• Decrease font size
  • Return font size to normal
  • Increase font size
U.S. Department of Health and Human Services

Recognized Consensus Standards

  • Print
  • Share
  • E-mail
-
Super Search Devices@FDA
510(k) | DeNovo | Registration & Listing | Adverse Events | Recalls | PMA | HDE | Classification | Standards
CFR Title 21 | Radiation-Emitting Products | X-Ray Assembler | Medsun Reports | CLIA | TPLC
 

New Search Back To Search Results
Part B: Supplementary Information Sheet (SIS)
FR Recognition List Number 047 Date of Entry 08/21/2017 
FR Recognition Number 13-96
Standard
UL ANSI 2900-1 First Edition 2017
Standard for Safety, Standard for Software Cybersecurity Network-Connectable Products, Part 1: General Requirements
Scope/Abstract
1.1 This standard applies to network-connectable products that shall be evaluated and tested for vulnerabilities, software weaknesses and malware.

1.2 This standard describes:
a) Requirements regarding the software developer (vendor or other supply chain member) risk management process for their product.
b) Methods by which a product shall be evaluated and tested for the presence of vulnerabilities, software weaknesses and malware.
c) Requirements regarding the presence of security risk controls in the architecture and design of a product.

1.3 This standard does not contain requirements regarding functional testing of a product. This means this standard contains no requirements to verify that the product functions as designed.

1.4 This standard does not contain requirements regarding the hardware contained in a product.
Extent of Recognition
Complete standard
Rationale for Recognition
This standard is relevant to medical devices and is recognized on its scientific and technical merit and/or because it supports existing regulatory policies.
Relevant FDA Guidance and/or Supportive Publications*
-Content of Premarket Submissions for Management of Cybersecurity in Medical Devices - Guidance for Industry and Food and Drug Administration Staff, Oct 2, 2014.

-Postmarket Management of Cybersecurity in Medical Devices - Guidance for Industry and Food and Drug Administration Staff, Dec. 28, 2016.


Appropriate Use of Voluntary Consensus Standards in Premarket Submissions for Medical Devices - Guidance for Industry and Food and Drug Administration Staff, issued September 2018.
FDA Technical Contact
 Brian Fitzgerald
  FDA/OC/CDRH/OSPTI/DAHRSSP/
  301-796-2579
  Brian.Fitzgerald@fda.hhs.gov
Standards Development Organizations
UL Underwriters Laboratories, Inc. http://www.ul.com/
ANSI American National Standards Institute https://www.ansi.org/
FDA Specialty Task Group (STG)
Software/Informatics
*These are provided as examples and others may be applicable.
-
-