Cyber securitY tooLbox for COnnected MEdical Devices

CYLCOMED addresses the overall ambitious goal of strengthening the cybersecurity of connected, in vitro diagnostic and software as medical devices (CMDs, IVDs, SaMD), maintaining their performance and safety for patients and preserving or enhancing the confidentiality, integrity and availability of private data they exchange or allow to be remotely accessed and focusing on humans operating the technology as the weakest link in the chain for security and privacy, with training and awareness measures tailored to healthcare staff needs. It does so by enabling adoption by all ecosystem stakeholders of technologically sovereign and trustworthy cybersecurity methodologies and toolboxes for connected medical devices and the environments in which they are managed and operate (platforms), complemented with fit-for-purpose guidance covering identified risks and gaps.

WP3 Requirements finalization and Initial guidelines (M1-M18)
Description: This task has defined the final set of functional, non-functional, and end-user requirements for the CYLCOMED toolbox that has been elicited in relation to the legal and ethical requirements defined in WP2 so that the design technical solution considers different aspects regarding needed functionalities, compliance to the current regulations, performance, user-friendly and usability.
It has conducted an in-depth analysis specific to end-user operational domains in which CMD/IVD/SaMD integrate, covering all risk classes and corresponding threats, and attacks with potential propagation effects to map in detail the tools to act as effective countermeasures.
The last set of functional, non-functional, and end-user requirements for the CYLCOMED toolbox has been collected in D3.2.
A preliminary assessment of MDCG 2019-16 was provided in the task, highlighting significant omissions and proposing a comprehensive list of suggestions to enhance the regulatory framework for the Internet of Medical Things. The results of that analysis were collected in deliverable D3.3.

WP4 Risk Management
The Purpose of D4.2 (T4.2) is to report the status of the CYLCOMED risk management tool (first release) and the CYLCOMED benefit-risk analysis process design. In this document, the risk management process of ISO 14971:2019 for managing medical devices is presented, with stronger focus on the risk analysis part of the process flow. A brief introduction of the benefit-risk analysis methods used in healthcare is provided, following the presentation of the developed generalized benefit-risk analysis method. Also, the first release of the CYLCOMED risk management tool is also documented.

WP5 Toolbox
The CYLCOMED project’s Work Package 5 (WP5) focuses on the design and implementation of a comprehensive cybersecurity toolbox tailored for connected medical devices (CMDs). The primary goal of WP5 is to develop advanced tools and solutions to enhance the security and integrity of CMDs and their associated platforms, addressing the unique cybersecurity challenges posed by the healthcare environment. The tasks within WP5 cover a broad range of functionalities, including AI-based behavioral analysis, secure device management, identity and access management, device integrity, and a centralized security dashboard. These efforts are crucial for protecting CMDs from potential cyber threats and ensuring the safe operation of medical devices in real-world healthcare settings.

During the first 18 months, significant advancements were made across various components of the CYLCOMED cybersecurity toolbox. One of the key innovations is the development of AI-based log monitoring methods using unsupervised machine learning to model normal CMD behavior on the network, allowing for the detection of potential attacks or malfunctions without relying on predefined rules. This led to successfully integrating the Live Anomaly Detection System (LADS) with Docker and Kubernetes environments, ensuring comprehensive analysis of the deployment environment. The training process was optimized to enable deployment on lower-end hardware like NUCs, maintaining model accuracy and performance.

In addition, the project developed tools for secure management of connected medical solutions, ensuring devices are up-to-date with security patches and configurations through over-the-air updates. This was achieved using an infrastructure-as-code approach, deploying Mender Server, Workstation, and Client for performing these updates to target machines like Ubuntu and Raspberry Pi. This approach allows for zero-touch operation, significantly enhancing the security and efficiency of device management.

Moreover, the project focused on designing and implementing decentralised, user-centric identity management and access control solutions based on Self-Sovereign Identity (SSI) and Attribute-Based Encryption (ABE). These solutions ensure secure identity management and privacy-friendly data exchange among devices and healthcare providers. The successful implementation and deployment of key generator, encryption/decryption modules, and secure data access flow were achieved, with initial integration and testing on RGB infrastructure.

Another significant development was the incorporation of security features into a standard external Linux-based board connected to medical monitoring devices. This approach avoids the need for re-certification of existing medical devices while ensuring robust security. The integration of ATOS’s encryption tools for secure data storage and transmission was a key achievement, with functional prototypes of security modules developed and initial testing completed.