Medical Device Security: An Infectious Disease - Risks and Vulnerabilities

Explore the critical realm of medical device security in this 58-minute conference talk from OWASP AppSec California 2015. Delve into Scott Erven's three-year research project revealing vulnerabilities in medical devices and healthcare organizations that could impact patient safety. Learn about direct attack vectors, device-specific issues, and the challenges of securing life-saving technologies. Examine topics such as disclosure processes, SMB issues, patient-controlled administration, regulatory requirements, wireless and Bluetooth vulnerabilities, and FDA regulations. Gain insights into the intersection of healthcare, technology, and cybersecurity, and understand the urgent need for improved security measures in medical devices to protect patient lives and ensure quality care.

Intro
Who is Scott
Why Medical Device Security
Device Specific Issues
Disclosure Process
SMB Issues
Medical Devices
Negative Alley
Asian Viruses
Patient Controlled Administration
Whats the greatest risk
Use case
Story time
Why are they scared
Regulatory requirements
Online software clubs
Case study
Wireless and Bluetooth
Config parameters
CVS
European legislation
FDA working groups
ITripleE
Bluetooth LE
Bionic pancreas
Data integrity issues
Software updates
Passwords
Pain Industry Groups
FDA Regulation
FDA Guidance