Towards Design and Development of Security Assessment Framework for Internet of Medical Things

Abstract

The majority of medical equipment in use today does not have built-in security features. As a result, whether linked to a hospital system or the cloud, these devices’ built-in weaknesses make them vulnerable to a variety of cyberattacks. In hospitals and clinics, hackers can breach equipment, manipulate data, and disrupt facilities, putting patients’ health as well as their lives in jeopardy. A professional can manage cybersecurity threats by lowering the attack surface of the system. Security analysis, whether as a means to detect possible vulnerabilities that can be exploited by attackers or as a means to prevent cyberattacks, plays an important role in risk mitigation. In addition, throughout the pre-market and post-market phases, security checks are required. This study presents a paradigm for incorporating security check concepts into medical device design and development and healthcare big data security. The security of devices and healthcare data is tested by the integrated fuzzy AHP-TOPSIS method. After the security check of devices, with the parameters security-checked for data, the algorithm is designed and implemented. As a result, the appropriate customized security controls are prompted in order to impede the attack.