Creating a cybersecure diagnostics platform

Challenge

To provide data security of patient test records in a network connected to a Point-of-Care (PoC) diagnostics platform.

Approach

From the very start of the project, both the security and cybersecurity were considered as part of the risk management process. We used our client’s security requirements to shape key software and hardware architectural decisions and worked closely with them to ensure that their platform would be secure throughout its lifecycle.

Outcome

We helped design a safe, secure and connected diagnostics platform. Our client had confidence that their platform would hold patient data securely throughout its lifetime

Can we help you with your connected device?

Let’s chat

Sector
Diagnostics

Services
Electronics
Software

No. of Team staff on project
10

Diagnostics device with network integration

Network integration is an increasingly common feature across a lot of medical products and would mean a wider adoption of our client’s device on the market. Connectivity would allow clinicians to review patient data independently of remote testing labs and enable healthcare professionals to view hospital test data. With this healthcare network integration came several considerations.

Medical device security

The PoC diagnostic instrument contains large amounts of sensitive patient test records. One of the requirements was that this data had to be strictly restricted to those who had permission to view it. While controlled user accounts can prevent unauthorised access, device encryption ensures that data remains secure when attackers have direct access to the device’s memory.

We worked with our client to provide every device sold with a unique encryption key, protecting the data on each instrument and reducing the impact of breaches. We knew that shared encryption keys could provide a single point of weakness for the whole system, so we made sure that keys were both unique and randomly generated.

Together with the client, we employed end-to-end encryption (data is encrypted throughout all transfer points and only decrypted when explicitly required), minimising the risk of patient records being intercepted in transit. In addition, we minimised the personal data transferred through the network, making sure it remained private, while supporting the integration of the client’s connectivity and networking platform.

encryption of a patient record for a cloud connected medical device

Updating medical device software in the field

An in-field firmware upgrade helps manufacturers maintain services and support their products which are already being used on the market. Alongside our client, we designed a UL2900-1 compliant in-field firmware upgrade process, including manufacturing processes. We supported the development of a ‘secure bootloader’: a small software programme responsible for updating the instrument’s software. This bootloader confirmed that new software files were from a valid source, had not been corrupted and performed the update in a safe manner.

If the update process itself is vulnerable, it can compromise the device’s security. This can lead to attackers manipulating the behaviour of the affected devices, potentially exposing patient records or leading to unsafe instrument behaviour. It was thus crucial to secure the in-field firmware upgrade.

Thomas Watts, Engineering Consultant, Team Consulting

Medical data security: using built-in hardware encryption

Data security, which is only based on software, is less robust than hardware-based implementations. While encryption can be performed using software, the development time and potential for errors can be a major hurdle. We decided to use built-in hardware encryption modules within the processor which had several advantages:

    • reduced development time
    • improved software performance
    • lowered risk of software errors

This robust approach allowed our client to get their device to market in the shortest possible time.

Further improving medical data security

To support increasingly complex security requirements, we made use of Federal Information Processing Standards (FIPS) certified cryptography engines. These cryptographic devices improve data security by ensuring that encryption keys are stored securely, preventing an attacker’s access to these keys. These have their own complex hardware requirements for use. By accounting for these cryptographic devices during early device development, we ensured that the platform’s security could be maintained throughout its lifecycle and support the expansion of software functionality in future updates.

In addition, we worked to reliably detect when devices had been tampered with by external parties to trigger security procedures within the instrument. In doing so, we minimised the likelihood of an attacker successfully extracting data.

Outcome

By considering cybersecurity needs from the early stages of the project, we worked with our client to ensure the secure upload of patient records to a cloud system for wider clinical use. Our client subsequently gained FDA emergency use authorisation for their instrument and COVID antigen assay.

Explore

rendering of electronic circuit board
Diagnostics

Hardware development for a PoC diagnostics device

Item Related
multiple devices displaying cloud connections
Diagnostics

Enabling cloud connectivity for a diagnostic device

Item Related

Wonder how we could help?

Let’s start working together on your next challenge.

Let's chat