Digitalization and the associated trend towards networking is also an important topic for medical devices. The fast and convenient exchange of information is beneficial when analyzing the patient’s state of health, for example, and can improve the quality of treatment.
These medical devices are used in areas that are considered safety-critical for patients. In addition, the transferred data is considered particularly worthy of protection on the basis of the GDPR. Not least with regard to audit procedures, it is important for manufacturers to pay particular attention to cybersecurity . Accordingly, issues relating to cyber security requirements for network-enabled medical devices and their protection are important topics.
Such protection includes both technical and organizational measures. We give you an overview of both areas and present important points.
from Sebastian Wittor
Organizational measures
Organizational measures describe protective measures that are implemented through instructions, procedures and practices. They serve to prevent potential attack opportunities and describe processes for dealing with known vulnerabilities.
Cybersecurity risk analysis
In order to fulfill the basic requirements of the currently valid directives for medical devices, a risk analysis must be prepared as part of the conformity assessment procedure. The risks identified there, which include cybersecurity, are analyzed, minimized and documented.
Risk analysis is a continuous process in which new potential attack vectors are identified during the course of development and how they are dealt with. The aim is to minimize the probability of safety risks occurring and to reduce their impact on patients and medical devices.
Life cycle of the medical device
Cybersecurity plays an important role in the life cycle of a medical device. Essential questions about the software development process are asked right at the start of the planning and development of such a product. This involves deciding on specifications for secure implementation, the selection of trustworthy development tools and the implementation of control mechanisms, which can take the form of test sections (security gates) and system tests.
The life cycle also regulates the handling of security-related issues in relation to product maintenance and known vulnerabilities after the product release. Relevant here are processes for detecting new potential attack vectors, regular checks for known vulnerabilities and all external subcomponents used, and questions about the product’s update policy.
Communication of vulnerabilities
In addition to dealing with known vulnerabilities, it is also necessary to define how to communicate about them. This includes the establishment of communication channels, e.g. for reporting identified vulnerabilities, open communication of these vulnerabilities to users and the creation of contact options for cybersecurity-related questions.
Technical measures
Technical measures include all software and hardware-based, implementable protective measures to safeguard the medical device against attacks by third parties. They deal with specific potential attack vectors and secure the medical device against them.
Securing network communication
The biggest attack vector for network-enabled medical devices is an attack on the communication channels and the associated data exchange and processing. An attacker has the possibility to read or manipulate this data. To secure the communication, an analysis is necessary first. The planning and technical implementation of data transmission is based on this. Data should be secured on the basis of the protection objectives, taking into account current protective measures and cryptographic procedures.
Preventing the disclosure of information
In addition to protecting data transmission, the medical device and host system must also be secured. System-based vulnerabilities allow attackers to obtain information about the communication and security features used, which can be used to attack this network connection.
Detection of attacks
Despite the use of current security standards and their conscientious implementation, potential attacks on unknown vulnerabilities cannot be ruled out. It is therefore advisable to implement a system for detecting potential attacks. It analyzes the use of the medical device and its communication channels. It also uses this data to detect irregularities that could indicate an attack. In addition to detection, this also serves to understand the course of an attack and its attack vector so that specific countermeasures can be initiated on this basis.
Ensuring basic functionalities
Medical devices should ensure their basic functionality even without an active network connection or in the event of a potential attack. The primary protection goal and therefore central to cybersecurity issues is to safeguard the health of patients.
Analysis to secure network communication
The most important questions at a glance: