📓
mediam
  • doc.mediam.dev
  • D1 - Specification
    • Introduction
      • What are the risks?
      • What is specific to healthcare?
      • New regulations
      • Regulatory requirements
    • Market study
      • Competitive landscape
        • Features
      • Market characteristics
      • Interviews
    • Use cases
      • Healthcare IT
      • Connected medical devices
      • BMS
    • References
  • Prototypes
    • Hardware prototype
    • Technical issues today
    • Solution architecture
    • D2 - Network management
      • HTTP3
      • SCHC
      • End to end encryption
    • D3 - Lifecycle management
      • Machine identity
        • Decentralized identity
        • DIF KERI
      • Remote updates
    • D4 - User access
  • perspectives
    • D5 - Final report
      • How to implement regulatory requirements
      • Next steps
Powered by GitBook
On this page

Was this helpful?

  1. perspectives

D5 - Final report

What we studied

PreviousD4 - User accessNextHow to implement regulatory requirements

Last updated 3 years ago

Was this helpful?

An overview of the project is available at https://blog.fimbault.com/lessons-learned-from-our-mediam-project.

The mediam project studied:

  • the cybersecurity requirements for healthcare organisations and medical device vendors, both in terms of minimal regulatory requirements and continuous best practices

  • an architecture focused on machine identities and zero trust protocols at every step

We could validate the following architecture:

Compared to state of the art solution, the mediam project investigated the use of HTTP (and version 3 in particular) within IoT stacks, as a way to enable:

  • convergence of IP and non-IP networks (thanks to SCHC compression)

  • dependable updates

  • secure channels with end to end encryption

  • advanced authorization mechanisms using GNAP

This architecture is able to support secure communication of configuration data, sensor readings, control instructions and firmware updates. We implemented prototypes that demonstrated that the 3 business cases encountered by healthcare organisations (IT, biomedical devices, BMS) can be successfully implemented, contrary to existing architectures.

Final medIAM architecture