Security and Privacy Assessment for Medical Technical Devices: A Playbook for Evaluating Cybersecurity and Privacy

This thesis presents a detailed assessment methodology for medical devices that use Bluetooth connectivity, incorporating both technical and privacy considerations. The framework, referred to as the playbook, provides a practical guide for Sykehuspartner to better evaluate and mitigate cybersecurity risks before procuring new medical technical equipment connected to applications with Bluetooth. The evaluation of privacy and Application Programming Interface (API) security in the procurement process of medical technical equipment is addressed in the research. The study introduces a playbook divided into four sections: network traffic, Bluetooth security, terms/conditions of use, and token security. The playbook consists of questions for each section and incorporates a scoring system. The playbook also provides guidance for answering the questions. Through the use of a Man-in-the-Middle proxy and relevant documentation, suppliers can be effectively compared. The research aims to enhance privacy and security evaluations, ensuring the protection of sensitive data and promoting secure interactions within healthcare information systems. The playbook should be improved before being used by Sykehuspartner. The playbook is not completely tested and should be improved before it can be an effective asset to Sykehuspartner in the procurement process

A Survey on Wireless Sensor Network Security

Wireless sensor networks (WSNs) have recently attracted a lot of interest in the research community due their wide range of applications. Due to distributed nature of these networks and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. This problem is more critical if the network is deployed for some mission-critical applications such as in a tactical battlefield. Random failure of nodes is also very likely in real-life deployment scenarios. Due to resource constraints in the sensor nodes, traditional security mechanisms with large overhead of computation and communication are infeasible in WSNs. Security in sensor networks is, therefore, a particularly challenging task. This paper discusses the current state of the art in security mechanisms for WSNs. Various types of attacks are discussed and their countermeasures presented. A brief discussion on the future direction of research in WSN security is also included.Comment: 24 pages, 4 figures, 2 table