Tag Archives: ISA/IEC 62443

Gabe Siftar and Matt Nowell

Managing Software Vulnerabilities: How to Utilize ISA/IEC 62443 and Software Bills of Materials

By Gabe Siftar, Matt Nowell
Gabe Siftar and Matt Nowell

The recently announced “Refuse to Accept Policy” signed into law under section 524B of the Federal Food, Drug, and Cosmetic Act (FD&C Act) gives the FDA more traction to encourage the medical device manufacturing industry to utilize software bills of materials that help to incorporate supply chain security. The ISA/IEC 62443 series of standards defines a secure product lifecycle process that can be adopted by medical device manufacturers to identify and manage the security risks of all external components used within the product.

Continue reading