SiKIS

In the healthcare sector, large amounts of patient health data are collected, processed and used for further diagnosis. Various medical exchange formats are used for this purpose. In hospitals, this data is managed by specialised software, the Hospital Information System (HIS). The study, Sicherheitseigenschaften von Krankenausinformationssystemen (SiKIS), which would translate to, Security Features of Hospital Information Systems, analysed the security of these HIS as well as the most commonly used message exchange formats in the healthcare sector. Two documents were produced as a result of these analyses:

The SiKIS Final Report contains the results of the analyses. First, the general principles of hospital information systems are described on the basis of freely available information. This is followed by an analysis, also based on freely available information, of the most commonly used message exchange formats in the German healthcare system (e.g. DICOM, HL7, FHIR, etc.). This includes an assessment of the cybersecurity features of these individual standards. The next section describes the pentests conducted on two exemplary HIS as part of the study. After a methodological introduction to the pentest procedure, the results are presented in anonymised form.

The findings of these studies and penetration tests are then refined into SiKIS Guidance. The target audience for this guidance document are the HIS vendors and the operating hospitals. The guidance for HIS do not refer to an individual HIS; instead, the problems identified are grouped into categories, resulting in a generalised recommendation for action. This part of the study has been published as a Community Draft, version 0.9, which enables interested experts to contribute to the finalisation of these recommendations. Feedback on the recommendations is welcome at the following e-mail address HandlungsempfehlungKIS@bsi.bund.de. The first comment period ends on 30 June 2025, but further comments will be accepted after this date in order to keep the recommendations up to date in the future. The aim is to produce a document that is beneficial in practice.

SiWamed

In recent years, sensors in wearables have been increasingly used to track health and fitness levels. Wearables are small computer systems worn directly on the body. It is now possible to measure or calculate heart rate, blood pressure, blood glucose levels, oxygen saturation in the blood, sleep patterns and calorie consumption, among other things. Wearables usually have multiple interfaces and can be connected to networks. Wearables are also often linked to mobile applications (apps) to analyse and manage sensitive data and compile statistics.

Vulnerabilities in and on health and fitness tracking devices open up a new form of personalised cybercrime for criminals. On the one hand, it is conceivable that wearables could be used to target people who have the relevant sensor technology. Targeted attacks could also be used to disrupt the recovery of people who are ill, for example when they adjust their medication based on sensors.

The project carried out a cybersecurity assessment of wearables with built-in sensors for health data collection that are marketed in Germany. An overview of the current state of the art was also provided. The project focused on devices with at least sensors for heart rate and blood oxygen saturation, ideally complemented by sensors for an electrogadiogram (ECG).

The study Security assessment of wearable devices with medical functionalities (SiWamed) focused on data security, i.e. the set of technical measures taken to protect the data processed and to ensure the integrity, confidentiality and availability of the data. To this end, the testers developed customised test plans and analysed the wearables and associated components for vulnerabilities. This involved simulating sophisticated and experienced attackers with limited time.

Based on the results of the market research, ten popular and current wearables were selected as test objects for the technical security assessment. The assessment was not limited to the wearable end device, but also included the associated mobile application and back-end application components that are typically used in conjunction with the end device.

Across the ten wearables, the technical assessment identified 110 vulnerabilities that were rated 'medium' or 'high'. None of the devices were free of vulnerabilities.

CyberPraxMed

Doctor's offices are essential for handling sensitive medical data and connected to the German healthcare network. However, so far there has been done little research on the security situation of their IT infrastructure. To improve the resilience in health care and effectively enhance the cyber security the Federal Office for Information Security (BSI) performed a study called CyberPraxMed and evaluated data from a survey of 16 selected doctor's offices. In focus of the survey were network structure, personal aspects of the staff and possibly existing security precautions. The offices were selected by the doctor's specialty, the staff's count and the geographical position in Germany.

As result, a report CyberPraxMed Abschlussbericht was written. It includes the evaluation of the vulnerabilities found and in addition, a short guide of recommendations that allows doctors to harden their offices against cyber-attacks with the least possible afford.

eMergent

The project "eMergent - Digitalisation in Emergency Services" provides an overview of the state of digitisation in ground-based emergency services with focus on IT security. For this purpose, selected products and solutions were subjected to a security analysis. The aim of the project was to provide an overview of the state of IT security of networked products in this context.

Three studies were carried out within the project, which were published separately.

The Results of the Benchmark Study provide an overview of the prevalnce of products in emergency services, the level of digitisation an networking, the main stakeholder ans state-specific features.

The Survey an study on the status of digitalisation adresses the perspective of users on the processes of digitalization, as well as the current status of emergency services. It also provides insight into future developments.

The third an final study of the project Results of the Security Investigations deals with the cybersecurity of products used in ground-based emergency-services. As part of the project, a total of eleven products were subjected to a security analysis. Opportunities for cyber-attacks were identified an the results of the eleven product analyses were presented in an anonymised form. In addition to a description of the attack vectors used, this also includes the vulnerabilities and possible recommendations for preventing them.

ManiMed

The BSI project ManiMed ("Manipulation of Medical Devices") recently focused on examining and analysing the technical security aspects of various network-enabled medical devices. It inspected the technical cyber-security features of medical devices from five defined classes:

• Implantable pacemakers and cardioverter-defibrillators (ICDs), including their programming units and accessories
• Ventilators
• Patient monitors
• Insulin pumps
• Syringe pumps

The ManiMed project started in early 2019.

eCare

Another recent project, eCare -- Digitisation in Care, sought to examine the technical security aspects of network-enabled devices used in caring for the elderly. Rather than focusing on conventional medical devices like insulin pumps or patient monitors, it dealt mainly with IoT products such as network-enabled beds, smart tableware, reminder services, and at-home emergency call systems. Such products are meant to improve the ability of people with chronic illnesses or care needs to manage their everyday lives.

The ManiMed project started in early 2019.

All related reports and publications can be accessed via the links below.