Beta 1

Title A CC Approach to Secure Medical Instrumentation Systems
Author Hammershaimb Mosbech, Jonas
Nørager Svane, Martin
Supervisor Sharp, Robin (System Security, Department of Informatics and Mathematical Modeling, Technical University of Denmark, DTU, DK-2800 Kgs. Lyngby, Denmark)
Institution Technical University of Denmark, DTU, DK-2800 Kgs. Lyngby, Denmark
Thesis level Master's thesis
Year 2009
Abstract This thesis presents the results of using the Common Criteria for Information Technology Security Evaluation (CC) as an engineering tool for designing a secure medical instrumentation system. Initially the overall methodology and the domain of medical instrumentation systems are introduced. This is followed by a presentation of the developed Protection Profile (PP), which specifies a set of general security requirements for medical instrumentation systems. The PP is then rened into a Security Target (ST) formulating a set of specific security requirements for a particular type of medical instrumentation systems, namely point-of-care blood gas analysis systems. Finally, the design of a Secure Blood Gas Analysis system, derived directly from the ST, is presented. This demonstrates the overall applicability of the methodology. It is concluded that while it is possible to use the CC as a security requirements engineering methodology, the approach should be combined with additional measures in order to fully ensure the security of the developed system.
Imprint Technical University of Denmark (DTU) : Kgs. Lyngby, Denmark
Series IMM-M.Sc.-2009-01
Original PDF ep09_01_net.pdf (3.66 MB)
Admin Creation date: 2009-02-03    Update date: 2009-10-27    Source: dtu    ID: 237598    Original MXD