As an independent security lab, we have specialized over the past 15 years in embedded systems security on the hardware and software side. Our expertise has led companies with “mission critical” applications to seek our support to provide security assurance for their developed product solutions. This includes the (high security) payments industry, where we have been thought and market leaders for many years.
In healthcare, we have already evaluated doctor and patient authentication protocols, which often form the foundation for a secure data flow and use of connected devices and systems. This coupled with our extensive expertise in embedded device security, keeps us at the forefront of relevant security challenges for Healthcare.
With connected healthcare starting to develop into a more widespread industry, driven by the benefits such innovation offers, vulnerabilities are also on the rise. As an example, secure boot and firmware vulnerabilities may, amongst others, lead to firmware extraction and identification of scale-able logical attacks, which can cause serious liability issues in patient critical devices. While OTA (over the air) updates create substantial opportunity to accelerate innovation… assurance that the communication protocols are secured against the latest attack methods and the new firmware does not introduce new vulnerabilities in the system or device itself, also become more important.
Healthcare seeks more patient-centric home-based care solutions to achieve maximum quality care at affordable costs. Therefore, we believe that creating sufficient trust in the solutions, driven by security and attack resistence, will be crucial (although we are of course somewhat biased since we see so many attacks and attack options).