Medical Device Threat Modeling with Templates
Modern medical Devices contain many software components and are growing exponentially in complexity. The medical devices environment has typically struggled to threat model while the practice has become standard procedure for software systems. To help solve the problem for our engineering teams, we created a threat model template that combines the software and medical device specific threat modeling specifics together. We will demonstrate our creation and show how it’s lessons learned potentially apply to other IoT domains.
Valery Berestetsky, Principal Product Security Leader at GE Healthcare Digital
Valery Berestetsky is a Senior Security and Technical Program Manager with over 20 years of demonstrated industrial experience that covers a wide range of technologies and customer exposure. Berestetsky is experienced in application security, security risk assessments and compliance evaluations, as well as the complete project life cycle, particularly in the requirements gathering, design, development and deployment phases and building security into all these phases.
Jonathan Schaaf, Staff Product Security Analyst at GE Healthcare Digital
Jonathan Schaaf is a Product Development Security Specialist at GE Healthcare. He works with diagnostic imaging teams to help them hunt down and destroy security vulnerabilities. Schaaf is a Linux guy but fancies himself a jack of all trades. He’s particularly passionate about software that is critical to human life, and previously wrote software in the aviation industry. Schaaf has his private pilot’s license and enjoys using it to explore Wisconsin.
Get promotions and special offers directly to your inbox.