A great article by Shahid Shah "...If you ask some regulatory affairs folks in medical device companies, they think OSS is too “dangerous” for use in safety critical systems. The most common excuse given by engineers is that the regulatory compliance folks will not allow OSS or that the FDA will disapprove. There is plenty of evidence to the contrary, however, because the FDA hasn’t really rejected devices due solely to the use of OSS. The lack of OSS use in medical devices and healthcare IT circles in most cases likely stems from a lack of experience with OSS at the senior executive and regulatory compliance ranks within companies. This is a summary of a quick 10 step process that R&D groups can use to properly experiment with and include OSS in safety-critical systems."
R&D Executive – Why Shellshock and Heartbleed Should Matter to You
So, you’ve heard of Shellshock, of course. And if you use Unix, you made sure someone installed the right p...
Most Recent Articles
Zombies: Top 5 Open Source Vulnerabilities That Refuse To Die
DevOps Vs. DevSecOps; Are They Headed in Opposite Directions?
Top 5 New Open Source Security Vulnerabilities in July 2018
Dual Licensing for Open Source Components: Yeah or Meh?
8 Startup Due Diligence Questions You want to Be Asking
Security Patch Management — 7 Do’s and Don’ts
The 5 Common Mistakes Your Devops Team is Making
Bit- WhiteSource’s Open Source Project of the Month for July 2018
What’s a SaaS to Do? The SaaS Loophole in GPL Open Source Licenses
Why Drupalgeddon 2.0 May Still Be A Threat To Your Website
3 Essential Steps for Your Vulnerability Remediation Process
Best Practices for Open Source Governance
6 Open Source Software Security Concerns Dispelled
Top 5 New Open Source Vulnerabilities in June 2018
How To Secure Your SDLC The Right Way
CVSS v3 Is Still Missing The Target For Prioritization
3 Key Considerations for DevOps Automation
7 Chinese Open Source Projects You Should Know About
Top 5 Linux Kernel Vulnerabilities in 2018
Known Open Source Vulnerabilities In Reusable Software Components: The Golden Goose For Hackers That Keeps On Giving