A patient safety approach for assessing medical device vulnerabilities

As healthcare systems grow increasingly connected, the risk of medical device vulnerabilities expands with it. This joint whitepaper by Medcrypt and The AbedGraham Group provides a clinically informed, patient safety–driven approach to evaluating and prioritizing vulnerabilities in connected medical devices. Using real-world use cases and quantitative analytics, it demonstrates how technical flaws like Ripple20 and BlueKeep translate into tangible clinical, operational, financial, and regulatory risks—and offers a framework for mitigation that aligns with both cybersecurity and patient safety objectives.

Traditional vulnerability scoring systems (e.g., CVSS) don’t capture the real-world clinical impact of a cyber event. A vulnerability that seems minor on paper could disrupt patient care, while others may be less impactful than headlines suggest. This paper reframes vulnerability management through a patient safety lens, helping both manufacturers and healthcare delivery organizations prioritize threats based on how they affect clinical workflows and outcomes—not just technical severity.

‍

• Vulnerabilities must be assessed within clinical context, not in isolation.
• Ripple20 and BlueKeep highlight systemic risks in connected care environments.
• CVSS scores alone fail to convey the patient safety implications of device exploits.
• A dual proactive/reactive approach—“shift security left” during design, then monitor continuously—offers the most sustainable defense.
• Collaboration between manufacturers and providers is essential for effective risk management and regulatory compliance.

1. Introduction: Getting Medical Device Cybersecurity Right
   
   • Why security must be built in, not bolted on
   • Balancing safety, utility, and security
   • The role of proactive security mechanisms (root of trust, encryption, SBOM)
2. Getting Cryptography Right
   
   • Two key dimensions: strength of protection & key management
   • Factors that influence success: scalability, cost, agility, compliance, and trust
3. Core Cryptographic Concepts
   
   • Algorithms: symmetric vs asymmetric
   • Algorithm implementation and lifecycle management
   • Key generation, protection, and rotation practices
   • Certificates and Public Key Infrastructure (PKI)
   • The role of the root of trust (RoT)
4. Achieving Security Through Cryptography
   
   • How cryptography supports confidentiality, integrity, and authenticity
   • Mapping functions to device security needs (access, data protection, code protection)
5. Security Functions Provided by Cryptography
   
   • Device identity and authentication
   • Data protection (at rest and in transit)
   • Code signing and secure boot processes
6. Cryptography in Device Design
   
   • Design-time considerations (hardware, key protection, crypto management)
   • Secure provisioning and manufacturing practices
   • Postmarket support and exception handling
7. Cryptographic Foundation and Infrastructure
   
   • Designing crypto architecture and PKI
   • Certificate structure, lifecycle, and format
   • Implementing scalable cryptographic infrastructure
8. Common Mistakes in Cryptographic Implementations
   
   • Shared keys, lack of lifecycle management, poor algorithm choices
   • Misapplied IT cryptography in device contexts
9. Cryptography in Resource-Constrained Devices
   
   • Design tradeoffs for low-power or implantable devices
   • Balancing performance, longevity, and security
10. Conclusion: What Now?
    
    • Practical steps to “get security right”
    • Recommendations for building trust with cryptography