Led by Tufts University’s Daniel Votipka, PhD, the research will drive efforts to investigate the challenges of effective threat modeling for medical devices and aim to make cybersecurity evidence more reproducible.

MedCrypt, Inc. has announced funding for a fellowship program at Tufts University’s School of Engineering, aimed at supporting research on medical device security and threat modeling.

More than half (53%) of connected medical and other IoT devices in hospitals have a known critical vulnerability. Despite the U.S. FDA and the Cybersecurity and Infrastructure Security Agency recognizing the significance of threat modeling as a process resulting in more secure device and producing the supporting evidence, a study by Ponemon Institute revealed that about 49% of device makers do not follow guidance, specifically from the FDA, to mitigate or reduce inherent security risks. 

To address this issue, the work that will be done by Ronald (Ron) Thompson and Daniel Votipka, PhD, aims to conduct research in the Tufts Security and Privacy Lab at the School of Engineering on the effectiveness and practicality of threat modeling and other security measures that organizations can use as a reference to help establish more efficient and repeatable security processes for medical devices.

Thompson who will be the first fellow in the program, is currently a PhD student of over two years in the Tufts Security & Privacy Lab studying computer science, specifically usable security, and medical devices, and a consultant to MedCrypt on threat modeling and threat modeling training. His overarching goal is to develop technology and data-driven processes and tools that protect healthcare systems and allow clinicians, researchers, and other healthcare workers to focus on delivering care to patients. 

Moreover, Votipka is an assistant professor of two years in the computer science department at Tufts University and the director of the Tufts Security and Privacy Lab and has almost a decade of cybersecurity research experience. His research focuses on computer security, with an emphasis on the human factors affecting security professionals. 

“We are excited that MedCrypt has chosen to support our research investigating the challenges of effective threat modeling for medical devices,” says Votipka. “This research will identify common gaps in device threat models and support the development of new guidance and tools to help developers ensure their devices are secure. Threat modeling is an essential component of the secure development process, and this work will get us closer to the goal of reliable, repeatable, and effective threat modeling. Without MedCrypt’s support, this work would not be possible.”

By taking a hypothesis-driven approach, the findings from this fellowship could inform sustainable, scalable advances in medical device security processes, MedCrypt officials say. This is not only beneficial but also necessary, as the FDA relies on threat modeling to generate evidence that medical devices have been built with security in mind. Threat modeling artifacts are used to conduct safety risk assessments, which then inform vulnerability surveillance for products in the field.

“Cybersecurity practices, such as threat modeling, play a crucial role in designing secure medical devices proactively,” says Shannon Lantzy, vice president of consulting at MedCrypt. 

“Given that the effectiveness of such processes determines the safety of these devices, they should be as reliable and practical as other scientific methods.” 

Lantzy adds, “The FDA requires substantial evidence of cybersecurity, and the industry must generate that evidence at scale. Threat modeling is a process that needs to scale, which can only be achieved through data standards. We believe this research will have a strong role to play.”