Redesigning Trust: A Service Design Concept for Cybersecurity traning in Connected Medical Devices
A service-design driven investigation and design addressing medical device cybersecurity
training across stakeholders in the connected medical device lifecycle.
METHODOLOGIES
Mapping the neighbourhood
The hidden relationships
A sense of contrast
Desk audit on:
Topic background & exploration on existing CMD lifecycle management process and effective cybersecurity in this process
2
3
4
5
6
7
8
Literature review on existing regulations on cybersecurity compliance
Synthesis to identify problems and inform design opportunities and hypothesis
User research
?
Research
Interpret
Ideate
Develop/Pilot
First Design hypothesis-a improved scenario
Exploration of underlying concepts to support the design proposal
Case studies based on design proposal to develop new service concept
Design brief: System assets of the final service concept
?
What practices and strategies,or behavioural patterns can be readapted or improved to apply in the new design scenario?
What are the problems identified in top priority and the design opportunities?
?
what are the current CMD Cybersecurity challenges during the lifecycle and its management process?
1
PRELIMINARY RESEARCH
How I crafted the whole research phases
To proceed with the preliminary research, I have compiled some major domain-specific guidelines, standards, and best practices, along with the feedback from stakeholder workshops, to draft a medical device cybersecurity management lifecycle.
Three majors focus area was digged into:
From the preliminary research,
· Background of medical device cybersecurity
· A comprehensive view of CMD cybersecurity compliance process, identified relevant SD assets, eg. stakeholder map
· A systematic review of current standards, guidelines and best practices applied to CMD, in 29 the context of cybersecurity lifecycle management
THE UNMET CHALLENGES
Compliance in CMDs Cybersecurity
By consolidating and analysing the secondary research completed in the previous three sections, I have initially uncovered the following vulnerabilities and problems in existing regulations, guidelines and best practices, standards, which will potentially lead to issues regarding of cybersecurity regulatory compliance process in CMDs.
Uniformity and harmonization
The lack of uniformity and harmonization in existing regulations, standards, guidelines and best practices is one of the challenges faced by medical device manufacturers when it comes to figuring out what regulations apply to their devices.
Sharing responsibility among primary stakeholders
While the majority of guidelines and best practices recogniSe that cybersecurity is a collective responsibility among all stakeholders involved, half of the publications that are identified in this project have primarily only emphasiSe the actions required from medical device manufacturers.
USER RESEARCH
1. Gather in-depth insights from key stakeholders(CMD manufacture, integrator, operator) regarding CMD cybersecurity lifecycle management work and communication issues.
2. Engage stakeholders in a collaborative setting for a deeper understanding and exploration of practical needs, improvements and potential resolutions.
Semi-structured survey
Focusing on 3 pillars
>Approaches on CMD cybersecurity
>Cybersecurity awareness
>Compliance issues
3 CMD manufacturers
2 CMD integrators
4 CMD operators
Pre-workshop survey and workshops
Across 4 countries with over 40
participants including all three primary stakeholder groups
The workshops followed 3 stages:
>Create a shared understanding
>Defining problem statements
>Future scenario exploitation
RESEARCH SYNTHESIS
Although a large amount of quantitative data emerged during the survey, I highlight the qualitative data to showcase the most condensed insights from the entire research phase.
A thorough thematic analysis has been employed to examine qualitative data, which encompasses information pertaining to opinions, thoughts, feelings, and other descriptive details. The main themes I distilled and summarised in this were the following: • • • Existing work flow on cybersecurity lifecycle management Challenges identified
Future recommendations
Synthesised results pulling off the research objectives
Extracted insights from the interviews and workshops
RESHAPING VAGUE CHALLENGES
After extensive studies, both through desk research and user research, I have successfully identified the most critical and significant challenges that medical device cybersecurity is now facing. The figures below illustrate that these challenges are not only crucial but also demand prompt attention and strategic solutions.
Rapid changes in
regulations
The driving forces
/Rapid technological advancements with limited cybersecurity resources and expertise
/Emerging malicious actors (hackers) and evolving threat landscape
/A reactive approach is costly in development, infrastructure, and documentation efforts, without providing any visible benefits or added value to customers.
Fragmented dialogue
within healthcare
personnel
The driving forces
/Static nature of regulations and challenges
/Coordination and enforcement Challenges
/Cumbersome processes and information dissemination
/Lack of interoperability and data siloses
Cybersecurity awareness
and training
The driving forces
/Rapid technological advancements and complexity
/Diversity in personnel backgrounds and literacy levels
/Disconnection between technological advancements and inherent understanding
Flexibility in monitoring and responding incidents
The driving forces
/Increasing need for additional personnel to manage monetary costs.
/Demand for more complex data infrastructure and cloud computing solutions.
/The rise of automated and self-monitored systems.
/Growing requirement for processes that enable the exercise of the right to data erasure.
SEEKING THE OPPORTUNITIES-RESOURCE REALLOCATION
Following the initial research, I extracted key insights to identify potential design opportunities. The extraction of these opportunities was grounded in the previously mapped CMD cybersecurity management life cycle, and the interaction flow among the three primary stakeholder groups.
Then an evaluation of the desirability, feasibility and viability of identified user research-based high-level opportunities was conducted.
From where I mapped out the opportunities that implied an integration in responsibilities, static information, and incident response:
Interpersonnel communication
The most significant of these problems is a recognised lack of engagement with healthcare personnel, which is critical to the proper deployment of cybersecurity measures.
Educational
significance
Furthermore, the need to increase cybersecurity knowledge and training stands out, emphasising the critical role of education in bolstering defences against emerging threats.
Incident
response
The requirement for more flexibility in monitoring and responding utilising scenario-based approaches emerges as a critical goal for guaranteeing adaptation in the face of changing cybersecurity landscapes.
HOW MIGHT WE…?
Lifecycle-Design
-How might we enhance communication and shared responsibility with integrators and operators during the integration and operation phase? -How might we foster collaboration among stakeholders to improve risk response in the CMD lifecycle? -How might we increase cybersecurity awareness among manufacturers, integrators, and operators involved in device deployment? -How might we create a culture of open dialogue and transparency in addressing risks during integration and operation?
Lifecycle-Integration
-How might we collaborate more effectively with manufacturers and other stakeholders on cybersecurity awareness? -How might we streamline processes for addressing cybersecurity risks during integration and operation? -How might we encourage proactive discussions on risk management during the CMD lifecycle? -How might we empower integrators and operators to take an active role in cybersecurity measures?
Lifecycle-CMD End-user
-How might we increase awareness of cybersecurity protocols and best practices among end-users? -How might we empower end-users to play a proactive role in ensuring device security during operation? -How might we promote a sense of shared responsibility for cybersecurity among all stakeholders in the CMD lifecycle?
INITIAL DESIGN HYPOTHESIS TO UNCOVER UNDERLYING CONCEPT
Problem definition
Who:
CMD manufacturers, integrators, operators
What:
In CMD lifecycle design, integration and operation phases, there is lack of dialogue and shared responsibility with involved stakeholder (manufacturers, integrator and operators) in monitoring and responsing incident, and cybersecurity awareness and training, which will cause the neglect of some necessary co-operation and sharing, allocation of resources.
When:
Primarily in all situations that encompass the three fundamental CMD lifecycles.
Design hypothesis
What:
Promote a platform with information sharing and cybersecurity training for The targeted stakeholders : CMD manufacturers, integrators, operators .(Which are recognised as "users" in this project)
Who:
CMD manufactures, integrators, operators, CMD end-users
When:
During the CMD cybersecurity lifecycle management process, the primary focus is on the design, integration, and operation phases.
From the design hypothesis
to uncover underlying concepts
With further academic research, I have summarised the incremental behavioural model for cybersecurity training and awareness as follows: the first stage involves acquiring knowledge, followed by the second phase where capabilities built up, and ultimately, cybersecurity awareness is strengthened. As shown in the first image.
In the second image, incorporating prior research and potential design prospects, the design proposal I am presenting asserts that cybersecurity training should be included into every stage of the CMD cybersecurity lifecycle management process within the scope of my project.
A self-reflection framework to inform design proposal
By integrating the research findings with the initial design hypotheses, I have developed a framework to inform the final design concept.
Information sharing assists in detecting potential facilitates emergency preparedness by supporting rapid dissemination of information concerning imminent natural or man-made threats or response . (Brown, 2015). Through an examination and amalgamation of the risk-management framework put forth by the NIST, I have discerned the ways in which information sharing will contribute to the cybersecurity training and awareness system.
THE FINAL SERVICE DESIGN ASSETS
Case studies:
By investigating and conducting a general research inquiry into exemplary cases within the realm of CMD cybersecurity information-sharing and training platforms or services. Three main pillars were explicitly discovered, which include:
· Scenario-based training
· Game exercises
· Online academy/repository
The service offering model
/What :
A scenario-based training and respond platform for multi- stakeholders during the CMD lifecycle management process
/Who:
CMD manufacturers, integrators and operators (as well as other indirectly involved stakeholers)
/When and where:
Existed in the three essential CMD lifecycle phases (design, integration and operation) of CMD cybersecurity lifecycle management process, within the relevant organisations.
Service overview
Scesta is an online platform designed to enhance the capabilities and collaboration among medical device manufacturers, integrators, and operators in the realm of Connected Medical Device (CMD) cybersecurity lifecycle management.
This service leverages a scenario-based training and response system to empower stakeholders, focusing on three key pillars.
Live-Wiki for knowledge acquisition
Features
/Aggregate existing CMD cybersecurity information from reputable sources.
/Enable real-time updates and contributions from stakeholders.
/Categorize information for easy navigation and understanding.
Digital platform functionalities
/Static and incident-specific information
/Contribute to Cross-functional interaction pattern
/Behaviour/tasks matrix
/CMD Lifecycle overview
/Incident/threat sizing
Scenario base for capacity building
Features
/Respond questions of Other Scenarios:
/Complete Exercises (Select and input task-resource and skills): Designed exercises that based on real-world CMD cybersecurity lifecycle management scenarios created by other stakeholders
Digital platform functionalities
/LIVE WIKI assistance
/Create new scenarios
/Respond to scenarios by scenario-guiding questions
/Exercises in specific scenarios
/Task lists, resources/knowledge/
skills/tools repository
Performance reporting for strengthening awareness
Features
/Generate scenario response reports that highlight successful strategies and areas for improvement.
/Issue performance reports after completing exercises, showcasing proficiency in CMD lifecycle management.
/Utilize performance metrics to tailor personalized learning paths for stakeholders.
Digital platform functionalities
/Comparative analysis
/Weak factors
/Capacity Levels
/Vulnerability management
/Unsatisfactory and satisfactory
Service Blueprint
Service Prototypes
1. Gather in-depth insights from key stakeholders(CMD manufacture, integrator, operator) regarding CMD cybersecurity lifecycle management work and communication issues.
2. Engage stakeholders in a collaborative setting for a deeper understanding and exploration of practical needs, improvements and potential resolutions.
CONCLUSION AND FUTURE IMPROVEMENTS
Conclusion
This designed service explores the complexities of connected medical device (CMD) cybersecurity lifecycle management within the EU research project NEMECYS. Through both secondary and primary research, it examines the challenges faced by key stakeholders—manufacturers, integrators, and operators—in maintaining secure CMD ecosystems.
Early research revealed gaps in communication, shared responsibility, incident response, and cybersecurity awareness. These disconnects often lead to insufficient collaboration and poor allocation of resources across the lifecycle.
To address these issues, I developed an service concept which deliver an online, scenario-based training and response platform designed to strengthen cybersecurity knowledge, build capacity, and enhance awareness. The platform strengthens cross-stakeholder collaboration and supports more coordinated, effective responses to the evolving cybersecurity risks present in real healthcare environments.
Future improvements
/Exploring the integration of emerging technologies such as artificial intelligence, machine learning, or blockchain to enhance the platform's capabilities in adapting to new cybersecurity challenges in CMD lifecycle management and providing more dynamic and personalised scenarios.
/Conducting longitudinal studies to measure the long-term impact of the training platform on the CMD cybersecurity lifecycle management.
/Ensuring the platform's accessibility and inclusivity by considering different training styles, languages, and work backgrounds. This would enhance the effectiveness of the training for a diverse range of stakeholders.
Want to check out the whole thesis? Contact me via email directly!