UL 2900 Cybersecurity Checklists


Fulfill global requirements for Medical Device Software Cybersecurity!

Medical devices face a perfect storm. Hackers are becoming more sophisticated and the number of devices connecting to the internet is growing exponentially. As a result, cybersecurity threats are now a major concern for device companies. A breach can compromise patient data or software, as well as the performance of life-critical devices like infusion pumps, ventilators, and pacemakers. As regulators recognize the risks of cyber-attacks, cybersecurity is becoming an imperative regulatory clearance.

UL 2900 provides device manufacturers with repeatable, reproducible tests that can provide objective evidence to support assurance claims regarding cybersecurity. UL 2900 requirements were developed in alignment with current FDA pre- and post-market cybersecurity guidance, as well as with ANSI Technical Panel guidelines; thus, the UL standards have been designed to support FDA regulatory clearance.

UL 2900-1 and UL 2900-2-1 are FDA recognized consensus standards and their use is recommended by Health Canada. These two checklists provide a convenient way to understand and meet UL 2900 cybersecurity requirements.

You get two checklists to ensure perfect alignment with UL 2900 for connected medical device software:

  1. 1. A detailed and comprehensive checklist to help you identify gaps against UL 2900-1. This standard contains general cybersecurity requirements for all connected products.
  2. 2. Another checklist for gap assessment against UL 2900-2-1. Contains additional cybersecurity requirements for healthcare and wellness products.
SKU: ULCC Category: