Cyber Security Research Update

Posted on by James Philpot

Led by researchers from the Airbus Cyber Security team, SAFECARE’s partners are progressing well with their work on the cyber aspects of defending healthcare infrastructure. Recently, population of the virtual simulation platform has started and partners have been granted access and explained how to import their tools, virtual machines or containers.

 Task by Task Update:

T5.1 – IT threat detection system (Started in May 2019):

  • Specification of the IT threat detection system (D5.1) has been submitted
  • Machine learning (ML) models are being tested and fine-tuned with public data sets, in different technologies, including Spark, Scikit-learn and Tensor Flow
  • Generation of specific datasets to train ML algorithms has started

 

T5.2 – BMS threat detection system (Started in May 2019):

  • Design of the integration with the malware analyzer for the DICOM use case (DICOM extraction by the BMS probe and analysis by the malware analyzer) has been finalized
  • General hospital network architecture has been finalized and is to be validated

 

 

T5.3 – Advanced file analysis system (Started in May 2019):

  • Connector with D5.2 which automatically submits extracted files for analysis has been developed
  • Specification of Advanced file analysis system (D5.5) has been approved
  • Development to support the DICOM format has been carried out

 

T5.4 – E-health devices security analytics (Started in February 2019):

  • Specification of the e-health device security analytics (D5.7) has been submitted
  • Analytics models have been developed for specific use cases and are being tested for Philips devices
  • Alert generation module that interfaces with the cyber threat monitoring system (T5.5) has been developed and is ready to be validated

 

 

T5.5 -Cyber threat monitoring system (Started in May 2019):

  • Specification of the cyber threat monitoring system (D5.9) has been submitted
  • Communication tests with the central database (T6.3) through the data exchange layer (T6.2) are successful
  • Connector with a vulnerability intelligence platform has been developed