Login   |   1.866.392.4897 |   sales@timesys.com        English Japanese German French Korean Chinese (Simplified) Chinese (Traditional)

Timesys is an Advantech Partner

Smart, Reliable, Secure and Compliant Medical Devices

How do you protect medical devices and monitor exposure to cybersecurity risks?

Can you accurately see and fix vulnerabilities affecting third-party software such open source components in your medical device products?

How do you ensure Software of Unknown Provenance (SOUP) is not putting your customers and their patients at risk?

How do you bring new products to market quickly and cost-effectively while meeting the latest security standards and compliance requirements?

security for medical devices;

Timesys is an Advantech Partner

Smart, Reliable, Secure and Compliant Medical Devices

How do you protect medical devices and monitor exposure to cybersecurity risks?

Can you accurately see and fix vulnerabilities affecting third-party software such open source components in your medical device products?

How do you ensure Software of Unknown Provenance (SOUP) is not putting your customers and their patients at risk?

How do you bring new products to market quickly and cost-effectively while meeting the latest security standards and compliance requirements?

Timesys Security Solutions help accelerate time-to-market for industry-leading medical devices running embedded Linux

Meet cybersecurity standards at product launch and keep products secure for their entire lifecycle

Timesys Vigiles security vulnerability SBOM scanner

Integrate best practice security features with Secure By Design solution

Boost security standard compliance by providing documentation on security design and features. Simplify meeting IEC 62304, FDA Premarket and Postmarket Security Guidance, and the new NEMA MDS2 Requirements

Provide more accurate and streamlined vulnerability (CVE) management with unique SCA features, optimized for embedded systems

Update & maintain security of your Linux OS/BSPs throughout the device lifecycle

Deliver new products to market on time and under budget with strong security

Timesys is the partner of choice for the industry’s leading Medical Device Manufacturers (MDMs). Our solutions and services enable you to rapidly develop products that meet the most demanding security requirements.

Medical device security is critical. A cybersecurity breach can put patients at risk, compromise health care outcomes and violate privacy laws. Health Delivery Organizations (HDOs) increasingly demand MDMs to meet strong cybersecurity requirements and maintain that security over time.

Gone are the days when an MDM could freeze a medical device’s software at product launch and never update it. Device connectivity is now the norm, and hundreds of new vulnerabilities are uncovered every week, putting devices and HDOs at risk of compromise.

Timesys offers development and security maintenance solutions that ensure your medical devices running embedded Linux are launched with the most secure software components and that they can be kept secure throughout their product lifecycle.

To learn how Timesys can help you Get to market faster with streamlined cybersecurity compliance assistance, read our “More Secure, Compliant Medical Devices using Advantech Platforms with Timesys Security Solutions” Solution Brief. To start tracking and filtering vulnerabilities for your medical device, get started using Vigiles for free today.

Secure By Design

Stay Secure

Timesys VigiShield Secure By Design Service

A custom Yocto security feature meta-layer developed by Timesys and delivered with supporting services to accelerate and simplify an MDM’s implementation of:

  • Secure boot and chain of trust
  • Encrypted storage
  • Secure firmware updates
  • Device security hardening: Bootloader, kernel and user space
  • Protected hardware ports: JTAG, serial
  • Secure world/trusted software development (e.g.: OP-TEE software)
  • Tamper protection
  • Key and certificate management
  • Industry security standard compliance

Timesys Vigiles Vulnerability Management Solution

Software-as-a-service toolset developed by Timesys to provide:

  • Embedded Linux security maintenance tools for your developers
  • Automatic generation of an accurate Software Bill of Materials (SBOM) for medical devices running embedded Linux
  • Accurate vulnerability detection with SBOM filtering
  • Integration with Yocto, Buildroot, Timesys Factory build systems
  • Accurate, curated meta-data on software components for higher rates of vulnerability identification and accuracy, with fewer false positives
  • Streamlined remediation of vulnerabilities with efficient collaboration

Linux OS/BSP Maintenance

Our turnkey Linux OS/BSP Maintenance service, bringing our team of embedded system software experts to manage all aspects of maintaining the OS of your embedded Linux BSPs. We take care of:

  • Monitoring and applying updates and patches, validating changes and providing you with reports on status
  • Maintaining the strongest security posture throughout device deployment
  • Providing you with ready-to-deploy platform updates

Streamline and simplify compliance with medical device security standards and regulations

  • FDA Guidance (FDA-2018-D-3443) for Premarket submissions, such as 510(k):
    • Cybersecurity measures during the design and development of medical devices
    • Identification of assets, threats, and vulnerabilities
    • Ensure trusted content by maintaining code, data, and execution integrity
    • Maintain confidentiality of data
  • FDA Guidance (FDA-2015-D-5105) for Postmarket Management of Cybersecurity:
    • Monitoring cybersecurity information sources
    • Monitoring third party software components for new vulnerabilities throughout the device’s total product lifecycle
    • Understanding, assessing and detecting presence and impact of a vulnerability
    • Validation for software updates and patches that are used to remediate vulnerabilities, including those related to off-the-shelf software
    • Deploying mitigations that address cybersecurity risk early and prior to exploitation

See how Timesys has helped MDMs bring products to market faster, with higher quality, and with stronger security

Case Study: Medical device manufacturer maintains strong product security with Timesys

A leading manufacturer of medical devices wanted to ensure its product line, which featured an NXP i.MX 6 processor based Advantech Qseven module, was kept updated, in sync and secure throughout its development and release. See how Timesys helped the company efficiently manage its product software security and updates throughout the product lifecycle.
View

Reduce Risk with RISC for Medical Devices: Get a Complimentary Three-Month Subscription to Timesys Vigiles Prime Security Monitoring & Management Service with Select Advantech Arm/RISC Platforms

Develop your next embedded Linux based device with an Advantech ROM-7720, ROM-5720, UBC-220, UBC-DS31, EPC-R6410, RSB-3410, RSB-4410, RSB-4411, or RSB-6410 Arm/RISC based platform, and receive a complimentary three-month Prime subscription to Timesys’ Vigiles Security Vulnerability Monitoring & Management Service. Vigiles finds known reported security issues that are specific to a particular product, including fixed and unfixed Common Vulnerabilities and Exposures (CVEs) for the particular version of each software component built.

The bundled offers are available from Advantech resellers and online ordering system. To extend the bundled offering and optionally purchase a Prime subscription to Timesys Vigiles Security Vulnerability Monitoring & Management Service, contact Advantech or Timesys sales.

Already have an Arm/RISC based Advantech platform that’s mentioned above and want access to the complimentary three-month Prime subscription to Timesys Vigiles Security Vulnerability Monitoring & Management Service? Simply register your board online with us, and you can get started tracking and filtering vulnerabilities right away. (Serial number required.)

Boost Compliance with FDA Guidance & Standards

Timesys Vigiles Prime Security Vulnerability Monitoring & Management features enable you to:

  • Generate on-demand Common Vulnerabilities & Exposures (CVE) reports.
  • Get automatic alerts for newly discovered CVEs in previously scanned software.
  • Get push notification of CVE detailed report.
  • Get desktop push of component list for Yocto builds.
  • Get desktop pull and push reports for Yocto builds.
  • View CVE severity and status counts.
  • View CVE categorization.
  • View fixed & unfixed CVEs for Yocto builds.
  • Track vulnerabilities for unlimited component lists.
  • Collaborate with team members on CVE triage.
  • Whitelist known CVEs.
  • Filter CVE by CVSS score.
  • Generate reports in multiple formats.
  • Get fixed version notification for OSS.
  • Get links to patches for Linux kernel CVEs.
  • Identify minimum versions of software needed to fix identified CVEs.
  • Filter CVEs by kernel config.

down arrow

Timesys provides solutions to the “Top 30” MDMs, helping them build FDA Class I, II, and III devices for a broad array of medical needs. Timesys’ Software Engineering Services excel in addressing remote mobile access, networked devices, and integrated systems — from the BSP to the App and UI. Furthermore, Timesys’ Development Environment both directly and indirectly supports FDA certification requirements, which include: build repeatability, documentation, source origin, test reports based on automated regression testing, ongoing security vulnerability notification and patches, and OS maintenance.

Want to learn more about how using Timesys VigiShield with Advantech platforms can help you build more secure, compliant medical devices?

Fill out the form to schedule a free 30-minute consultation. We’ll be happy to answer your questions.

Embedded Systems eNews

* Denotes required field.