Smart, Reliable, Secure and Compliant Medical Devices (Original)

How do you protect medical devices and monitor exposure to cybersecurity risks?

Can you accurately see and fix vulnerabilities affecting third-party software such open source components in your medical device products?

How do you ensure Software of Unknown Provenance (SOUP) is not putting your customers and their patients at risk?

How do you bring new products to market quickly and cost-effectively while meeting the latest security standards and compliance requirements?

security for medical devices;

Smart, Reliable, Secure and Compliant Medical Devices (Original)

How do you protect medical devices and monitor exposure to cybersecurity risks?

Can you accurately see and fix vulnerabilities affecting third-party software such open source components in your medical device products?

How do you ensure Software of Unknown Provenance (SOUP) is not putting your customers and their patients at risk?

How do you bring new products to market quickly and cost-effectively while meeting the latest security standards and compliance requirements?

Timesys Security Solutions help accelerate time-to-market for industry-leading medical devices running embedded Linux

Meet cybersecurity standards at product launch and keep products secure for their entire lifecycle

Timesys Vigiles security vulnerability SBOM scanner

Secure By Design solution integrating best practice security features

Boost security standard compliance by providing documentation on security design and features. Simplify meeting IEC 62304, FDA Premarket and Postmarket Security Guidance, and the new NEMA MDS2 Requirements

Provide more accurate and streamlined vulnerability (CVE) management with unique SCA features, optimized for embedded systems

Update & maintain security of your Linux OS/BSPs throughout the device lifecycle

Deliver new products to market on time and under budget with strong security

Timesys is the partner of choice for the industry’s leading Medical Device Manufacturers (MDMs). Our solutions and services enable you to rapidly develop products that meet the most demanding security requirements.

Medical device security is critical. A successful cybersecurity attack can put patients at risk, compromise health care outcomes and violate privacy laws. Health Delivery Organizations (HDOs) increasingly demand MDMs to meet strong cybersecurity requirements and maintain that security over time.

Gone are the days when an MDM could freeze a medical device’s software at product launch and never update it. Device connectivity is now the norm, and hundreds of new vulnerabilities are uncovered every week, putting devices and HDOs at risk of compromise.

Timesys offers development and security maintenance solutions that ensure your medical devices running embedded Linux are launched with the most secure software components and that they can be kept secure throughout their production lifecycles.

Secure By Design

Stay Secure

Timesys VigiShield Secure By Design Service

A custom Yocto security feature meta-layer developed by Timesys and delivered with supporting services to accelerate and simplify an MDM’s implementation of:

  • Secure boot and chain of trust
  • Encrypted storage
  • Secure firmware updates
  • Device security hardening: Bootloader, kernel and user space
  • Protected hardware ports: JTAG, serial
  • Secure world/trusted software development (e.g.: OP-TEE software)
  • Tamper protection
  • Key and certificate management
  • Industry security standard compliance

Timesys Vigiles Vulnerability Management Solution

Software-as-a-service toolset developed by Timesys to provide:

  • Embedded Linux security maintenance tools for your developers
  • Automatic generation of an accurate Software Bill of Materials (SBOM) for medical devices running embedded Linux
  • Accurate vulnerability detection with SBOM filtering
  • Integration with Yocto, Buildroot, Timesys Factory build systems
  • Accurate, curated meta-data on software components for higher rates of vulnerability identification and accuracy, with fewer false positives
  • Streamlined remediation of vulnerabilities with efficient collaboration

Linux OS/BSP Maintenance

Our turnkey Linux OS/BSP Maintenance service, bringing our team of embedded system software experts to manage all aspects of maintaining the OS of your embedded Linux BSPs. We take care of:

  • Monitoring and applying updates and patches, validating changes and providing you with reports on status
  • Maintaining the strongest security posture throughout device deployment
  • Providing you with ready-to-deploy platform updates

Streamline and simplify compliance with medical device security standards and regulations

  • FDA Guidance (FDA-2018-D-3443) for Premarket submissions, such as 510(k):
    • Cybersecurity measures during the design and development of medical devices
    • Identification of assets, threats, and vulnerabilities
    • Ensure trusted content by maintaining code, data, and execution integrity
    • Maintain confidentiality of data
  • FDA Guidance (FDA-2015-D-5105) for Postmarket Management of Cybersecurity:
    • Monitoring cybersecurity information sources
    • Monitoring third party software components for new vulnerabilities throughout the device’s total product lifecycle
    • Understanding, assessing and detecting presence and impact of a vulnerability
    • Validation for software updates and patches that are used to remediate vulnerabilities, including those related to off-the-shelf software
    • Deploying mitigations that address cybersecurity risk early and prior to exploitation

See how Timesys has helped MDMs bring products to market faster, with higher quality, and with stronger security

Case Study: Medical device manufacturer maintains strong product security with Timesys

A leading manufacturer of medical devices wanted to ensure its product line, which featured an NXP i.MX 6 processor based Advantech Qseven module, was kept updated, in sync and secure throughout its development and release. See how Timesys helped the company efficiently manage its product software security and updates throughout the product lifecycle.
View

down arrow

Timesys provides solutions to the “Top 30” MDMs, helping them build FDA Class I, II, and III devices for a broad array of medical needs. Timesys’ Software Engineering Services excel in addressing remote mobile access, networked devices, and integrated systems — from the BSP to the App and UI. Furthermore, Timesys’ Development Environment both directly and indirectly supports FDA certification requirements, which include: build repeatability, documentation, source origin, test reports based on automated regression testing, ongoing security vulnerability notification and patches, and OS maintenance.

Have a project you’d like to discuss?

Request Free Consultation