Interoperable medical devices (IMDs) face threats due to the increased attack surface presented by interoperability and the corresponding infrastructure. Introducing networking and coordination functionalities fundamentally alters medical systems' security properties. Understanding the threats is an important first step in eventually designing security solutions for such systems. Part 2 of this two-part article defines a failure model, or the specific ways in which IMD environments might fail when attacked. An attack-consequences model expresses the combination of failures experienced by IMD environments for each attack vector. This analysis leads to interesting conclusions about regulatory classes of medical devices in IMD environments subject to attacks. Part 1 can be found here: http://doi.ieeecomputersociety.org/10.1109/MSP.2012.128.

中文翻译：

---

安全和可互操作医疗设备系统，第 2 部分：故障、后果和分类

由于互操作性和相应的基础设施带来的攻击面增加，可互操作的医疗设备 (IMD) 面临威胁。引入网络和协调功能从根本上改变了医疗系统的安全特性。了解威胁是最终为此类系统设计安全解决方案的重要第一步。这篇由两部分组成的文章的第 2 部分定义了一个故障模型，或 IMD 环境在受到攻击时可能出现故障的具体方式。攻击后果模型表示 IMD 环境针对每个攻击向量所经历的故障组合。该分析得出了有关 IMD 环境中易受攻击的医疗设备监管类别的有趣结论。第 1 部分可以在这里找到：http://doi.ieeecomputersociety.org/10.1109/MSP.2012.128。