Health software and health IT systems safety, effectiveness and security — Part 5-1: Security — Activities in the product life cycle

This document defines the LIFE CYCLE requirements for development and maintenance of HEALTH SOFTWARE needed to support conformance to IEC 62443-4-1 – taking the specific needs for HEALTH SOFTWARE into account. The set of PROCESSES, ACTIVITIES, and TASKS described in this document establishes a common framework for secure HEALTH SOFTWARE LIFE CYCLE PROCESSES. The purpose is to increase the CYBERSECURITY of HEALTH SOFTWARE by establishing certain ACTIVITIES and TASKS in the HEALTH SOFTWARE LIFE CYCLE PROCESSES and also by increasing the SECURITY of SOFTWARE LIFE CYCLE PROCESSES themselves. It is important to maintain an appropriate balance of the key properties SAFETY, effectiveness and SECURITY as discussed in ISO 81001-1. This document excludes specification of ACCOMPANYING DOCUMENTATION contents.

Sécurité, efficacité et sûreté des logiciels de santé et des systèmes TI de santé — Partie 5-1: Sûreté — Activités du cycle de vie du produit

Le présent document définit les exigences de CYCLE DE VIE relatives au développement et à la maintenance des LOGICIELS DE SANTE, nécessaires pour venir à l’appui de la conformité à l’IEC 62443-4-1 – compte tenu des besoins spécifiques pour les LOGICIELS DE SANTE. L’ensemble des PROCESSUS, ACTIVITES et TACHES décrits dans le présent document établit un cadre commun pour des PROCESSUS sécurisés du CYCLE DE VIE DES LOGICIELS DE SANTE. Ces processus ont pour objet de renforcer la CYBERSECURITE des LOGICIELS DE SANTE par l'établissement de certaines ACTIVITES et TACHES dans les PROCESSUS DU CYCLE DE VIE desdits LOGICIELS, ainsi que par le renforcement de la SURETE des PROCESSUS DU CYCLE DE VIE DES LOGICIELS proprement dit. Il est important de maintenir un équilibre approprié des propriétés clés (SECURITE, efficacité et SURETE) traitées dans l’ISO 81001-1. Le présent document exclut la spécification du contenu de la DOCUMENTATION D’ACCOMPAGNEMENT.

General Information

Status
Published
Publication Date
20-Dec-2021
Current Stage
6060 - International Standard published
Start Date
21-Dec-2021
Due Date
13-Sep-2021
Completion Date
21-Dec-2021
Ref Project

Buy Standard

Draft
IEC/FDIS 81001-5-1 - Health software and health IT systems safety, effectiveness and security
English language
52 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


FINAL
INTERNATIONAL IEC/FDIS
DRAFT
STANDARD 81001-5-1
ISO/TC 215
Health software and health IT systems
Secretariat: ANSI
safety, effectiveness and security —
Voting begins on:
2021-09-10
Part 5-1:
Voting terminates on:
Security — Activities in the product
2021-11-05
life cycle
This draft is submitted to a parallel vote in ISO and in IEC.
RECIPIENTS OF THIS DRAFT ARE INVITED TO
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
Reference number
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO-
IEC/FDIS 81001-5-1:2021(E)
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN-
DARDS TO WHICH REFERENCE MAY BE MADE IN
©
NATIONAL REGULATIONS. IEC 2021

IEC/FDIS 81001-5-1:2021(E)
© IEC 2021 – All rights reserved
ii
IEC/FDIS 81001-5-1:2021(E)
– 2 – IEC FDIS 81001-5-1 © IEC 2021
CONTENTS
FOREWORD . 5
INTRODUCTION . 7
0.1 Structure . 7
0.2 Field of application . 8
0.3 Conformance . 8
1 Scope . 10
2 Normative references . 10
3 Terms and definitions . 11
4 General requirements . 18
4.1 Quality management . 18
4.1.1 Quality management system . 18
4.1.2 Identification of responsibilities . 18
4.1.3 Identification of applicability . 18
4.1.4 SECURITY expertise . 18
4.1.5 SOFTWARE ITEMS from third-party suppliers. 19
4.1.6 Continuous improvement . 19
4.1.7 Disclosing SECURITY-related issues . 19
4.1.8 Periodic review of SECURITY defect management . 19
4.1.9 ACCOMPANYING DOCUMENTATION review . 20
4.2 SECURITY RISK MANAGEMENT . 20
4.3 SOFTWARE ITEM classification relating to risk transfer. 20
5 Software development PROCESS . 21
5.1 Software development planning . 21
5.1.1 ACTIVITIES in the LIFE CYCLE PROCESS . 21
5.1.2 Development environment SECURITY . 21
5.1.3 Secure coding standards . 21
5.2 HEALTH SOFTWARE requirements analysis . 21
5.2.1 HEALTH SOFTWARE SECURITY requirements . 21
5.2.2 SECURITY requirements review . 22
5.2.3 SECURITY risks for REQUIRED SOFTWARE . 22
5.3 Software architectural design . 22
5.3.1 DEFENSE-IN-DEPTH ARCHITECTURE/design . 22
5.3.2 Secure design best practices . 22
5.3.3 SECURITY architectural design review . 23
5.4 Software design . 23
5.4.1 Software design best practices . 23
5.4.2 Secure design . 23
5.4.3 Secure HEALTH SOFTWARE interfaces . 23
5.4.4 Detailed design VERIFICATION for SECURITY . 24
5.5 Software unit implementation and VERIFICATION . 24
5.5.1 Secure coding standards . 24
5.5.2 SECURITY implementation review . 24
5.6 Software integration testing . 25
5.7 Software system testing . 25
5.7.1 SECURITY requirements testing . 25
5.7.2 THREAT mitigation testing . 25
© IEC 2021 – All rights reserved

IEC/FDIS 81001-5-1:2021(E)
IEC FDIS 81001-5-1 © IEC 2021 – 3 –
5.7.3 VULNERABILITY testing . 25
5.7.4 Penetration testing . 26
5.7.5 Managing conflicts of interest between testers and developers . 26
5.8 Software release . 26
5.8.1 Resolve findings prior to release . 26
5.8.2 Release documentation . 27
5.8.3 File INTEGRITY . 27
5.8.4 Controls for private keys . 27
5.8.5 Assessing and addressing SECURITY-related issues . 27
5.8.6 ACTIVITY completion . 27
5.8.7 SECURE decommissioning guidelines for HEALTH SOFTWARE . 27
6 SOFTWARE MAINTENANCE PROCESS . 28
6.1 Establish SOFTWARE MAINTENANCE plan . 28
6.1.1 Timely delivery of SECURITY updates . 28
6.2 Problem and modification analysis . 28
6.2.1 Monitoring public incident reports . 28
6.2.2 SECURITY update VERIFICATION . 28
6.3 Modification implementation . 29
6.3.1 SUPPORTED SOFTWARE SECURITY update documentation . 29
6.3.2 MAINTAINED SOFTWARE SECURITY update delivery . 29
6.3.3 MAINTAINED SOFTWARE SECURITY update INTEGRITY . 29
7 SECURITY RISK MANAGEMENT PROCESS . 29
7.1 RISK MANAGEMENT context . 29
7.1.1 General . 29
7.1.2 PRODUCT SECURITY CONTEXT . 29
7.2 Identification of VULNERABILITIES, THREATS and associated adverse impacts . 30
7.3 Estimation and evaluation of SECURITY risk. 31
7.4 Controlling SECURITY risks . 31
7.5 Monitoring the effectiveness of RISK CONTROLS . 31
8 Software CONFIGURATION MANAGEMENT PROCESS . 32
9 Software problem resolution PROCESS . 32
9.1 Overview. 32
9.2 Receiving notifications about VULNERABILITIES . 32
9.3 Reviewing VULNERABILITIES . 32
9.4 Analysing VULNERABILITIES. 33
9.5 Addressing SECURITY-related issues . 33
Annex A (informative) Rationale . 35
A.1 Relationship to IEC 62443 . 35
A.2 Relationship to IEC 62304 . 36
A.3 Risk transfer . 37
A.3.1 Overview . 37
A.3.2 MAINTAINED SOFTWARE . 37
A.3.3 SUPPORTED SOFTWARE . 37
A.3.4 REQUIRED SOFTWARE . 37
A.4 Secure coding best practices . 38
Annex B (informative) Guidance on implementation of SECURITY LIFE CYCLE ACTIVITIES . 39
B.1 Overview. 39
B.2 Related work . 39
© IEC 2021 – All rights reserved

IEC/FDIS 81001-5-1:2021(E)
– 4 – IEC FDIS 81001-5-1 © IEC 2021
B.3 THREAT / RISK ANALYSIS . 39
B.4 THREAT and RISK MANAGEMENT . 40
B.5 Software development planning . 40
B.5.1 Development . 40
B.5.2 HEALTH SOFTWARE requirements analysis . 41
B.5.3 Software architectural design . 41
B.5.4 Software unit implementation and VERIFICATION . 41
B.5.5 Secure implementation . 42
B.5.6 Not used . 42
B.5.7 Software system testing . 42
Annex C (informative) THREAT MODELLING . 44
C.1 General . 44
C.2 ATTACK-defense trees . 44
C.3 CAPEC / OWASP / SANS . 44
C.4 CWSS . 44
C.5 DREAD . 45
C.6 List known potential VULNERABILITIES . 45
C.7 OCTAVE . 45
C.8 STRIDE . 45
C.9 Trike . 45
C.10 VAST . 45
Annex D (informative) Relation to practices in IEC 62443-4-1:2018 . 46
D.1 IEC 81001-5-1 to IEC 62443-4-1:2018 . 46
D.2
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.