Medical Device Security - Please (don't) be patient!

With this talk I would like to motivate for the sensitive field of application of medical devices and common fundamental vulnerabilities based on real examples as well as recommendations to improve this situation and possible inhibitors. I will pay particular attention to the national and international recommendations published last year by e.g. the BSI and the FDA.

Digital networking is already widespread in many areas of life. Also in the health industry, where more and more medical devices are being interconnected. In the clinical environment these include syringe pumps, active implants or large medical devices such as e.g. MRI and CT. All of these devices have in common that they exchange sensitive health data to work as a unit. Particularly in the clinical environment, the highly complex and critical area of ​​application as well as the long life and intensive use of the devices is a serious problem, since these were usually not designed for this purpose and often lack basic security best practices. A defective or manipulated device can pose a massive threat to a patient’s life.

With this talk I would like to motivate for the sensitive field of application of medical devices and common fundamental vulnerabilities based on real examples as well as recommendations to improve this situation and possible inhibitors. I will pay particular attention to the national and international recommendations published last year by e.g. the BSI and the FDA as the BSI for example published the guiding document CS-132 for medical device manufactureres called “Cyber Security Requirements for Network-Connected Medical Devices” which demands extensive security requirements when not impairing patient safety.

Please consult your doctor or pharmacist for risks and side effects of this presentation.

About the Speaker