SlideShare a Scribd company logo

Safeguard Your Medical Devices from Cyber Threats

ICS
ICS

Manufacturers and developers of modern medical devices have to deal with hugely expanded threats. In this webinar with Q1 Productions, we'll share our experience with creating medical device software and its complexity. We’ll go through common areas of vulnerability for medical devices and talk about how to address these vulnerabilities in an efficient way.

Software
1 of 24
Download to read offline
Integrated Computer Solutions Inc. www.ics.com Safeguard Your Medical Devices from Cyber Threats Shane Keating Cybersecurity Engineering Manager 1
Integrated Computer Solutions Inc. www.ics.com Medical Devices Have Changed 2
Integrated Computer Solutions Inc. www.ics.com How Do You Trust a Medical Device? ● Arbitrary Computation Possible with a modern CPU + OS ● Functionality constrained by software, not circuits ● Need to trust all of the software to trust the device ● Where does software come from? Can it be changed? 3
Integrated Computer Solutions Inc. www.ics.com ● FDA has dealt with a stream of high-profile cybersecurity issues ● Flaws found - Pacemakers, control units, heart monitors etc. ● FDA now paying ever-increasing attention to this area ● Expanded threats ● 30% more PHI breaches occurred in 2020 ● More Medical Devices in Homes ● Windows often targeted but... ● Linux-specific threats emerging ● Hw Root of Trust counteracts Threats to Medical Devices Cybersecurity needs to be considered up front
Integrated Computer Solutions Inc. www.ics.com What is Cybersecurity? 5
Integrated Computer Solutions Inc. www.ics.com Confidentiality 6 ● Personal Information and Data ● Name/Address ● Medical information ● Credit Card Details ● Email addresses ● GDPR/HIPAA/Many other regulations ● Proprietary Information ● Trade Secrets
Integrated Computer Solutions Inc. www.ics.com Integrity 7 ● Risk of data being tampered with ● Identity spoofing ● Data Corruption ● Access-control tampering ● Weaknesses introduced
Integrated Computer Solutions Inc. www.ics.com Availability 8 ● Need data and functionality to be available when required ● Denial-of-service attacks can prevent this ● Data can be maliciously encrypted ● Ransomware ● Non-malicious events a major cause also
Integrated Computer Solutions Inc. www.ics.com Cybersecurity Challenges ● Design to meet standards and minimize risk ● Forest of standards ● Threat landscape constantly evolving ● Design for maintenance ● COTS Sw - but Medical Device lifespan - >10 yrs 9 Requirements & Design Implementation Deployment & Production ● Implementation optimally ● Crypto - Securing Keys - Hw protection ● User Authentication ● Sw Update/Secure Boot ● Maintenance ● Monitoring ● Sw Update cost/complexity
Integrated Computer Solutions Inc. www.ics.com Example of Cybersecurity Solution ● Cybersecurity solution developed for key customer ● Medical Device for testing - Touchscreen/QT based ● Device contains test results - potentially PHI (Protected Health Information) ● Cybersecurity Solution here is tied to CPU ● Hardware protection of Sensitive Data is critical Device Secure Hw - Root of Trust
Integrated Computer Solutions Inc. www.ics.com Device Cybersecurity for a Medical Embedded Device 11 Qt Application Linux Bootloader Secure Boot Secure Import/Export (WiFi/Eth/USB) Secure User Login Secure Storage Key Storage Sw Updates Data from Device Firewall
Integrated Computer Solutions Inc. www.ics.com UL 2900 ● Series of standards relating to cybersecurity and information security ● Aligns with FDA Guidance around Premarket Submissions for Management of Cybersecurity in Medical Devices ● Aligns with NIST principles: Identify, Protect, Detect, Respond, Recover ● Uses NIST standards for many details around acceptable encryption/verification algorithms etc ● Also aligns with the Postmarket Management of Cybersecurity recommended by FDA ● Provides a Framework to structure submissions for regulatory approval 12
Integrated Computer Solutions Inc. www.ics.com UL 2900 Series of Standards 13 General Product Requirements Industry Specific ANSI/UL 2900-1 Software Cybersecurity ANSI/UL 2900-2-1 Healthcare Systems ANSI/UL 2900-2-2 Industrial Control Systems ANSI/UL 2900-2-3 Security/Life Safety
Integrated Computer Solutions Inc. www.ics.com NIST FIPS 200 User Auth FDA Pre-market Guidance for Mgt of Cybersecurity in Medical Devices Standards Forest 14 UL 2900-1 Software Cybersecurity UL 2900-2-1 Healthcare Sector ISO 14971 Medical Device Risk Mgt NIST FIPS 140-2 Crypto CFR 21 820 Medical Device Quality ISO 27000 Infosec Mgt IEC 80001 Risk Mgt - N/W with Medical Devs ISO 31000 Gen Risk Mgt FDA Post-market Guidance for Mgt of Cybersecurity in Medical Devices HSCC JSP Medical Device Cybersec
Integrated Computer Solutions Inc. www.ics.com UL 2900 - Process and Design Mapping 15 Area UL 2900-1 Clause UL 2900-2-1 Clause Requirements Documentation of Product Design Clause 4, 5 Clause 12 ● Design Documentation ● Interface List ● Software BOM Documentation for Product Use Clause 6 Clause 6 ● Encryption of data at rest and in transit ● Authentication of comms Risk Controls and Management Clause 7, 12 Clause 12 ● Risk Mgt Process ● Threat Analysis ● Traceability Matrix ● Risks, Vulnerabilities, Weaknesses Software Analysis Clause 17, 18, 19 ● Software Weakness Analysis ● Static Source Code Analysis ● Static Binary and Bytecode Analysis
Integrated Computer Solutions Inc. www.ics.com UL 2900 - Functionality Mapping 16 Area UL 2900-1 Clause UL 2900-2-1 Clause Functionality User Authentication Clause 8 Clause 12.4 ● Secure User Access ● Passwords Remote Comms Clause 9 ● Encryption of data in-transit ● Authentication of comms Sensitive Data Clause 10 Clause 16 ● PHI, PII, IP protection ● Encryption of data at rest/in motion Software Update Clause 11 Clause 12.4 ● Encrypt and Authenticate Updates ● Restrict who can Update ● Secure Boot ● Product Decommissioning ● Security Log
Integrated Computer Solutions Inc. www.ics.com UL 2900 - Security (Penetration) Testing Mapping 17 Area UL 2900-1 Clause UL 2900-2-1 Clause Functionality Software Evaluation Clause 13 ● Check for known vulnerabilities from NVD ● Process for handling security vulnerabilities documented Penetration Testing Clause 14, 15, 16 ● Malware Testing/Scanning ● Malformed Input Testing ● Structured Penetration Testing ● DoS test ● Elevate Privilege Test ● Scan ports, i/fs and services
Integrated Computer Solutions Inc. www.ics.com Cybersecurity for Medical Devices vs Your Laptop Your Laptop ● Regularly Updated ● Update Reminders/Antivirus Sw ● Updates from Microsoft/Sw Vendors ● General threats target here first ● 18 Medical Devices Sw ● Seldom updated ● Limited interaction/visibility with internals ● Updates from Manufacturer ● More specialised threats ●
Integrated Computer Solutions Inc. www.ics.com The Chain of Trust 19 ‘Human error’ leading cause of data breaches Cloud Hosting App Developer Sw Developer MDM Healthcare Organization
Integrated Computer Solutions Inc. www.ics.com The Chain of Trust for Secure Deployment 20 Deployment of a Secure Medical Device needs up-front planning Protected Devices Manufacturing Trusted Secrets/Keys Organization Root of Trust
Integrated Computer Solutions Inc. www.ics.com About ICS and Boston UX Creating Transformative Products That Advance Patient Care 21 www.ics.com/medical ICS’ design studio specializes in intuitive touchscreen and multimodal interfaces for high-impact embedded and connected devices. Established in 1987, ICS delivers innovative medtech solutions with a full suite of services to accelerate development, testing and certification of successful next-gen products. ICS and Boston UX are headquartered in Waltham, Mass. with offices in California, Canada and Europe.
Integrated Computer Solutions Inc. www.ics.com Delivering a Full Suite of Medtech Services 22 ● Human Factors Engineering ● IEC 62366-UX/UI Design ● Custom Frontend and Backend Software Development ● Development with IEC 62304-Compliant Platform ● Low-code Tools that Convert UX Prototype to Product ● Medical Device Cybersecurity ● AWS and Azure Cloud Services and Analytics ● ISO 14971-Compliant Hazard Analysis ● Software Verification Testing ● Complimentary Software Technology Assessment
Integrated Computer Solutions Inc. www.ics.com Thank you! 23 Any questions?
Integrated Computer Solutions Inc. www.ics.com 24

Recommended

The Future of Quality and Regulatory for SaMD
The Future of Quality and Regulatory for SaMDThe Future of Quality and Regulatory for SaMD
The Future of Quality and Regulatory for SaMDJanel Heilbrunn
 
Touchless Interactions Webinar
Touchless Interactions WebinarTouchless Interactions Webinar
Touchless Interactions WebinarICS
 
Accelerating MedTech Product Development with UX and Human Factors Engineering
Accelerating MedTech Product Development with UX and Human Factors EngineeringAccelerating MedTech Product Development with UX and Human Factors Engineering
Accelerating MedTech Product Development with UX and Human Factors EngineeringICS
 
Machine Learning in Medical Devices Webinar
Machine Learning in Medical Devices WebinarMachine Learning in Medical Devices Webinar
Machine Learning in Medical Devices WebinarICS
 
5 Key Considerations at the Start of SaMD Development
5 Key Considerations at the Start of SaMD Development5 Key Considerations at the Start of SaMD Development
5 Key Considerations at the Start of SaMD DevelopmentICS
 
Wind river webinar deck v1 as of april 23 2014 dw2
Wind river webinar deck v1 as of april 23 2014 dw2Wind river webinar deck v1 as of april 23 2014 dw2
Wind river webinar deck v1 as of april 23 2014 dw2Intel IoT
 
Minder RTP Product Overview
Minder RTP Product OverviewMinder RTP Product Overview
Minder RTP Product OverviewCruatech
 
Cruatech Services Intro
Cruatech Services IntroCruatech Services Intro
Cruatech Services IntroCruatech
 

Recommended

The Future of Quality and Regulatory for SaMD
The Future of Quality and Regulatory for SaMDThe Future of Quality and Regulatory for SaMD
The Future of Quality and Regulatory for SaMDJanel Heilbrunn
 
Touchless Interactions Webinar
Touchless Interactions WebinarTouchless Interactions Webinar
Touchless Interactions WebinarICS
 
Accelerating MedTech Product Development with UX and Human Factors Engineering
Accelerating MedTech Product Development with UX and Human Factors EngineeringAccelerating MedTech Product Development with UX and Human Factors Engineering
Accelerating MedTech Product Development with UX and Human Factors EngineeringICS
 
Machine Learning in Medical Devices Webinar
Machine Learning in Medical Devices WebinarMachine Learning in Medical Devices Webinar
Machine Learning in Medical Devices WebinarICS
 
5 Key Considerations at the Start of SaMD Development
5 Key Considerations at the Start of SaMD Development5 Key Considerations at the Start of SaMD Development
5 Key Considerations at the Start of SaMD DevelopmentICS
 
Wind river webinar deck v1 as of april 23 2014 dw2
Wind river webinar deck v1 as of april 23 2014 dw2Wind river webinar deck v1 as of april 23 2014 dw2
Wind river webinar deck v1 as of april 23 2014 dw2Intel IoT
 
Minder RTP Product Overview
Minder RTP Product OverviewMinder RTP Product Overview
Minder RTP Product OverviewCruatech
 
Cruatech Services Intro
Cruatech Services IntroCruatech Services Intro
Cruatech Services IntroCruatech
 
Luca, Marius Alexandru „Virtualių grėsmių tipai PRIEŠ apsaugines BitDefender ...
Luca, Marius Alexandru „Virtualių grėsmių tipai PRIEŠ apsaugines BitDefender ...Luca, Marius Alexandru „Virtualių grėsmių tipai PRIEŠ apsaugines BitDefender ...
Luca, Marius Alexandru „Virtualių grėsmių tipai PRIEŠ apsaugines BitDefender ...Lietuvos kompiuterininkų sąjunga
 
Accelerating Our Path to Multi Platform Benefits
Accelerating Our Path to Multi Platform BenefitsAccelerating Our Path to Multi Platform Benefits
Accelerating Our Path to Multi Platform BenefitsIntel IT Center
 
Intel HIMSS WoHIT mhealth
Intel HIMSS WoHIT mhealthIntel HIMSS WoHIT mhealth
Intel HIMSS WoHIT mhealthrcnossen
 
Eurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentationEurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentationStefane Mouille
 
Industrial Internet of Things in a Box
Industrial Internet of Things in a BoxIndustrial Internet of Things in a Box
Industrial Internet of Things in a BoxEurotech
 
Day1 Trina Ward
Day1 Trina WardDay1 Trina Ward
Day1 Trina WardUS-Ignite
 
Killed by code 2015
Killed by code 2015Killed by code 2015
Killed by code 2015Flaskdata.io
 
Medical & Healthcare IoT M2M Solutions
Medical & Healthcare IoT M2M SolutionsMedical & Healthcare IoT M2M Solutions
Medical & Healthcare IoT M2M SolutionsEurotech
 
Software Development Tools for Intel® IoT Platforms
Software Development Tools for Intel® IoT PlatformsSoftware Development Tools for Intel® IoT Platforms
Software Development Tools for Intel® IoT PlatformsIntel® Software
 
The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...
The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...
The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...Real-Time Innovations (RTI)
 
Power of Health IT Touch
Power of Health IT TouchPower of Health IT Touch
Power of Health IT TouchIntel IT Center
 
Ch1
Ch1Ch1
Ch1Faisal khokher
 
Jim Waldron Resume 2016
Jim Waldron Resume 2016Jim Waldron Resume 2016
Jim Waldron Resume 2016Jim Waldron
 
The Product
The ProductThe Product
The Productadil raja
 
Mobile device management and BYOD – simple changes, big benefits
Mobile device management and BYOD – simple changes, big benefitsMobile device management and BYOD – simple changes, big benefits
Mobile device management and BYOD – simple changes, big benefitsWaterstons Ltd
 
Endpoint Security for Mobile Devices
Endpoint Security for Mobile DevicesEndpoint Security for Mobile Devices
Endpoint Security for Mobile DevicesDavid Shepherd
 
A Review Of Process Analytics In The Year 2012
A Review Of Process Analytics In The Year 2012A Review Of Process Analytics In The Year 2012
A Review Of Process Analytics In The Year 2012gautamkdas
 
Learnings while building Mobile Device Management [MDM]
Learnings while building Mobile Device Management [MDM] Learnings while building Mobile Device Management [MDM]
Learnings while building Mobile Device Management [MDM] Leena N
 
Ch1 introduction
Ch1 introductionCh1 introduction
Ch1 introductionAlok Chaudhary
 
Secure Your Medical Devices From the Ground Up
Secure Your Medical Devices From the Ground Up Secure Your Medical Devices From the Ground Up
Secure Your Medical Devices From the Ground Up ICS
 
Cybersecurity and Software Updates in Medical Devices.pdf
Cybersecurity and Software Updates in Medical Devices.pdfCybersecurity and Software Updates in Medical Devices.pdf
Cybersecurity and Software Updates in Medical Devices.pdfICS
 
The Present and Future of IoT Cybersecurity
The Present and Future of IoT CybersecurityThe Present and Future of IoT Cybersecurity
The Present and Future of IoT CybersecurityOnward Security
 

More Related Content

What's hot

Luca, Marius Alexandru „Virtualių grėsmių tipai PRIEŠ apsaugines BitDefender ...
Luca, Marius Alexandru „Virtualių grėsmių tipai PRIEŠ apsaugines BitDefender ...Luca, Marius Alexandru „Virtualių grėsmių tipai PRIEŠ apsaugines BitDefender ...
Luca, Marius Alexandru „Virtualių grėsmių tipai PRIEŠ apsaugines BitDefender ...Lietuvos kompiuterininkų sąjunga
 
Accelerating Our Path to Multi Platform Benefits
Accelerating Our Path to Multi Platform BenefitsAccelerating Our Path to Multi Platform Benefits
Accelerating Our Path to Multi Platform BenefitsIntel IT Center
 
Intel HIMSS WoHIT mhealth
Intel HIMSS WoHIT mhealthIntel HIMSS WoHIT mhealth
Intel HIMSS WoHIT mhealthrcnossen
 
Eurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentationEurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentationStefane Mouille
 
Industrial Internet of Things in a Box
Industrial Internet of Things in a BoxIndustrial Internet of Things in a Box
Industrial Internet of Things in a BoxEurotech
 
Day1 Trina Ward
Day1 Trina WardDay1 Trina Ward
Day1 Trina WardUS-Ignite
 
Killed by code 2015
Killed by code 2015Killed by code 2015
Killed by code 2015Flaskdata.io
 
Medical & Healthcare IoT M2M Solutions
Medical & Healthcare IoT M2M SolutionsMedical & Healthcare IoT M2M Solutions
Medical & Healthcare IoT M2M SolutionsEurotech
 
Software Development Tools for Intel® IoT Platforms
Software Development Tools for Intel® IoT PlatformsSoftware Development Tools for Intel® IoT Platforms
Software Development Tools for Intel® IoT PlatformsIntel® Software
 
The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...
The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...
The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...Real-Time Innovations (RTI)
 
Power of Health IT Touch
Power of Health IT TouchPower of Health IT Touch
Power of Health IT TouchIntel IT Center
 
Jim Waldron Resume 2016
Jim Waldron Resume 2016Jim Waldron Resume 2016
Jim Waldron Resume 2016Jim Waldron
 
Mobile device management and BYOD – simple changes, big benefits
Mobile device management and BYOD – simple changes, big benefitsMobile device management and BYOD – simple changes, big benefits
Mobile device management and BYOD – simple changes, big benefitsWaterstons Ltd
 
Endpoint Security for Mobile Devices
Endpoint Security for Mobile DevicesEndpoint Security for Mobile Devices
Endpoint Security for Mobile DevicesDavid Shepherd
 
A Review Of Process Analytics In The Year 2012
A Review Of Process Analytics In The Year 2012A Review Of Process Analytics In The Year 2012
A Review Of Process Analytics In The Year 2012gautamkdas
 
Learnings while building Mobile Device Management [MDM]
Learnings while building Mobile Device Management [MDM] Learnings while building Mobile Device Management [MDM]
Learnings while building Mobile Device Management [MDM] Leena N
 

What's hot (19)

Luca, Marius Alexandru „Virtualių grėsmių tipai PRIEŠ apsaugines BitDefender ...
Luca, Marius Alexandru „Virtualių grėsmių tipai PRIEŠ apsaugines BitDefender ...Luca, Marius Alexandru „Virtualių grėsmių tipai PRIEŠ apsaugines BitDefender ...
Luca, Marius Alexandru „Virtualių grėsmių tipai PRIEŠ apsaugines BitDefender ...
 
Accelerating Our Path to Multi Platform Benefits
Accelerating Our Path to Multi Platform BenefitsAccelerating Our Path to Multi Platform Benefits
Accelerating Our Path to Multi Platform Benefits
 
Intel HIMSS WoHIT mhealth
Intel HIMSS WoHIT mhealthIntel HIMSS WoHIT mhealth
Intel HIMSS WoHIT mhealth
 
Eurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentationEurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentation
 
Industrial Internet of Things in a Box
Industrial Internet of Things in a BoxIndustrial Internet of Things in a Box
Industrial Internet of Things in a Box
 
Day1 Trina Ward
Day1 Trina WardDay1 Trina Ward
Day1 Trina Ward
 
Killed by code 2015
Killed by code 2015Killed by code 2015
Killed by code 2015
 
Medical & Healthcare IoT M2M Solutions
Medical & Healthcare IoT M2M SolutionsMedical & Healthcare IoT M2M Solutions
Medical & Healthcare IoT M2M Solutions
 
Software Development Tools for Intel® IoT Platforms
Software Development Tools for Intel® IoT PlatformsSoftware Development Tools for Intel® IoT Platforms
Software Development Tools for Intel® IoT Platforms
 
The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...
The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...
The Inside Story: GE Healthcare's Industrial Internet of Things (IoT) Archite...
 
Power of Health IT Touch
Power of Health IT TouchPower of Health IT Touch
Power of Health IT Touch
 
Ch1
Ch1Ch1
Ch1
 
Jim Waldron Resume 2016
Jim Waldron Resume 2016Jim Waldron Resume 2016
Jim Waldron Resume 2016
 
The Product
The ProductThe Product
The Product
 
Mobile device management and BYOD – simple changes, big benefits
Mobile device management and BYOD – simple changes, big benefitsMobile device management and BYOD – simple changes, big benefits
Mobile device management and BYOD – simple changes, big benefits
 
Endpoint Security for Mobile Devices
Endpoint Security for Mobile DevicesEndpoint Security for Mobile Devices
Endpoint Security for Mobile Devices
 
A Review Of Process Analytics In The Year 2012
A Review Of Process Analytics In The Year 2012A Review Of Process Analytics In The Year 2012
A Review Of Process Analytics In The Year 2012
 
Learnings while building Mobile Device Management [MDM]
Learnings while building Mobile Device Management [MDM] Learnings while building Mobile Device Management [MDM]
Learnings while building Mobile Device Management [MDM]
 
Ch1 introduction
Ch1 introductionCh1 introduction
Ch1 introduction
 

Similar to Safeguard Your Medical Devices from Cyber Threats

Secure Your Medical Devices From the Ground Up
Secure Your Medical Devices From the Ground Up Secure Your Medical Devices From the Ground Up
Secure Your Medical Devices From the Ground Up ICS
 
Cybersecurity and Software Updates in Medical Devices.pdf
Cybersecurity and Software Updates in Medical Devices.pdfCybersecurity and Software Updates in Medical Devices.pdf
Cybersecurity and Software Updates in Medical Devices.pdfICS
 
The Present and Future of IoT Cybersecurity
The Present and Future of IoT CybersecurityThe Present and Future of IoT Cybersecurity
The Present and Future of IoT CybersecurityOnward Security
 
Killed by code 2015
Killed by code 2015Killed by code 2015
Killed by code 2015Flaskdata.io
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Smart Manufacturing
Smart ManufacturingSmart Manufacturing
Smart ManufacturingCSA Group
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...PECB
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIntel® Software
 
Qualcomm Life Connect 2013: 2net System Overview, Security and Privacy
Qualcomm Life Connect 2013: 2net System Overview, Security and PrivacyQualcomm Life Connect 2013: 2net System Overview, Security and Privacy
Qualcomm Life Connect 2013: 2net System Overview, Security and PrivacyQualcomm Life
 
Practical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdfPractical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdfICS
 
Webinartestforslideshare
WebinartestforslideshareWebinartestforslideshare
WebinartestforslideshareColin Walls
 
Infinity_Architecture_June_Webinar__Final_Wiki.pptx
Infinity_Architecture_June_Webinar__Final_Wiki.pptxInfinity_Architecture_June_Webinar__Final_Wiki.pptx
Infinity_Architecture_June_Webinar__Final_Wiki.pptxssuser365526
 
Preparing the Data Center for the Internet of Things
Preparing the Data Center for the Internet of ThingsPreparing the Data Center for the Internet of Things
Preparing the Data Center for the Internet of ThingsIntel IoT
 
Cyber security course in kerala | C|PENT | Blitz Academy
Cyber security course in kerala | C|PENT | Blitz AcademyCyber security course in kerala | C|PENT | Blitz Academy
Cyber security course in kerala | C|PENT | Blitz Academyananthakrishnansblit
 
Cyber security courses in Kerala , kochi
Cyber security courses in Kerala , kochiCyber security courses in Kerala , kochi
Cyber security courses in Kerala , kochiamallblitz0
 
Security for the IoT - Report Summary
Security for the IoT - Report SummarySecurity for the IoT - Report Summary
Security for the IoT - Report SummaryAccenture Technology
 

Similar to Safeguard Your Medical Devices from Cyber Threats (20)

Secure Your Medical Devices From the Ground Up
Secure Your Medical Devices From the Ground Up Secure Your Medical Devices From the Ground Up
Secure Your Medical Devices From the Ground Up
 
Cybersecurity and Software Updates in Medical Devices.pdf
Cybersecurity and Software Updates in Medical Devices.pdfCybersecurity and Software Updates in Medical Devices.pdf
Cybersecurity and Software Updates in Medical Devices.pdf
 
The Present and Future of IoT Cybersecurity
The Present and Future of IoT CybersecurityThe Present and Future of IoT Cybersecurity
The Present and Future of IoT Cybersecurity
 
Killed by code 2015
Killed by code 2015Killed by code 2015
Killed by code 2015
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
Smart Manufacturing
Smart ManufacturingSmart Manufacturing
Smart Manufacturing
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
 
Cognita Brochure
Cognita BrochureCognita Brochure
Cognita Brochure
 
Qualcomm Life Connect 2013: 2net System Overview, Security and Privacy
Qualcomm Life Connect 2013: 2net System Overview, Security and PrivacyQualcomm Life Connect 2013: 2net System Overview, Security and Privacy
Qualcomm Life Connect 2013: 2net System Overview, Security and Privacy
 
Practical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdfPractical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdf
 
Webinartestforslideshare
WebinartestforslideshareWebinartestforslideshare
Webinartestforslideshare
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
 
Securing SCADA
Securing SCADASecuring SCADA
Securing SCADA
 
Infinity_Architecture_June_Webinar__Final_Wiki.pptx
Infinity_Architecture_June_Webinar__Final_Wiki.pptxInfinity_Architecture_June_Webinar__Final_Wiki.pptx
Infinity_Architecture_June_Webinar__Final_Wiki.pptx
 
Preparing the Data Center for the Internet of Things
Preparing the Data Center for the Internet of ThingsPreparing the Data Center for the Internet of Things
Preparing the Data Center for the Internet of Things
 
Cyber security course in kerala | C|PENT | Blitz Academy
Cyber security course in kerala | C|PENT | Blitz AcademyCyber security course in kerala | C|PENT | Blitz Academy
Cyber security course in kerala | C|PENT | Blitz Academy
 
Cyber security courses in Kerala , kochi
Cyber security courses in Kerala , kochiCyber security courses in Kerala , kochi
Cyber security courses in Kerala , kochi
 
Security for the IoT - Report Summary
Security for the IoT - Report SummarySecurity for the IoT - Report Summary
Security for the IoT - Report Summary
 
Manufacturing Hacks
Manufacturing HacksManufacturing Hacks
Manufacturing Hacks
 

More from ICS

The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Accelerating Development of a Safety-Critical Cobot Welding System with Qt/QM...
Accelerating Development of a Safety-Critical Cobot Welding System with Qt/QM...Accelerating Development of a Safety-Critical Cobot Welding System with Qt/QM...
Accelerating Development of a Safety-Critical Cobot Welding System with Qt/QM...ICS
 
Overcoming CMake Configuration Issues Webinar
Overcoming CMake Configuration Issues WebinarOvercoming CMake Configuration Issues Webinar
Overcoming CMake Configuration Issues WebinarICS
 
Enhancing Quality and Test in Medical Device Design - Part 2.pdf
Enhancing Quality and Test in Medical Device Design - Part 2.pdfEnhancing Quality and Test in Medical Device Design - Part 2.pdf
Enhancing Quality and Test in Medical Device Design - Part 2.pdfICS
 
Designing and Managing IoT Devices for Rapid Deployment - Webinar.pdf
Designing and Managing IoT Devices for Rapid Deployment - Webinar.pdfDesigning and Managing IoT Devices for Rapid Deployment - Webinar.pdf
Designing and Managing IoT Devices for Rapid Deployment - Webinar.pdfICS
 
Quality and Test in Medical Device Design - Part 1.pdf
Quality and Test in Medical Device Design - Part 1.pdfQuality and Test in Medical Device Design - Part 1.pdf
Quality and Test in Medical Device Design - Part 1.pdfICS
 
Creating Digital Twins Using Rapid Development Techniques.pdf
Creating Digital Twins Using Rapid Development Techniques.pdfCreating Digital Twins Using Rapid Development Techniques.pdf
Creating Digital Twins Using Rapid Development Techniques.pdfICS
 
MDG Panel - Creating Expert Level GUIs for Complex Medical Devices
MDG Panel - Creating Expert Level GUIs for Complex Medical DevicesMDG Panel - Creating Expert Level GUIs for Complex Medical Devices
MDG Panel - Creating Expert Level GUIs for Complex Medical DevicesICS
 
How to Craft a Winning IOT Device Management Solution
How to Craft a Winning IOT Device Management SolutionHow to Craft a Winning IOT Device Management Solution
How to Craft a Winning IOT Device Management SolutionICS
 
Bridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory TeamsBridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory TeamsICS
 
IoT Device Fleet Management: Create a Robust Solution with Azure
IoT Device Fleet Management: Create a Robust Solution with AzureIoT Device Fleet Management: Create a Robust Solution with Azure
IoT Device Fleet Management: Create a Robust Solution with AzureICS
 
Basic Cmake for Qt Users
Basic Cmake for Qt UsersBasic Cmake for Qt Users
Basic Cmake for Qt UsersICS
 
Software Update Mechanisms: Selecting the Best Solutin for Your Embedded Linu...
Software Update Mechanisms: Selecting the Best Solutin for Your Embedded Linu...Software Update Mechanisms: Selecting the Best Solutin for Your Embedded Linu...
Software Update Mechanisms: Selecting the Best Solutin for Your Embedded Linu...ICS
 
Qt Installer Framework
Qt Installer FrameworkQt Installer Framework
Qt Installer FrameworkICS
 
Bridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory TeamsBridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory TeamsICS
 
Overcome Hardware And Software Challenges - Medical Device Case Study
Overcome Hardware And Software Challenges - Medical Device Case StudyOvercome Hardware And Software Challenges - Medical Device Case Study
Overcome Hardware And Software Challenges - Medical Device Case StudyICS
 
User Experience Design for IoT
User Experience Design for IoTUser Experience Design for IoT
User Experience Design for IoTICS
 
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdfSoftware Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdfICS
 
An In-Depth Look Into Microcontrollers
An In-Depth Look Into MicrocontrollersAn In-Depth Look Into Microcontrollers
An In-Depth Look Into MicrocontrollersICS
 
Introduction to the Qt State Machine Framework using Qt 6
Introduction to the Qt State Machine Framework using Qt 6Introduction to the Qt State Machine Framework using Qt 6
Introduction to the Qt State Machine Framework using Qt 6ICS
 

More from ICS (20)

The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Accelerating Development of a Safety-Critical Cobot Welding System with Qt/QM...
Accelerating Development of a Safety-Critical Cobot Welding System with Qt/QM...Accelerating Development of a Safety-Critical Cobot Welding System with Qt/QM...
Accelerating Development of a Safety-Critical Cobot Welding System with Qt/QM...
 
Overcoming CMake Configuration Issues Webinar
Overcoming CMake Configuration Issues WebinarOvercoming CMake Configuration Issues Webinar
Overcoming CMake Configuration Issues Webinar
 
Enhancing Quality and Test in Medical Device Design - Part 2.pdf
Enhancing Quality and Test in Medical Device Design - Part 2.pdfEnhancing Quality and Test in Medical Device Design - Part 2.pdf
Enhancing Quality and Test in Medical Device Design - Part 2.pdf
 
Designing and Managing IoT Devices for Rapid Deployment - Webinar.pdf
Designing and Managing IoT Devices for Rapid Deployment - Webinar.pdfDesigning and Managing IoT Devices for Rapid Deployment - Webinar.pdf
Designing and Managing IoT Devices for Rapid Deployment - Webinar.pdf
 
Quality and Test in Medical Device Design - Part 1.pdf
Quality and Test in Medical Device Design - Part 1.pdfQuality and Test in Medical Device Design - Part 1.pdf
Quality and Test in Medical Device Design - Part 1.pdf
 
Creating Digital Twins Using Rapid Development Techniques.pdf
Creating Digital Twins Using Rapid Development Techniques.pdfCreating Digital Twins Using Rapid Development Techniques.pdf
Creating Digital Twins Using Rapid Development Techniques.pdf
 
MDG Panel - Creating Expert Level GUIs for Complex Medical Devices
MDG Panel - Creating Expert Level GUIs for Complex Medical DevicesMDG Panel - Creating Expert Level GUIs for Complex Medical Devices
MDG Panel - Creating Expert Level GUIs for Complex Medical Devices
 
How to Craft a Winning IOT Device Management Solution
How to Craft a Winning IOT Device Management SolutionHow to Craft a Winning IOT Device Management Solution
How to Craft a Winning IOT Device Management Solution
 
Bridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory TeamsBridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory Teams
 
IoT Device Fleet Management: Create a Robust Solution with Azure
IoT Device Fleet Management: Create a Robust Solution with AzureIoT Device Fleet Management: Create a Robust Solution with Azure
IoT Device Fleet Management: Create a Robust Solution with Azure
 
Basic Cmake for Qt Users
Basic Cmake for Qt UsersBasic Cmake for Qt Users
Basic Cmake for Qt Users
 
Software Update Mechanisms: Selecting the Best Solutin for Your Embedded Linu...
Software Update Mechanisms: Selecting the Best Solutin for Your Embedded Linu...Software Update Mechanisms: Selecting the Best Solutin for Your Embedded Linu...
Software Update Mechanisms: Selecting the Best Solutin for Your Embedded Linu...
 
Qt Installer Framework
Qt Installer FrameworkQt Installer Framework
Qt Installer Framework
 
Bridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory TeamsBridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory Teams
 
Overcome Hardware And Software Challenges - Medical Device Case Study
Overcome Hardware And Software Challenges - Medical Device Case StudyOvercome Hardware And Software Challenges - Medical Device Case Study
Overcome Hardware And Software Challenges - Medical Device Case Study
 
User Experience Design for IoT
User Experience Design for IoTUser Experience Design for IoT
User Experience Design for IoT
 
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdfSoftware Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdf
 
An In-Depth Look Into Microcontrollers
An In-Depth Look Into MicrocontrollersAn In-Depth Look Into Microcontrollers
An In-Depth Look Into Microcontrollers
 
Introduction to the Qt State Machine Framework using Qt 6
Introduction to the Qt State Machine Framework using Qt 6Introduction to the Qt State Machine Framework using Qt 6
Introduction to the Qt State Machine Framework using Qt 6
 

Recently uploaded

Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendArshad QA
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfCionsystems
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 

Recently uploaded (20)

Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and Backend
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 

Safeguard Your Medical Devices from Cyber Threats

  • 1. Integrated Computer Solutions Inc. www.ics.com Safeguard Your Medical Devices from Cyber Threats Shane Keating Cybersecurity Engineering Manager 1
  • 2. Integrated Computer Solutions Inc. www.ics.com Medical Devices Have Changed 2
  • 3. Integrated Computer Solutions Inc. www.ics.com How Do You Trust a Medical Device? ● Arbitrary Computation Possible with a modern CPU + OS ● Functionality constrained by software, not circuits ● Need to trust all of the software to trust the device ● Where does software come from? Can it be changed? 3
  • 4. Integrated Computer Solutions Inc. www.ics.com ● FDA has dealt with a stream of high-profile cybersecurity issues ● Flaws found - Pacemakers, control units, heart monitors etc. ● FDA now paying ever-increasing attention to this area ● Expanded threats ● 30% more PHI breaches occurred in 2020 ● More Medical Devices in Homes ● Windows often targeted but... ● Linux-specific threats emerging ● Hw Root of Trust counteracts Threats to Medical Devices Cybersecurity needs to be considered up front
  • 5. Integrated Computer Solutions Inc. www.ics.com What is Cybersecurity? 5
  • 6. Integrated Computer Solutions Inc. www.ics.com Confidentiality 6 ● Personal Information and Data ● Name/Address ● Medical information ● Credit Card Details ● Email addresses ● GDPR/HIPAA/Many other regulations ● Proprietary Information ● Trade Secrets
  • 7. Integrated Computer Solutions Inc. www.ics.com Integrity 7 ● Risk of data being tampered with ● Identity spoofing ● Data Corruption ● Access-control tampering ● Weaknesses introduced
  • 8. Integrated Computer Solutions Inc. www.ics.com Availability 8 ● Need data and functionality to be available when required ● Denial-of-service attacks can prevent this ● Data can be maliciously encrypted ● Ransomware ● Non-malicious events a major cause also
  • 9. Integrated Computer Solutions Inc. www.ics.com Cybersecurity Challenges ● Design to meet standards and minimize risk ● Forest of standards ● Threat landscape constantly evolving ● Design for maintenance ● COTS Sw - but Medical Device lifespan - >10 yrs 9 Requirements & Design Implementation Deployment & Production ● Implementation optimally ● Crypto - Securing Keys - Hw protection ● User Authentication ● Sw Update/Secure Boot ● Maintenance ● Monitoring ● Sw Update cost/complexity
  • 10. Integrated Computer Solutions Inc. www.ics.com Example of Cybersecurity Solution ● Cybersecurity solution developed for key customer ● Medical Device for testing - Touchscreen/QT based ● Device contains test results - potentially PHI (Protected Health Information) ● Cybersecurity Solution here is tied to CPU ● Hardware protection of Sensitive Data is critical Device Secure Hw - Root of Trust
  • 11. Integrated Computer Solutions Inc. www.ics.com Device Cybersecurity for a Medical Embedded Device 11 Qt Application Linux Bootloader Secure Boot Secure Import/Export (WiFi/Eth/USB) Secure User Login Secure Storage Key Storage Sw Updates Data from Device Firewall
  • 12. Integrated Computer Solutions Inc. www.ics.com UL 2900 ● Series of standards relating to cybersecurity and information security ● Aligns with FDA Guidance around Premarket Submissions for Management of Cybersecurity in Medical Devices ● Aligns with NIST principles: Identify, Protect, Detect, Respond, Recover ● Uses NIST standards for many details around acceptable encryption/verification algorithms etc ● Also aligns with the Postmarket Management of Cybersecurity recommended by FDA ● Provides a Framework to structure submissions for regulatory approval 12
  • 13. Integrated Computer Solutions Inc. www.ics.com UL 2900 Series of Standards 13 General Product Requirements Industry Specific ANSI/UL 2900-1 Software Cybersecurity ANSI/UL 2900-2-1 Healthcare Systems ANSI/UL 2900-2-2 Industrial Control Systems ANSI/UL 2900-2-3 Security/Life Safety
  • 14. Integrated Computer Solutions Inc. www.ics.com NIST FIPS 200 User Auth FDA Pre-market Guidance for Mgt of Cybersecurity in Medical Devices Standards Forest 14 UL 2900-1 Software Cybersecurity UL 2900-2-1 Healthcare Sector ISO 14971 Medical Device Risk Mgt NIST FIPS 140-2 Crypto CFR 21 820 Medical Device Quality ISO 27000 Infosec Mgt IEC 80001 Risk Mgt - N/W with Medical Devs ISO 31000 Gen Risk Mgt FDA Post-market Guidance for Mgt of Cybersecurity in Medical Devices HSCC JSP Medical Device Cybersec
  • 15. Integrated Computer Solutions Inc. www.ics.com UL 2900 - Process and Design Mapping 15 Area UL 2900-1 Clause UL 2900-2-1 Clause Requirements Documentation of Product Design Clause 4, 5 Clause 12 ● Design Documentation ● Interface List ● Software BOM Documentation for Product Use Clause 6 Clause 6 ● Encryption of data at rest and in transit ● Authentication of comms Risk Controls and Management Clause 7, 12 Clause 12 ● Risk Mgt Process ● Threat Analysis ● Traceability Matrix ● Risks, Vulnerabilities, Weaknesses Software Analysis Clause 17, 18, 19 ● Software Weakness Analysis ● Static Source Code Analysis ● Static Binary and Bytecode Analysis
  • 16. Integrated Computer Solutions Inc. www.ics.com UL 2900 - Functionality Mapping 16 Area UL 2900-1 Clause UL 2900-2-1 Clause Functionality User Authentication Clause 8 Clause 12.4 ● Secure User Access ● Passwords Remote Comms Clause 9 ● Encryption of data in-transit ● Authentication of comms Sensitive Data Clause 10 Clause 16 ● PHI, PII, IP protection ● Encryption of data at rest/in motion Software Update Clause 11 Clause 12.4 ● Encrypt and Authenticate Updates ● Restrict who can Update ● Secure Boot ● Product Decommissioning ● Security Log
  • 17. Integrated Computer Solutions Inc. www.ics.com UL 2900 - Security (Penetration) Testing Mapping 17 Area UL 2900-1 Clause UL 2900-2-1 Clause Functionality Software Evaluation Clause 13 ● Check for known vulnerabilities from NVD ● Process for handling security vulnerabilities documented Penetration Testing Clause 14, 15, 16 ● Malware Testing/Scanning ● Malformed Input Testing ● Structured Penetration Testing ● DoS test ● Elevate Privilege Test ● Scan ports, i/fs and services
  • 18. Integrated Computer Solutions Inc. www.ics.com Cybersecurity for Medical Devices vs Your Laptop Your Laptop ● Regularly Updated ● Update Reminders/Antivirus Sw ● Updates from Microsoft/Sw Vendors ● General threats target here first ● 18 Medical Devices Sw ● Seldom updated ● Limited interaction/visibility with internals ● Updates from Manufacturer ● More specialised threats ●
  • 19. Integrated Computer Solutions Inc. www.ics.com The Chain of Trust 19 ‘Human error’ leading cause of data breaches Cloud Hosting App Developer Sw Developer MDM Healthcare Organization
  • 20. Integrated Computer Solutions Inc. www.ics.com The Chain of Trust for Secure Deployment 20 Deployment of a Secure Medical Device needs up-front planning Protected Devices Manufacturing Trusted Secrets/Keys Organization Root of Trust
  • 21. Integrated Computer Solutions Inc. www.ics.com About ICS and Boston UX Creating Transformative Products That Advance Patient Care 21 www.ics.com/medical ICS’ design studio specializes in intuitive touchscreen and multimodal interfaces for high-impact embedded and connected devices. Established in 1987, ICS delivers innovative medtech solutions with a full suite of services to accelerate development, testing and certification of successful next-gen products. ICS and Boston UX are headquartered in Waltham, Mass. with offices in California, Canada and Europe.
  • 22. Integrated Computer Solutions Inc. www.ics.com Delivering a Full Suite of Medtech Services 22 ● Human Factors Engineering ● IEC 62366-UX/UI Design ● Custom Frontend and Backend Software Development ● Development with IEC 62304-Compliant Platform ● Low-code Tools that Convert UX Prototype to Product ● Medical Device Cybersecurity ● AWS and Azure Cloud Services and Analytics ● ISO 14971-Compliant Hazard Analysis ● Software Verification Testing ● Complimentary Software Technology Assessment
  • 23. Integrated Computer Solutions Inc. www.ics.com Thank you! 23 Any questions?
  • 24. Integrated Computer Solutions Inc. www.ics.com 24