AI/ML device tool

PCCP Builder

Draft an 8-section SDS-PCCP outline aligned to FDA's December 2024 PCCP guidance - with per-modification cybersecurity impact and the deficiency flags reviewers actually cite.

Reviewed by

Christian Espinosa

Founder & CEO, Blue Goat Cyber

Last reviewed May 21, 2026

PCCP completion

1/9 requirements complete

11%

Progress saved on this device automatically.

Device / product name

Manufacturer (legal name)

Intended use (one sentence)

Model class

Determines which monitoring and re-training controls reviewers expect.

Locked algorithm (no continuous learning post-deployment)Periodic re-training (manufacturer-controlled, scheduled)Adaptive / online learning (continuous on deployed data)

Planned modification types

Each choice carries a known FDA disposition and cybersecurity expectation. Out-of-scope items will be flagged.

Retraining on new clinical data (same task, same indication)Threshold / decision-boundary tuningInput data preprocessing changesModel architecture update (same intended use)Expansion of supported imaging modality / device hardwarePerformance improvement targeting a new patient sub-populationAdd a new input/output (new sensor stream, new API consumer)Migrate inference to a new cloud / region / runtime

Verification methods (modification protocol)

Items marked required are flagged in your output if missing.

Locked test set with pre-specified acceptance criteria requiredRequired by FDA PCCP guidance §V - must be defined before any modification ships.Real-world performance monitoring (drift, calibration, subgroup) requiredFDA expects RWPM for any model that retrains; absence is the #1 PCCP deficiency.Bias / fairness re-evaluation across demographic subgroups Required when retraining data shifts demographics; recommended for all AI/ML PCCPs.Cybersecurity impact analysis (SBOM diff, attack surface, threat model delta) requiredRequired by Sept 2023 premarket cyber guidance for every PCCP-covered change.Independent re-validation by clinical reviewers Strongly recommended for any change touching the clinical decision boundary.Automated rollback test executed before each release requiredReviewers reject any PCCP that documents rollback but cannot prove it is exercised.

Real-world performance monitoring cadence

Performance triggers that void PCCP coverage

Rollback & deployment plan

Transparency / user notification

FDA expects clinicians to know when a model version changes underneath them.

Release notes published to clinicians before activationIn-product banner / changelog for each model versionVersion + model hash visible in the device UIPerformance dashboard accessible to deploying institutionsEmail notification to designated institutional contact

What you'll see after you submit

8-section SDS-PCCP outline aligned to FDA December 2024 guidance

Per-modification FDA disposition tag (PCCP-eligible, borderline, or out-of-scope) - so you know upfront which items reviewers will push back on.
Per-modification cybersecurity impact and the named deficiency-letter language reviewers use.
Reviewer-rejection flag list computed from your inputs - fix these before you submit.
Markdown export of the full 8-section outline you can hand to regulatory + ML teams as the SDS-PCCP draft.

Common misconceptions

What teams usually get wrong

Myth: PCCP is only for continuously-learning AI.

Reality: FDA's guidance applies PCCP to any planned change to a software function - including locked algorithms and deterministic updates. 'Predetermined' is about the plan, not the model class.
Myth: PCCP lets us push any model update without a new submission.

Reality: Only changes inside the documented modification scope are exempt. Hardware expansion, new intended use, new interfaces, and most architecture swaps still require a new 510(k) or supplement.
Myth: We can skip cybersecurity in the PCCP if the device already has §524B docs.

Reality: FDA's Sept 2023 cyber guidance requires explicit cybersecurity impact analysis for every modification path - SBOM diff, threat model delta, attack surface review - separate from the baseline §524B package.
Myth: Rollback is a deployment concern, not a regulatory one.

Reality: FDA expects (a) a documented rollback trigger, (b) evidence the rollback is exercised before each release, and (c) a notification plan to clinicians. Documentation alone is rejected.
Myth: Real-world performance monitoring is optional if we have a strong test set.

Reality: RWPM is the most common PCCP deficiency. For any model that retrains or adapts, it's effectively mandatory - and reviewers want named metrics, thresholds, and cadence.

References & further reading

Primary sources behind this tool

Why this tool is current

Recent regulatory + supply-chain activity

Tracked signals that change what reviewers expect. Items move on as new ones land.

Go deeper

PCCP Builder

8-section SDS-PCCP outline aligned to FDA December 2024 guidance

What teams usually get wrong

Primary sources behind this tool

Recent regulatory + supply-chain activity

FDA premarket cybersecurity services

Threat modeling services

SBOM services for medtech

More free tools

PCCP Builder

8-section SDS-PCCP outline aligned to FDA December 2024 guidance

What teams usually get wrong

Primary sources behind this tool

Recent regulatory + supply-chain activity

Take it from outline to submission.

FDA premarket cybersecurity services

Threat modeling services

SBOM services for medtech

More free tools