Studente BRANDOZZI, MARCO
Facoltà/Dipartimento Dipartimento Ingegneria dell'Informazione
Corso di studio BIOMEDICAL ENGINEERING
Anno Accademico 2019
Data dell'esame finale 2020-07-21
Titolo italiano Strumenti di valutazione del rischio cyber per reti e dispositivi medici
Titolo inglese Cyber risk assessment tools for medical networks and devices
Abstract in inglese The interoperability of medical devices and their incorporation onto IT networks are becoming even more pervasive. This coupled with the increase in cyber-attacks on the IT-Networks incorporating medical devices of the Health Delivery Organizations, make the risks to patient safety and data and system security an issue to be considered within the responsible organization risk management process along the whole life cycle of a medical device. In this context, IEC 80001-1, ISO/TR 80001-2-2 and European Regulation n. 745/2017 represent the main cybersecurity normative framework which manufacturers of medical devices have to comply with. The aim of this work is to provide a tool that can be used by manufacturers to evaluate if their medical devices, intended to be incorporated into a medical IT network, conform to the cybersecurity European regulation and most relevant technical standards requirements focused, in particular, on the patient safety. The tool consists of an excel check list that enables the user to verify if the basic risk controls processes and measures have been applied and if the overall risk management approach have been correctly implemented. The tool has been tested in a company developing medical device software for healthcare organizations, BiMind srl. The analysis of results showed that the medical device software concerned is secure as expected, but the tool also highlighted that some process and product security aspects have to be improved in order to further reduce the cybersecurity risks. Nowadays, the patient safety and data and system security results to be critical. However, despite its relevance the topic is not homogeneously regulated today. For this reason a tool concerning the compliance assessment it would be helpful to manufacturers for ensuring an acceptable level of cybersecurity for a medical device integrated in IT-network.
Relatore BALDI, MARCO
Controrelatore CHIARALUCE, FRANCO
Appare nelle tipologie: Laurea specialistica, magistrale, ciclo unico
File in questo prodotto:
File Descrizione Dimensione Formato  
FRONTESPIZIO FIRMATO DAI PROFESSORI.pdf Frontespizio tesi firmato da relatore correlatore e laureando 130.62 kB Adobe PDF Visualizza/Apri
CYBER RISK ASSESSMENT TOOLS FOR MEDICAL NETWORKS AND DEVICES.pdf 1.59 MB Adobe PDF Visualizza/Apri

I documenti in UNITESI sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/20.500.12075/3954