Secure development lifecycles for medical software

Security has long been a major subject in software engineering, and it has become essential on any medical software development.

According to a new report from cybersecurity firm Sophos, two thirds of healthcare organisations have been hit by ransomware attacks last year, up from a third in 2020. This two-fold increase indicates hackers and malicious agents are becoming considerably more capable and determined.

Unsurprisingly, this is the inevitable consequence of connectivity requirements, which are becoming standard for medical devices. But it doesn’t need to be this way.

Medical devices are becoming connected to other devices, the Internet, or hospital networks to serve functions that improve quality of care and enhance treatment options. Any company developing medical grade connected solutions today must make security an integral part of their software development lifecycle, or face the consequences.

Both European notified bodies and the FDA have put security under increased scrutiny, and it is unlikely that an insecure device will make it to market. Furthermore, security breaches after medical devices are deployed quickly become a minefield for liability and can be the cause of considerable losses.

1.Secure software concepts

To start the journey of secure software development, it is necessary that your development team understands a few core concepts:

Confidentiality is the concept of preventing the disclosure of information to unauthorised parties
Integrity refers to protecting the data from unauthorised alteration
Availability is concerned with two issues: ensuring systems are available for authorised users when they require those systems and denying access to unauthorised users at all other times
Authentication is the process of determining the identity of a user
Authorisation is the process of applying access control rules to a user process and determining if a particular user process can access an object
Accountability is the recording of actions and the users performing them
Nonrepudiation is the concept of preventing a subject from denying a previous action with an object in the system

2.Secure design concepts

Secure design does not happen by accident. It arises from a deliberate architecture and action plans that are based on secure design principles:

Good enough security. Security is never absolute, and it sets the stage for all the security aspects. It should be commensurate to the risk level. For example, a software designer should not use national security grade encryption to secure publicly available information.
Least privilege means that a subject should have only the necessary rights and privileges to perform its current task with no additional rights or privileges
Separation of duties ensures for any give task more than one individual needs to be involved. No single individual can abuse the system.
Defence in depth is also known as layered security or diverse defence. If one defence is good, multiple overlapping defences are better.
Fail-Safe states that when a system fails it should fail to a safe secure state
Economy of mechanism refers to the principle of keeping things simple. The keep it simple principle tells us to eliminate those elements that we don’t need.
Complete mediation states that when a subject’s authorisation is verified with respect to an object and an action, this verification occurs every time the subject requests access to an object
Open design states that the security of a mechanism should not depend on the secrecy of its design or implementation
Least common mechanism states that mechanisms used to access resources should not be shared
Psychological acceptability states that security mechanisms should not make the resource more difficult to access than if the security mechanisms were not present.
Weakest link A system can only be considered as strong as its weakest link. Adversaries do not seek out the strongest defence to attempt a breach.
Leverage existing components As components are reduced, fewer new components are introduced; hence the opportunity for additional vulnerabilities is reduced.
Single point of failure is any aspect of a system that if it fails then it means the entire system fails

3.The secure software development lifecycle

The term secure development lifecycle (SDLC) comes from adding security activities to a software development lifecycle to reduce the number of security anomalies in the software being produced, as illustrated below.

A complete SDLC solution ensures systems are secure by design, secure by default and secure in their deployment.

It is essential to be able to demonstrate full implementation of the appropriate level of security throughout your development process.

At Sagentia Innovation, building secure and innovative medical solutions is in our DNA. With over three decades worth of experience, we can help you create the next game changing solution, with appropriate security at its core.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	Cloudflare set the cookie to support Cloudflare Bot Management.
visitorId	1 year	ZoomInfo sets this cookie to identify a user.

Cookie	Duration	Description
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
pardot	past	The pardot cookie is set while the visitor is logged in as a Pardot user. The cookie indicates an active session and is not used for tracking.

Cookie	Duration	Description
visitor_id*	1 year 1 month 4 days	Pardot sets this cookie to store a unique user ID.
visitor_id*-hash	1 year 1 month 4 days	Pardot sets this cookie to store a unique user ID.

Cookie	Duration	Description
_cfuvid	session	Description is currently not available.
lpv19802	30 minutes	Description is currently not available.

Secure development lifecycles are essential for medical software

You might also be interested in...