IEC TR 60601-4-5:2021
(Main)Medical electrical equipment - Part 4-5: Guidance and interpretation - Safety-related technical security specifications
Medical electrical equipment - Part 4-5: Guidance and interpretation - Safety-related technical security specifications
IEC TR 60601-4-5:2021 provides detailed technical specifications for SECURITY features of MEDICAL DEVICES used in MEDICAL IT-NETWORKS. MEDICAL DEVICES dealt with in this document include MEDICAL ELECTRICAL EQUIPMENT, MEDICAL ELECTRICAL SYSTEMS and MEDICAL DEVICE SOFTWARE. MEDICAL DEVICE SOFTWARE, although not in the scope of IEC 60601 (all parts), can also make use of this document. Based on the seven foundational requirements described in the state-of-the-art document IEC TS 62443 1 1:2009, this document provides specifications for different MEDICAL DEVICE capability SECURITY LEVELS (SL C). The specified SECURITY capabilities of a MEDICAL DEVICE can be used by various members of the medical community to integrate the device correctly into defined SECURITY ZONES and CONDUITS of a MEDICAL IT-NETWORK with an appropriate MEDICAL IT NETWORK's target SECURITY LEVEL (SL T).
This document is applicable to MEDICAL DEVICES with external data interface(s), for example when connected to a MEDICAL IT-NETWORK or when a human interface is used for processing – e.g. entering, capturing or viewing – CONFIDENTIAL DATA.
This document does not apply to other software used on a MEDICAL IT-NETWORK which does not meet the definition of MEDICAL DEVICE SOFTWARE.
This document does not apply to in-vitro diagnostic devices (IVD).
General Information
Standards Content (Sample)
IEC TR 60601-4-5 ®
Edition 1.0 2021-01
TECHNICAL
REPORT
colour
inside
Medical electrical equipment –
Part 4-5: Guidance and interpretation – Safety-related technical security
specifications
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.
IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.
About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.
IEC publications search - webstore.iec.ch/advsearchform IEC online collection - oc.iec.ch
The advanced search enables to find IEC publications by a Discover our powerful search engine and read freely all the
variety of criteria (reference number, text, technical publications previews. With a subscription you will always
committee, …). It also gives information on projects, replaced have access to up to date content tailored to your needs.
and withdrawn publications.
Electropedia - www.electropedia.org
IEC Just Published - webstore.iec.ch/justpublished
The world's leading online dictionary on electrotechnology,
Stay up to date on all new IEC publications. Just Published
containing more than 22 000 terminological entries in English
details all new publications released. Available online and
and French, with equivalent terms in 18 additional languages.
once a month by email.
Also known as the International Electrotechnical Vocabulary
(IEV) online.
IEC Customer Service Centre - webstore.iec.ch/csc
If you wish to give us your feedback on this publication or
need further assistance, please contact the Customer Service
Centre: sales@iec.ch.
IEC TR 60601-4-5 ®
Edition 1.0 2021-01
TECHNICAL
REPORT
colour
inside
Medical electrical equipment –
Part 4-5: Guidance and interpretation – Safety-related technical security
specifications
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 11.040.01 ISBN 978-2-8322-9227-3
– 2 – IEC TR 60601-4-5:2021 © IEC 2021
CONTENTS
FOREWORD . 4
INTRODUCTION . 6
1 Scope . 9
2 Normative references . 9
3 Terms and definitions . 10
4 Common SECURITY constraints . 15
4.1 Overview. 15
4.2 * Support of ESSENTIAL FUNCTION . 15
4.3 COMPENSATING COUNTERMEASURES . 16
4.4 LEAST PRIVILEGE . 17
4.5 Data minimization . 17
4.6 * Overarching constraints . 17
4.6.1 Constraints referenced by the MEDICAL DEVICE specifications . 17
4.6.2 Hardware SECURITY . 17
4.6.3 * Specific SECURITY features for MEDICAL DEVICES . 18
5 SECURITY LEVELS for the different foundational requirements . 18
5.1 * Application of SECURITY LEVELS . 18
5.2 Modified specifications for SECURITY LEVELS . 18
6 Technical description . 19
7 Mapping of requirements to capability security levels (SL-C) . 21
Annex A (informative) General guidance and rationale . 26
A.1 The approach of this document: Type testable MEDICAL DEVICE IT SECURITY
properties . 26
A.2 Typical network connections of MEDICAL DEVICES covered in this document . 32
A.3 Inclusion of ME SYSTEMS . 33
A.4 Correlation to existing regulations, standards and technical specifications . 34
A.5 Concept of ZONES and CONDUITS with specified target SECURITY LEVELS
(SL-T) within an IT-NETWORK as specified by IEC 62443 (all parts) [3] . 37
A.6 Documentation of capability SECURITY LEVEL (SL-C) of a MEDICAL DEVICE . 37
A.7 Conceptual elements of IEC 62443 (all parts) [3] used for this document . 38
A.8 Correlation with IEC TR 80001-2-2 [9] . 48
Bibliography . 50
Figure 1 – ESSENTIAL FUNCTION . 16
Figure A.1 – Illustration with SECURITY LEVELS . 27
Figure A.2 – Capability – Target – Achieved . 28
Figure A.3 – Wireless point-to-point connection between a portable device (e.g.
PATIENT programmer) and an implant . 32
Figure A.4 – Connection between a PATIENT's portable device and a doctor's computer . 32
Figure A.5 – Connection between a MEDICAL DEVICE and a doctor's computer . 32
Figure A.6 – IT-NETWORK in a hospital . 33
Figure A.7 – Selection of IT SECURITY related documents . 35
Figure A.8 – Example of what a complex IT-NETWORK can consist of . 37
Figure A.9 – Comparison of objectives between industrial automation and control
systems and general IT-NETWORKS . 39
Table 1 – Mapping of single requirements to capability security levels (SL-C) . 22
Table A.1 – Exemplary criteria for the selection of appropriate target SECURITY LEVEL
SL-T in typical INTENDED USE environments . 31
Table A.2 – Exemplary vector of capability SECURITY LEVEL SL-C . 38
– 4 – IEC TR 60601-4-5:2021 © IEC 2021
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
MEDICAL ELECTRICAL EQUIPMENT –
Part 4-5: Guidance and interpretation –
Safety-related technical security specifications
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote international
co-operation on all questions concerning standardization in the electrical and electronic fields. To this end and
in addition to other activities, IEC publishes International Standards, Technical Specifications, Technical Reports,
Publicly Available Specifications (PAS) and Guides (hereafter referred to as "IEC Publication(s)"). Their
preparation is entrusted to technical committees; any IEC National Committee interested in the subject dealt with
may participate in this preparatory work. International, governmental and non-governmental organizations liaising
with the IEC also participate in this preparation. IEC collaborates closely with the International Organization for
Standardization (ISO) in accordance with conditions determined by agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence between
any IEC Publication and the corresponding national or regional publication shall be clearly indicated in the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of patent
rights. IEC shall not be held responsible for identifying any or all such patent rights.
IEC TR 60601-4-5 has been prepared by subcommittee 62A: Common aspects of electrical
equipment used in medical practice, of IEC technical committee 62: Electrical equipment in
medical practice. It is a Technical Report.
The text of this Technical Report is based on the following documents:
Draft TR Report on voting
62A/1402/DTR 62A/1417A/RVDTR
Full information on the voting for its approval can be found in the report on voting indicated in
the above table.
The language used for the development of this Technical Report is English.
This document has been drafted in accordance with the ISO/IEC Directives, Part 2, and
developed in accordance with ISO/IEC Directives, Part 1 and ISO/IEC Directives, IEC
Supplement, available at www.iec.ch/members_experts/refdocs. The main document types
developed by IEC are described in greater detail at www.iec.ch/standardsdev/publications.
In this document, the following print types are used:
– TERMS DEFINED IN CLAUSE 3: SMALL CAPITALS;
– COMPLIANCE STATEMENTS IN CLAUSE 4 AND CLAUSE 5: ITALICS.
An asterisk (*) as the first character of a title or at the beginning of a paragraph or table title
indicates that there is guidance or rationale related to that item in Annex A.
A list of all parts in the IEC 60601 series, published under the general title Medical electrical
equipment, can be found on the IEC website.
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to
the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct understanding
of its contents. Users should therefore print this document using a colour printer.
– 6 – IEC TR 60601-4-5:2021 © IEC 2021
INTRODUCTION
This document provides IT SECURITY specifications for MEDICAL ELECTRICAL EQUIPMENT (ME
EQUIPMENT) AND MEDICAL ELECTRICAL SYSTEMS (ME SYSTEMS) connectable to MEDICAL
IT-NETWORKS as network components. MEDICAL DEVICE SOFTWARE, although not in the scope of
IEC 60601 (all parts), can also make use of this document. The intent of this document is to
specify SECURITY capabilities that enable a MEDICAL DE
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.