M. Czekster, Ricardo, Grace, Paul, Marcon, Cesar, Hessel, Fabiano and Cazella, Silvio C. (2023). Challenges and Opportunities for Conducting Dynamic Risk Assessments in Medical IoT. Applied Sciences, 13 (13),
Abstract
Modern medical devices connected to public and private networks require additional layers of communication and management to effectively and securely treat remote patients. Wearable medical devices, for example, can detect position, movement, and vital signs; such data help improve the quality of care for patients, even when they are not close to a medical doctor or caregiver. In healthcare environments, these devices are called Medical Internet-of-Things (MIoT), which have security as a critical requirement. To protect users, traditional risk assessment (RA) methods can be periodically carried out to identify potential security risks. However, such methods are not suitable to manage sophisticated cyber-attacks happening in near real-time. That is the reason why dynamic RA (DRA) approaches are emerging to tackle the inherent risks to patients employing MIoT as wearable devices. This paper presents a systematic literature review of RA in MIoT that analyses the current trends and existing approaches in this field. From our review, we first observe the significant ways to mitigate the impact of unauthorised intrusions and protect end-users from the leakage of personal data and ensure uninterrupted device usage. Second, we identify the important research directions for DRA that must address the challenges posed by dynamic infrastructures and uncertain attack surfaces in order to better protect users and thwart cyber-attacks before they harm personal (e.g., patients’ home) and institutional (e.g., hospital or health clinic) networks.
Publication DOI: | https://doi.org/10.3390/app13137406 |
---|---|
Divisions: | College of Business and Social Sciences > Aston Business School > Cyber Security Innovation (CSI) Research Centre College of Engineering & Physical Sciences College of Engineering & Physical Sciences > School of Computer Science and Digital Technologies > Software Engineering & Cybersecurity College of Engineering & Physical Sciences > School of Computer Science and Digital Technologies |
Additional Information: | Copyright © 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). This research was funded by FAPERGS/RS/Brazil under call CONFAP—UK ACADEMIES, grant reference: 22/2551-0001368-6. |
Uncontrolled Keywords: | cyber security,dynamic risk assessment,medical IoT,systematic literature review,General Engineering,Instrumentation,General Materials Science,Fluid Flow and Transfer Processes,Process Chemistry and Technology,Computer Science Applications |
Publication ISSN: | 2076-3417 |
Last Modified: | 07 Oct 2024 07:48 |
Date Deposited: | 23 Jun 2023 13:12 |
Full Text Link: | |
Related URLs: |
https://www.mdp ... 3417/13/13/7406
(Publisher URL) |
PURE Output Type: | Article |
Published Date: | 2023-06-22 |
Accepted Date: | 2023-06-20 |
Authors: |
M. Czekster, Ricardo
(
0000-0002-6636-4398)
Grace, Paul ( 0000-0003-2363-0630) Marcon, Cesar Hessel, Fabiano Cazella, Silvio C. |