Systematic Evaluation of Manufacturer Disclosure Statements for Medical Device Security (MDS2) to Strengthen Hospital OT Security Measures - Lessons Learned.

Studies in health technology and informatics Pub Date : 2025-09-03 DOI:10.3233/SHTI251404

Stefan Stein, Michael Pilgermann, Martin Sedlmayr

{"title":"Systematic Evaluation of Manufacturer Disclosure Statements for Medical Device Security (MDS2) to Strengthen Hospital OT Security Measures - Lessons Learned.","authors":"Stefan Stein, Michael Pilgermann, Martin Sedlmayr","doi":"10.3233/SHTI251404","DOIUrl":null,"url":null,"abstract":"Introduction: The growing number of connected medical devices in hospitals poses serious operational technology (OT) security challenges. Effective countermeasures require a structured analysis of the communication interfaces and security configurations of individual devices.State of the art: Although Manufacturer Disclosure Statements for Medical Device Security (MDS2, Version 2019) offer relevant information, they are rarely integrated into cybersecurity workflows. Existing studies are limited in scope and lack scalable methodologies for systematic evaluation.Concept: This study analyzed 209 MDS2 documents and 161 security white papers to extract structured information on ports, protocols, and protective measures. Over 52,000 question-answer pairs were converted into a machine-readable format using customized parsing and validation routines. The aim was to establish whether this dataset could inform risk assessments and future applications involving Large Language Models (LLMs).Implementation: The analysis revealed 367 distinct ports, including common protocols such as HTTPS (443), DICOM (104), and RDP (3389), as well as vendor-specific proprietary ports. Approximately 40% of the devices used over 20 ports, indicating a broad attack surface. OCR errors and inconsistent formatting required manual corrections. A consolidated dataset was developed to support clustering, comparison across vendors and versions, and preparation for downstream LLM use, particularly via structured SBOM and configuration data.Lessons learned: Although no model training was conducted, the structured dataset can support AI-based OT security workflows. The findings highlight the critical need for up-to-date, machine-readable manufacturer data in standardized formats and schemas. Such information could greatly enhance the automation, comparability, and scalability of hospital cybersecurity measures.","PeriodicalId":94357,"journal":{"name":"Studies in health technology and informatics","volume":"331 ","pages":"256-264"},"PeriodicalIF":0.0000,"publicationDate":"2025-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Studies in health technology and informatics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3233/SHTI251404","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Introduction: The growing number of connected medical devices in hospitals poses serious operational technology (OT) security challenges. Effective countermeasures require a structured analysis of the communication interfaces and security configurations of individual devices.

State of the art: Although Manufacturer Disclosure Statements for Medical Device Security (MDS2, Version 2019) offer relevant information, they are rarely integrated into cybersecurity workflows. Existing studies are limited in scope and lack scalable methodologies for systematic evaluation.

Concept: This study analyzed 209 MDS2 documents and 161 security white papers to extract structured information on ports, protocols, and protective measures. Over 52,000 question-answer pairs were converted into a machine-readable format using customized parsing and validation routines. The aim was to establish whether this dataset could inform risk assessments and future applications involving Large Language Models (LLMs).

Implementation: The analysis revealed 367 distinct ports, including common protocols such as HTTPS (443), DICOM (104), and RDP (3389), as well as vendor-specific proprietary ports. Approximately 40% of the devices used over 20 ports, indicating a broad attack surface. OCR errors and inconsistent formatting required manual corrections. A consolidated dataset was developed to support clustering, comparison across vendors and versions, and preparation for downstream LLM use, particularly via structured SBOM and configuration data.

Lessons learned: Although no model training was conducted, the structured dataset can support AI-based OT security workflows. The findings highlight the critical need for up-to-date, machine-readable manufacturer data in standardized formats and schemas. Such information could greatly enhance the automation, comparability, and scalability of hospital cybersecurity measures.

查看原文本刊更多论文

系统评估医疗器械安全制造商披露声明（MDS2）以加强医院OT安全措施-经验教训。

导言：医院中越来越多的联网医疗设备带来了严重的运营技术（OT）安全挑战。有效的对策需要对单个设备的通信接口和安全配置进行结构化分析。最新进展：尽管《医疗设备安全制造商披露声明》（MDS2, 2019版）提供了相关信息，但它们很少被集成到网络安全工作流程中。现有的研究范围有限，缺乏可扩展的系统评价方法。概念：本研究分析了209份MDS2文件和161份安全白皮书，提取了端口、协议和保护措施的结构化信息。使用自定义的解析和验证例程将超过52,000个问答对转换为机器可读的格式。目的是确定该数据集是否可以为涉及大型语言模型（llm）的风险评估和未来应用提供信息。实现：分析显示了367个不同的端口，包括常见的协议，如HTTPS（443）、DICOM（104）和RDP(3389)，以及特定于供应商的专有端口。大约40%的设备使用超过20个端口，表明攻击面很广。OCR错误和不一致的格式需要手动更正。开发了一个统一的数据集，以支持集群，跨供应商和版本的比较，并为下游LLM的使用做准备，特别是通过结构化的SBOM和配置数据。经验教训：虽然没有进行模型训练，但结构化数据集可以支持基于人工智能的OT安全工作流程。研究结果强调了以标准化格式和模式提供最新的、机器可读的制造商数据的迫切需要。这些信息可以极大地提高医院网络安全措施的自动化、可比性和可扩展性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Studies in health technology and informatics

自引率

0.00%

发文量