Security event logging
Provide a tamper-resistant audit trail for security-related events, such as software installation, user authentication, and so on).
Anti-tampering of hard coded secrets/keys/ data within medical device software
Employ appropriate software/ hardware protections against malicious observation/modification of medical device secrets by the device possessor.
Least operating system privilege
The least-privilege principle calls for the operating system to grant programs/ processes only those privileges required for them to carry out their specified functions.
Full recognition of inputs before processing
A component that accepts an input without checking its validity presents a path that an attacker can probe.
Non executable data pages
Storage is divided into code segments that might be read or executed but not written and into data segments that might be read or written but not executed.
Whitelisting
The aim is to avoid execution of untrustworthy, possibly malicious, applications.
Software/firmware update validation
The aim is to enable valid updates to operational software while minimizing the possibility that the update mechanisms can be subverted to install fraudulent updates.
Digitally signed firmware and provenance (supply chain)
Developer and integrator affix a digital signature to software/firmware installed in a device.
Secure random numbers
Generating random numbers for use in initializing pseudorandom number generators and cryptographic algorithms, using them correctly, and avoiding reusing them are challenging problems.
Accredited cryptographic algorithms and implementation
Cryptographic algorithms that resist serious analysis are notoriously difficult to invent and to program correctly.
