A systematic review of security and safety standards and guidelines applicable to both healthcare and health IT systems in general. The analysis will identify the main recommendations and concepts behind each standard and will perform a gap analysis with respect to the MDCG 2019-16 regulatory guidelines. Additionally, an elaboration and analysis of typical and alternative architectures for IoMT will be performed to include system-driven risk-based threat modelling, vulnerability analysis, fault tree, Failure Mode and Effect Analysis (FMEA), and architectural patterns that substantially support specific classes of safety and security properties. The purpose is to define and implement the appropriate processes and workflows based on best practices and compliant with existing legal and regulatory ramifications in both security engineering and resilience lines of effort.

​

​

The project will examine modelling the integrated risk assessment approach proposed by ENISA, along with modelling the minimum viable security concepts required for assurance, which will be found in the literature. This will harmonize different security approaches and allow the transformation of terminology used in legacy certifications and the application of different standards. Assurance Automation design encompasses architectural, behavioural and communication modelling, semantic modelling (ontologies), modelling of essential characteristics, trust modelling of interfaces (contracts), as well as characterization of vulnerabilities analysis of design and implementation representations (design and code) to verify essential characteristics and marshalling of demonstrably sufficient evidence to support medical device safety/security certification (assurance cases).

​

​

Develop assurance cases patterns and blueprints that are composable to demonstrate satisfaction of conformance with standards, regulations, legal obligations, and security-for-safety objectives by incorporating evidence from the architecture, design and implementation analyses of medical device connectivity solutions. In addition, the project will look at the interoperability software standards used in healthcare, and will implement interfaces that will assure the secure integration of components when their individual contracts are satisfied by their respective manufacturers. This will include developing of FHIR profiles for security assurance, and code security review and implementation of RESTful code (which is the main standard in healthcare). A related tool will allow the generation of secure code based on the different data exchange configurations.

​

​

Industry validation of new risk assessment and security assurance methods and tools will take place in the context of the MedSecurace. Pilot case evaluations by multiple Medical Devices suppliers under three project Use Cases for evaluating automated security assurance tools and methods. An appropriate architecture for implementing the process and enabling traceability between the system-level and component-level security requirements in IoMT via the programme will be developed.

​

​

The project will propose updates to the guidance that will bridge the gaps that will be identified. Furthermore, the project will expand the guidance, offering specific methods to be used (or references to standards) appropriate for each stage of the lifecycle and each architecture. Trade-off studies among alternative implementation technologies to inform choices will be needed to provide rationale for those choices. The proposed lifecycle and methods will correspond to a minimum assurance justification that will be identified by the prevailing certification authority. The project will incorporate a co-production approach identifying appropriate stakeholders who will offer knowledge and expertise, including regulators, manufacturers as well as operators of medical devices and healthcare facilities.