You will find many useful cybersecurity best practices, frameworks, and standards to help you address healthcare related cybersecurity issues. However, when you think that you’ve implemented them correctly, how do you really know?...and how do you demonstrate it to your customers and other stakeholders? UL has brought our 122 year old mantra of “know by test and state the facts” to the modern issue of cybersecurity with the publication of UL 2900-1 for Software Cybersecurity for Network- Connectable Products, Part 1: General Requirements and UL 2900-2-1 Particular Requirements for Network Connectable Components of Healthcare Systems.
- Healthcare providers
- Medical device manufacturers
- Health IT infrastructure providers
- IT security specialists
- Safety engineers
- System integrators
Anura Fernando, Principal Engineer - Medical Software & Systems Interoperability, Distinguished Member of Technical Staff, Health Sciences Division, UL LLC, Northbrook, IL
Anura holds degrees in Electrical Engineering, Biology/Chemistry, and Software Engineering. He has over 18 years of experience at UL with safety critical software and control systems certification and has also conducted research across multiple application domains – industrial automation, alternative energy, medical, hazardous locations, appliances, optical radiation, nanotechnology, battery technologies, etc. He has been involved in the development of Safety Science and generated publications in Predictive Modeling and Risk Analysis, Cybersecurity, Systems of Systems, Software, Health IT, Apps, and Medical Device safety. Anura has been engaged in projects with numerous Fortune 500 companies, DoD, DoE, DHS, FDA, FCC, ONC, NASA, and several U.S. National Laboratories. He has contributed to the development of several standards involving software and Functional Safety as a member in IEC, ISO, ASME committees and served as an IECEE Expert Task Force member. Anura currently has global responsibility for medical device software certification at UL and serves as UL’s technical lead for the development of the AAMI/UL 2800 family of standards for interoperable medical device safety and platform security, and the UL 2900-2-1 product testing focused cybersecurity requirements for healthcare. He has served as a member of the Department of Health and Human Services Cybersecurity Task Force, the Federal Advisory Committee FDA Safety and Innovation Act (FDASIA) WG, FDA Medical Device Interoperability Coordinating Council, Medical Device Interoperability Safety Working Group, NIH QMDI Program Advisory Committee, the Association for the Advancement of Medical Instrumentation, HIMSS, and the International Council on Systems Engineering, along with IEC and ISO where he has been involved with a number of functional safety, interoperability-, and security-related committees.