IEEE 2621.2-2022 /UL 2621-2-2022

This standard describes the security functional requirements (SFRs), which compose a protection profile (PP), for connected diabetes devices (CDDs). The scope of the PP within the development and evaluation process is described in ISO/IEC 15408.1 In particular, a PP defines the IT security requirements of a generic type of Target of Evaluation (TOE) and specifies the security measures to be offered by that TOE to meet stated requirements.

The purpose of this standard is to define the SFRs for CDDs as deemed necessary and sufficient by an appropriate set of stakeholders. These requirements are intended to be used within a security evaluation program, as defined in other components of this multi-part standard.

New IEEE Standard - Active. A framework for a connected electronic product security evaluation program, with specific requirements and guidance relating to digital diabetes devices and solutions, such as insulin pumps is defined in this standard.