Abstract
The European health care system is moving toward personalised, distributed, and home-based services, made possible via new and improved connected medical devices (CMDs). Cyber security will clearly be important in this context. In this paper we present 15 challenges that the manufacturers of CMDs face when trying to “build security in” for the devices that they produce. The challenges have been identified in a qualitative research study, including interview data from healthcare stakeholders combined with document analysis of four relevant CMD case studies.