Browse > Article
http://dx.doi.org/10.33778/kcsa.2021.21.1.063

A Study on the Smart Medical Equipment Management Program (Secure-MEMP) Method Considering Security  

Kim, Dong-Won (건양대학교/사이버보안공학과)
Publication Information
Convergence Security Journal / v.21, no.1, 2021 , pp. 63-72 More about this Journal
Abstract
The hospital biomedical engineering team is responsible for establishing and regulating the Medical Device Management Program (MEMP) to ensure that medical devices are safe and reliable. As technology advances, medical devices such as artificial intelligence and precision medicine are developing into a form that allows connection between objects anytime, anywhere, and as various technologies converge, internal and external security threats continue to increase. In this paper, we present a study of the Medical Device Management Program (Secure-MEMP) method, considering that the security threat of medical devices continues to increase due to advances in technology.
Keywords
Healthcare security; Information security; Medical Equipment Management Program;
Citations & Related Records
연도 인용수 순위
  • Reference
1 TheVerge, Dick Cheney had the Wireless Disabled on his Pacemaker to Avoid Risk of Terrorist Tampering, 2013.
2 Y. S. Jeong, "Design of Prevention Model according to a Dysfunctional of Corporate Information,"Journal of Convergence Soceity for SMB, Vol. 6, No. 2, pp. 11-17, Jun. 2016.   DOI
3 J.A. Hansen, N.M. Hansen A taxonomy of vulnerabilities in implantable medical devices Proc. of the Second Annual Workshop on Security and Privacy in Medical and Home-care Systems, SPIMACS '10, ACM, New York, USA, pp. 13-20, 2010.
4 Medtronic, Implantable pacemaker and defibrillator information. consulted on April 2015.
5 Indrajit Ray and Nayot Poolsapassit, "Using Attack TPees to Identify Malicious Attacks from Authorized Insiders", 10th European Symposium on Research in Computer Security, LNCS 3679, pp. 231-246, 2005.
6 D. Kim, J. Choi and K. Han, "Medical Device Safety Management Using Cybersecurity Risk Analysis," in IEEE Access, vol. 8, pp. 115370-115382, 2020, doi: 10.1109/ACCESS.2020.3003032.   DOI
7 Cybersecurity vulnerabilities in medical devices: a complex environment and multifaceted problem.
8 Kim, Dw., Choi, Jy. & Han, Kh. Risk management-based security evaluation model for telemedicine systems. BMC Med Inform Decis Mak 20, 106 (2020). https://doi.org/10.1186/s12911-020-01145-7.   DOI
9 T. Y. Kim, S. K. Y. J. J. Jung and E. J. Kim, "Multi-Hop WBAN Construction for Healthcare IoT Systems", 2015 International Platform Technology and Service(PlatCon), pp. 27-28, Jan. 2015.
10 Y. S. Jeong, "An Efficient IoT Healthcare Service Management Model of Location Tracking Sensor", Journal of Digital Convergence, Vol. 14, No. 3, pp. 261-267, Mar. 2016.   DOI
11 Y. S. Jeong, "Tracking Analysis of User Privacy Damage using Smartphone", Journal of Convergence Society for SMB, Vol. 4, No. 4, Dec. 2014.
12 U.S. Food and Drug Administration (FDA), Medical Device Safety. (consulted on November of 2013).
13 K. Fu Inside risks: reducing risks of implantable medical devices ACM Commun., 52 (6) (2009), pp. 25-27.   DOI
14 FDA, "Postmarket Management of Cybersecurity in Medical Devices", 2016.12.28.
15 N. Paul et al., "A Review of the Security of Insulin Pump Infusion Systems," Journal of Diabetes Science and Technology, 5(6):1557-62, November 2011.   DOI
16 Fennigkoh L and Smith B. Clinical equipment management.JCAHO PTSM Series 2:5-14. Cited on pages(24), January 1989.
17 International Medical Device Regulators Forum. "Software as a Medical Device": Possible Framework for Risk Categorization and Corresponding Considerations. IMDRF Software as a Medical Device (SaMD) Working Group; 2014, Accessed June 9, 2015.
18 S. Shivshankar, K. Summerhayes Challenges of conducting medical device studies Inst. Clin. Res, 2007.
19 Carmen Camara, Pedro Peris-Lopez, Juan E.Tapiador, "Security and privacy issues in implantable medical devices: A comprehensive survey", Journal of Biomedical Informatics, Volume 55, June 2015, Pages 272-289.   DOI
20 HIPPA, Security standards: technical safeguards 2(4) (2007) 1?17.
21 D. Halperin, T.S. Heydt-Benjamin, B. Ransford, S.S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, W.H. Maisel, Pacemakers and implantable cardiac defibrillators: software radio attacks and zero-power defenses, in: Proc. of the 29th Annual IEEE Symposium on Security and Privacy, 2008, pp. 129?142.
22 IHE PCD Technical Committee, "Medical Equipment Management (MEM): Medical Device Cyber Security ?Best Practice Guide," IHE International, July1, 2015.
23 World Health Organizaiton, "Introduction to medical equipment inventory management," WHO Medical device technical series, June 2011
24 Ross RS, Johnson LA. Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach; 2010.
25 Stine KM, Kissel RL, Barker WC, Lee A, Fahlsing J, Gulick J. Guide for Mapping Types of Information and Information Systems to Security Categories. NIST. 2008.
26 US Food and Drug Administration [homepage on the Internet] Is The Product A Medical Device? FDA; 2014.
27 Y. S. Jeong, "Design of Security Model for Service of Company Information," Journal of Convergence Soceity for SMB, Vol. 2, No. 2, pp. 43-49, Nov. 2012.
28 B. Zhang, X. W. Wang, M. Huang, "A data replica placement scheme for cloud storage under healthcare IoT environment", 2014 11th International Conferenceon Fuzzy Systems and Knowledge Discovery (FSKD), pp. 542-547, Aug. 2014.
29 S Taghipour, D Banjevic and AKS Jardine, "Prioritization of medical equipment for maintenance decisions,", Journal of the Operational Research Society, Volume 62, Issue 9, pp. 1666-1687, September 2011.   DOI
30 C. Li, A. Raghunathan, N.K. Jha, Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system, in: 13th IEEE International Conference on e-Health Networking Applications and Services (Healthcom), June 2011, pp. 150?156.