applying updates and patches, validating changes and providing you with reports on status
  • Maintaining the strongest security posture throughout device deployment
  • Providing you with ready-to-deploy platform updates

See how Timesys has helped MDMs bring products to market faster, with higher quality, and with stronger security

BSP maintenance for medical device

Medical device maker maintains strong product security with Timesys

A leading MDM wanted to ensure its product line, which featured an NXP i.MX 6 processor based Advantech Qseven module, was kept updated, in sync and secure throughout its development and release. See how Timesys helped the company efficiently manage its product software security and updates throughout the product lifecycle.

Read the Case Study

Timesys provides solutions to the “Top 30” MDMs, helping them build FDA Class I, II, and III devices for a broad array of medical needs. Timesys’ Software Engineering Services excel in addressing remote mobile access, networked devices, and integrated systems — from the BSP to the App and UI. Furthermore, Timesys’ Development Environment both directly and indirectly supports FDA certification requirements, which include: build repeatability, documentation, source origin, test reports based on automated regression testing, ongoing security vulnerability notification and patches, and OS maintenance.


Start the Conversation

Stop worrying about how you are going to find the engineering time and in-house expertise to give your product the professional architecture and security attention it needs.