ENsuring Secure and Safe CMD Design with Zero TRUST Principles
- Funded under
- Duration
- Overall budget
- Partnership
- Website
Aligned with the guidelines of the Cybersecurity Act and the existing guidance on cybersecurity for medical devices, ENTRUST envisions a Trust Management Architecture intended to dynamically and holistically manage the lifecycle of connected medical devices, strengthening trust and privacy in the entire medical ecosystem.
What is the objective of the ENTRUST project?
The main objective of ENTRUST is to ensure end-to-end trust management of medical devices including formally verified trust models, risk assessment process, secure lifecycle procedures, security policies, technical recommendations, and the first-ever real-time Conformity Certificates to safeguard connected medical devices.
What is the role of Future Needs?
Future Needs leads the Dissemination, Communication, Exploitation and Impact Creation work package, where it will create an Open-Source Roadmap. Furthermore, Future Needs leads the tasks for Data Management, Legal and Ethical Compliance of the project and the task Shaping the Ethical & Legal Dimension of Trust Management in Next-Generation of smart connected medical devices in which will conduct an ethical analysis.
What is the aim of the ENTRUST project?
ENTRUST will leverage a series of breakthrough solutions to enhance assurance without limiting the applicability of connected medical devices by enclosing them to cybersecurity features. The project will introduce a novel remote attestation mechanism to ensure the device’s correct operation at runtime regardless of its computational power; will be efficient enough to run in also resource-constrained real-time systems such as the medical devices.
Which needs does ENTRUST address?
There is a need for targeted design and development of Medical Device – specific defensive mechanisms that occurs from:
- The absence of a holistic security and privacy solution throughout the entire lifecycle of a heterogeneous medical device
- The lack of a trust establishment mechanism among all the stakeholder in the healthcare supply chain
- The absence of formal verification approaches for medical devices
- The absence of runtime assurance for the connected medical devices
- The lack of cyber security culture and visibility in healthcare domain
ENTRUST latest Updates
You can find the latest press release from our project here 📰