The security concept is one of the important concept documents that we create as part of product development.
The safety concept describes why a device is safe and how safety is ensured in the event of a fault. Various aspects are considered, such as
- Mechanical safety
- Electrical safety
- Biological safety and biocompatibility
- Security regarding functionality
- Security of communication interfaces
- Further measures may address electromagnetic compatibility, heat generation, and radiation, depending on the type of device.
reader
The security concept is a system-level document.
The security concept is created by the system architect or a developer with an overview of the security measures and concepts in the areas of mechanics, hardware and software.
The readers of the security concept are system architects, developers and the notified body.
Contents
| Theme | Description | Useful questions |
|---|---|---|
| Introduction and General | This chapter contains a general description of the device.
|
|
| Block diagram | Schematic representation of the device with important functional blocks | Should internal and external interfaces be clearly identifiable? |
| System context | The system context shows the boundaries of the system. You can see an example in the image below (click to enlarge) and a short description can also be found in our article on System architecture. You'll also find more useful questions in the article.
|
Which device is it? What functions does the device have? Where and by whom is it used? Classification of the device |
| Device states | The different device states should be described and assessed with regard to their impact on safety. Examples of device states are:
|
What states does the device recognize? |
| Security measures | The safety concept should, of course, also present the measures that ensure the device's safety. There are various types of safety, including ensuring that no danger is posed to patients and operators. Data security should also be considered.
Topics in this chapter include:
|
What measures are in place to ensure the electrical, mechanical and biological safety of the device?
Has the security of important data been taken into account? Can configuration parameters be changed? Are there external interfaces that need to be secured? |
| Further steps to identify risks and measures | Other procedures for identifying risks and measures may be described, such as FMEA, risk analysis, independent audits, etc. | What risk identification and management measures are in place in the project or for the device? |
Conclusion
The safety concept is an important document and, in the document hierarchy, is on the same level as the system specification. Naturally, there are areas of overlap, and like any concept document, it is always highly dependent on the type of development project. Is it a new development or an enhancement? How many units will the device be sold in? In which markets will it be sold? How critical is the device for the patient or user? The more dangerous a system, the more important the safety concept. All of this influences the scope, content, and depth of the safety concept.
If you need support, for example, through external reviews, please call us or send us an email anytime. We're happy to assist you with your medical device.
Best regards
Martin Bosch