基于Microsoft威胁建模工具的医疗健康
场景下医疗器械网络安全问题分析方法

doi:10.3969/j.issn.1674-1633.2023.12.021

摘要
图/表
参考文献
相关文章 (15)

全文: PDF (2023 KB) HTML (1 KB)
输出: BibTeX | EndNote (RIS)

摘要目的模拟构建医疗健康场景，针对医疗器械设备及整个场景存在的威胁制定检测方法和评分标准，为医疗健康场景下医疗器械网络安全问题提供解决思路。方法根据医疗健康场景的特殊性，对模拟的医疗健康场景进行分析并构建出数据流图，运用Microsoft威胁建模工具根据STRIDE模型生成漏洞列表，对其中的漏洞和风险进行分析，制定针对医疗器械场景特殊性的评分标准和渗透测试方法，提出解决办法并进行风险降级。结果根据场景的数据流图生成漏洞列表，共66个威胁，包含15个S（假冒）、3个T（篡改）、10个R（否认）、4个I（信息泄露）、14个D（拒绝服务）和20个E（权限提升）。对以上威胁进行分类并分析原因，提出解决办法缓解威胁并进行风险降级。结论通过Microsoft威胁建模工具对医疗健康场景下医疗器械网络安全进行分析，可以科学有效地分析出场景下可能遇到的网络安全问题，在一定程度上避免或预防由网络安全问题带来的后果及影响。

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	姜宗伯¹
	2
	李澍²
	刘颖颖³

关键词 ：医疗健康场景, 医疗器械, 网络安全, 威胁建模, STRIDE模型

Abstract：Objective To simulate the construction of medical health scenarios, and formulate detection methods and scoring standards for threats to medical equipment and the entire scene, to provide solutions for network security issues of medical devices under medical health scenarios. Methods According to the particularity of the medical health scenario, the simulated medical health scenario was analyzed and the data flow diagram was constructed. The Microsoft threat modeling tool was used to generate a vulnerability list according to the STRIDE model, and the vulnerabilities and risks were analyzed. The scoring standards and penetration testing methods for the particularity of the medical device scenario were formulated, and solutions were proposed and risk downgrade was carried out. Results A list of vulnerabilities was generated based on the scenario’s data flow diagram, with a total of 66 threats, including 15 ‘S’ (spoofing), 3 ‘T’ (tampering), 10 ‘R’ (repudiation), 4 ‘I’ (information disclosure), 14 ‘D’ (denial of service), and 20 ‘E’ (elevation of privilege). The threats were categorized, their causes were analyzed, and the solutions were proposed to mitigate them and downgrade risks. Conclusion The analysis of medical device network security under medical health scenarios through Microsoft threat modeling tool can scientifically and effectively analyze the network security problems that may be encountered in the scenario, and avoid or prevent the consequences and impact caused by network security problems to a certain extent.

Key words： medical health scenarios medical devices network security threat modeling STRIDE model

收稿日期: 2023-06-16

ZTFLH:

R197.39

基金资助:国家重点研发计划（2020YFC2007104）。

通讯作者: 李澍 E-mail: lishu@nifdc.org.cn

引用本文:

姜宗伯^1,2，李澍²，刘颖颖³. 基于Microsoft威胁建模工具的医疗健康场景下医疗器械网络安全问题分析方法[J]. 中国医疗设备, 2023, 38(12): 113-118.
JIANG Zongbo^1,2, LI Shu², LIU Yingying³. Network Security Analysis Method for Medical Devices Under Medical Health Scenarios Based on Microsoft Threat Modeling Tool. China Medical Devices, 2023, 38(12): 113-118.

链接本文:

http://cs.china-cmd.org/zgylsb/CN/10.3969/j.issn.1674-1633.2023.12.021 或 http://cs.china-cmd.org/zgylsb/CN/Y2023/V38/I12/113