Reviewed by Christian Espinosa, MBA, CISSP · Founder & CEO
Published July 2025 · Last reviewed May 2026
The Med Device Cyber Podcast · July 31, 2025 In this episode of The Med Device Cyber Podcast, the hosts delve into the intricacies of the four security architecture views mandated by the FDA for medical devices. They meticulously break down each view: the Global System View, Updatability and Patchability View, Multi-Patient Harm View, and Secure Use Case Views. The discussion emphasizes the importance of accurately defining the device's scope, which often extends beyond the physical device to include companion apps, cloud services, and update infrastructure. Listeners will gain insights into securing the entire product lifecycle, from initial development to decommissioning, with a keen focus on preventing multi-patient harm and ensuring robust security across all device functionalities and data flows. The hosts also highlight common pitfalls manufacturers face when developing these views, offering valuable advice for product security teams, regulatory leads, and engineers navigating FDA premarket guidance and product security challenges.
Key Takeaways
- The FDA defines four critical security architecture views: Global System View, Updatability and Patchability View, Multi-Patient Harm View, and Secure Use Case Views.
- The Global System View requires a comprehensive understanding of the device's scope, including physical hardware, software components, cloud services, companion apps, and the update infrastructure.
- The Updatability and Patchability View focuses on securing the end-to-end update process, from the creation of the update package to its secure installation on the device, including the development environment's security.
- The Multi-Patient Harm View necessitates assessing scenarios where a compromise of one device or user could lead to harm across multiple devices or patients, emphasizing risk and impact-based approaches.
- Secure Use Case Views mandate addressing security for every specific functionality, data flow, process, and state of the device, often aligning with a device's functional requirements.
- A common mistake is incorrectly defining the device's scope, neglecting elements like update infrastructure or interoperable components, or failing to provide sufficient detail and rationale for the architecture design.
- Proactively incorporating security requirements into functional requirements during product design can prevent significant rework and address FDA expectations more effectively.
Listen on mdcpodcast.com · Watch on YouTube
Listen to this episode
Want help applying this to your own device program?
Blue Goat Cyber is a specialist medical device cybersecurity firm: 250+ FDA submissions, zero rejections. If anything in this conversation hit close to home, book a 30-minute strategy session - no cost, no obligation.