IEC TR 80001-2-9:2017 包含医疗设备的IT网络风险管理的应用第2-9部分:应用指南证明IEC TR 80001-2-2安全能力信心的安全保证案例使用指南

标准编号：IEC TR 80001-2-9:2017

中文名称：包含医疗设备的IT网络风险管理的应用第2-9部分:应用指南证明IEC TR 80001-2-2安全能力信心的安全保证案例使用指南

英文名称：Application of risk management for IT-networks incorporating medical devices - Part 2-9: Application guidance - Guidance for use of security assurance cases to demonstrate confidence in IEC TR 80001-2-2 security capabilities

发布日期：2017-01-30

标准范围

IEC TR 80001-2-9:20 17（E）建立了安全案例框架，并为医疗保健提供组织（HDO）和医疗器械制造商（MDM）提供了识别、开发、解释、更新和维护联网医疗器械安全案例的指导。使用80001的这一部分旨在成为弥合MDM和HDO之间差距的可能手段之一，以提供足够的信息来支持IT网络的HDO风险管理。本文件利用ISO/IEC 15026-2中规定的要求来开发保证案例。本安全案例框架并非旨在取代风险管理策略，而是旨在补充风险管理，进而通过以下方式为医疗器械提供更高水平的保证:-将特定风险管理步骤映射到IEC TR 80001-2-2安全能力中的每一个，识别相关联的威胁和漏洞，并以包括可重复使用的安全模式的安全案例的格式呈现它们；-为选择适当的安全控制以建立安全能力提供指导，并将其作为安全案例模式的一部分呈现（IEC TR 80001-2-8提供了此类安全控制的示例）；-提供证据以支持安全控制的实施，从而为建立每个安全能力提供信心。开发安全案例的目的是展示对建立IEC TR 80001-2-2安全能力的信心。在安全案例开发期间收集和记录的工件的质量作为相关涉众之间责任协议的一部分进行商定和记录。本文档为一种这样的方法提供了指导，通过使用特定的安全模式，以系统的方式开发和解释安全案例。

IEC TR 80001-2-9:2017(E) establishes a security case framework and provides guidance to health care delivery organizations (HDO) and medical device manufacturers (MDM) for identifying, developing, interpreting, updating and maintaining security cases for networked medical devices. Use of this part of 80001 is intended to be one of the possible means to bridge the gap between MDMs and HDOs in providing adequate information to support the HDOs risk management of IT-networks. This document leverages the requirements set out in ISO/IEC 15026-2 for the development of assurance cases. It is not intended that this security case framework will replace a risk management strategy, rather, the intention is to complement risk management and in turn provide a greater level of assurance for a medical device by:
- mapping specific risk management steps to each of the IEC TR 80001-2-2 security capabilities, identifying associated threats and vulnerabilities and presenting them in the format of a security case with the inclusion of a re-useable security pattern;
- providing guidance for the selection of appropriate security controls to establish security capabilities and presenting them as part of the security case pattern (IEC TR 80001-2-8 provides examples of such security controls);
- providing evidence to support the implementation of a security control, hence providing confidence in the establishment of each of the security capabilities.
The purpose of developing the security case is to demonstrate confidence in the establishment of IEC TR 80001-2-2 security capabilities. The quality of artifacts gathered and documented during the development of the security case is agreed and documented as part of a responsibility agreement between the relevant stakeholders. This document provides guidance for one such methodology, through the use of a specific security pattern, to develop and interpret security cases in a systematic manner.

标准预览图