D5 - Final report
What we studied
Last updated
Was this helpful?
What we studied
Last updated
Was this helpful?
An overview of the project is available at https://blog.fimbault.com/lessons-learned-from-our-mediam-project.
The mediam project studied:
the cybersecurity requirements for healthcare organisations and medical device vendors, both in terms of minimal regulatory requirements and continuous best practices
an architecture focused on machine identities and zero trust protocols at every step
We could validate the following architecture:
Compared to state of the art solution, the mediam project investigated the use of HTTP (and version 3 in particular) within IoT stacks, as a way to enable:
convergence of IP and non-IP networks (thanks to SCHC compression)
dependable updates
secure channels with end to end encryption
advanced authorization mechanisms using GNAP
This architecture is able to support secure communication of configuration data, sensor readings, control instructions and firmware updates. We implemented prototypes that demonstrated that the 3 business cases encountered by healthcare organisations (IT, biomedical devices, BMS) can be successfully implemented, contrary to existing architectures.