What is Guardian

Medcrypt's Guardian Platform provides PKI-based cryptographic security for medical devices, ensuring device authentication, secure communication, and regulatory compliance without disrupting performance. Learn more about PKI and why it matters for medical devices.

Guardian components

Guardian consists of two main components:

  • Guardian Library: Guardian Library runs on your devices to parse configuration profiles, request certificates from Guardian Cloud, and enable cryptographic functions like signing and encryption. Available for C++, C, Java, and more.

  • Guardian Cloud: Cloud-based platform that processes certificate requests, enrolls devices into trust hierarchies, and generates certificates. This is the part of the Guardian platform formerly known as Overwatch.

Guardian core principles

  • All connections between devices should be secured

  • Keys generated on the device never leave the device (including protection against data exfiltration methods)

  • Keys should be rotatable as frequently as needed

  • Key usage should be specific and isolated to particular operational contexts

  • Security policy should be codified in signed configuration that drives operational usage

What Guardian provides:

  • Rapid deployment and seamless integration into new and existing systems

  • Self-serve management through an intuitive web interface

  • Device cryptographic identities with certificate-based authentication and automated lifecycle management

  • Automated compliance reporting for FDA and other regulatory requirements

  • Support for diverse hardware platforms, operating systems, and cryptographic libraries

What Guardian does:

  • Automated cryptographic key generation and management with unique keys for each device. Keys are FIPS 140-2 and FIPS 140-3 Level 3 compliant.

  • Secure device-to-device communication (East-West protection)

  • Secure device-to-cloud communication (North-South protection)

  • Provisioning lifecycle management

  • Support for memory-constrained and connectivity-limited devices

  • Zero-trust security architecture implementation

  • Legacy system protection without code modification

  • Certificate lifecycle management (coming soon!)

  • PKI operations

Common use cases:

  • Create segmented security zones across multi-device ecosystems

  • Protect sensitive assets throughout the manufacturing process

  • Establish trusted connections to cloud services

  • Meet FDA cybersecurity requirements

  • Implement zero-trust security architectures

  • Manage cryptographic keys throughout device lifecycle

  • Provide legacy system security without code modification

Last updated

Was this helpful?