BUILD SECURITY FEATURES
INTO YOUR DEVICES
Security should not be a burden. MedCrypt brings security features to medical devices — from pacemakers to surgical robots — simply, in a few lines of code. The exponential growth of connected devices in healthcare combined with the FDA expectation to “bake in” security into devices means the best solution is one that proactively secures devices, not reactively addresses security at the hospital network.
import guardian
my_guardian = guardian.Guardian()
status = my_guardian.Initialize(
init_files,
"unique_hardware_identifier",
guardian.GuardianInitializeOptions)
my_service = guardian.Service()
my_session = guardian.Session()
data_channel = guardian.ChannelGuard()
message = "Message of important data"
my_guardian.FindService("MyClientService", my_service)
my_service.Start(my_session)
my_session.FindChannel("data", data_channel)
# Library is configured to encrypt and/or sign data
# over the channel
guardian.DataChannel.DataForChannel(message)
data_channel = guardian.ChannelGuard()
receive_message = []
status = data_channel.DataFromChannel(receive_message)
if status is VERIFYFAIL:
print("Error: Data not trusted")
WE LIVE AND BREATHE
HEALTHCARE CYBERSECURITY
A medical device may look like just another IoT device, but regulatory constraints and their
unique use case
require a healthcare-first approach to cybersecurity. MedCrypt's solutions are built
specifically for medical
devices, which means clinical functionality, patient safety, and care delivery are always
the highest priority.
- Why MedCrypt
- Our Solutions
- Service & Support
- Regulatory Alignment
REGULATORY
FDA guidance requires device developers to implement data encryption, signature verification, and behavior monitoring in medical devices. Devices need a robust Software Bill of Materials (SBOM), cataloging all software components incorporated into a device.
MARKETING
MedCrypt allows your product to meet regulatory requirements and exceed the expectations of your most security-focused customers. Hospitals now require cybersecurity controls before purchasing new medical devices. As a result, many vendors have begun to position the cybersecurity features of their products as a competitive advantage, and are succeeding as a result.
IMPLEMENTATION
MedCrypt enables engineers to implement these security features properly and as quickly as possible, allowing them to stay focused on designing life- changing clinical features. Spend more time building new devices, and less time worrying about securing them.
CRYPTOGRAPHY API
Call Guardian’s APIs within your device’s software for common security functions, like encrypting data at rest and in transit, and cryptographically signing all instructions sent to your device with unique key pairs.
BEHAVIOR MONITORING
MedCrypt devices can send event data (not PHI) to Canary, our monitoring service, allowing us to detect when a device is under attack. This helps you satisfy the FDA’s requirement that devices incorporate “intrusion detection”.
VULNERABILITY MONITORING
Heimdall knows which software libraries have been included in your device, and can monitor these libraries for known cybersecurity vulnerabilites, and identify matching versions of deployed devices.
NEED HELP GETTING STARTED?
MedCrypt’s team can provide engineering support to implement these security features in your device. Our engineers have experience building devices as small as pumps, and as large as linear accelerators. We’re happy to support new MedCrypt customers with consulting services as needed.
ONGOING SECURITY CONSULTATION
The cybersecurity landscape changes every day. When a new threat reveals itself (as WannaCry did in 2017), the MedCrypt team can help you understand what it means for your product, and what steps should be taken to limit your exposure.
REQUIREMENT:
Use encryption
Encrypt data at rest and in transit in the application layer, preventing exposure of your data, and creating redundancy against unknown network security controls.
REQUIREMENT:
USE DIGITAL SIGNATURES
Guardian,MedCrypt’s embedded library, makes certain cryptography functions, like signature verification and data encryption, available via an easy to use API / ABI. This allows a user to sign code, data, instructions, configurations, etc. and verify these data structures before they are loaded into an active device, as well as ensure the privacy of sensitive data.
REQUIREMENT:
PROACTIVELY DETECT INTRUSION
This is the single biggest advantage to using MedCrypt. MedCrypt-enabled devices send behavior metadata to Canary,an event monitoring system (that can be located in the cloud or on-prem), and these events are monitored for suspicious behavior. The behavior baselines are built for healthcare-specific data, that would be difficult or impossible for your organization to capture internally.
REQUIREMENT:
PUBLISH AND MONITOR AN SBOM
MedCrypt matches versions of its software and component open source libraries to specific devices. Users can also import lists of other component software libraries to be tracked within Heimdall. This allows us to dynamically generate large parts of an SBOM for any MedCrypt-enabled device.
EASILY ADD PROACTIVE SECURITY TO ALL OF YOUR
DEVICES AND MAINTAIN THEIR SECURITY POSTURE.
Best-practice security via MedCrypt in a few lines of code.
var data_for_webserver = "Hello"; //The data to be sent to the "webserver"
var data_string; //the data after it is processed by Guardian
data_string = guardian.dataFor('webserver', data_for_webserver);
Secure Data & Commands
Call Guardian's API within your device’s software for common security functions and cryptographically sign all instructions sent to your device with unique key pairs.
Monitor behavior
MedCrypt-enabled devices can send event data (not PHI) to Canary, our monitoring service, allowing us to detect when a device is under attack.
Monitor SBOM VULNERABILITY
Heimdall knows which software libraries have been included in your device, and can monitor these libraries for known cybersecurity vulnerabilities, and identify matching versions of deployed devices.
READY TO BOOST YOUR DEVICE'S
CYBERSECURITY POSTURE?
We’re here to provide security technology and engineering support
to implement the right security features in your medical device.
