If you are a CMD manufacturer dealing with complex and incomplete cybersecurity standards — this project developed design-time toolboxes that help you build security directly into the device to ensure regulatory compliance.
Cybersecurity Tools for Connected Medical Devices and Remote Patient Monitoring Systems
Imagine your medical devices are like smartphones; they need updates and protection to keep hackers out. This project creates a guidebook and a set of tools to make sure these devices are safe without making them too complicated for doctors to use. It helps balance the need for high security with the need for a patient to get life-saving care quickly.
What needed solving
Medical device cybersecurity is currently too generic, expensive to implement, and can actually hinder patient care if over-applied. There is a lack of specific tools to manage security when devices from different vendors are connected in a single hospital network.
What was built
A set of cybersecurity toolboxes for manufacturers, system integrators, and hospital operators, along with a risk-benefit scheme to balance security and clinical needs.
Who needs this
Who can put this to work
If you are a system integrator dealing with risks when connecting multiple devices from different brands — this project developed integration tools that identify vulnerabilities when devices are linked in multi-institution scenarios.
If you are a hospital operator dealing with the high cost of maintaining cybersecurity for remote care — this project developed a risk-benefit scheme to apply the right amount of security without obstructing clinical care.
Quick answers
How does this reduce the cost of cybersecurity?
The project provides a risk-benefit scheme to prevent 'too much' cybersecurity, which can be financially costly and obstruct clinical care. Based on available project data, it aims to enable the 'right security at the right place, at low cost'.
Is this solution ready for industrial scale?
The project involves 11 industry partners and 6 SMEs, indicating a strong focus on industrial applicability. It targets the entire lifecycle from design to operation in hospitals.
What are the IP and licensing terms?
Based on available project data, specific licensing terms are not mentioned, but the project focuses on providing recommendations, toolboxes, and guidelines for practitioners.
How does this help with medical regulations?
It reviews guidelines like the MDCG 2019-16 to provide recommendations for improvement and offers compliance assurance tooling to help manufacturers meet regulations.
When will these tools be available?
The project period runs from 2023-01-01 to 2025-12-31, suggesting the final tools and recommendations will be completed by the end of 2025.
How does it integrate with existing hospital systems?
The project includes two hospitals already implementing IoT and remote care scenarios to ensure the tools work during the operation of connected scenarios.
Who built it
The consortium is heavily industry-driven, with 11 out of 14 partners coming from the commercial sector (79% industry ratio), including 6 SMEs. This high concentration of private sector players, combined with two active hospitals and experts from 7 countries, suggests the resulting tools are designed for immediate commercial utility rather than theoretical research.
Contact SINTEF AS in Norway for technical details on the cybersecurity toolboxes.
Talk to the team behind this work.
Contact us to find the specific toolboxes for your medical device category.