UL 2900-2-1-2016 网络连接产品第 2-1部分 网络安全软件测试大纲 医疗保健系统网络连接组.pdf

marH30,2016 uL2900-2-1 Outline of Investigation for Software Cybersecurity for Network - Connectable Products ,Part 2-1 :Particular Requirements for Network Connectable Components of Healthcare Systems Issue Number :1 March 30 .2016 Summary of Topics With the increasing threat of cyber-attacks affecting safety-critical products and service infrastructure ,the UL 2900 outlines aim to provide a minimum set of requirements that developers of network connected products can pursue to establish a baseline of protection against known vulnerabilities and a minimum set of security risk controls to consider relative to their existing overall product risk assessments . This outline describes the method by which the security risk controls of healthcare system ponents shall be evaluated and tested for known vulnerabilities ,software weaknesses and malware while also establishing a minimum set of verification activities intended to reduce the likelihood exploitable weaknesses that could be vectors of zero day vulnerabilities that may affect the ponent . The product shall be subjected to : Vulnerability and exploitation assessment ; Software Weakness Testing ( e.g.via Malform...