Guided walkthrough · 2026 edition
AI/ML medical device cyber walkthrough
Answer five short questions and get a tailored list of AI/ML cyber risks and the exact PCCP / SPDF sections (FDA Feb 3, 2026 guidance), MDR / MDCG mappings, and EU CRA obligations to include in your technical file.
Last updated · yesterday ~2 minutes · no login
Step 1 of 5
What's the device modality?
Modality drives the highest-signal adversarial threats and the evaluation evidence you'll need.
Step 2 of 5
How does the model change after clearance?
This determines whether you need a PCCP and how tight the change-control envelope has to be.
Step 3 of 5
Where does inference happen?
Data-flow topology decides which cloud, transport, and cryptographic controls you must document.
Step 4 of 5
Which jurisdictions do you ship into?
Pick every regime you'll be reviewed under - obligations stack and CRA has separate reporting.
Select all that apply.
Step 5 of 5
Which risks are you already worried about?
Optional - we always compute a baseline. Selecting risks here raises their priority in the output.
Select all that apply.
Complete steps 1–4 to see recommendations.