Complex medical devices are controlled by instructions sent from a host PC. Anomalous instructions introduce many potentially harmful threats to patients (e.g., radiation overexposure), to physical components (e.g., manipulation of device motors) devices, or to functionality (e.g., manipulation of medical images). Threats can occur due to cyber-attacks, human errors (e.g., a technician’s configuration mistake), or host PC software bugs. To protect medical devices, we propose to analyze the instructions sent from the host PC to the physical components using a new architecture for the detection of anomalous instructions. Our architecture includes two detection layers: (1) an unsupervised context-free (CF) layer that detects anomalies based solely on the instructions’ content and inter-correlations; and (2) a supervised context-sensitive (CS) layer that detects anomalies with respect to the classifier’s output, relative to the clinical objectives. We evaluated the new architecture in the computed tomography (CT) domain, using 8,277 CT instructions that we recorded. We evaluated the CF layer using 14 different unsupervised anomaly detection algorithms. We evaluated the CS layer for four different types of clinical objective contexts, using five supervised classification algorithms for each context. Adding the second CS layer to the architecture improved the overall anomaly detection performance from an F1 score of 71.6% (using only the CF layer) to 82.3%–98.8% (depending on the clinical objective used). Furthermore, the CS layer enables the detection of CS anomalies, using the semantics of the device’s procedure, which cannot be detected using only the purely syntactic CF layer.