Updates from tidepool

[ReettaValimaki]

Risk analysis

Instruction: Remove bullets not included to the analysis results._

• Risks of the implementation in this pull request have been analyzed with following results:
• No significant risks.
• Following items in the risk list are related to the implementation: [list of risk ids]
• The implementation poses the following new risks: [description of new risks]

Significance

Instruction: Remove bullet, which is not the analysis result.

• Analysis, is the software change considered significant (ref. MDCG 2020-3, chart C), has been made with following result:
• Significant change, certification according MDR is needed.
• Not significant change, can be made to the product certified according MDD.
  • Reasons for the decision - [answer]

Security check-up

Instruction: Check that the OWASP top 10 have been taken into account.

https://github.com/OWASP/www-project-top-ten/blob/master/index.md

• A01:2021-Broken Access Control - [comments]
• A02:2021-Cryptographic Failures - [comments]
• A03:2021-Injection - [comments]
• A04:2021-Insecure Design - [comments]
• A05:2021-Security Misconfiguration - [comments]
• A06:2021-Vulnerable and Outdated Components - [comments]
• A07:2021-Identification and Authentication Failures - [comments]
• A08:2021-Software and Data Integrity Failures - [comments]
• A09:2021-Security Logging and Monitoring Failures - [comments]
• A10:2021-Server-Side Request Forgery - [comments]