Cybersecurity for connected auto-injectors, smart inhalers, on-body injectors, and drug-device combination products.
Connected drug-delivery combination products sit at the CDRH/CDER boundary - the device constituent carries the cyber expectations of the 2026 guidance and section 524B while the drug constituent shapes the dosing-safety hazards. Smart inhalers, connected auto-injectors, and on-body injectors typically pair to a patient phone via BLE, log adherence to the cloud, and increasingly accept remote-titration or dose-confirmation flows. We build premarket and postmarket cybersecurity packages tuned to combination-product submission paths, the BLE pairing surface, and the adherence/dosing cloud platform.
Cyber documentation must align with the lead-center pathway (CDER or CDRH) and address both the device constituent's FDA cyber expectations and the drug constituent's dosing hazards as a single coherent package.
Pairing, bonding, and OOB key delivery determine whether a hostile phone can impersonate a clinician or patient - the threat model must enumerate every pairing path and the app must assume OS hostility and reverse engineering.
Cloud adherence and dose-confirmation records can drive clinical decisions and reimbursement - the integrity, source-attribution, and tamper-evidence of those records belong in the SPDF and the audit trail.
Where the platform supports remote dose adjustment, the prescription-to-device path is safety-critical writable state - authentication, integrity, replay protection, and clinician identity binding must be modeled and tested explicitly.
Connected drug-delivery combination products pair a single-use or limited-use device to a patient phone over BLE, with adherence and (increasingly) titration data flowing to the cloud. The device constituent carries the FDA cyber expectations regardless of the lead center.
Layers shown outermost (top) to innermost (bottom). Dashed rows are part of the surrounding system but out of scope for this view.
Connected drug-delivery incidents combine documented BLE-stack disclosures, companion-app credential and BOLA findings across insulin and other adherence-tracking platforms, and the broader pattern that section 524B and the 2026 guidance apply to the device constituent of a combination product regardless of the lead center.
Historical incidents
Public research on SweynTooth (2020) and BrakTooth (2021) showed that BLE and Classic Bluetooth stacks in widely used SoCs could be crashed or coerced into unauthenticated states by malformed packets - directly applicable to connected auto-injectors, smart inhalers, and on-body injectors paired to patient phones.
CISA ICSMA-20-063-02 (SweynTooth)CVE-2019-16336 et al.BrakTooth research disclosure, 2021
Multiple CISA advisories across the insulin-pump and connected-pen space (Medtronic MiniMed 508 / Paradigm, BD/Insulet platforms, others) have disclosed authentication, encryption, and dosing-command-integrity weaknesses - reviewers cite these patterns when evaluating any combination-product dosing path.
CISA ICSMA-19-178-01 (Medtronic MiniMed)FDA Safety Communications across years
Multiple connected drug-delivery and adherence-tracking platforms have disclosed account-takeover, broken-object-level-authorization, and PHI-exposure incidents in their patient-facing apps and cloud APIs. Reviewers now treat the patient app and cloud as in-scope premarket even when they don't directly drive dosing.
Active threat scenarios
Pairing in Just Works or weak Passkey modes lets a hostile phone impersonate clinician or patient and read or write dosing-relevant data; LESC with numeric comparison or OOB and bonding hygiene are the reviewer expectation.
Where these records influence titration or reimbursement, tampered or fabricated records are a clinical-decision hazard - integrity, source attribution, and tamper-evidence belong in the SPDF and the cloud audit trail.
Where remote dose adjustment is supported, a substituted or replayed prescription on the clinician-to-device path is a direct dosing-safety hazard validated against ISO 11608-class essential performance.
Account takeover on the patient app exposes dosing history and, on some designs, the ability to influence dose-confirmation flows; MFA, account recovery, and BOLA on cloud APIs are tested aggressively.
What FDA reviewers cite
Connected drug-delivery combination products sit at the CDRH/CDER boundary - the device constituent carries the full FDA cyber expectations of the 2026 guidance and section 524B, but the submission pathway and cross-labeling work are distinctive to combination products.
Cyber documentation must map cleanly to the lead-center pathway (CDER drug-led or CDRH device-led) and reconcile the device-constituent threat model with the drug-constituent risk file - a single coherent submission story.
Pairing mode and bonding choices determine whether a hostile phone can impersonate a clinician or patient; the app must assume OS hostility, reverse engineering, and root/jailbreak.
When adherence or dose-confirmation records influence titration or reimbursement, integrity, source attribution, and tamper-evidence belong in the SPDF and audit trail.
Where the platform supports remote dose adjustment, the entire clinician-to-device chain must be authenticated, integrity-protected, replay-resistant, and identity-bound.
Standards & deliverables
Six deliverables FDA and notified bodies expect across MedTech, with the connected drug delivery-specific wrinkle on each row. Use it as a scoping checklist before you brief vendors or your QA team.
| Deliverable | Status | Cadence | Standard / guidance | Connected Drug Delivery note |
|---|---|---|---|---|
| SBOM + VEX Machine-readable SBOM (CycloneDX/SPDX) plus VEX feed for every CVE that touches a listed component. |
Required | Premarket + monthly refresh | FDA Cybersecurity Guidance §V · CISA SBOM minimum elements | SBOM must cover device firmware, BLE stack, companion-app SDKs (analytics, A/B, push), and any drug-constituent labeling tooling under 21 CFR Part 4. |
| Postmarket monitoring Continuous CVE / advisory monitoring against the SBOM, with a documented triage and disclosure path. |
Required | Continuous (≤30-day triage) | FD&C Act §524B · FDA Postmarket Cybersecurity Guidance | Continuous monitoring must address mobile OS update cadence and BLE-stack CVEs (SweynTooth/BrakTooth class) alongside cloud dependencies. |
| Penetration test scope Black/grey-box testing across device, wireless interfaces, mobile apps, cloud APIs, and service tooling. |
Required | Premarket + on material change | AAMI TIR57 · FDA Premarket Cyber Guidance §VI.A.5 | Pen test scope: BLE pairing (LESC vs Just Works), companion-app jailbreak/root, OAuth/SSO flows, BOLA on dosing-history APIs, remote-titration path end to end. |
| Threat model STRIDE-per-interface threat model with documented mitigations and residual-risk acceptance. |
Required | Premarket, refreshed each design change | AAMI TIR57 · FDA Premarket Cyber Guidance §V.A | Treat the patient phone as hostile, the app as reverse-engineered, and adherence/dose-confirmation records as clinical-decision data. |
| Secure update mechanism Signed firmware/software updates with rollback protection, integrity verification, and staged rollout. |
Required | Designed premarket, exercised lifecycle-long | FDA Cyber Guidance §IV · IEC 81001-5-1 | Mobile app store + back-end coordinated rollout with kill-switch for safety-relevant changes; remote-titration paths need identity-binding to clinicians. |
| Coordinated Vulnerability Disclosure Public CVD policy, intake channel, and SLAs for triage, fix, and customer communication. |
Required | Continuous, lifecycle-long | ISO/IEC 29147 + 30111 · Section 524B(b)(2) | CVD policy must reconcile FDA, HIPAA, drug-constituent reporting obligations, and the lead-center pathway (CDER or CDRH). |
Machine-readable SBOM (CycloneDX/SPDX) plus VEX feed for every CVE that touches a listed component.
Continuous CVE / advisory monitoring against the SBOM, with a documented triage and disclosure path.
Black/grey-box testing across device, wireless interfaces, mobile apps, cloud APIs, and service tooling.
STRIDE-per-interface threat model with documented mitigations and residual-risk acceptance.
Signed firmware/software updates with rollback protection, integrity verification, and staged rollout.
Public CVD policy, intake channel, and SLAs for triage, fix, and customer communication.
Combination products are reviewed by a lead center (typically CDER for drug-led or CDRH for device-led), but the device constituent carries the full FDA cyber expectations from the 2026 guidance and section 524B regardless of lead. We produce one coherent cyber package that maps to the lead-center pathway, addresses the device-constituent threat model and SBOM, and reconciles dosing-safety hazards with the drug constituent's risk file. The submission cross-references both constituents so the reviewer sees a single integrated story.
BLE is exercised end to end: pairing mode (Just Works, Passkey, OOB), bonding storage, key custody, authenticated reads/writes for dose data, replay and downgrade resistance, and pairing-mode abuse from a hostile phone. The companion app is tested under jailbreak/root assumptions: hardcoded secrets, TLS pinning, OAuth/SSO flows, BOLA on cloud APIs, push-notification abuse, and reverse-engineering resistance proportional to the dosing-safety hazard.
Where adherence or dose-confirmation records influence titration, reimbursement, or clinical decisions, they're safety-relevant data and the SPDF must document their integrity, source attribution, and tamper-evidence. The threat model enumerates the paths that can create, modify, or suppress those records, and the cloud pen test exercises the abuse paths. The audit trail and retention policy are documented in the labeling and the privacy notice so they tell the same story.
Yes. Where the platform supports remote dose adjustment, the entire prescription-to-device chain is scoped: clinician portal, identity binding, cloud signing, transport, on-device verification, and the local fallback. Each hop is exercised for authentication, integrity, replay, and clinician-identity abuse, and the device behavior under tampered or malformed prescriptions is validated against ISO 11608-class essential-performance bounds.
Diabetes and infusion-pump segments cover dedicated medical-device platforms with their own pathways. Connected drug-delivery combination products are typically single-use or limited-use injectors and inhalers paired to a patient phone, with the drug constituent driving labeling and risk framing. The cyber threat model is similar in shape but the combination-product submission pathway and the constituent-cross-labeling work are distinctive, and that's where most teams underestimate the documentation lift.
For a connected auto-injector or smart-inhaler platform with companion app and cloud adherence, end-to-end premarket cyber work runs 8-12 weeks. Threat modeling and SBOM front-load in weeks 1-3, pen testing across device, BLE link, mobile app, and cloud runs in weeks 3-10, and the consolidated submission package and postmarket plan close in the final weeks - all under a written clearance guarantee.
BLE pairing testing, adherence and dose-confirmation integrity, remote-titration assessment, and CDER/CDRH-aligned documentation.
"Blue Goat Cyber's depth of expertise was impressive. We had no in-house cybersecurity experience, and their team guided us through every step of the FDA process. The penetration testing and SBOM testing were thorough and gave us complete confidence."
Cybersecurity for connected auto-injectors, smart inhalers, on-body injectors, and drug-device combination products.
