ENTRUST sits at the forefront of digital transformation for the Healthcare domain as it moves into the next generation of Connected Medical Devices, where the expansion of connectivity and data processing capabilities and resources at the edge have revolutionized the health sector by improving outcomes, lowering healthcare costs, and enhancing patient safety.
As the number of devices grows, so does the attack surface. Cyberattacks targeting healthcare organizations and their infrastructure could compromise clinical data and personal health information. This increases the already critical need for more robust medical device security and trust management, including strong authentication capabilities and device operational assurance.
Introducing the Dynamic Trust Assessment
Towards this direction, the ENTRUST innovations not only disrupt the CMD value chain and impact all stakeholders by putting dynamic trust assessment as a new dimension of quality of a devices’ operational profile but are also a significant driver to overcome existing gaps (in current standards - MDCG 2019-16) in the security of such complex systems.
ENTRUST project aims to tackle the lack of cybersecurity implementations in connected medical devices (CMDs) without limiting their applicability. Its trust management architecture holistically manages the lifecycle of CMDs, starting from formally verified design-time trust models, and risk assessment processes to secure lifecycle procedures and real-time conformity certificates based on novel runtime attestation mechanisms and distributed ledgers.
The added value and effectiveness of the ENTRUST Framework will be evaluated in four real-world use cases ranging from wearable and medical devices used for remote patient monitoring to high-end stationary equipment used in hospitals and clinics.
A Holistic Approach
Dynamic trust assessment and reasoning well-suited for medical devices to establish security and privacy in zero-trust paradigm, considering the latest technological advancements and connection extensions.
Security- and privacy-by-design through formally defined trust models and protection profiles for minimizing zero-day exploits and threats.
Post-market surveillance and runtime verification of medical devices trustworthiness through cryptographically verifiable security proofs and efficient attestation.
Extend the current conformity assessment and certification standards to post-market with the introduction of real-time Conformity Certificates based on runtime verifiable evidence.
Auditable security and CMD lifecycle management through AI-based misbehavior detection towards building on a Blockchain-based hub of threat intelligence knowledge.
Integrate and validate the ENTRUST Trust Management Framework for medical devices through real-world pilots to assess its effectiveness.
ENTRUST is dedicated to ensuring end-to-end trust management of medical devices, securing trust and privacy across the entire medical ecosystem. Our comprehensive approach integrates cybersecurity features, formally verified trust models, risk assessment processes, secure lifecycle procedures, robust security policies, and technical recommendations. Explore how ENTRUST's technical goals are reshaping the future of security in the medical domain through precision and innovation.