Abstract
A security framework for life-critical and safety-critical devices, specifically medical devices, using: a) runtime, adaptive methods that dynamically assess the risk of newly discovered vulnerabilities and threats, and b) automatic mitigation methods that reduce system risk by seamlessly reconfiguring the device to operate within different execution modes. This technology automatically isolates threats by disabling affected system components. A multi-modal software design uses adaptive software in which operational modes have monotonically decreasing cumulative risk. Formal risk models are used to model the individual risk of accessing or controlling system components and to automatically calculate the cumulative risk of software modes. The automated detection of potential threats by the system or reporting of known vulnerabilities will dynamically change the system risk. To support an accurate and fine grained adaptive risk model, novel statistical methods non-intrusively detect potential threats, isolate the threat to a specific component, and estimate the threat probability.
| Original language | English |
|---|---|
| Patent number | US11868479B2 |
| Publication status | Published - 09 Jan 2024 |
Fields of science
- 102022 Software development
- 502050 Business informatics
- 102040 Quantum computingÂ
- 509026 Digitalisation research
- 102034 Cyber-physical systems
- 502032 Quality management
- 102020 Medical informatics
- 102006 Computer supported cooperative work (CSCW)
- 102027 Web engineering
- 102016 IT security
- 503015 Subject didactics of technical sciences
- 102015 Information systems
- 211928 Systems engineering
JKU Focus areas
- Digital Transformation