论文信息 - Framework to Assist Healthcare Delivery Organisations and Medical Device Manufacturers Establish Security Assurance for Networked Medical Devices

Framework to Assist Healthcare Delivery Organisations and Medical Device Manufacturers Establish Security Assurance for Networked Medical Devices

This paper introduces an assurance framework for networked medical device development. This work is being conducted to address the ever-increasing concerns of medical device security with a specific focus on medical devices to be incorporated into IT networks. The framework utilises a Process Assessment Model and a Process Reference Model to address system development lifecycle processes, security assurance processes and a focused risk management process. There is currently no governance for the development of secure medical devices in place and so, this work sets out to resolve this problem by increasing the awareness of medical device security risks, threats and vulnerabilities among Medical Device Manufacturers, IT vendors and Healthcare Delivery Organisations.

Fergal McCaffery | Anita Finnegan | Gerry Coleman

[1] Fergal McCaffery,et al. Development of a Process Assessment Model for Assessing Security of IT Networks Incorporating Medical Devices against ISO/IEC 15026-4 , 2013, HEALTHINF.

[2] T. Ngqondi,et al. The ISO/IEC 27002 and ISO/IEC 27799 information security management standards : a comparative analysis from a healthcare perspective , 2009 .

[3] Joint Task Force. Recommended Security Controls for Federal Information Systems and Organizations , 2009 .

[4] 日本規格協会. 情報技術-セキュリティ技術-情報セキュリティマネジメントシステム-要求事項 : 国際規格ISO/IEC 27001 = Information technology-Security techniques-Information security management systems-Requirements : ISO/IEC 27001 , 2005 .