FDA AI Cybersecurity Threats: 7 Attacks 524B Manufacturers Must Address
The FDA's Feb 3, 2026 guidance names 7 AI cyber threats — data poisoning, model inversion, evasion, leakage, overfitting, bias, drift — as 524B obligations.
Read articleEvery article in our archive tagged Primer.
Showing 12 of 117 articles tagged Primer · Page 1 of 10
The FDA's Feb 3, 2026 guidance names 7 AI cyber threats — data poisoning, model inversion, evasion, leakage, overfitting, bias, drift — as 524B obligations.
Read article
SPDF vs SSDLC for medical devices. Why the FDA's Secure Product Development Framework demands more than a standard Secure SDLC, and what to add.
Read article
What the FDA's Feb 2026 guidance recommends for IDE cybersecurity: informed consent, architecture views, SBOM, labeling, and what's not required yet.
Read article
MQTT is one of the most common protocols in IoMT and one of the most commonly misconfigured. The vulnerabilities reviewers cite, the controls that close them, and how to document both for the FDA.
Read article
How to build FDA-defensible fuzz harnesses for the protocols medical devices actually speak. Per-protocol tooling, grammar sources, seed corpus strategy, coverage signal, and where AI helps (and where it doesn't).
Read article
How to operationalize SBOM diffing and CVE correlation across releases so postmarket vulnerability monitoring holds up under FDA Section 524B and the Feb 2026 premarket cybersecurity guidance.
Read article
How the FDA distinguishes Major from Minor cybersecurity deficiencies in 510(k) and PMA reviews, the response-window difference, and how to keep findings out of the Major column.
Read article
Which PMA submission type a cybersecurity change requires - 180-day supplement, Real-Time, Special, 30-day notice, or annual report - and the decision logic under Section 524B.
Read article
How cybersecurity expectations apply to De Novo submissions under Section 524B - SPDF, SBOM, threat model, testing - and where De Novo differs from 510(k) and PMA.
Read article
IEC 81001-5-1 vs AAMI SW96 compared side-by-side: scope, lifecycle vs risk focus, FDA recognition, and which to anchor your Secure Product Development Framework on.
Read article
What a real BLE/RF penetration test on a Class II connected medical device actually finds.
Read article
Where CAN/CANopen shows up inside medical devices, the attack paths reviewers want modeled, and the controls that actually hold up under pen test.
Read article30-minute strategy session. No cost, no commitment - just answers from people who've shipped 250+ FDA submissions.