FDA Pre-market Cybersecurity Submission Expectations

Threat Modeling

Inclusion of hazard analysis, mitigations, and design considerations for intentional and unintentional cybersecurity risks:

  • A specific list of all cybersecurity risks that were considered in the design of your device;
  • A specific list and justification for all cybersecurity controls that were established for your device.


  • Inclusion of a traceability matrix linking cybersecurity controls to the cybersecurity risks that were considered

Lifecycle Plans

  • A formal plan for validated software updates and patches as needed throughout device lifecycle.
  • A summary describing controls that are in place to assure that the medical device software maintains integrity (e.g., remain free of malware) from the point of origin to the point at which that device leaves the control of the manufacturer.


  • Device instructions for use and product specifications related to recommended cybersecurity controls appropriate for the intended use environment
  • May require antivirus software, use of firewalls, protected enclaves, isolation from internet, continuous monitoring, etc.