Threat Modeling for Infusion & Drug Delivery
Threat models for smart pumps, syringe drivers, and connected drug-delivery systems - DERS libraries, EHR auto-program, and cloud telemetry covered.
Last reviewed March 2026 · Reviewed against the FDA Feb 3, 2026 final premarket cybersecurity guidance.
Infusion-pump threat modeling has to take seriously a fact other segments don't: the highest-impact cyber events in this segment have come not from device-level RCEs, but from drug-error reduction software (DERS) library tampering, EHR auto-programming integrity failures, and cloud-side configuration changes that propagated to thousands of fielded pumps. Our threat models for this segment cover the device, the DERS distribution pathway, the EHR↔pump bidirectional integration, and the central management server.
We model the DERS library distribution channel as a primary attack surface - because it is. We model the EHR auto-program path with explicit attention to integrity (what stops a compromised gateway from sending an order with the right patient and the wrong dose?) and to operator override behavior. We model the central server as both a tenant-isolated cloud and a possible on-prem deployment with weaker controls. We model wireless network exposure (the pumps live on hospital Wi-Fi, often with poor segmentation). And we model the maintenance-mode / service-port path that's been the entry point in real incidents. Output is STRIDE-per-element traced to ISO 14971 hazards, with the DERS-library-tampering scenario called out as its own risk-control branch - because reviewers in this segment now expect to see it.
Layers we exercise in this engagement
The infusion / drug delivery system, from the outermost cloud and clinician surfaces down to the device itself. Highlighted layers are exercised by this medical device threat modeling.
- 01Hospital network Tested
- 02Server / EHR integration Tested
- 03Pump-management system Tested
- 04Pump firmware Tested
- 05Drug library updates Tested
Layers shown outermost (top) to innermost (bottom). Dashed rows are part of the surrounding system but out of scope for this view.
Medical Device Threat Modeling engagement, end to end
Four phases, fixed fee, scoped to infusion / drug delivery architecture from kickoff onward.
-
01
Architecture intake
Data-flow diagrams, trust boundaries, and asset inventory captured directly from your design team.
-
02
STRIDE workshop
Joint working sessions to enumerate threats per element, mapped to Section 524B(b) and AAMI SW96.
-
03
Risk + mitigation pass
Each threat gets a residual-risk rating, mitigation, and a link to the verification activity that proves it.
-
04
Reviewer-ready package
Threat model document and SPDF section ready to drop straight into eSTAR cybersecurity attachments.
What we see in Infusion / Drug Delivery medical device threat modeling
The patterns we hit in this segment, this service, again and again.
-
DERS library distribution channel not threat-modeled
Library treated as 'configuration data', not as code. Tampering, replay, and downgrade scenarios absent.
-
EHR auto-program integrity assumed
Bidirectional integration trusts upstream order without per-message integrity. Compromised gateway scenario not modeled.
-
Maintenance / service port persistent across deployments
Service interface threat-modeled in spec but enabled by default in the field. Discrepancy between as-designed and as-deployed not captured.
-
Wireless segmentation assumed
Threat model presumes pumps on a dedicated VLAN. Most hospitals don't actually do this; threat model should assume mixed-VLAN exposure.
Public infusion / drug delivery cybersecurity history
Recalls, CISA ICS-MA advisories, and disclosed research that shape what reviewers ask about in this segment - and what our scope is built to cover.
-
CISA + FDA·2015-2017
Hospira / ICU Medical infusion pump vulnerabilities
Series of advisories on remotely changeable infusion parameters across multiple pump models. Drove FDA recalls and remains the canonical reference for why pump-network threat modeling matters.
Advisory -
CISA + FDA·2021-2023
BD Alaris drug-library and update CVEs
Multiple advisories addressing drug-library integrity, hardcoded credentials, and update paths across the Alaris ecosystem. Reinforces drug-library distribution as a first-class threat element.
Advisory
"Blue Goat's knowledge of regulatory requirements versus cybersecurity challenges was highly valuable and readily apparent as we were guided by and worked alongside their team towards the development of a comprehensive and compliant cybersecurity plan for our new medical device. Especially helpful for our company as we are a startup. Their team and competencies nicely filled our resource needs. Thank you Blue Goat!"
Standard Medical Device Threat Modeling deliverables
The same deliverables the parent Medical Device Threat Modeling service ships with - tuned to your infusion / drug delivery architecture.
- ANSI/AAMI SW96 + ISO 14971 alignment
- End-to-end medical device system coverage
- Threat-to-mitigation traceability
- Justified methodology and assumptions
What lands in your eSTAR submission
Reviewer-format documents ready to drop straight into the cybersecurity attachments of your submission - no reformatting on your side.
- ANSI/AAMI SW96 + ISO 14971 alignment
- End-to-end medical device system coverage
- Threat-to-mitigation traceability
- Justified methodology and assumptions
Standards that apply
The Infusion / Drug Delivery baseline, plus the call-outs that matter for medical device threat modeling in this segment.
Segment-specific call-outs
IEC 60601-2-24 + AAMI TIR60601-4-5
Pump-specific essential performance and security risk-control framing - reviewers expect both referenced.
FDA infusion-pump-specific postmarket history
Reviewers in this segment will compare your threat model against published incident patterns. Coverage gaps get flagged.
What's not in scope
We scope tightly on purpose. These items are either out-of-scope by design or belong in a separate engagement - we'll tell you up front, not after kickoff.
- Penetration testing execution (scoped separately)
- Clinical risk analysis under ISO 14971 (we feed it, we do not own it)
- Hospital network architecture review
Medical Device Threat Modeling for Infusion / Drug Delivery - FAQs
The questions buyers in this segment actually ask before scoping a medical device threat modeling engagement.
Go deeper on Infusion / Drug Delivery and premarket
A practical, ungated guide to the threat modeling gaps that trigger FDA cybersecurity questions in 510(k), De Novo, and PMA submissions - and exactly how to close them before reviewers find them.
250+ 0 6–10 wk FDA submissions supported Cybersecurity rejections Class II eSTAR cyber pack SINCE 2014 TRACK RECORD TYPICAL TIMELINE
Ensure your 510(k) or PMA is compliant. Use our checklist for FDA premarket cybersecurity submissions, covering SBOM, threat models, and pen testing.
What the FDA expects from infusion pump cybersecurity submissions in 2026: threat model focus areas, Section 524B evidence, and the deficiencies that delay clearance.
What a DFD is, the five DFD elements, and how data flow diagrams feed STRIDE threat modeling and the FDA's Security Architecture Views in a 2026 submission.
How to design penetration test cases from a medical device threat model, the methodology that bridges STRIDE-style threats and concrete bench test execution, with traceability the FDA expects in Slot 7.
Other engagements for Infusion / Drug Delivery
Teams in this segment commonly bundle these alongside medical device threat modeling.
Keep going
Scope a Medical Device Threat Modeling engagement for your infusion / drug delivery program.
A 30-minute call with a senior engineer who has done this in infusion / drug delivery before - not a sales rep.