Journal of Information Technology Services (한국IT서비스학회지)

Korea Society of IT Services (한국IT서비스학회)
권호 표지
DOI QR코드

DOI QR Code

A study on the Applicability of Software International Standards for SaMD's Cybersecurity Regulation

SaMD의 사이버보안 규제에 대한 소프트웨어 국제표준의 적용 가능성에 대한 연구

  • 김이영 (성균관대학교 삼성융합의과학원) ;
  • 정영주 (성균관대학교 삼성융합의과학원) ;
  • 류규하 (성균관대학교 삼성융합의과학원 의료기기산업학과) ;
  • 조백환 (차의과학대학교 의학전문대학원 정보의학교실/정보의학연구소)
  • Received : 2023.06.13
  • Accepted : 2023.08.21
  • Published : 2023.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

Software as Medical Devices (SaMD) is a growing category of medical devices that are composed of software to perform one or more medical purposes. SaMD is less likely to cause physical harm compared to conventional medical devices, particularly medical electrical equipments, and may be more vulnerable to privacy issues. This difference was acknowledged and resulted in introducing new regulation guidance specifically for cybersecurity of SaMD. It guides stakeholders of SaMD what to consider in what context in terms of cybersecurity. This study examines the current guidance of how cybersecurity is considered for SaMD by analyzing current medical device standards, then suggest which concept or details beyond current medical device standards may be applicable through analysis of international standards documents published for software in general.

Keywords

Acknowledgement

This work was supported by the National Research Foundation of Korea(NRF) grant funded by the Korea government(MSIT) (No. NRF-2023R1A2C2003577) and the industry cooperation foundation fund, CHA University Grant (CHA-202201150001).

References

  1. International Medical Device Regulators Forum (2013, December 9) Software as a Medical Device (SaMD): Key Definitions, page 4, IMDRF/SaMD WG/N10[1]. Retrieved from https://www.imdrf.org/documents/software-medical-device-samd-key-definitions. 
  2. International Organization for Standardization (ISO), IEC 62304:2006 Medical device software - Software life cycle processes. 
  3. International Organization for Standardization (ISO), IEC 62366-1:2015 Medical devices - Part 1: Application of usability engineering to medical devices. 
  4. International Organization for Standardization (ISO), IEC 62366-2:2016 Medical devices - Part 2: Guidance on the application of usability engineering to medical devices. 
  5. International Organization for Standardization (ISO), ISO 13485:2015 Medical Devices - Quality Management Systems. 
  6. International Organization for Standardization (ISO), ISO 14971:2019 Medical devices - Application of risk management to medical devices. 
  7. International Organization for Standardization (ISO), ISO/IEC 25010:2011 Systems and software engineering - Systems and software Quality Requirements and Evaluation (SQuaRE) - System and software quality models. 
  8. International Organization for Standardization (ISO), ISO/IEC 25022:2016 Systems and software engineering - Systems and software quality requirements and evaluation (SQuaRE) - Measurement of quality in use. 
  9. International Organization for Standardization (ISO), ISO/IEC 25023:2016 Systems and software engineering - Systems and software Quality Requirements and Evaluation (SQuaRE) - Measurement of system and software product quality. 
  10. United States Food and Drug Administration (US FDA) (2017, December 6), What are examples of Software as a Medical Device? https://www.fda.gov/medical-devices/software-medical-device-samd/what-are-examples-software-medical-device Accessed February 6, 2023. 
  11. United States Food and Drug Administration (US FDA) (2022, April 8), Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions. https://www.fda.gov/regulatory-information/search-fda-guidance-documents/cybersecurity-medical-devices-quality-system-considerations-and-content-premarket-submissions Accessed April 12, 2023. 
  12. United States Food and Drug Administration (US FDA) (2022, October 5), Artificial Intelligence and Machine Learning (AI/ML)-Enabled Medical Devices. https://www.fda.gov/medical-devices/software-medical-device-samd/artificial-intelligence-and-machine-learning-aiml-enabled-medical-devices Accessed February 6, 2023.