Royal Philips has become the first medical device manufacturer to receive a new Underwriters Laboratories (UL) product cybersecurity testing certification.
UL is an independent global safety certification and testing company with locations worldwide. The UL IEC 62304 certification was designed by Underwriters Laboratories to provide an overall framework to evaluate the robustness and maturity of a medical device manufacturer’s cybersecurity controls and capabilities for product development.
In support of the successful Philips firm registration for the security option of IEC 62304, UL performed a comprehensive audit of the Philips Security Center of Excellence. The centre was launched in 2015 to develop cyber-resilient products and services through security-by-design, risk assessment, vulnerability and penetration assessment, specialised training and incident response.
The audit reviewed and verified core Philips Security Center of Excellence product security processes, including security risk management and risk control measures, software security verification planning, change management and continuous improvement, and the Center’s laboratory quality management system.
The UL certification combines cybersecurity testing elements of the established UL 2900-2-1 standard for Software Cybersecurity for Network-Connectable Products, which focuses on the demanding requirements of healthcare and wellness systems, as well as security principles from international standards (ISO 13485 and ISO 14971).
Michael McNeil, global product security & services officer, Philips, said: “For the Philips Security Center of Excellence to receive this certification from Underwriters Laboratories, a long-established global leader in standards creation and safety testing, is a strong validation of our programme and an opportunity to advance healthcare and personal health product security even further.
- Tesco Issues New Clubcards After Customer Account Security Concerns
- NCSC Warns Hackers Could Use Baby Monitors to Spy on Victims
- Decoy Website Used to Fool Hackers into Sharing Tactics
“We’ve spent years building and investing in a robust end-to-end Security by Design programme, embedding security principles and best practices throughout a product’s life cycle.
“At Philips, we understand that our customers have high and growing expectations for the security of the solutions that they rely on. In addition, global regulatory authorities have also increased the scope and scale of product cybersecurity compliance requirements to help protect patients and consumers. We look forward to continuing to meet these critical commitments.”