IEEE Guidelines Address Software and Medical Device Vulnerabilities

May 19, 2015 in News

The Institute of Electrical and Electronics Engineers has released guidelines aimed at helping software developers create baseline security standards for medical device software development and implementation, Health Data Management reports.

About the Guidelines

According to an announcement, IEEE created the guidelines to help diminish or eliminate security vulnerabilities that could allow unauthorized individuals to access medical devices. IEEE wrote, “Most exploited vulnerabilities are due to accidental implementation errors that can be avoided or significantly reduced through the use of specific programming languages and automated tools for checking software” (Goedert, Health Data Management, 5/19).

The guidelines were drafted by a group of 40 volunteers with experience in:

  • Cybersecurity;
  • Medical device development;
  • Medical device regulation;
  • Medical device standards;
  • Programming languages; and
  • Software engineering.

Guideline Details

The guidelines include a range of coding elements, which are organized into 10 categories, intended to:

  1. Avoid, detect and remove specific vulnerabilities during implementation (IEEE guidelines, 2015);
  2. Assure cryptography is used properly;
  3. Assure software and firmware integrity;
  4. Impede hacker analysis or exploitation;
  5. Enable detection and attribution of an attack (Health Data Management, 5/19);
  6. Help safely degrade device function during an attack;
  7. Help restore device function after attack;
  8. Support maintenance of operational software;
  9. Support privacy requirements; and
  10. Create standards for desired code characteristics (IEEE guidelines, 2015).
Be the first to like.
VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Article source:

Be Sociable, Share!
Bookmark and Share

Leave a reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>