The network security capabilities of medical devices affect the safety and effectiveness of the medical device products.During the development and registration process of medical device products,appropriate configurations are required to made based on the intended use and actual medical usage scenarios to reduce potential risks and harm.This study uses Shannon's information entropy theory,combines with the risk matrix method,and analyzes the potential frequency of occurrence and severity of harm after implementing some control procedures.This study establishes a normalized comprehensive risk assessment mathematical model for the network security capabilities of medical devices.In the practical application evaluation of personnel identification capabilities for X-ray image-guided systems in radiotherapy,considering the factors such as the installation location and usage scenarios of medical devices,the control procedures of replacing the secondary personnel identification during the machine operation with the personnel identification before treatment,have improved accessibility,increased the normalized Shannon information entropy value,and simultaneously reduced the normalized risk harm score,thereby significantly improving the quantitative scoring results of the normalized comprehensive risk.The normalized comprehensive risk assessment mathematical model proposed in this study is conducive to evaluating the quantitative changes in the network security capabilities of medical devices under the implementating appropriate control procedures,by providing a reliable measurement and computational basis for the network security risk management of medical device products.
medical devicecyber securityrisk managementmathematical modelinformation entropy
维普
万方数据
