A Security Argument Pattern for Medical Device Assurance Cases

Finnegan, Anita and McCaffery, Fergal (2014) A Security Argument Pattern for Medical Device Assurance Cases. In: The 2nd IEEE International Workshop on Assurance Cases for Software-Intensive Systems, 3rd - 6th November 2014, Naples, Italy.

[thumbnail of PID3398017 ASSURE.pdf]
PDF - Published Version
Download (262kB) | Preview


Medical device security is a growing concern for medical device manufacturers, healthcare delivery organisations and regulators in the industry. Increasingly, researchers are demonstrating exactly how vulnerable these devices are. In many cases, networked medical devices are regarded as a potential weak link within a healthcare IT network that could provide a means to expose the entire network to a malware attack. At present there is no formal method for implementing security risk management practices in the medical device industry. However, with new regulatory guidance being developed by the Food and Drug Administration (FDA), medical devices manufacturers will need to prove that their devices are secure. This paper presents a security case framework that is currently under development. The purpose of this framework is to provide medical device manufacturers and healthcare delivery organisations with a solution to assist both in establishing confidence in the security assurance of medical devices and to also maintain this confidence throughout the lifetime of the device.

Item Type: Conference or Workshop Item (Paper)
Uncontrolled Keywords: Medical devices; Medical device security; Healthcare IT network.
Subjects: Computer Science > Computer Software
Research Centres: Regulated Software Research Centre
Depositing User: Anita Finnegan
Date Deposited: 12 Dec 2014 13:02
Last Modified: 12 Dec 2014 13:02
License: Creative Commons: Attribution-Noncommercial-Share Alike 4.0

Actions (login required)

View Item View Item


Downloads per month over past year