Reply to post: Re: Unrestricted access during remote firmware update?

Hacking these medical pumps is as easy as copying a booby-trapped file over the network

NATTtrash

Re: Unrestricted access during remote firmware update?

...and bearing in mind how long medical approval and certification takes (and costs, not to mention possible re-certification for patched systems)...

I realise that it's a hot topic (for those in the niche. Hello people!), not liked by many manufacturers, but I dare to say that's why it maybe isn't a bad thing that, with the now new incoming Medical Device Regulation (2017/745), stuff becomes much more tight. For a start, software in medical devices is no longer regarded as an insignificant cog to make stuff work, but a medical device on itself with all the bells, whistles, obligations, and attention it deserves. Also, manufacturers are now forced to follow up on their devices (thus software) in practice, do continuous risk management, evaluation, and trend reporting and evaluation. As said, many don't like it; it means more hassle for them, more cost, more transparency, more scrutiny, more investment on their side. But then again, I can't suppress the feeling that it isn't all bad. And yes, before some of you (Hello again people!) start throwing a fit, I agree, MDR isn't perfect, and god, are there holes in there. But take a pint, breathe, and you'll probably agree that we have to start somewhere, especially if tech moves soooooooooooo much faster than regulation...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021