• Skip to main content

TwelveDot Campus

  • TwelveDot
  • Log In
  • Contact Us

ANSI/UL 2900 Cybersecurity Testing for Medical Device Manufactures

posted on August 17, 2021

Resume Course

Medical Device Cybersecurity Testing for Regulatory Compliance 

New Regulatory Guidance for Pre-market submission has been drafted and published by several regulatory agencies, including the US FDA, Health Canada, and the EU Medical Device Coordination Group. These documents are harmonized around the need to perform Cybersecurity verification and validation of network-connected devices and medical device software. 

In this training program, we will describe and demonstrate the minimum set of cybersecurity testing activities recommended in the guidance documents.  We will provide a description of the testing methods and their use in cybersecurity validation. We will identify the available tools to perform the tests and provide either live or video demonstrations of the testing methods and outputs.

The testing methods will be mapped to best practice methods as well as to standards, including the IEC 62443 and ANSI/CAN/UL 2900 standards.

Outcome

Upon completion of this training, you will: 

  1. Understand the minimum cybersecurity verification and validations required to meet international regulatory guidance documents;
  2. Understand the purpose of those recommended activities and how they support cybersecurity design validation;
  3. Be familiar with tools that may be used to perform the recommended testing.

Content

  • Overview of the international guidance documents and the testing methods recommended
  • Description of each of the recommended verifications and validations
  • Demonstration of testing tools, methods, and output
  • Link of testing methods to international standards 

The training format will be classroom presentation, live and video example oriented and interactive. 

Target Group

  • Product Development Engineers
  • Product Security Designers 
  • Software Developers
  • Quality Professionals
  • Regulatory Professionals
  • IT Professionals interested in Product Development
  • Technical Marketing Professionals
  • CIOs/CISOs/IT Executives

The training level is introductory to moderate level, suitable for those with some experience in security risk management and secure design considerations.

Trainer

Faud Khan, Chief Security Analyst, TwelveDot Inc.

Laura Élan, Cyber Security Medical Expert, TwelveDot Inc.

Course Content

Expand All
Known Software Vulnerability Analysis
Identifying Known Vulnerabilities via Active Reconnaissance
Security Controls Validation
Assessing and Verifying Security Controls 2 Topics
Expand
Lesson Content
0% Complete 0/2 Steps
Password Cracking
Code Injection
Malformed Input Testing - Fuzzing
Fuzz Testing as Control Validation
Structured Penetration Testing
Active Reconnaissance
Evaluation of Security Controls and Vulnerabilities
Malware Testing
Bypassing Security Controls

TwelveDot Incorporated. All Rights Reserved © 2010-2021© 2025 · Log in

Login
Accessing this course requires a login. Please enter your credentials below!

Lost Your Password?