Deadline: 21-Apr-22
The European Commission (EC) is currently seeking proposals for Enhancing cybersecurity of connected medical devices to help strengthening cybersecurity maintaining the performance of medical devices while preserving or enhancing safety, security and data confidentiality, integrity and availability.
The applicants should tackle the cybersecurity issue of connected medical devices and in vitro diagnostic medical devices, in particular those that are connected to the internet, allow remote access to data and exchange private or proprietary data. They should also consider the implications of Regulation (EU) 2017/745 on medical devices and Regulation (EU) 2017/746 on in vitro diagnostic medical devices regarding qualification and classification of software. In their proposals, applicants should consider to maximize synergies with relevant initiatives, activities and programs.
Proposals are expected to address some or all of the following:
- Systematic review of current standards / guidelines / best practices applied to cybersecurity of connected medical devices, with the final objective to identify and specify gaps and requirements based on evidence.
- Offers risk benefit analysis schemes for cybersecurity of connected medical devices, taking into account several novel technological developments (eg 5G networks, big data, artificial intelligence, cloud computing, augmented reality, blockchain) and interconnection architectures.
- Explore, develop and validate novel methodologies and toolboxes for ensuring cybersecurity of connected medical devices by design.
- Identify representative case studies, evaluate the applicability of existing guidance MDCG 2019-16 (guidance on cybersecurity for medical devices) and make recommendations to (better) address specificities of the connected medical device, including software, of different risk classes.
- Assessment of the applicability (and revision) of current guidance, the MDCG 2019-16 (guidance on cybersecurity for medical devices), to connected medical device, including software.
Funding Information
The check will normally be done for the coordinator if the requested grant amount is equal to or greater than EUR 500,000, except for:
- public bodies (entities established as a public body under national law, including local, regional or national authorities) or international organizations; and
- cases where the individual requested grant amount is not more than EUR 60,000 (lowvalue grant).
Expected Outcomes
Proposals under this topic should aim for delivering results that are directed, tailored towards and contributing to some of the following expected outcomes:
- Stakeholders (eg manufacturers, suppliers, health care providers, integrators, operators) apply measures to identify and address cybersecurity risks and gaps in connected medical devices.
- Stakeholders adopt and use newly developed risk benefit analysis schemes and capabilities for cybersecurity of connected medical devices.
- Stakeholders adopt and use newly developed methodologies and toolboxes for ensuring cybersecurity of connected medical devices by design.
- Stakeholders adopt and use fit for purpose guidance covering challenges posed by connected medical devices, including software.
Eligibility Criteria
To be eligible for funding, applicants must be established in one of the eligible countries, ie:
- the Member States of the European Union, including their outermost regions;
- the Overseas Countries and Territories (OCTs) linked to the Member States;
- eligible non-EU countries:
- countries associated with Horizon Europe;
- low- and middle-income countries.
For more information, visit https://bit.ly/3BiHbyr