Abstract
Healthcare digitization has significantly enhanced patient care and alleviated the workload of hospital staff. This trend towards automation has also optimized the intensive care units (ICUs) of hospitals, leading to the emergence of smart ICUs equipped with modern wireless communication networks like 5G. However, this increased digitization presents new attack vectors and opportunities, especially regarding cybersecurity attacks. These attacks could compromise the resilience of smart ICU networks. Given the critical role of ICUs in healthcare, it is imperative to analyze and categorize digital threats in terms of the risks they pose to patients. This paper explores cybersecurity threats for smart ICU networks and offers a risk assessment of the potential worst-case impacts these threats could have on the network.
This research was funded by the Federal Ministry of Research and Education Healthnet (FKZ: 16KISR001K) and the Federal Office for Information Security Pentest-5GSec (FKZ: 01MO23025A).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alomani, H., Alanzi, F., Alotaibi, Y.: System, Space, Staff, and Stuff framework in establishing a new pediatric critical care unit (PICU) (4S Framework) – ncbi.nlm.nih.gov (2022). https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9668042/. Accessed 27 July 2023
Anderson, D., Jackson, A., Halpern, N.: Informatics for the modern intensive care unit. Crit. Care Nurs. Q. 41, 60–67 (2018). https://doi.org/10.1097/CNQ.0000000000000186
Bullen, M., Hughes, T., Marshall, J.D.: The evolution of nice Medtech innovation briefings and their associated technologies. Value Health 20, A595 (2017)
Cagnazzo, M., Hertlein, M., Holz, T., Pohlmann, N.: Threat modeling for mobile health systems. In: 2018 IEEE Wireless Communications and Networking Conference Workshops, WCNC 2018 Workshops, Barcelona, Spain, 15–18 April 2018, pp. 314–319. IEEE (2018). https://doi.org/10.1109/WCNCW.2018.8369033
Eliash, C., Lazar, I., Nissim, N.: SEC-C-U: the security of intensive care unit medical devices and their ecosystems. IEEE Access PP, 1 (2020). https://doi.org/10.1109/ACCESS.2020.2984726
ENISA: Risk Assessment Methodology (2017). https://www.enisa.europa.eu/risk-level-tool/methodology/. Accessed 26 July 2023
Hollnagel, E.: RAG - Resilience Analysis Grid (2015)
Kotz, D., Gunter, C.A., Kumar, S., Weiner, J.P.: Privacy and security in mobile health: a research agenda. Computer 49(6), 22–30 (2016). https://doi.org/10.1109/MC.2016.185
Leidinger, C., Seelmann, V., Maasern, C.: Whitepaper: 5G - Evolution oder Revolution? (2020). https://www.fir.rwth-aachen.de/fileadmin/publikationen/whitepaper/cluster-whitepaper_5g.pdf
Lin, J.-C.: Synchronization requirements for 5G: an overview of standards and specifications for cellular networks. IEEE Veh. Technol. Mag. 13(3), 91–99 (2018)
Mao, Z., Liu, C., Li, Q., Cui, Y., Zhou, F.: Intelligent intensive care unit: current and future trends. Intensive Care Res. 3 (2023). https://doi.org/10.1007/s44231-023-00036-5
Martínez-Pérez, B., De la Torre Díez, I., Lopez-Coronado, M.: Privacy and security in mobile health apps: a review and recommendations. J. Med. Syst. 39 (2014). https://doi.org/10.1007/s10916-014-0181-3
Mayol, J., et al.: Smart Hospitals Security and Resilience for Smart Health Service and Infrastructures, December 2016. https://doi.org/10.2824/28801
Mee, P., Brandenburg, R.: After reading, writing and arithmetic, the 4th ‘r’ of literacy is cyber-risk (2020). https://www.weforum.org/agenda/2020/12/cyber-risk-cyber-security-education. Accessed 28 July 2023
Peralta-Ochoa, A., Chaca-Asmal, P., Guerrero-Vásquez, L., Ordonez-Ordonez, J., Coronel-González, E.: Smart healthcare applications over 5G networks: a systematic review. Appl. Sci. 13, 1469 (2023). https://doi.org/10.3390/app13031469
Plugmann, P.: Gibt es einen Rechtsanspruch auf mentale Unversehrtheit? Ideen für innovative Ansätze am Beispiel des Gesundheitswesens. In: Grinblat, R., Etterer, D., Plugmann, P. (eds.) Innovationen im Gesundheitswesen: Rechtliche und ökonomische Rahmenbedingungen und Potentiale, pp. 193–203. Springer Gabler, Wiesbaden (2022). https://doi.org/10.1007/978-3-658-33801-5_11
Salluh, J.I.F., Kurtz, P., Bastos, L.S.L., Quintairos, A., Zampieri, F.G., Bozza, F.A.: The resilient intensive care unit. Ann. Intens. Care (2022). https://doi.org/10.1186/s13613-022-01011-x
Statista: Number of electrical outages in firms in a typical month worldwide in 2018, by region (2019). https://www.statista.com/statistics/1069593/power-outages-firms-typical-month-global-by-region/. Accessed 27 July 2023
Tenzer, F.: Volumen der jährlich generierten/replizierten digitalen Datenmenge weltweit von 2010 bis 2022 und Prognose bis 2027 (in Zettabyte) (2023). https://de.statista.com/statistik/daten/studie/267974/umfrage/prognose-zum-weltweit-generierten-datenvolumen/
Tunder, R.: Market Access Management für Pharma-und Medizinprodukte. Instrumente, Verfahren und Erfolgsfaktoren: SpringerGabler, Wiesbaden (2020)
UcedaVelez, T., Morana, M.M.: Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis, 1st edn. Wiley Publishing, Hoboken (2015). 0470500964
Winkelhake, U.: Die digitale Transformation der Automobilindustrie. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54935-3
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Baumhör, C., Henning, T., Große-Kampmann, M. (2024). Threat Modeling Towards Resilience in Smart ICUs. In: Abie, H., Gkioulos, V., Katsikas, S., Pirbhulal, S. (eds) Secure and Resilient Digital Transformation of Healthcare. SUNRISE 2023. Communications in Computer and Information Science, vol 1884. Springer, Cham. https://doi.org/10.1007/978-3-031-55829-0_3
Download citation
DOI: https://doi.org/10.1007/978-3-031-55829-0_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-55828-3
Online ISBN: 978-3-031-55829-0
eBook Packages: Computer ScienceComputer Science (R0)