Product Security at Abiomed

Abiomed, Inc. is a leading provider of medical devices that provide circulatory support. Our products are designed to enable the heart to rest by improving blood flow and/or performing the pumping of the heart. We are committed to providing patients and healthcare providers with the highest quality devices and optimal cost-effective solutions. We accomplish this through the relentless exploration of new ideas and approaches that allow us to address new clinical challenges for our customers and patients.

As the solutions we provide to patients and healthcare providers evolve from a technological standpoint, we must remain vigilant in our cybersecurity efforts to ensure we are providing the highest quality devices. We accomplish this by incorporating cybersecurity activities across the total-product-lifecycle of our solutions and integrating these processes with our Quality Management System.

Key Cybersecurity Activities
At Abiomed, cybersecurity is built into product design early in the process. Architecture and design diagrams are reviewed from a cybersecurity perspective, threat modeling and risk assessment exercises are performed, fully traceable requirements are documented and post-market management plans are developed. In addition, security testing is performed throughout design, development and post-market activities on custom developed software, open source components, and the finished product. This process enables us to properly identify and manage cybersecurity risk throughout the total-product-lifecycle.

Vulnerability Disclosure
In support of post-market cybersecurity management activities, Abiomed participates in the MedISAO vulnerability disclosure process. MedISAO is a US FDA recognized Information Sharing and Analysis Organization (ISAO) and provides reporting mechanisms for individuals who have discovered potential vulnerabilities in products.

If you believe you have identified a potential vulnerability in any Abiomed medical device, medical device data system, or software as a medical device solution, please submit information related to the potential vulnerability using the MedISAO vulnerability reporting form, which can be found here:

https://members.medisao.com/vulnerability_disclosure/

At Abiomed, we believe in our Patients First mission and are committed to fully integrating cybersecurity into the products we provide and the processes we follow.

ICO-0059