Controlled risk

Medical device
A controlled risk

"is present when there is sufficiently low (acceptable) residual risk that the device’s essential clinical performance could be compromised by a cybersecurity vulnerability."