The digital revolution is reshaping European healthcare systems, bringing both advancements and new cybersecurity challenges. CYMEDSEC aims to improve EU healthcare cybersecurity by developing solutions that promote innovation while adhering to strict security standards. The project will develop smarter, adaptive, dynamic, and evidence-based regulatory approaches based on representative real-world use scenarios. CYMEDSEC undertakes a comprehensive evaluation, focusing on three interconnected pillars: device and network infrastructure design, cybersecurity, and regulatory frameworks.
Enhanced cybersecurity for networked medical devices through optimization of guidelines, standards, risk management and security by design
The CYMEDSEC consortium comprises a multi-disciplinary team, including regulatory, cybersecurity, technology, evaluation, and clinical EU experts.
Close feedback loops within the project ensure exchange between new technological paradigms and recommendation of regulatory approaches. CYMEDSEC will develop novel security-by-design solutions for the oversight of ‘Internet of Medical Things’ (IoMT) devices.
IoMT is a connected ecosystem of medical devices, software applications, and health services, enabling the collection, analysis, and transmission of health data. IoMT devices include wearable health monitors and sophisticated diagnostic machines. These IoMT networks are vulnerable and can be cyber-attacked, leading to widespread disruptions in healthcare services and potential harm to patients.
CYMEDSEC’s technological and methodological advancement goes hand-in-hand with detailed review of regulations and guidelines, the formal creation of a new IoMT cybersecurity standards, and evidence collection from representative case studies that include remote patient monitoring and critical care scenarios. All objectives are interlinked, with learnings from each work area feeding into development and proposals in other areas. Within the project a cybersecurity benefit-risk toolbox will be developed and made available as Open-Source resource for manufactures and regulatory bodies.
The consortium focusses on four main areas:
- Cybersecurity by design – integrate security measures from the design of IoMT
- Benefit-Risk Toolbox – create an online checklist tool based on cataloged cybersecurity issues
- Safeguarding patients’ rights – explore ethical, legal, and societal impacts
- Research on the ground – simulation of cybersecurity attacks in real-world digital laboratories
Consortium:
- TUD Dresden University of Technology, Dresden, Germany
- Vrije Universiteit Brussel, Brussels, Belgium
- Barkhausen Institut, Dresden, Germany
- Athena Research & Innovation Information Technologies, Marousi, Greece
- Casa Sollievo della sofferenza, San Giovanni Rotondo, Italy
- Fondazione Icons, Lodi, Italy
- Secunet Security Networks, Essen, Germany
- Particle Summary, Lisbon, Portugal
- Hospital do Espirito Santo de Evora, Portugal
- Umana Medical Technologies, Malta
- Austrian Standards International, Vienna, Austria
- Medisanté Group, Luzern, Switzerland
Facts and figures
Coordinator: TU Dresden
Number of Partners: 12
Start Date: November 1, 2023
End Date: October 31, 2027
Total Funding: around € 6.1 million
This project has received funding from the European Union’s Horizon Europe research and innovation program under grant agreement No. 101094218.
Funded by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union. Neither the European Union nor the granting authority can be held responsible for them.