New Cybersecurity course for medical device software has started in Heilbronn

As part of HiGHmed's joint teaching and training programme, the Heilbronn University of Applied Sciences (HHN) has developed the innovative e-learning module entitled “Secure SW-Development for Medical Devices".

The HiGHmed consortium – made up of renowned German medical institutes – empowers aspiring leaders of the healthcare field of tomorrow, by promoting digital literacy and supporting digital integration across all fields of allied health. To achieve this, HiGHmed is developing HiGHmeducation – an innovative training framework for teaching health informatics and data science skills to physicians, nurses and other staff from all fields of allied health. Multiple newly established online courses are already underway, right across our various academic partner sites. These online courses can be taken individually and we will soon offering an integrated vocational training programme, which will allow participants to earn HiGHmed professional certificates in e-health.

As part of HiGHmed's joint teaching and training programme, the Heilbronn University of Applied Sciences (HHN) has developed the innovative e-learning module entitled “Secure SW-Development for Medical Devices”. It is embedded in the cooperative Medical Informatics Master’s programme, jointly realised by Heilbronn University of Applied Sciences and Heidelberg University. In the medical field nowadays, both diagnostic and therapeutic functionality is increasingly realised “in silico”: software becomes a medical device. Medical devices are regulated worldwide, in order to ensure safety, reliability and effectiveness, but they are also standardised and, increasingly, produced with full interconnectivity. Unfortunately, this gives attackers the opportunity to exploit existing vulnerabilities. Many software-based medical devices, e.g. implantable pacemakers and insulin pumps, suffer from weak security practices. Therefore, regulatory agencies worldwide increasingly see cybersecurity as an integral part of the product lifecycle.

Our module addresses these security shortcomings and teaches the medical device manufacturers of tomorrow to build secure software for medical devices that more than satisfy the regulatory requirements. Over 14 weeks, the students learn how to setup and implement a secure software development lifecycle for medical device software. Every phase of the traditional software development lifecycle is accompanied by additional activities, such as threat modelling, attack trees and practical penetration testing, to increase the resulting security of the medical device software.

By offering the course online, students can participate at a location and time convenient to them. The most recent course, which started in September 2019 and was open to master students of medical informatics, has just completed.

The next course begins in March 2020 and will be available to students and employees of the academic partners and the other institutions involved in the HiGHmed project. If you want to participate in our course, please send an e-mail to info@highmed-lehre.de.

First posted 22.01.2020, 12:00:00.