back to open calls

Enhancing cybersecurity of connected medical devices

Health & Life Sciences
Project Size:

This topic aims at supporting activities that are enabling or contributing to one or several expected impacts of destination 6 “Maintaining an innovative, sustainable and globally competitive health industry”. To that end, proposals under this topic should aim for delivering results that are directed, tailored towards and contributing to some of the following expected outcomes:

  • Stakeholders (e.g. manufacturers, suppliers, health care providers, integrators, operators) apply measures to identify and address cybersecurity risks and gaps in connected medical devices.
  • Stakeholders adopt and use newly developed risk benefit analysis schemes and capabilities for cybersecurity of connected medical devices.
  • Stakeholders adopt and use newly developed methodologies and toolboxes for ensuring cybersecurity of connected medical devices by design.
  • Stakeholders adopt and use fit for purpose guidance covering challenges posed by connected medical devices, including software.

The health industry is a key driver for growth and has the capacity to provide health technologies to the benefit of patients and providers of health care services. The relevant value chains involve a broad variety of key players from supply, demand and regulatory sides. In addition, the path of innovation in health is long and complex. The development of novel health technologies is generally associated with uncertainties and market barriers due to expensive and risky development (e.g. attrition rate in pharmaceutical development), high quality and security requirements (e.g. clinical performance, safety, data privacy and cybersecurity) and market specificities (e.g. strong regulation, pricing and reimbursement issues). In addition, the growing concern about environmental issues is putting more pressure on this industry. Therefore, there is a need for research and innovation integrating various stakeholders to facilitate market access of innovative health technologies (medical technologies, pharmaceuticals, biotechnologies, digital health technologies).

In order to address these challenges, in particular green and digital transitions and proper supply of health technologies and products, destination 6 will focus on research and innovation activities that aim at:

  • Production of pharmaceuticals in compliance with the objectives of the European Green Deal.
  • Methodologies, guidelines and standards, assessment studies, and structuring activities adapted to digital solutions and interventions for GDPR compliant translation into health care practice, including inter-operability, cyber-security and data confidentiality.
  • Public authorities supported with better methodologies and interdisciplinary approaches to assess and value new health technologies and interventions.
  • Development of pharmaceutical products meeting unmet medical needs in the context of market failures.

Proposals for topics under this destination should set out a credible pathway to contributing to maintaining an innovative, sustainable and globally competitive health industry, and more specifically to one or several of the following expected impacts:

  • Health industry in the EU is more competitive and sustainable, assuring European leadership in breakthrough health technologies and strategic autonomy in essential medical supplies and digital technologies, contributing to job creation and economic growth, in particular with small- and medium-sized enterprises (SMEs).
  • Health industry is working more efficiently along the value chain from the identification of needs to the scale-up and take-up of solutions at national, regional or local level, including through early engagement with patients, health care providers, health authorities and regulators ensuring suitability and acceptance of solutions.
  • European standards, including for operations involving health data, ensure patient safety and quality of healthcare services as well as effectiveness and interoperability of health innovation and productivity of innovators.
  • Citizens, health care providers and health systems benefit from a swift uptake of innovative health technologies and services offering significant improvements in health outcomes, while health industry in the EU benefits from decreased time-to-market.
  • Health security in the EU benefits from reliable access to key manufacturing capacity, including timely provision of essential medical supplies of particularly complex or critical supply and distribution chains, such as regards vaccines or medical radioisotopes.

The proposals are expected to help strengthening cybersecurity maintaining the performance of medical devices while preserving or enhancing safety, security and data confidentiality, integrity and availability. The applicants should tackle the cybersecurity issue of connected medical devices and in vitro diagnostic medical devices, in particular those that are connected to the internet, allow remote access to data and exchange private or proprietary data. They should also consider the implications of Regulation (EU) 2017/745[1] on medical devices and Regulation (EU) 2017/746[2] on in vitro diagnostic medical devices regarding qualification and classification of software. In their proposals, applicants should consider to maximise synergies with relevant initiatives, activities and programmes.

Proposals are expected to address some or all of the following:

  • Systematic review of current standards/guidelines/best practices applied to cybersecurity of connected medical devices, with the final objective to identify and specify gaps and requirements based on evidence.
  • Propose risk benefit analysis schemes for cybersecurity of connected medical devices, taking into account several novel technological developments (e.g. 5G networks, big data, artificial intelligence, cloud computing, augmented reality, blockchain) and interconnection architectures.
  • Explore, develop and validate novel methodologies and toolboxes for ensuring cybersecurity of connected medical devices by design.
  • Identify representative case studies, evaluate the applicability of existing guidance MDCG 2019-16 (guidance on cybersecurity for medical devices[3]) and make recommendations to (better) address specificities of the connected medical device, including software, of different risk classes.
  • Assessment of the applicability (and revision) of current guidance, the MDCG 2019-16 (guidance on cybersecurity for medical devices), to connected medical device, including software.

All projects funded under this topic are strongly encouraged to participate in networking and joint activities, as appropriate. These networking and joint activities could, for example, involve the participation in joint workshops, the exchange of knowledge, the development and adoption of best practices, or joint communication activities. This could also involve networking and joint activities with projects funded under other clusters and pillars of Horizon Europe, or other EU programmes, as appropriate. Therefore, proposals are expected to include a budget for the attendance to regular joint meetings and may consider to cover the costs of any other potential joint activities without the prerequisite to detail concrete joint activities at this stage. The details of these joint activities will be defined during the grant agreement preparation phase. In this regard, the Commission may take on the role of facilitator for networking and exchanges, including with relevant stakeholders, if appropriate.

Interested in this call? Book a free consultation with our team
Book a Consultation
+44 (0) 1925 506 100
Contact Us
Thank you! We will be in touch shortly.
Oops! Something went wrong while submitting the form.