Our goal is to develop an AI-supported, modular framework for the certification of medical microsystems. Through automation and standardization, the certification process can be made more efficient, and through the integration of cybersecurity requirements, even more secure.
The certification and monitoring processes for medical devices, especially medical microsystems, are complex and lengthy. Cybersecurity requirements in particular present new challenges. Therefore, our project has set the goal of simplifying regulatory processes for certification and monitoring, as well as identifying cybersecurity requirements and integrating them into the processes.
To achieve this, we aim to developing a modular, AI-assisted framework for certifying medical microsystems.
In a first step, we have modeled a regulatory workflow for integrating cyber risks into medical device risk management. Based on this, we are developing a structured knowledge model. This enables a digital, automatically verifiable proof of the safety of medical devices, in specific cybersecurity requirements.
We are evaluating which methods help fulfil this goal and are developing an editor for collecting medical device risk management data, in which the automated testing can also be integrated. This enables the testing of the previously developed methods and their transfer into a specific application.
In order to identify the cyber risks to be integrated, a threat modeling is carried out and an updatable overview of threat scenarios is being created.
Another challenge addressed in this project is how to identify and continuously monitor cyber incidents in medical devices. To this end, post-market and vigilance data are being analyzed and an AI-based monitoring system is being prototypically developed and tested to identify cyber cases.
Thanks to the close cooperation between industry, research and a federal agency, structured evidence and cybersecurity aspects can be specifically integrated into the operation and certification of medical devices. This streamlines regulatory processes, saving time and reducing costs while increasing safety.
- Prof. Dr. med. Jochen Hampe I TUD Dresden University of Technology, Else Kröner Fresenius Center for Digital Health
- Evi Hartig I TUD Dresden University of Technology, Else Kröner Fresenius Center for Digital Health
- Prof. Dr. Sebastian Rudolph and Dr. Martin Diller I TUD Dresden University of Technology
- Heike Vocke and Kathleen Schindler I iSAX GmbH & Co. KG
- Lia Mehr and Markus Wolf I secunet Security Networks AG
- Dr. Andreas Halbleib I B|Braun Aesculap AG
- Lucy Quirant, Dr. Samet Bayraktar, Dr. Davood Moghadas and Dr. Wolfgang Lauer I Federal Institute for Drugs and Medical Devices
