Premarket Software Guidance requirement to list and evaluate impact of unresolved software anomalies — security assessment extends this to include CWE classification and adversarial exploitability analysis.
FDA section V.A.5 requires a security impact assessment for each unresolved anomaly including CWE category identification, evaluation of adversarial exploitability (deliberate vs. probabilistic impact), and documentation of security-risk criteria and rationales in the premarket submission.
CWE classification for anomalies with security implications, adversarial exploitability assessment distinguishing from probabilistic occurrence, and documentation of risk acceptance rationale — anomaly lists submitted without security assessment are a common gap in premarket cybersecurity documentation.
Maps to
FDA Cybersecurity: §V.A.5 Security Assessment of Unresolved Anomalies
Requirement text
FDA's Premarket Cybersecurity Guidance (current edition February 3, 2026) recommends that for each software anomaly that exists in a product at the time of premarket submission, device manufacturers conduct an evaluation of the anomaly's impact on device safety and effectiveness, including an assessment of the potential security impacts of anomalies. The security assessment should include consideration of any present Common Weakness Enumeration (CWE) categories. The criteria and rationales for addressing resulting anomalies with security impacts should be provided as part of documentation in the premarket submission.
Why this clause exists
Software anomalies — bugs present at the time of market submission — have a dual character that traditional software risk assessment does not address: the same bug that produces an acceptably rare random malfunction during normal clinical use may be continuously and deliberately exploited by a threat actor to manifest its impact at will. FDA guidance V.A.5 was established because regulators observed that traditional anomaly risk assessments evaluated bugs purely through the lens of statistical probability of occurrence during normal operation, which systematically underestimates risk when an adversary can reliably trigger the anomaly. The guidance uses the example of a bug whose sporadic impact might be assessed as acceptable under normal-use probability modeling, but whose impact becomes continuous when an attacker deliberately exploits it — fundamentally changing the acceptable-risk determination. CWE categories are specifically referenced because they provide a standardized taxonomy for classifying security weaknesses that could be present in the anomaly, enabling consistent risk assessment across submission reviewers. The requirement to include criteria and rationales for addressing anomalies with security impacts in the premarket submission ensures FDA has visibility into the manufacturer's security risk acceptance decisions for known bugs at the time of market authorization.
What changed
FDA's September 2023 final guidance (updated February 2026) section V.A.5 introduces the requirement to include security impact assessment in the standard premarket anomaly evaluation, alongside the existing safety and effectiveness impact assessment required by Premarket Software Guidance. The integration of CWE categorization and the explicit adversarial-versus-probabilistic risk distinction are new. Previously, anomaly risk assessments used statistical probability of occurrence during normal use without accounting for the qualitatively different risk when an adversary can deliberately trigger the anomaly.
Common gaps (what we see in audits)
- Anomaly risk assessment uses only probabilistic normal-use occurrence without adversarial analysis — Standard premarket anomaly risk assessments evaluate the probability of anomaly occurrence during normal clinical use. This systematically underestimates risk for anomalies that could be deliberately exploited — an adversary can trigger a sporadic bug continuously, converting an acceptable probabilistic risk into an unacceptable continuous harm scenario. FDA guidance V.A.5 recommends that the security impact assessment explicitly distinguish between normal-use occurrence probability and adversarial exploitability.