AAMI TIR57 2016 RA 2019
$162.84
AAMI TIR57:2016/(R)2019 – Principles for medical devices security-Risk management
| Published By | Publication Date | Number of Pages |
| AAMI | 2016 | 84 |
Provides guidance on methods to perform information security risk management for a medical device in the context of the Safety Risk Management process required by ISO 14971. The TIR incorporates the expanded view of risk management from IEC 80001-1 by incorporating the same key properties of Safety, Effectiveness and Data & Systems Security with Annexes that provide process details and illustrative examples.
PDF Catalog
| PDF Pages | PDF Title |
|---|---|
| 1 | AAMI TIR57:2016, Principles for medical device security—Risk management |
| 3 | Title page |
| 4 | AAMI Technical Information Report Copyright information |
| 5 | Contents |
| 6 | Glossary of equivalent standards |
| 7 | Committee representation |
| 9 | Foreword |
| 10 | Introduction |
| 11 | Figure 1 – Schematic representation of the risk management process (ANSI/AAMI/ISO 14971:2007) |
| 12 | Figure 2 – A Venn diagram showing the relationship between security and safety risks |
| 15 | 1 Scope 2 Terms and definitions |
| 19 | 3 General guidance for performing security risk management 3.1 Security risk management process |
| 20 | Figure 3 – Schematic representation of the security risk management process 3.1.1 Relationship between security and safety risk management |
| 21 | Figure 4 – Relationships between the security risk and safety risk management processes 3.2 Management responsibilities |
| 22 | 3.3 Qualification of personnel 3.4 Security risk management plan |
| 23 | 3.5 Security risk management file 4 Security risk analysis 4.1 Security risk analysis process 4.2 Intended use and identification of characteristics related to the security of the medical device |
| 24 | 4.3 Identification of threats, vulnerabilities, assets, and adverse impacts 4.3.1 Identification of threats 4.3.2 Identification of vulnerabilities |
| 25 | 4.3.3 Identification of assets 4.3.4 Identification of adverse impacts 4.4 Estimation of the risk(s) for each applicable threat and vulnerability combination |
| 26 | 5 Security risk evaluation 6 Risk control 6.1 Security risk reduction 6.2 Security risk control option analysis 6.3 Implementation of risk control measure(s) 6.4 Residual risk evaluation |
| 27 | 6.5 Risk/benefit analysis 6.6 Risks arising from risk control measures 6.7 Completeness of risk control 7 Evaluation of overall residual security risk acceptability |
| 28 | 8 Security risk management report 9 Production and post-production information |
| 30 | Annex A, Security engineering principles and nomenclature A.1 Overview |
| 31 | A.2 Uniqueness of embedded medical systems |
| 32 | A.3 Stakeholders A.3.1 Patients, family, friends, and caregivers A.3.2 Regulators A.3.3 Health Delivery Organizations (HDOs) A.3.4 Manufacturers A.3.5 Academics A.3.6 Cyber Liability Insurers A.4 Security objectives and goals |
| 33 | A.5 Considerations for emergency access A.6 Medical device security architecture considerations |
| 35 | Annex B, Security risk assessment B.1 Risk assessment process |
| 36 | Figure B.1 – A basic high-level risk assessment process B.1.1 Prepare for assessment |
| 37 | B.1.2 Conduct assessment B.1.3 Communicate results B.1.4 Maintain assessment B.1.5 Other security risk assessment processes B.1.5.1 Common vulnerability scoring system (CVSS) B.1.5.2 Open web application security project (OWASP) B.1.5.3 Attack trees |
| 38 | B.2 Risk model |
| 40 | B.2.1 Threat assessment B.2.1.1 Characteristics of adversarial threats |
| 42 | B.2.1.2 Threat events |
| 43 | B.2.1.3 Example threats B.2.2 Vulnerability assessment |
| 44 | B.2.2.1 Example vulnerability classes |
| 45 | B.2.3 Impact assessment B.2.3.1 Asset inventory |
| 46 | B.2.3.2 Asset identification |
| 47 | B.3 Assessment approaches B.4 Security analysis approaches |
| 49 | B.5 Assessing security risk |
| 51 | Annex C, Generating cybersecurity requirements |
| 53 | Annex D, Questions that can be used to identify medical device security characteristics D.1 Essential performance |
| 54 | D.2 Data storage D.2.1 PII/Private data assets |
| 55 | D.2.2 Non-PII data assets D.3 Data transfer |
| 56 | D.4 Authentication & authorization |
| 57 | D.5 Auditing |
| 58 | D.6 Physical security |
| 59 | D.7 Device/system updates |
| 60 | D.8 Hardening |
| 61 | D.9 Emergency access D.10 Malware/virus protection |
| 62 | D.11 Backup/disaster recovery D.12 Labeling |
| 63 | Annex E, Security risk examples applied to a medical device E.1 The Kidneato System |
| 64 | Figure E.1- Block diagram of the Kidneato system, managed environment |
| 65 | Figure E.2 – Block diagram of the Kidneato system, patient environment |
| 66 | E.2 Kidneato programmer |
| 67 | E.3 In-home monitor (IHM) E.4 Web services |
| 68 | E.5 Web services – Direct access |
| 69 | E.6 Web services – Instrument access E.7 Example implementations E.7.1 Example #1 Basic Cyber Hygiene |
| 70 | E.7.1.1 Security analysis E.7.1.2 Security risk evaluation Table E.1 – Security risk evaluation table |
| 73 | E.7.2 Example #2 Implant Communications E.7.2.1 Security analysis E.7.2.2 Security risk E.7.2.3 Likelihood E.7.2.4 Impact E.7.2.5 Risk estimation |
| 74 | Table E.2 – Risk estimation analysis example E.7.2.6 Implemented control E.7.2.7 Residual risk estimation Table E.3 – Residual risk estimation analysis example E.7.2.8 New risk identification |
| 75 | E.7.3 Example #3 WCA Firmware Update E.7.3.1 Initial Design E.7.3.2 Attack of the Design |
| 76 | E.7.3.3 Results from the Attack E.7.3.4 Analysis |
| 78 | E.7.3.5 Security Risk Controls |
| 79 | Annex F, A comparison of terminology between key referenced standards Table F.1 – Related terms in security standards/technical reports |
| 82 | Bibliography |
Related products
-
AAMI TIR97 2019
AAMI TIR97:2019 – Principles for medical device security-Postmarket risk management for device manufacturers Published By…
-
AAMI TIR97 2019 R2023
AAMI TIR97:2019 (R2023) Principles For Medical Device Security – Postmarket Risk Management For Device Manufacturers…
