Risk-Oriented Cybersecurity for Medical Devices

This article introduces the risk-oriented medical cybersecurity. We start with a combined security and safety life-cycle for medical products and services, built upon Medical SPICE. Starting with a connected TARA (threat and Risk Analysis) and HARA (Hazard and Risk analysis) we converge to security requirements to harden safety requirements, and thus provide best practices on security engineering. With verification and validation, we investigate static code analysis but also towards specific testing such as fuzzing and penetration testing for medical devices. We show hands-on examples on basis of the COMPASS SecurityCheck and directly connected grey-box PenTesting. The presentation provides hands-on examples and introduces to a hands-on TARA and related PenTest activity.

카테고리 : 프레젠테이션
용량 : 4.44 MB
MD5 Hash : a1bc2a547dfdd24a70e49b2257c23b8e
다운로드 이전 페이지