Working Group Details
HDSecWG - Healthcare Device Security Assurance Working Group
|IEEE Program Manager|
P2621.1 - Standard for Wireless Diabetes Device Security Assurance: Product Security Evaluation Program
This standard defines a framework for a connected electronic product security evaluation program, which includes: 1. How to apply the ISO/IEC 15408 security evaluation framework in a security evaluation program defined by this standard. 2. Framework for authorizing independent testing labs to be used in the security evaluation program. 3. Framework for certifying results from authorized labs. 4. Framework for defining and approving new security requirements and changes to security requirements, via protection profiles and security targets, to be used in the security evaluation program. 5. Framework for assuring continued maintenance of assurance post-certification.
This standard provides instruction for the safe use of consumer mobile devices (CMDs) in the control of diabetes-related medical devices, including: 1. The safe use of CMDs in both "open loop" and "closed loop" diabetes control solutions. 2. Instruction for the creation of security targets that leverage CMDs, with differentiated emphasis for security targets intended to meet the enhanced-basic and moderate assurance levels, as defined in other parts of this standard. 3. Instruction for leveraging CMDs in control solutions that have stringent real-time and high-availability (of the connected diabetes device (CDD) solution and/or its enclosing personal area network) requirements.