The FDA recommends that manufacturers design devices that are trustworthy because they are more likely to meet their applicable statutory standard for premarket review and are more likely to remain safe and effective throughout their life cycle. Trustworthy devices:
- Are reasonably secure from cybersecurity intrusion and misuse
- Provide a reasonable level of availability, reliability, and correct operation
- Are reasonably suited to performing their intended functions
- Adhere to generally accepted security procedures.
Documentation demonstrating the trustworthiness of a device will help FDA more quickly and efficiently assess the device’s safety and effectiveness with respect to cybersecurity.