ByteSnap Design, an embedded electronic design and software consultancy, has announced collaboration with global leader in IoT, connectivity, and infrastructure management, Digi International, to help manufacturers address the growing security and regulatory challenges facing medical devices and other connected industrial IoT systems.
The two companies announced their new managed security service earlier this year. The bundled embedded Linux security service offering targets long-life connected devices, combining vulnerability intelligence, targeted patching, and deployment validation for heterogeneous hardware estates.
During a recent webinar titled “Long-Term Security for Medical Devices: Leveraging SBOM to Reduce Risk and Improve Compliance”, experts from ByteSnap Design and Digi International outlined how the Internet of Medical Things (IoMT) is expanding the attack surface for connected devices.
With regulators shifting from guidance to enforceable requirements, including FDA cybersecurity mandates in the US and the EU’s Cyber Resilience Act (CRA) and NDR obligations, manufacturers must demonstrate robust risk management, Software Bill of Materials (SBOM) generation, continuous vulnerability monitoring, and field patching capabilities throughout a device’s entire lifecycle.
Graeme Wintle, co-founder and Director, ByteSnap Design, commented: “Device makers are coming to us with the need for automated, continuous security monitoring to meet internal compliance and extended regulatory requirements such as the CRA. Digi International’s monthly curated CVE reports, combined with our integration, testing, and platform support expertise, provide manufacturers with actionable intelligence and peace of mind. This partnership lowers risk, reduces the engineering burden, and enables OEMs to focus on their core innovation while maintaining security over long product lifecycles.”
Key elements of the joint approach include:
-
SBOM as a living operational tool: Automatically generated during builds, linked to vulnerability databases (CVE/CVSS), and continuously updated.
-
Digi ConnectCore Security Services: Expert-curated monthly reports that filter thousands of potential vulnerabilities to highlight only those relevant to a customer’s specific configuration, along with pre-integrated security patches via a Yocto meta layer.
-
ByteSnap Design’s integration expertise: Support for embedding security features (including secure boot, encrypted file systems, and TrustFence), kernel migration to supported LTS versions, full BSP integration, testing, and release packaging — available for both Digi hardware and third-party/chip-down solutions.
-
Lifecycle management: Ongoing monitoring, OTA update support, and risk-based remediation that aligns with regulatory expectations for patient safety, data protection, and device integrity.
The solution is particularly valuable for medical device manufacturers transitioning from hospital to home-based deployments, as well as companies in automotive, defence, energy, and other regulated sectors.
Manufacturers interested in securing their embedded Linux platforms or preparing for upcoming regulatory deadlines are invited to contact ByteSnap Design for a consultation.
There’s more to discover at www.bytesnap.com
