Professional Documents
Culture Documents
IEC TR 60601-4-5:
Medical Electrical Equipment
Part 4-5: Guidance and Interpretation
Safety-Related Technical Security Specifications
White paper
Abstract
There are many reasons why all digital healthcare and medical devices must be thoroughly tested and secured. For some
time now, more and more cybersecurity incidents have been occurring within the healthcare sector, leading to more
legislation and regulations across the industry.
The IEC TR 60601-4-5 provides detailed technical information for security features in medical devices used in medical IT
networks, such as medical electrical equipment, medical electrical systems, and medical device software. This Technical
Report released in 2021 addresses IT security for medical products in the scope that they are integrated into IT networks.
This also affects software as a medical device.
TÜV SÜD
TÜV SÜD | Weathering the Storm 1
Contents
ABOUT THE EXPERTS................................................................................................. 2
INTRODUCTION.......................................................................................................... 3
Dr.-Ing. Abtin Rad is a member of the standardization committee for medical device IT security
(60601-4-5). Abtin has co-authored the guidance document for cybersecurity provided by
the interest group of notified bodies. He has 14 years of professional experience in the
development of medical device software.
Besides his work at TÜV SÜD, Abtin is an associate professor at the University of Applied
Sciences in Hamburg for medical device software, medical imaging, and digital filter design
topics.
2 Understanding the IEC TR 60601-4-5: Medical Electrical Equipment | TÜV SÜD America
Introduction
There are many reasons why all digital Until now, guidance and
healthcare and medical devices must standardization have primarily
be thoroughly tested and secured. concentrated on risk management,
For some time now, more and more leaving medical device manufacturers
cybersecurity incidents have been without a cybersecurity standard that
occurring within the healthcare offers a solution.
sector, leading to more legislation and
regulations across the industry.
In the following pages, you’ll learn
There are many potential safety and what is the IEC TR 60601-4-5, key
security issues to consider when it aspects of this standard, and the
comes to medical devices. Perhaps the importance of compliance.
most obvious is because unauthorized
access to medical devices could result
in severe injury – or even death, so
medical device manufacturers must
ensure the technology used in these
devices are as secure as can be.
| Weathering
TÜV SÜD America | Understanding
the Storm the IEC TR 60601-4-5: Medical Electrical Equipment 3
Understanding previous standards
PREVIOUS STANDARDS FOCUSED ON CYBER RISK MANAGEMENT IN GENERAL
Previous standards include AAMI TIR 57 were focused on cyber risk management in general, leaving manufacturers with a lack
of technical standards that help to mitigate risks within the medical device community. Another previous standard, UL-2900-2-1,
applicable to US medical device manufacturers, calls for the secure design and security testing of medical devices.
The IEC 62443 family became the typical standard for cybersecurity across a variety of industries. However, they still didn’t quite
meet all the requirements for the healthcare sector. Since this came to light, both the ISO and IEC have been working to develop
new standards that address these gaps in regulations.
And so, IEC TR 60601-4-5 was introduced to the market, which enhanced the IEC 62443-4 standard, which acts as an essential part
of the IEC TR 60601-4-5 implementation process.
This technical report solidifies the idea The IEC TR 60601-4-5 is also intended to be harmonized
that security issues must be a shared
burden between both the manufacturer with the Medical Device Reporting (MDR) and help
and the operator of the medical device.
This document’s objective is to extend manufacturers meet the general safety and performance
the implementation of Basic Safety
and Essential Performance by defining requirements (GSPR) 17.2, 17.4, and 23.4 MDR.
the minimum of necessary clinical
functionality and availability of the
medical device.
SL-T: The Target Security Level that one must achieve for the network, including the networked medical
devices, achieves the set protection goal. SL-T will be determined by the operator or integrator, as only
they have the power to decide which network environment a medical device will be used in. IEC 60601-
4-5 recommends separately determining the SL-Ts for various environments, including the following
considerations:
SL-C: The Capability Security Level can be achieved, for both the medical product and network, if one
takes measures to improve IT security.
SL-C is determined by the manufacturer as long as the operator utilizes the device according to
the manufacturer’s specifications. This will depend on which measures the manufacturer has both
implemented and reviewed.
SL-A: The Achieved Security Level which is the level one achieves.
As for which security level the operator chooses for SL-A, that will depend on whether or not the
operator has correctly configured the network. And if the operator has implemented measures to
increase IT security outside of the device.
For each security level, there are five proposed levels from SL 0 – where nothing is implemented – to SL
4, the highest level of achievement. Higher security levels must be achieved for higher-risk devices.
While IEC TR 60601-4-5 does not apply to in-vitro diagnostic devices (IVD), it applies to medical devices
with external data interfaces used to capture confidential data. It does not apply to other software used
on a medical IT network that does not meet the definition of medical device software.
Failure to ensure medical device cybersecurity can lead to massive reputational damage for medical device
manufacturers and the healthcare organizations that use this precarious technology. By implementing and adhering to IEC
TR 60601-4-5 in addition to other relevant standards, companies can ensure their products are safe and well-accepted in
the market. Failure to comply can have serious consequences.
IEC TR 60601-4-5 offers manufacturers the opportunity to prepare for full implementation in the years ahead. TÜV
SÜD’s leading experts provide a full suite of testing and certification services in preparation for this new technical
considerations.
TÜV SÜD is a world leader in testing medical products and an expert in testing the cybersecurity of connected medical products.
Medical devices, digital products, software, cloud infrastructure, or mobile apps for the medical industry, we have tested it all.
Since 1999, we have certified more than 1,000 functional safety experts globally and issued more than 2,000 certificates for
functionally safety-tested products. Our experts preside on standardization committees for functional safety and inform you about
emerging standards and regulations to stay ahead of the competition.
In the field of medical devices, TÜV SÜD is the largest Notified Body in the world, having over 700 dedicated medical health and
services experts situated in major markets worldwide. In addition, we have a dedicated Regulatory Foreign Affairs & Clinical
Department for monitoring and understanding updates in medical health services and devices regulations worldwide.
| Weathering
TÜV SÜD America | Understanding
the Storm IEC TR 60601-4-5: Medical Electrical Equipment 7
Learn about the services we provide for the
healthcare and medical device industry
www.tuvsud.com/en-us/industries/healthcare-and-medical-devices
info-us@tuvsud.com
8 8 Weathering
Understanding the IEC TR 60601-4-5: Medical Electrical the|Storm
Equipment | TÜVAmerica
TÜV SÜD SÜD
COPYRIGHT NOTICE
The information contained in this document represents the current view of TÜV SÜD on the issues discussed as of the date of publication. Because TÜV SÜD must respond to changing market
conditions, it should not be interpreted to be a commitment on the part of TÜV SÜD, and TÜV SÜD cannot guarantee the accuracy of any information presented after the date of publication.
This guideline is for informational purposes only. TÜV SÜD makes no warranties, express, implied or statutory, as to the information in this document. Complying with all applicable
copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or
transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of TÜV SÜD.
TÜV SÜD may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in
any written license agreement from TÜV SÜD, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. ANY
REPRODUCTION, ADAPTATION OR TRANSLATION OF THIS DOCUMENT WITHOUT PRIOR WRITTEN PERMISSION IS PROHIBITED, EXCEPT AS ALLOWED UNDER THE COPYRIGHT
LAWS. © TÜV SÜD Group – 2021 – All rights reserved - TÜV SÜD is a registered trademark of TÜV SÜD Group.
DISCLAIMER
All reasonable measures have been taken to ensure the quality, reliability, and accuracy of the information in the content. However, TÜV SÜD is not responsible for the third-party content
contained in this guideline. TÜV SÜD makes no warranties or representations, expressed or implied, as to the accuracy or completeness of information contained in this guideline. This
guideline is intended to provide general information on a particular subject or subjects and is not an exhaustive treatment of such subject(s). Accordingly, the information in this guideline
is not intended to constitute consulting or professional advice or services. If you are seeking advice on any matters relating to information in this guideline, you should – where appropriate
– contact us directly with your specific query or seek advice from qualified professional people. TÜV SÜD ensures that the provision of its services meets independence, impartiality and
objective requirements. The information contained in this guideline may not be copied, quoted, or referred to in any other publication or materials without the prior written consent of
TÜV SÜD. All rights reserved © 2021 TÜV SÜD.