DHU Radar

ENTRUST: Ensuring Secure & Safe Connected Medical Devices Design with Zero Trust Principles

Keywords: Cybersecurity, Data Protection Policies, Digital Health Infrastructure, Digital Health Services, Digital Health Tools, FAIR data management, Health Information Systems, Medical Device
UNIS (Luxembourg) Eindhoven University of Technology (the Netherlands) SINTEF (Norway) UNIVERSITY OF SURREY (UK) Universidad de Murcia (Spain) University of Piraeus Research Centre (Greece) SIEMENS (Romania) POLARIS MEDICAL SA (Romania) SPACE HELLAS S.A. (Greece) UBITECH (Greece) QUBITECH (Greece) FUTURE NEEDS MANAGEMENT CONSULTING LTD (Cyprus) Tellu (Norway) RED ALERT LABS (France) Suite5 Data Intelligence Solutions Ltd (Cyprus) Kardinero Medical Systems Inc. (Turkey) SENTIO LABS (Greece) PARTICLE (Portugal) Hospital do Espírito Santo de Évora (Portugal) Mandat International (MI) (Switzerland)
Digital solution and service (e.g. application/digital health portal/platform/AI based system/etc.)
Trust Management ,Post-market Conformity and Certification, Verified Trust Models, Risk Assessment, Secure Lifecycle Procedure, Security Policies
Short description
ENTRUST sits at the forefront of digital transformation for the Healthcare domain as it moves into the next generation of Connected Medical Devices, where the expansion of connectivity and data processing capabilities and resources at the edge have revolutionized the health sector by improving outcomes, lowering healthcare costs, and enhancing patient safety. As the number of devices grows, so does the attack surface. Cyberattacks targeting healthcare organizations and their infrastructure could compromise clinical data and personal health information. This increases the already critical need for more robust medical device security and trust management, including strong authentication capabilities and device operational assurance. Towards this direction, the ENTRUST innovations not only disrupt the CMD value chain and impact all stakeholders by putting dynamic trust assessment as a new dimension of quality of a devices’ operational profile but are also a significant driver to overcome existing gaps (in current standards – MDCG 2019-16) in the security of such complex systems. ENTRUST project aims to tackle the lack of cybersecurity implementations in connected medical devices (CMDs) without limiting their applicability. Its trust management architecture holistically manages the lifecycle of CMDs, starting from formally verified design-time trust models, and risk assessment processes to secure lifecycle procedures and real-time conformity certificates based on novel runtime attestation mechanisms and distributed ledgers. The added value and effectiveness of the ENTRUST Framework will be evaluated in four real-world use cases ranging from wearable and medical devices used for remote patient monitoring to high-end stationary equipment used in hospitals and clinics.
The idea has been formulated and/or research and experiments are underway to test a “proof of concept”
United Kingdom (please specify)
Geographical scope
3 cities
Submitted in other database or repository of digital health resources that is publicly available

Additional information