OULU, FINLAND and SARATOGA, CA, USA, June 26, 2012 -- Codenomicon, the leading vendor of proactive security testing software, has joined the Medical Device Innovation, Safety and Security Consortium (MDISS) to enhance the security in solutions and devices in the healthcare industry. Security test automation provided by Codenomicon will help the medical industry in building safety-critical systems.
"This cooperation helps the medical device industry to make their solutions even more reliable and to save lives in the long run," says Dr. Dale Nordenberg, Executive Director and Co-Founder of MDISS.
Codenomicon's Defensics test tool relies on fuzz testing, a technique where invalid or unexpected input is fed to the system under test to reveal potentially harmful software flaws. Attacks to medical devices can come from communication interfaces such as Bluetooth.
"A large percentage of medical devices are now connected to the outside world through wireless and fixed data-networks," says Jeff Walker from Codenomicon. "Until now, there hasn't been a focus on testing these systems thoroughly for threats or vulnerabilities," he continues.
The technique used by Codenomicon is particularly effective in finding previously unknown, so called zero-day vulnerabilities. Unknown vulnerabilities are a challenge to product security, since there are no patches available, no way to protect the system against attacks targeted to unknown vulnerabilities.
"The person receiving the treatment is placing their health on the line in case medical devices fail to work reliably or are vulnerable to malicious activities," says Kari Hytönen from Codenomicon. "The potential loss of life due to inappropriate security testing is negligence as the solutions are available to the industry."
Codenomicon Unknown Vulnerability Management (UVM) helps organizations to locate zero-day vulnerabilities within their systems before they pose a threat, but also the methodology on how to remediate them.
For more information on Unknown Vulnerability Management, visit: http://www.codenomicon.com/unknown
For more information on security of medical devices, visit: http://www.codenomicon.com/solutions/medical/
For more information on the Medical Device Innovation, Safety and Security (MDISS) consortium go to: http://www.mdiss.org
For more information contact: •Mr Jeff Walker, Codenomicon Business Development, Medical Systems Security Testing, firstname.lastname@example.org •Mr Kari Hytönen, Codenomicon Manager of Security Strategies and Standards, email@example.com •Dr Dale Nordenberg, MDISS Executive Director and Co-Founder, firstname.lastname@example.org
About Codenomicon Ltd
Codenomicon finds security vulnerabilities others can't find. Companies rely on Codenomicon's solutions to discover zero-day vulnerabilities that cause Denial of Service (DoS) and data leakage if exploited by hackers -- the unknown vulnerabilities Advanced Persistent Threats (APTs) use to break into systems. Codenomicon's customers include Alcatel-Lucent, AT&T, Cisco Systems, Microsoft, Motorola, Google, Verizon, Nokia Siemens Networks, Huawei, and T-Systems.
While the group’s CTO Wayne Kubick supports the move from an outdated, custom platform to a commercial EHR, organizations don’t need to be on the same platform to be interoperable, he said.
Limitations in its data system prevent metrics from capturing all provider types and provider workload – among other technical and policy flaws.
Two University of Michigan physicians explain how device info could be used to make better decisions and improve care.
Prototype could help by creating a digital identity for 1.1 billion people around the world who don’t have a formal ID.