After the identification of reference scenarios and the definition of case studies dedicated to the use of cybersecurity in organisations dedicated to the delivery of healthcare, the SPHINX project presents its architectural vision for an innovative toolbox especially designed to protect hospitals and clinics from cyber threats.
Under EDGE’s leading responsibility, the performed work identified seven functional blocks to build the SPHINX System, thus ensuring the set of necessary capabilities to develop a universal framework for cybersecurity in Healthcare. These blocks allow the verification and certification of devices, components, systems and applications and the assessment of cybersecurity risks, present a set of cybersecurity tools and a decision support system and consider the settings of an infrastructure based in virtualisation and container concepts.
Consolidated in a single document by EDGE’s team, the seven functional blocks of the SPHINX architecture announce a set of twenty-one cybersecurity tools with diverse and complementary capabilities, from risk, threats and vulnerabilities assessment, protocols security analysis, traffic and anomaly detection, honeypots, intrusion detection, encryption and anonymisation, data and events forensics, management of security incidents and events, behaviour and attack simulation to the registry of threats applying blockchain technology. The prime innovation in SPHINX’s architecture is therefore the proactive assessment and mitigation of cybersecurity vulnerabilities and threats, the verification and validation of connected medical devices and the preservation of privacy and integrity of patients’ personal data.