Periodic Reporting for period 2 - SEPTON (SECURITY PROTECTION TOOLS FOR NETWORKED MEDICAL DEVICES)
Período documentado: 2024-06-01 hasta 2025-11-30
SEPTON aims to address the gap in generic technologies and processes referring to the IT network infrastructure with a holistic approach towards reinforcing networked medical devices (NMDs) security within healthcare premises. SEPTON will advance cutting-edge solutions in healthcare cybersecurity, focusing on NMDs & will result in a comprehensive cybersecurity toolkit providing tools & mechanisms to be used in hospitals & care centres for a) NMDs protection, including wearable devices & implants, with techniques such as polymorphism, b) secure & privacy preserving data exchanges between NMDs, using blockchain, differential privacy and encryption, c) behavioural anomaly detection, using a cybersecurity analytics framework coupled with ML & hardware acceleration, to increase performance and d) NMD vulnerability assessment. The usability of the solutions will be tested in a realistic setup via pilots, facilitated by a healthcare organisation & a medical device manufacturer.
During the project implementation, SEPTON performed comprehensive technical and scientific activities addressing cybersecurity protection of Networked Medical Devices (NMDs). The project conducted an extensive review and analysis of existing standards, regulatory frameworks, and operational practices relevant to NMD cybersecurity. This provided the foundation for the design and implementation of four representative use cases covering the full NMD ecosystem, which included the demonstration of all tools developed within the project. These use cases address protection of implantable and wearable medical devices, secure operation of hospital network infrastructures, and secure data exchange across interconnected healthcare organisations and were validated in a unified narrative which included 3 implementation zones: 1. device-to-patient communication, 2. hospital network security and 3. beyond the hospital - Securing Inter-Hospital Collaboration. The SEPTON use cases were based on a comprehensive set of functional and non-functional user, technical and system requirements guiding the design and implementation of the project solutions.
Using this narrative, all the individual techniques developed within SEPTON where demonstrated to relevant stakeholders in various project phases, including device-level protection tools, data-exchange and infrastructure level protection tools and one visualization tool (SEPTON dashboard), which serves as the integration point of the SEPTON toolkit and the visualization & management environment of the SEPTON end user. All these techniques comprise a multi-layered cybersecurity toolkit addressing device, communication and infrastructure protection requirements.
Overall, SEPTON successfully established and validated in two pilot demonstration days hosted in EMC (NL) and EBIT (IT), an integrated, multi-layered cybersecurity solution tailored to the operational, safety, and performance constraints of networked medical devices, providing a scientifically validated foundation for further technology maturation and adoption in healthcare cybersecurity environments.
Using this narrative, all the individual techniques developed within SEPTON where demonstrated to relevant stakeholders in various project phases, including device-level protection tools, data-exchange and infrastructure level protection tools and one visualization tool (SEPTON dashboard), which serves as the integration point of the SEPTON toolkit and the visualization & management environment of the SEPTON end user. All these techniques comprise a multi-layered cybersecurity toolkit addressing device, communication and infrastructure protection requirements.
Overall, SEPTON successfully established and validated in two pilot demonstration days hosted in EMC (NL) and EBIT (IT), an integrated, multi-layered cybersecurity solution tailored to the operational, safety, and performance constraints of networked medical devices, providing a scientifically validated foundation for further technology maturation and adoption in healthcare cybersecurity environments.
SEPTON has generated a comprehensive portfolio of results that advance the state of the art in cybersecurity protection for Networked Medical Devices (NMDs).
The project delivered an up-to-date scientific review of current standards and practices in the field of NMDs and a set of use cases related to their protection, reflecting realistic healthcare deployment scenarios.
SEPTON has also designed and developed device-level protection tools, data-exchange and infrastructure level protection tools and one visualization tool (SEPTON dashboard), which serves as the integration point of the SEPTON toolkit. The impact of SEPTON extends beyond the current state of the art by introducing a holistic, lifecycle-oriented cybersecurity framework specifically tailored to the constraints and safety requirements of networked medical devices. The project advances existing approaches by combining device-level security, secure communication mechanisms, distributed trust technologies, privacy-preserving analytics, and integrated monitoring.
The achieved results are expected to contribute to:
- Improved management of cybersecurity information sources; more effective vulnerability remediation, enhanced prevention and detection; reducing the impact of incidents, increasing the level of awareness and preparedness for the domain of networked medical devices
-Improving the innovation capacity and fostering the integration of new knowledge
-Offering competitive advantages for key stakeholders (medical device manufacturers, vendors, SMEs, cybersecurity agencies)
-Bringing clear benefits to the society.
To ensure further uptake and success of the project outcomes, additional activities are recommended, including: further research and validation activities to increase technology readiness levels, large-scale demonstration and clinical integration testing, support for standardisation, strengthening exploitation strategies, facilitation of commercialisation pathways, and promotion of international collaboration and collaborative initiatives. Overall, SEPTON delivered a technological and methodological foundation supporting the development of secure, trustworthy, and resilient networked medical device ecosystems.
The project delivered an up-to-date scientific review of current standards and practices in the field of NMDs and a set of use cases related to their protection, reflecting realistic healthcare deployment scenarios.
SEPTON has also designed and developed device-level protection tools, data-exchange and infrastructure level protection tools and one visualization tool (SEPTON dashboard), which serves as the integration point of the SEPTON toolkit. The impact of SEPTON extends beyond the current state of the art by introducing a holistic, lifecycle-oriented cybersecurity framework specifically tailored to the constraints and safety requirements of networked medical devices. The project advances existing approaches by combining device-level security, secure communication mechanisms, distributed trust technologies, privacy-preserving analytics, and integrated monitoring.
The achieved results are expected to contribute to:
- Improved management of cybersecurity information sources; more effective vulnerability remediation, enhanced prevention and detection; reducing the impact of incidents, increasing the level of awareness and preparedness for the domain of networked medical devices
-Improving the innovation capacity and fostering the integration of new knowledge
-Offering competitive advantages for key stakeholders (medical device manufacturers, vendors, SMEs, cybersecurity agencies)
-Bringing clear benefits to the society.
To ensure further uptake and success of the project outcomes, additional activities are recommended, including: further research and validation activities to increase technology readiness levels, large-scale demonstration and clinical integration testing, support for standardisation, strengthening exploitation strategies, facilitation of commercialisation pathways, and promotion of international collaboration and collaborative initiatives. Overall, SEPTON delivered a technological and methodological foundation supporting the development of secure, trustworthy, and resilient networked medical device ecosystems.