Summary
Aligned with the guidelines of the Cybersecurity Act and the existing guidance on cybersecurity for medical devices, ENTRUST envisions a Trust Management Architecture intended to dynamically and holistically manage the lifecycle of connected medical devices, strengthening trust and privacy in the entire medical ecosystem. Even from the proposal stage, ENTRUST has identified gaps and necessary revisions of the current guidance (e.g., absence of post-market conformity and certification, real-time surveillance and corrective mechanisms – see 1.2.2). Towards that ENTRUST will leverage a series of breakthrough solutions to enhance assurance without limiting the applicability of connected medical devices by enclosing to them cybersecurity features. The project will introduce a novel remote attestation mechanism to ensure the device’s correct operation at runtime regardless of its computational power; will be efficient enough to run in also resource-constrained real-time systems such as the medical devices. This will be accompanied by dynamic trust assessment models capable of identifying the Required Level of Trustworthiness (RTL) per device and function (service) that will then be verified through a new breed of efficient, attestation mechanisms (to be deployed and executed during runtime). This will also enable us to be aligned with the existing standards on defining appropriate Protection profiles per device (especially considering the heterogeneous types of medical devices provided by different vendors with different requirements) including Targets of Validation Properties to be attested during runtime. The motivation behind ENTRUST is to ensure end-to-end trust management of medical devices including formally verified trust models, risk assessment process, secure lifecycle procedures, security policies, technical recommendations, and the first-ever real-time Conformity Certificates to safeguard connected medical devices.
Unfold all
/
Fold all
More information & hyperlinks
| Web resources: | https://cordis.europa.eu/project/id/101095634 |
| Start date: | 01-01-2023 |
| End date: | 31-12-2025 |
| Total budget - Public funding: | 5 633 089,60 Euro - 5 633 087,00 Euro |
Cordis data
Original description
Aligned with the guidelines of the Cybersecurity Act and the existing guidance on cybersecurity for medical devices, ENTRUST envisions a Trust Management Architecture intended to dynamically and holistically manage the lifecycle of connected medical devices, strengthening trust and privacy in the entire medical ecosystem. Even from the proposal stage, ENTRUST has identified gaps and necessary revisions of the current guidance (e.g., absence of post-market conformity and certification, real-time surveillance and corrective mechanisms – see 1.2.2). Towards that ENTRUST will leverage a series of breakthrough solutions to enhance assurance without limiting the applicability of connected medical devices by enclosing to them cybersecurity features. The project will introduce a novel remote attestation mechanism to ensure the device’s correct operation at runtime regardless of its computational power; will be efficient enough to run in also resource-constrained real-time systems such as the medical devices. This will be accompanied by dynamic trust assessment models capable of identifying the Required Level of Trustworthiness (RTL) per device and function (service) that will then be verified through a new breed of efficient, attestation mechanisms (to be deployed and executed during runtime). This will also enable us to be aligned with the existing standards on defining appropriate Protection profiles per device (especially considering the heterogeneous types of medical devices provided by different vendors with different requirements) including Targets of Validation Properties to be attested during runtime. The motivation behind ENTRUST is to ensure end-to-end trust management of medical devices including formally verified trust models, risk assessment process, secure lifecycle procedures, security policies, technical recommendations, and the first-ever real-time Conformity Certificates to safeguard connected medical devices.Status
SIGNEDCall topic
HORIZON-HLTH-2022-IND-13-01Update Date
09-02-2023
Images
No images available.
Geographical location(s)
Structured mapping
Unfold all
/
Fold all
Search
Organisations
-
| UNISYSTEMS LUXEMBOURG SARL (Coördinator)
-
| Eindhoven University of Technology
-
| FUTURE NEEDS MANAGEMENT CONSULTING LTD
-
| GIOUMPITEK MELETI SCHEDIASMOS YLOPOIISI KAI POLISI ERGON PLIROFORIKIS ETAIREIA PERIORISMENIS EFTHYNI...
-
| HOSPITAL DO ESPIRITO SANTO DE EVORA EPE
-
| KARDINERO MEDIKAL SISTEMLER SANAYI VE TICARET ANONIM SIRKETI
-
| MANDAT INTERNATIONAL ALIAS FONDATION POUR LA COOPERATION INTERNATIONALE
-
| PARTICLE SUMMARY
-
| POLARIS MEDICAL SA
-
| QUBITECH IDIOTIKI KEFALAIOUCHIKI ETAIREIA
-
| RED ALERT LABS
-
| SENTIO LABS MONOPROSOPI IKE
-
| SIEMENS SRL
-
| SINTEF AS (SINTEF)
-
| SPACE HELLAS ANONYMI ETAIREIA SYSTIMATA KAI YPIRESIES TILEPIKOINONIONPLIROFORIKIS ASFALEIAS - IDIOTI...