{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,19]],"date-time":"2026-03-19T13:14:59Z","timestamp":1773926099787,"version":"3.50.1"},"publisher-location":"Cham","reference-count":21,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319242545","type":"print"},{"value":"9783319242552","type":"electronic"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-24255-2_15","type":"book-chapter","created":{"date-parts":[[2015,9,5]],"date-time":"2015-09-05T09:51:13Z","timestamp":1441446673000},"page":"197-209","source":"Crossref","is-referenced-by-count":3,"title":["Towards an International Security Case Framework for Networked Medical Devices"],"prefix":"10.1007","author":[{"given":"Anita","family":"Finnegan","sequence":"first","affiliation":[]},{"given":"Fergal","family":"McCaffery","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,11,25]]},"reference":[{"key":"15_CR1","unstructured":"Radcliffe, J.: Hacking medical devices for fun and insulin: breaking the human SCADA system. In: Black Hat Conference Presentation Slides (2011)"},{"key":"15_CR2","unstructured":"Government Accountability Office: Medical Devices, FDA Should Expland Its Consideration of Information Security for Certain Types of Devices, GAO, Editor (2012)"},{"key":"15_CR3","unstructured":"FDA and CDRH: Content of Premarket Submissions for Management of Cybersecurity in Medical Devices, in Draft Guidance for Industry and Food and Drug Administration Staff (2013)"},{"key":"15_CR4","doi-asserted-by":"crossref","unstructured":"Finnegan, A., McCaffery, F.: A security argument pattern for medical device assurance cases. In: ASSURE 2014, Naples, Italy. IEEE (2014)","DOI":"10.1109\/ISSREW.2014.89"},{"key":"15_CR5","unstructured":"IEC: TR 80001-2-2 - Application of risk management for IT-networks incorporating medical devices - Guidance for the disclosure and communication of medical device security needs, risks and controls, International Electrotechnical Committee, p. 30 (2011)"},{"key":"15_CR6","unstructured":"Kelly, T., Weaver, R.: The goal structuring notation \u2013 a safety argument notation (2004)"},{"key":"15_CR7","doi-asserted-by":"publisher","first-page":"51","DOI":"10.1007\/978-1-84996-086-1_4","volume-title":"Making Systems Safer","author":"R Bloomfield","year":"2010","unstructured":"Bloomfield, R., Bishop, P.: Safety and assurance cases: past, present and possible future - an Adelard perspective. In: Dale, C., Anderson, T. (eds.) Making Systems Safer, pp. 51\u201367. Springer, London (2010)"},{"key":"15_CR8","unstructured":"Consulting (York) Ltd.: GSN Community Standard Version 1 (2011)"},{"key":"15_CR9","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1007\/978-3-642-38833-0_3","volume-title":"Software Process Improvement and Capability Determination","author":"A Finnegan","year":"2013","unstructured":"Finnegan, A., McCaffery, F., Coleman, G.: A process assessment model for security assurance of networked medical devices. In: Woronowicz, T., Rout, T., O\u2019Connor, R.V., Dorling, A. (eds.) SPICE 2013. CCIS, vol. 349, pp. 25\u201336. Springer, Heidelberg (2013)"},{"key":"15_CR10","unstructured":"NIST: SP 800-53 R4 - Recommended Security Controls for Federal Information Systems and Organisations, U.S.D.o. Commerce, Editor (2013)"},{"key":"15_CR11","unstructured":"ISO\/IEC: 15408-2 Information Technology - Security Techniques - Evaluation Criteria for IT Security, in Security Functional Components (2008)"},{"key":"15_CR12","unstructured":"ISO\/IEC: 15408-3 Information Technology - Security Techniques - Evaluation Criteria for IT Security, in Security Assurance Components (2008)"},{"key":"15_CR13","unstructured":"ISO\/IEC: 27002:2013 Information Technology - Security Techniques - Code of Practice for Information Security Management (2013)"},{"key":"15_CR14","unstructured":"ISO: EN ISO 27799:2008 Health informatics. Information security management in health using ISO\/IEC 27002 (2008)"},{"key":"15_CR15","unstructured":"IEC: 62443-3-3 Ed 1.0 \u2013 Security for industrial automation and control systems -Network and system security \u2013 System security requirements and security assurance levels (2013)"},{"issue":"1","key":"15_CR16","doi-asserted-by":"crossref","first-page":"37","DOI":"10.2307\/23043488","volume":"35","author":"MK Sein","year":"2011","unstructured":"Sein, M.K., et al.: Action design research. Mis Q. 35(1), 37\u201356 (2011)","journal-title":"Mis Q."},{"key":"15_CR17","unstructured":"FDA and CDRH: Content of Premarket Submissions for Management of Cybersecurity in Medical Devices, in Guidance for Industry and Food and Drug Administration Staff (2014)"},{"key":"15_CR18","unstructured":"Federici, T.: RE: Docket No. FDA-2010-D-0194: Agency Information Collection Activities; Submission for Office of Management and Budget Review; Comment Request; Draft Guidance for Industry and FDA Staff; Total Product Life Cycle: Infusion Pump\u2014Premarket Notification Submissions, T.a.R. Affairs, Editor 2014: AdvaMed"},{"key":"15_CR19","unstructured":"ISO\/IEC: 27005 Information Technology - Security Techniques - Information Security Risk Managment (2011)"},{"key":"15_CR20","unstructured":"ISO: 14971- Medical devices - Application of risk management to medical devices (2007)"},{"key":"15_CR21","unstructured":"IEC\/WD: 80001-2-9 - Application of risk management for IT networks incorporating medical devices \u2013 Part 2-8: Application guidance - Guidance for use of security assurance cases to demonstrate confidence in IEC\/TR 80001-2-2 security capabilities. Lead Author: Finnegan, A. (in press)"}],"container-title":["Lecture Notes in Computer Science","Computer Safety, Reliability, and Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-24255-2_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,30]],"date-time":"2019-05-30T17:58:15Z","timestamp":1559239095000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-24255-2_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319242545","9783319242552"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-24255-2_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015]]}}}