UK embedded systems consultancy ByteSnap Design has announced a partnership with Digi International to offer a managed security service for connected medical and industrial IoT devices.
The pair will combine automated Software Bill of Materials (SBOM) generation, continuous vulnerability monitoring and targeted patching to provide a bundled embedded Linux security service.
A recent webinar titled "Long-Term Security for Medical Devices: Leveraging SBOM to Reduce Risk and Improve Compliance," featuring experts from ByteSnap Design and Digi International, addressed the expanding vulnerabilities of the Internet of Medical Things (IoMT).
With regulators now enforcing requirements such as FDA cybersecurity mandates in the US and the EU’s Cyber Resilience Act, manufacturers must implement strong risk management practices, including generating Software Bills of Materials (SBOM), continuous vulnerability monitoring and effective field patching throughout a device's lifecycle.
Graeme Wintle, co-founder and Director, ByteSnap Design, said: "Device makers are coming to us with the need for automated, continuous security monitoring to meet internal compliance and extended regulatory requirements such as the CRA."
"Digi International's monthly curated CVE reports, combined with our integration, testing and platform support expertise, provide manufacturers with actionable intelligence and peace of mind."
This partnership lowers risk, reduces the engineering burden and enables OEMs to focus on their core innovation while maintaining security during long product lifecycles.
The joint approach will combine several core elements designed to strengthen cybersecurity and lifecycle management for connected medical devices.
Central to this is the use of a Software Bill of Materials (SBOM) as a living operational tool, which is automatically generated during builds, linked to vulnerability databases such as CVE and CVSS and continuously updated to maintain visibility on potential risks.
The collaboration will also incorporate Digi ConnectCore Security Services, which provide expert-curated monthly reports that filter through thousands of potential vulnerabilities to identify only those relevant to a customer’s specific configuration.
These services also include pre-integrated security patches, helping streamline remediation processes.
ByteSnap Design will contribute integration expertise to support the implementation of advanced security features, including secure boot, encrypted file systems and TrustFence technology.
The company added that it will also provide kernel migration to supported long-term support (LTS) versions, alongside full board support package (BSP) integration, testing and release packaging services for both Digi hardware and third-party or chip-down solutions.
In addition, the partnership will focus on long-term lifecycle management through ongoing monitoring, over-the-air (OTA) update support and risk-based remediation strategies designed to align with regulatory expectations surrounding patient safety, data protection and device integrity.
In a statement, the pair said the solution will be particularly valuable for medical device manufacturers transitioning from hospital-based to home-based deployments, as well as for companies in automotive, defence, energy and other regulated sectors.