Composite risk modeling for automated threat mitigation in medical devices

Aakarsh Rao, Jerzy Rozenblit, Roman Lysecky, Johannes Sametinger

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Medical device security is a growing concern with increasing incorporation of complex software and hardware. Security threats exploiting vulnerabilities in medical devices may directly impact patient safety. Standardization and federal organizations are hence, actively involved in setting up new paradigms for guidance and regulation of security throughout the lifecycle. To protect medical devices against threats a risk-based framework that continually manages and assesses security risks along with their proactive addressing is highly recommended. In this paper, we model a multi-modal design approach for risk assessment in medical devices and propose an adaptive remediation scheme to mitigate security threats. Our multi-modal approach is integrated into the hardware-software development with a middleware for interaction between the modes. This provides an effective premarket risk management while the adaptive remediation scheme pro-actively mitigate risk during postmarket deployment. We model our approaches in detail and demonstrate them in a pacemaker design model and deployment scenario.

Original languageEnglish (US)
Title of host publicationSimulation Series
EditorsJerzy W. Rozenblit, Johannes Sametinger
PublisherThe Society for Modeling and Simulation International
Pages90-99
Number of pages10
Edition6
ISBN (Electronic)9781510838253
StatePublished - 2017
Event4th Modeling and Simulation in Medicine Symposium, MSM 2017, Part of the 2017 Spring Simulation Multi-Conference, SpringSim 2017 - Virginia Beach, United States
Duration: Apr 23 2017Apr 26 2017

Publication series

NameSimulation Series
Number6
Volume49
ISSN (Print)0735-9276

Conference

Conference4th Modeling and Simulation in Medicine Symposium, MSM 2017, Part of the 2017 Spring Simulation Multi-Conference, SpringSim 2017
Country/TerritoryUnited States
CityVirginia Beach
Period4/23/174/26/17

Keywords

  • Hardware-software design
  • Medical device security
  • Risk management
  • Security threats

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Composite risk modeling for automated threat mitigation in medical devices'. Together they form a unique fingerprint.

Cite this