درباره ما
IEEE/ISO International Standard-Health informatics--Device interoperability--Part 40101: Foundational--Cybersecurity--Processes for vulnerability assessment
ISO/IEEE 11073-40101:2022(E)
Year: 2022
Abstract: For Personal Health Devices (PHDs) and Point-of-Care Devices (PoCDs), an iterative, systematic, scalable, and auditable approach to identification of cybersecurity vulnerabilities and estimation of risk is defined by this standard. The standard presents one approach to iterative vulnerability assessment that uses the Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege (STRIDE) classification scheme and the embedded Common Vulnerability Scoring System (eCVSS). The assessment includes system context, system decomposition, pre-mitigation scoring, mitigation, and post-mitigation scoring and iterates until the remaining vulnerabilities are reduced to an acceptable level of risk.
Subject: embedded Common Vulnerability Scoring System
-
Statistics
IEEE/ISO International Standard-Health informatics--Device interoperability--Part 40101: Foundational--Cybersecurity--Processes for vulnerability assessment
Show full item record
| contributor author | IEEE - The Institute of Electrical and Electronics Engineers, Inc. | |
| date accessioned | 2022-07-04T20:40:03Z | |
| date available | 2022-07-04T20:40:03Z | |
| date copyright | 18 March 2022 | |
| date issued | 2022 | |
| identifier other | 9738537.pdf | |
| identifier uri | http://yse.yabesh.ir/std;query=autho162s6596FCDCAC4261590-%20Naval%20/handle/yse/312689 | |
| description abstract | For Personal Health Devices (PHDs) and Point-of-Care Devices (PoCDs), an iterative, systematic, scalable, and auditable approach to identification of cybersecurity vulnerabilities and estimation of risk is defined by this standard. The standard presents one approach to iterative vulnerability assessment that uses the Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege (STRIDE) classification scheme and the embedded Common Vulnerability Scoring System (eCVSS). The assessment includes system context, system decomposition, pre-mitigation scoring, mitigation, and post-mitigation scoring and iterates until the remaining vulnerabilities are reduced to an acceptable level of risk. | |
| language | English | |
| title | IEEE/ISO International Standard-Health informatics--Device interoperability--Part 40101: Foundational--Cybersecurity--Processes for vulnerability assessment | en |
| title | ISO/IEEE 11073-40101:2022(E) | num |
| type | Standard | |
| page | 54 | |
| tree | IEEE - The Institute of Electrical and Electronics Engineers, Inc.:;2022 | |
| contenttype | Fulltext | |
| subject keywords | embedded Common Vulnerability Scoring System | |
| subject keywords | Personal Health Devices | |
| subject keywords | cybersecurity | |
| subject keywords | STRIDE | |
| subject keywords | IEEE 11073-40101 | |
| subject keywords | medical device communication | |
| subject keywords | vulnerability assessment | |
| subject keywords | Point-of-Care Devices | |
| identifier DOI | 10.1109/IEEESTD.2022.9738537 |