🔥🔥 Don’t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

🔍
BS EN ISO/IEEE 11073-40102:2022

BS EN ISO/IEEE 11073-40102:2022

$167.15

Health informatics. Device interoperability – Foundational. Cybersecurity. Capabilities for mitigation

Published By Publication Date Number of Pages
BSI 2022 36
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Categories: ,

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

Within the context of secure plug-and-play interoperability, cybersecurity is the process and capability of preventing unauthorized access or modification, misuse, denial of use, or the unauthorized use of information that is stored on, accessed from, or transferred to and from a PHD/PoCD. The capability part of cybersecurity is information security controls related to both digital data and the relationships to safety and usability. For PHDs/PoCDs, this standard defines a security baseline of application layer cybersecurity mitigation techniques for certain use cases or for times when certain criteria are met. This standard provides a scalable information security toolbox appropriate for PHD/PoCD interfaces, which fulfills the intersection of requirements and recommendations from National Institute of Standards and Technology (NIST) and the European Network and Information Security Agency (ENISA). This standard maps to the NIST cybersecurity framework [B15]; IEC TR 80001-2-2 [B8]; and the Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege (STRIDE) classification scheme. The mitigation techniques are based on the extended CIA triad (Clause 4) and are described generally to allow manufacturers to determine the most appropriate algorithms and implementations.

PDF Catalog

PDF Pages PDF Title
2 undefined
6 Blank Page
7 Title page
9 Important Notices and Disclaimers Concerning IEEE Standards Documents
12 Participants
15 Introduction
16 Contents
17 1. Overview
1.1 General
18 1.2 Scope
1.3 Purpose
1.4 Word usage
19 2. Normative references
3. Definitions, acronyms, and abbreviations
3.1 Definitions
3.2 Acronyms and abbreviations
20 4. Information security
4.1 General
4.2 Confidentiality
4.3 Integrity
4.4 Availability
21 4.5 Non-repudiation
5. Security with safety and usability
5.1 High-level view
5.2 Safety relationships
22 5.3 Usability relationships
6. Mitigation
6.1 General
23 6.2 Software security updates
6.3 Secure design principles
24 6.4 Secure by design and secure by default principles
6.5 Privacy by design and privacy by default principles
25 6.6 Ensure robust interface design
6.7 Limit access to trusted users only
6.8 Ensure trusted content
6.9 Mapping of mitigation categories, security capabilities, mitigation techniques, and design principles
28 7. Information security controls
29 8. Information security toolbox
8.1 General
30 8.2 Nonce
8.3 Encryption
8.4 Message authentication code
31 8.5 Key exchange
32 8.6 Key derivation function
8.7 Audit trail
33 Annex A (informative) Bibliography
35 Annex B (informative) Test vectors

Related products

BS EN ISO/IEEE 11073-40102:2022
$167.15