Skip to main content
  • Feature Story

The US FDA has officially recognized the UL 2900 Cybersecurity standard for medical devices

June 12, 2018

Directly benefitting connected device manufacturers and developers

The standard's adoption will allow US medical device registrants, including manufacturers and developers, to demonstrate proper cybersecurity features within their products. Developed as part of UL's Cybersecurity Assurance Program (UL CAP), UL 2900 provides registrants with repeatable tests that can provide evidence to support any device cybersecurity claims. The standard includes tests covering vulnerabilities, malware, and software weaknesses for connectable devices.

The UL 2900 standard was written with FDA pre- and post- market cybersecurity and ANSI Technical Panels guidelines in mind. The standard also supports regulatory submission processes found in FDA guidance.

UL has continued to support the standard by registering UL 2900-1 and 2900-2-1, which has already been granted consensus by ANSI and is in the process of adoption by the FDA.

List of FDA Recognized Standards
UL Cybersecurity Whitepaper