Healthcare safety consortium extends ISA cybersecurity standards to connected medical devices

ISA MDISS 400

February 25, 2019

The Medical Device Innovation, Safety, and Security Consortium (MDISS), a major nonprofit public health and patient safety organization, has announced it is developing a set of recommended practices and profiles for securing medical systems based on the normative requirements in the ISA/IEC 62443 series of standards for industrial automation and control systems cybersecurity.

The intent is to share the information across the network of MDISS member organizations, which includes medical device manufacturers, healthcare software companies, hospital networks, and insurance companies. “MDISS is committed to improving the state of cybersecurity in medical devices and systems to reduce risks to patients. We view the ISA/IEC 62443 standards as providing a solid basis for the development of comprehensive profiles and recommended practices in this area,” states Dr. Dale Nordenberg, MDISS Executive Director.

The ISA/IEC 62443 standards are developed primarily by the ISA99 committee of the International Society of Automation, with simultaneous review and adoption by the Geneva-based International Electrotechnical Commission.ISA99 draws on the input of cybersecurity experts from across the globe in developing standards in a balanced, consensus process that is accredited by the American National Standards Institute. The standards are applicable to all industry sectors and critical infrastructure, providing a flexible and comprehensive framework to address and mitigate current and future security vulnerabilities in industrial automation and control systems.

Application to connected medical devices reflects the growing use of the standards across multiple sectors worldwide, points out long-time ISA99 co-chair Eric Cosman. “When we first formed the ISA99 committee, we deliberately stated our scope in terms of potential consequences rather than limiting ourselves to specific industries. This decision has served us well as the ISA/IEC 62443 standards not only have been applied across traditional manufacturing and industrial processing sectors, but also extended to rail transportation, building automation, and now medical systems.”

The MDISS announcement follows another recent indication of the widespread adoption of the ISA/IEC 62443 standards in which the United Nations Economic Commission for Europe confirmed it will integrate the standards into its forthcoming Common Regulatory Framework on Cybersecurity (CRF). The CRF will serve as an official UN policy position statement for the massive EU trade markets.

Source

Related Articles

True North Solutions Promotes Amanda Reitenbach to Director of Project Services

True North Solutions Promotes Amanda Reitenbach to Director of Project Services

Recently, True North Solutions was proud to announce Amanda Reitenbach’s promotion to the position of Director of Project Services. In this role, Amanda will be responsible for leading, guiding, and coaching program managers and project managers. She will oversee True North’s Project Management Office (PMO), project planning, executions, and resource allocation; facilitate stakeholder communication and alignment; confirm True North’s project deliverables align with our clients’ strategic business goals; ensure effective management of change and adherence to quality standards; and drive continuous improvement and efficiency gains in True North’s project performance.

Changing Scene

Sponsored Content
The Easy Way to the Industrial IoT

The way to the Industrial IoT does not have to be complicated. Whether access to valuable data is required or new, data-driven services are to be generated, Weidmuller enables its customers to go from data to value the easy way. Weidmuller’s comprehensive and cutting-edge IIoT portfolio applies to greenfield and brownfield applications. Weidmuller offers components and solutions from data acquisition, data pre-processing, data communication and data analysis.

Visit Weidmuller’s Industrial IoT Portfolio.

ADVANCED Motion Controls Takes Servo Drives to New Heights (and Depths) with FlexPro Extended Environment Product Line

Advanced Motion Controls is proud to announce the addition of six new CANopen servo drives with Extended Environment capabilities to their FlexPro line. These new drives join AMC’s existing EtherCAT Extended Environment FlexPro drives, making the FlexPro line the go-to solution for motion control applications in harsh environments.

Many motion control applications take place in conditions that are less than ideal, such as extreme temperatures, high and low pressures, shocks and vibrations, and contamination. Electronics, including servo drives, can malfunction or sustain permanent damage in these conditions.

Read More

Service Wire Co. Announces New Titles for Key Executives

Bruce Kesler and Mark Gatewood have been given new titles and responsibilities for Service Wire Co.

Bruce Kesler has assumed the role of Senior Director – Business Development. Bruce will be responsible for Service Wire’s largest strategic accounts and our growing Strategic Accounts Team.

Mark Gatewood has been promoted to the role of Vice President – Sales & Marketing. In this role, Gatewood will lead the efforts of Service Wire Company’s entire sales and marketing organization in all market verticals.

Read More

Tri-Mach Announces the Purchase of an Additional 45,000 sq ft. Facility

Tri-Mach Elmira Facility

Recently, Tri-Mach Inc. was thrilled to announce the addition of a new 45,000 sq ft. facility. Located at 285 Union St., Elmira, ON, this facility expands Tri-Mach’s capabilities, allowing them to better serve the growing needs of their customers.

Positioning for growth, this additional facility will allow Tri-Mach to continue taking on large-scale projects, enhance product performance testing, and provide equipment storage for their customers. The building will also be the new home to their Skilled Trades Centre of Excellence.

Read More

JMP Parent Company, CONVERGIX Acquires AGR Automation, Expanding Global Reach

Convergix Automation Solutions has completed the acquisition of AGR Automation (“AGR”), a UK-based provider of custom, high-performance automation design and systems integration primarily to the life sciences industry.

Following Convergix’s acquisitions of JMP Solutions in August 2021 and Classic Design in February 2022, AGR marks the third investment in Crestview’s strategy to build Convergix into a diversified automation solutions provider targeting the global $500+ billion market, with a particular focus on the $70 billion global systems integration and connectivity segments. Financial terms of the transaction were not disclosed.

Read More

Latest Articles

  • Implementing Functional Safety Requirements

    Implementing Functional Safety Requirements

    The Safety Functional Requirements Specification (SFRS; sometimes referred to as SRS or Safety Requirements Specification) is the plan for the safety controls on a machine and is the second step of the safety lifecycle. The SFRS document serves as a framework for the safety control system design, is informed by prior work done in the… Read More…

  • From Endress+Hauser, 24/7 Digital, Plant-Wide Health Monitoring for Rockwell Systems Optimizes Workflows and Processes

    From Endress+Hauser, 24/7 Digital, Plant-Wide Health Monitoring for Rockwell Systems Optimizes Workflows and Processes

    Endress+Hauser’s Asset Health Monitoring Solution–Rockwell Edition, now available for installation, provides operators with a centralized, digital overview of plant-wide device health to avoid unscheduled shutdowns and accelerate troubleshooting. It not only presents early visibility of problematic devices but distinguishes itself by adding likely causes and remedies to such a report so problems can be fixed… Read More…