The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

Knowledge modelling for automated risk assessment of cybersecurity and indirect patient harms in medical contexts

Knowledge modelling for automated risk assessment of cybersecurity and indirect patient harms in medical contexts
Knowledge modelling for automated risk assessment of cybersecurity and indirect patient harms in medical contexts
The use of connected medical and in vitro diagnostic devices (CMD&IVD) as part of individual care and self-care practices is growing. Significant attention is needed to ensure that CMD&IVD remain safe and secure throughout their lifecycles — as if a cybersecurity incident were to occur involving these devices, it is possible that in some cases harm may be brought to the person using them. For the effective safety management of these devices, risk assessment is needed that covers both the cybersecurity and patient safety domains. To this end, we present knowledge modelling of indirect patient harms (e.g., misdiagnosis, delayed treatment etc.) resulting from cybersecurity compromises, along with a methodology for encoding these into a previously developed automated cybersecurity risk assessment tool, to begin to bridge the gap between automated risk assessment related to cybersecurity and patient safety.
Automated Risk Assessment, Connected Medical Devices and In Vitro Diagnostic Devices, Cybersecurity, Indirect Patient Harms, Knowledge Modelling, Cyber security
263-274
SciTePress
Senior, Samuel
d35c4a4d-0dc1-4d84-aed6-358e235e5a3f
Carmichael, Laura
3f71fb73-581b-43c3-a261-a6627994c96e
Taylor, Steve
9ee68548-2096-4d91-a122-bbde65f91efb
Surridge, Mike
3bd360fa-1962-4992-bb16-12fc4dd7d9a9
Vilalta, Xavier
76842a50-da86-491d-a41a-d2b5088dbc79
Di Pietro, Roberto
Renaud, Kareb
Mori, Paolo
Senior, Samuel
d35c4a4d-0dc1-4d84-aed6-358e235e5a3f
Carmichael, Laura
3f71fb73-581b-43c3-a261-a6627994c96e
Taylor, Steve
9ee68548-2096-4d91-a122-bbde65f91efb
Surridge, Mike
3bd360fa-1962-4992-bb16-12fc4dd7d9a9
Vilalta, Xavier
76842a50-da86-491d-a41a-d2b5088dbc79
Di Pietro, Roberto
Renaud, Kareb
Mori, Paolo

Senior, Samuel, Carmichael, Laura, Taylor, Steve, Surridge, Mike and Vilalta, Xavier (2025) Knowledge modelling for automated risk assessment of cybersecurity and indirect patient harms in medical contexts. Di Pietro, Roberto, Renaud, Kareb and Mori, Paolo (eds.) In Proceedings of the 11th International Conference on Information Systems Security and Privacy. vol. 1, SciTePress. pp. 263-274 . (doi:10.5220/0013166900003899).

Record type: Conference or Workshop Item (Paper)

Abstract

The use of connected medical and in vitro diagnostic devices (CMD&IVD) as part of individual care and self-care practices is growing. Significant attention is needed to ensure that CMD&IVD remain safe and secure throughout their lifecycles — as if a cybersecurity incident were to occur involving these devices, it is possible that in some cases harm may be brought to the person using them. For the effective safety management of these devices, risk assessment is needed that covers both the cybersecurity and patient safety domains. To this end, we present knowledge modelling of indirect patient harms (e.g., misdiagnosis, delayed treatment etc.) resulting from cybersecurity compromises, along with a methodology for encoding these into a previously developed automated cybersecurity risk assessment tool, to begin to bridge the gap between automated risk assessment related to cybersecurity and patient safety.

Text
KnowledgeModellingForIndirectPatientHarms - Accepted Manuscript
Available under License Creative Commons Attribution Non-commercial No Derivatives.
Download (1MB)

More information

Published date: 20 February 2025
Venue - Dates: 11th International Conference on Information Systems Security and Privacy, , Porto, Portugal, 2025-02-20 - 2025-03-22
Keywords: Automated Risk Assessment, Connected Medical Devices and In Vitro Diagnostic Devices, Cybersecurity, Indirect Patient Harms, Knowledge Modelling, Cyber security

Identifiers

Local EPrints ID: 499757
URI: http://eprints.soton.ac.uk/id/eprint/499757
DOI: doi:10.5220/0013166900003899
PURE UUID: 88c92e66-9d26-46e2-b53b-c83969468c6f
ORCID for Samuel Senior: ORCID iD orcid.org/0000-0002-3428-9215
ORCID for Laura Carmichael: ORCID iD orcid.org/0000-0001-9391-1310
ORCID for Steve Taylor: ORCID iD orcid.org/0000-0002-9937-1762
ORCID for Mike Surridge: ORCID iD orcid.org/0000-0003-1485-7024

Catalogue record

Date deposited: 03 Apr 2025 16:34
Last modified: 03 Sep 2025 02:02

Export record

Altmetrics

Contributors

Author: Samuel Senior ORCID iD
Author: Laura Carmichael ORCID iD
Author: Steve Taylor ORCID iD
Author: Mike Surridge ORCID iD
Author: Xavier Vilalta
Editor: Roberto Di Pietro
Editor: Kareb Renaud
Editor: Paolo Mori

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×