Cybersecurity for Connected Medical Devices
- 1st Edition - November 9, 2021
- Imprint: Academic Press
- Author: Arnab Ray
- Language: English
- Paperback ISBN:9 7 8 - 0 - 1 2 - 8 1 8 2 6 2 - 8
- eBook ISBN:9 7 8 - 0 - 1 2 - 8 1 8 2 6 3 - 5
The cybersecurity of connected medical devices is one of the biggest challenges facing healthcare today. The compromise of a medical device can result in severe consequences for bo… Read more
Purchase options
Institutional subscription on ScienceDirect
Request a sales quoteThe cybersecurity of connected medical devices is one of the biggest challenges facing healthcare today. The compromise of a medical device can result in severe consequences for both patient health and patient data. Cybersecurity for Connected Medical Devices covers all aspects of medical device cybersecurity, with a focus on cybersecurity capability development and maintenance, system and software threat modeling, secure design of medical devices, vulnerability management, and integrating cybersecurity design aspects into a medical device manufacturer's Quality Management Systems (QMS). This book is geared towards engineers interested in the medical device cybersecurity space, regulatory, quality, and human resources specialists, and organizational leaders interested in building a medical device cybersecurity program.
- Lays out clear guidelines for how to build a medical device cybersecurity program through the development of capabilities
- Discusses different regulatory requirements of cybersecurity and how to incorporate them into a Quality Management System
- Provides a candidate method for system and software threat modelling
- Provides an overview of cybersecurity risk management for medical devices
- Presents technical cybersecurity controls for secure design of medical devices
- Provides an overview of cybersecurity verification and validation for medical devices
- Presents an approach to logically structure cybersecurity regulatory submissions
Systems, software, and biomedical engineers working at medical device manufacturers and managers/leaders at medical device manufacturers, systems engineers and clinical/biomedical engineers working in clinical settings with medical devices
- Cover image
- Title page
- Table of Contents
- Copyright
- Dedication
- Preface
- Acknowledgment
- Chapter One. Introduction to medical device cybersecurity
- Medical device cybersecurity: a brief history
- Connectivity
- Patient safety and usability
- Long device lifetimes
- Cybersecurity being a shared responsibility
- Cybersecurity patch delivery
- Cybersecurity risk management
- Lack of information sharing
- Shortage of cybersecurity talent
- Cybersecurity culture
- The Product Cybersecurity Organization
- Chapter Two. Basic cybersecurity concepts
- A bag full of diamonds
- Understanding cybersecurity risk
- Cybersecurity controls
- Summary and key takeaways
- Chapter Three. Regulatory overview
- Introduction
- Regulations, quality, and the medical device quality management system
- Structure of a medical device quality management system
- Summary of regulatory requirements for cybersecurity
- Standards
- Medical device manufacturer–specific cybersecurity standards
- Supporting medical device manufacturer–specific standards
- Integrating regulatory requirements into a medical device quality management system
- Summary and key takeaways
- Chapter Four. The Product Cybersecurity Organization
- Introduction
- The NIST cybersecurity framework
- Summary and key takeaways
- Chapter Five. Cybersecurity risk management-I
- Introduction
- Threat modeling
- Identifying the system
- Subsystem (software and hardware) cybersecurity risk modeling
- System cybersecurity risk modeling
- Summary and key takeaways
- Chapter Six. Cybersecurity risk management-II
- Introduction
- Defining risk acceptability at system level
- Defining risk response for system threats
- Defining risk response for subsystem–level threats that pose “unacceptable” risk at the subsystem level
- Risk–benefit analysis
- Chapter Seven. Cybersecurity design engineering
- Introduction
- Secure requirements
- Secure system specification and implementation
- Secure system verification and validation
- Labeling for security
- Summary and key takeaways
- Chapter Eight. Supply chain cybersecurity risk management, secure product development, secure manufacture, vulnerability management, and cybersecurity training
- Introduction
- Product supply chain risk management
- Secure product development
- Secure manufacture
- Vulnerability management
- Summary and key takeaways
- Chapter Nine. Product security governance and regulatory compliance
- Introduction
- Product security governance
- Standards and regulatory compliance
- Summary and key takeaways
- Afterword
- Index
- Edition: 1
- Published: November 9, 2021
- Imprint: Academic Press
- No. of pages: 332
- Language: English
- Paperback ISBN: 9780128182628
- eBook ISBN: 9780128182635
AR
Arnab Ray
Arnab Ray has more than fifteen years of experience in cybersecurity and the engineering of high-confidence software systems. He has led product cybersecurity teams at multiple medical device manufacturers and has been responsible for the security architecture of several medical devices. Arnab Ray has a Ph.D. in Computer Science from Stony Brook University.
Affiliations and expertise
Professional cybersecurity engineer, medical device manufacturing industry, California, USARead Cybersecurity for Connected Medical Devices on ScienceDirect