Building a Defensive Framework for Medical Device Security

Explore a comprehensive framework for medical device security in this Black Hat EU 2013 conference talk. Delve into the current state of research, regulatory challenges, and the need for a structured approach to defending medical devices. Gain insights into three distinct categories of medical devices, each with unique security concerns. Examine the implications of recent government reports and potential regulatory actions. Learn about realistic recommendations for regulatory agencies to enhance medical device security. Discover specific focus areas for future research and community efforts. Understand the complexities of medical device classification, approval processes, and security testing. Acquire knowledge on critical aspects such as patching, updates, and RF testing. Leave with a clearer understanding of the medical device security landscape and actionable strategies for improvement.

Introduction
Jays background
Current state of research
GAO investigation
FDA approval
EU approval
EU approval chart
Classification
Category 1 Medical Peripherals
Category 2 Independent Medical Devices
Category 3 Wireless Medical Devices
Regulatory Agencies
Framework for Security
Process and Procedures
Patches and Updates
Libraries and dlls
Examples of dlls
RF testing
Example
Conclusion