Page 144 - Safety Risk Management for Medical Devices
P. 144

CHAPTER 14


                   Influence of Security on Safety





                   Abstract
                      Medical devices are becoming progressively more connected to other healthcare systems, and the
                      cybersecurity attack surface is becoming larger. Security exploits can be used to harm patients in
                      many ways. Safety impact of cybersecurity exploits must be considered in the overall residual safety
                      risk of medical devices.

                   Keywords: Cybersecurity; exploits; safety; security threat


                   Medical devices are becoming progressively more connected to other healthcare
                   systems, and the cybersecurity attack surface is becoming larger. Security exploits can
                   be used to harm patients in many ways. Because this book is focused on the safety
                   risks of medical devices, we will stay focused on the impact of security on the safety
                   risks of medical devices.
                      Security risk analysis is a parallel and related process to safety risk management.
                   With respect to safety, security is another potential source of Hazards. The types of
                   security-related Hazards include:
                      •  Unavailability—a security attack may cause the medical device to become
                         unavailable. In some cases, e.g., life-supporting medical devices, this would cre-
                         ate a Hazard.
                       •  Change of programming or code—a security attack could alter the code or
                         programming parameters of a medical device, thus altering its behavior or
                         performance.
                      As seen in Fig. 14.1, there is an inverse direction of impact when safety and secu-
                   rity aspects are compared. In the domain of safety, humans are potentially harmed by
                   Hazards from the medical devices. For security, the medical device is the potential tar-
                   get of harm by intended or accidental attacks carried out by humans. The security of
                   a medical device might impact its safety, and loop back to harm the humans.
                      Security threats can be divided into three groups:
                      Group 1. Intentional—Malicious (aims to harm)
                      Group 2. Intentional—Misuse (aims to do good; e.g., get around a cumbersome
                                user interface)
                      Group 3. Unintentional—Use error


                   Safety Risk Management for Medical Devices                    r 2018 Elsevier Ltd.
                   DOI: https://doi.org/10.1016/B978-0-12-813098-8.00014-3         All rights reserved.  123
   139   140   141   142   143   144   145   146   147   148   149