Ensuring Runtime Trust in Connected Medical Devices

Connected Medical Devices (CMDs) have transformed modern healthcare by enabling real-time monitoring, advanced diagnostics, and personalised patient care. However, their integration into healthcare systems also introduces critical cybersecurity challenges. As a partner in the ENTRUST project, the University of Piraeus Research Center (UPRC) is addressing these challenges by advancing trust assurance mechanisms, with a particular focus on developing cutting-edge runtime attestation frameworks. In the article below, Vaios Bolgouras, Ph.D. candidate and researcher in cybersecurity at UPRC, shares insights into this work.

Establishing Runtime Trust 

In the ENTRUST project, the University of Piraeus Research Center (UPRC) plays a pivotal role in strengthening the cybersecurity and trustworthiness of Connected Medical Devices (CMDs). Their expertise focuses on designing and implementing Runtime Attestation Mechanisms and Continuous Certification frameworks—essential components for ensuring CMDs remain secure, reliable, and resilient throughout their operational lifecycle. 

Within ENTRUST, innovative methodologies are being developed to dynamically assess the security state of CMDs in real-time. By continuously monitoring and validating device configurations at runtime, the project ensures CMDs operate as intended and are protected against unauthorised changes. The integration of formal verification processes into runtime attestation enables automatic detection of deviations from expected security baselines, empowering healthcare organisations to identify vulnerabilities early and respond swiftly to potential cyber incidents. This proactive approach reduces downtime and enhances overall device reliability. 

ENTRUST also advances comprehensive methods for aggregating and analysing attestation evidence at scale, addressing the complexity of modern medical infrastructures. This evidence aggregation enables efficient detection of trust degradation across large ecosystems of devices, helping healthcare providers uphold high operational standards and comply with regulatory requirements. In addition, the project contributes to secure lifecycle management protocols, incorporating advanced attestation schemes and secure update mechanisms to sustain device trustworthiness over time. Through these innovations, ENTRUST reinforces the integrity and security of connected healthcare systems, paving the way for safer, more resilient medical technologies. 

Impact and Future Directions 

The methodologies and technologies developed within the ENTRUST project form a critical foundation for the future of cybersecurity frameworks in healthcare. ENTRUST is committed to advancing these solutions with a strong focus on scalability, interoperability, and resilience—ensuring they can meet the evolving security needs of modern healthcare ecosystems. The project is driving forward innovations that enable healthcare providers and patients to trust the connected devices at the heart of modern medicine, ultimately safeguarding health outcomes and improving patient safety. 

 This blog post was written by ENTRUST partner UPRC.  

Don’t miss our next updates! Follow us on LinkedIn and Bluesky and be part of the conversation.