Project description
New cybersecurity system to protect medical devices
The healthcare sector has become a major target of cyberattacks. Since electronic medical devices (EMDs) are prone to cyberattacks, measures are needed to ensure the smooth operation of systems and safe storage of data. The EU-funded HEIR project will design a complete threat identification and cybersecurity knowledge base system for local and global applications. The system comprises real-time threat hunting services supported by innovative machine learning technologies, reliable sensitive data sharing through the HEIR privacy aware scheme, and advanced benchmarking based on the measurement of Risk Assessment of Medical Applications score. It will also establish the Observatory for the Security of Electronic Medical Devices that will be accessible by different stakeholders, offering advanced visualisation and awareness on EMD-related threats.
Objective
The health sector is steadily becoming the de facto target for cyberattacks. Based on the most recent ENISA report at the end of 2018, cybersecurity incidents have shown that the healthcare sector is one of the most vulnerable. Focusing specifically on Electronic Medical Devices (EMD), they suffer from numerous and multi-layered vulnerabilities . Default, weak or no password authentication for remote connections, unencrypted traffic or obsolete and insecure cryptographic algorithms, unsupported operating systems, outdated, unmanaged and vulnerable software are among the most serious problems that jeopardise both their smooth operation and the data aggregated and stored. The vision of HEIR is to provide a thorough threat identification and cybersecurity knowledge base system addressing both local (in the hospital / medical centre) and global (including different stakeholders) levels, that comprises the following pillars: (i) Real time threat hunting services, facilitated by advanced machine learning technologies, supporting the identification of the most common threats in electronic medical systems based on widely accepted methodologies such as the OWASP Top 10 Security Risks and the ENISA Top 15 Threats; (ii) Sensitive data trustworthiness sharing facilitated by the HEIR privacy aware framework; (iii) Innovative Benchmarking based on the calculation of the Risk Assessment of Medical Applications (RAMA) score, that will measure the security status of every medical device and provide thorough vulnerability assessment of hospitals and medical centres; (iv) The delivery of an Observatory for the Security of Electronic Medical Devices; an intelligent knowledge base accessible by different stakeholders, providing advanced visualisations for each threat identified in RAMA and facilitating global awareness on EMD-related threats. Last, HEIR will set up a broad European network for establishing good security practice in all regulatory frameworks to reduce market access.
Fields of science (EuroSciVoc)
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: The European Science Vocabulary.
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: The European Science Vocabulary.
- natural sciences computer and information sciences software software applications system software operating systems
- natural sciences computer and information sciences computer security cryptography
- natural sciences computer and information sciences artificial intelligence machine learning
You need to log in or register to use this function
We are sorry... an unexpected error occurred during execution.
You need to be authenticated. Your session might have expired.
Thank you for your feedback. You will soon receive an email to confirm the submission. If you have selected to be notified about the reporting status, you will also be contacted when the reporting status will change.
Keywords
Project’s keywords as indicated by the project coordinator. Not to be confused with the EuroSciVoc taxonomy (Fields of science)
Project’s keywords as indicated by the project coordinator. Not to be confused with the EuroSciVoc taxonomy (Fields of science)
Programme(s)
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
-
H2020-EU.3.7. - Secure societies - Protecting freedom and security of Europe and its citizens
MAIN PROGRAMME
See all projects funded under this programme -
H2020-EU.3.7.6. - Ensure privacy and freedom, including in the Internet and enhance the societal, legal and ethical understanding of all areas of security, risk and management
See all projects funded under this programme -
H2020-EU.3.7.4. - Improve cyber security
See all projects funded under this programme
Topic(s)
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Funding Scheme
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
RIA - Research and Innovation action
See all projects funded under this funding scheme
Call for proposal
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
(opens in new window) H2020-SU-DS-2018-2019-2020
See all projects funded under this callCoordinator
Net EU financial contribution. The sum of money that the participant receives, deducted by the EU contribution to its linked third party. It considers the distribution of the EU financial contribution between direct beneficiaries of the project and other types of participants, like third-party participants.
91120 Palaiseau
France
The total costs incurred by this organisation to participate in the project, including direct and indirect costs. This amount is a subset of the overall project budget.