{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,4]],"date-time":"2026-04-04T00:45:43Z","timestamp":1775263543321,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":29,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,6,26]],"date-time":"2024-06-26T00:00:00Z","timestamp":1719360000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100006374","name":"European Commission","doi-asserted-by":"publisher","award":["101094323,101095542,101095448,101094901,101095634"],"award-info":[{"award-number":["101094323,101095542,101095448,101094901,101095634"]}],"id":[{"id":"10.13039\/501100006374","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,6,26]]},"DOI":"10.1145\/3652037.3663894","type":"proceedings-article","created":{"date-parts":[[2024,6,26]],"date-time":"2024-06-26T12:30:38Z","timestamp":1719405038000},"page":"593-599","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["A Way Forward for the MDCG 2019-16 Medical Device Security Guidance"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9937-1762","authenticated-orcid":false,"given":"Steve","family":"Taylor","sequence":"first","affiliation":[{"name":"University of Southampton, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7127-6694","authenticated-orcid":false,"given":"Martin","family":"Gilje Jaatun","sequence":"additional","affiliation":[{"name":"SINTEF Digital, Norway"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9109-5401","authenticated-orcid":false,"given":"Karin","family":"Bernsmed","sequence":"additional","affiliation":[{"name":"SINTEF Digital, Norway"}]},{"ORCID":"https:\/\/orcid.org\/0009-0008-2056-722X","authenticated-orcid":false,"given":"Christos","family":"Androutsos","sequence":"additional","affiliation":[{"name":"University of Ioannina, Greece"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5407-2331","authenticated-orcid":false,"given":"Dietmar","family":"Frey","sequence":"additional","affiliation":[{"name":"Charit\u00e9 Universitaetsmedizin Berlin, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-0085-1667","authenticated-orcid":false,"given":"Simone","family":"Favrin","sequence":"additional","affiliation":[{"name":"MediaClinics Italia, Italy"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4112-9671","authenticated-orcid":false,"given":"Jo\u00e3o","family":"Rodrigues","sequence":"additional","affiliation":[{"name":"INOV, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-4833-7198","authenticated-orcid":false,"given":"Du\u0161Ko","family":"Milojevi\u0107","sequence":"additional","affiliation":[{"name":"KU Leuven, Belgium"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2759-8482","authenticated-orcid":false,"given":"Dimitrios","family":"Karras","sequence":"additional","affiliation":[{"name":"UBITECH, Greece"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-2310-921X","authenticated-orcid":false,"given":"Ioannis","family":"Siachos","sequence":"additional","affiliation":[{"name":"UBITECH, Greece"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1054-6368","authenticated-orcid":false,"given":"Gregory","family":"Epiphaniou","sequence":"additional","affiliation":[{"name":"WMG University of Warwick, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2148-7896","authenticated-orcid":false,"given":"Nabil","family":"Moukafih","sequence":"additional","affiliation":[{"name":"WMG University of Warwick, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5998-2940","authenticated-orcid":false,"given":"Sotiris","family":"Messinis","sequence":"additional","affiliation":[{"name":"Institute of Communication and Computer Systems, Greece"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4491-5854","authenticated-orcid":false,"given":"Ioannis","family":"Rallis","sequence":"additional","affiliation":[{"name":"Institute of Communication and Computer Systems, Greece"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7701-5644","authenticated-orcid":false,"given":"Nicholas","family":"Protonotarios","sequence":"additional","affiliation":[{"name":"Academy of Athens, Greece"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-3880-808X","authenticated-orcid":false,"given":"Paul","family":"Gedeon","sequence":"additional","affiliation":[{"name":"Red Alert Labs, France"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6337-5561","authenticated-orcid":false,"given":"Andres","family":"Castillo","sequence":"additional","affiliation":[{"name":"Fundaci\u00f3n Para La Investigaci\u00f3n Biom\u00e9dica Hospital Infantil Universitario Ni\u00f1o Jes\u00fas, Spain"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4715-212X","authenticated-orcid":false,"given":"Carsten","family":"Maple","sequence":"additional","affiliation":[{"name":"WMG University of Warwick Coventry U, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8594-1912","authenticated-orcid":false,"given":"Nikolaos","family":"Matragkas","sequence":"additional","affiliation":[{"name":"CEA Saclay Nano-INNOV - Institut CARNOT CEA LIST DILS\/LSEA, France"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6089-4734","authenticated-orcid":false,"given":"Rance","family":"DeLong","sequence":"additional","affiliation":[{"name":"The Open Group, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5473-135X","authenticated-orcid":false,"given":"Theodoros","family":"Arvanitis","sequence":"additional","affiliation":[{"name":"University of Birmingham, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1470-2105","authenticated-orcid":false,"given":"Konstantinos","family":"Katzis","sequence":"additional","affiliation":[{"name":"European University Cyprus, Cyprus"}]}],"member":"320","published-online":{"date-parts":[[2024,6,26]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"MDCG 2019-16 - Guidance on Cybersecurity for medical devices. Document date: 06\/01\/2020 - Created by GROW.R.2.DIR - Last update: 22\/06\/2020. https:\/\/ec.europa.eu\/docsroom\/documents\/41863"},{"key":"e_1_3_2_1_2_1","unstructured":"Regulation (EU) 2017\/745 of the European Parliament and of the Council of 5 April 2017 on medical devices amending Directive 2001\/83\/EC Regulation (EC) No 178\/2002 and Regulation (EC) No 1223\/2009 and repealing Council Directives 90\/385\/EEC and 93\/42\/EEC (Text with EEA relevance. ) https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=CELEX%3A32017R0745"},{"key":"e_1_3_2_1_3_1","unstructured":"Regulation (EU) 2017\/746 of the European Parliament and of the Council of 5 April 2017 on in vitro diagnostic medical devices and repealing Directive 98\/79\/EC and Commission Decision 2010\/227\/EU (Text with EEA relevance. ) https:\/\/eur-lex.europa.eu\/eli\/reg\/2017\/746\/oj"},{"key":"e_1_3_2_1_4_1","unstructured":"Enhancing cybersecurity of connected medical devices. HORIZON-HLTH-2022-IND-13-01 https:\/\/ec.europa.eu\/info\/funding-tenders\/opportunities\/portal\/screen\/opportunities\/topic-details\/horizon-hlth-2022-ind-13-01"},{"key":"e_1_3_2_1_5_1","unstructured":"NEw MEdical CYbersecurity assessment and design Solutions (NEMECYS) Project ID: 101094323 https:\/\/ec.europa.eu\/info\/funding-tenders\/opportunities\/portal\/screen\/how-to-participate\/org-details\/999999999\/project\/101094323\/program\/43108390\/details"},{"key":"e_1_3_2_1_6_1","unstructured":"Cyber securitY tooLbox for COnnected MEdical Devices (CYLCOMED) Project ID: 101095542 https:\/\/ec.europa.eu\/info\/funding-tenders\/opportunities\/portal\/screen\/how-to-participate\/org-details\/999999999\/project\/101095542\/program\/43108390\/details"},{"key":"e_1_3_2_1_7_1","unstructured":"Advanced Security-for-safety Assurance for Medical Device IoT (MEDSECURANCE) Project ID: 101095448 https:\/\/ec.europa.eu\/info\/funding-tenders\/opportunities\/portal\/screen\/how-to-participate\/org-details\/999999999\/project\/101095448\/program\/43108390\/details"},{"key":"e_1_3_2_1_8_1","unstructured":"SECURITY PROTECTION TOOLS FOR NETWORKED MEDICAL DEVICES (SEPTON) Project ID: 101094901 https:\/\/ec.europa.eu\/info\/funding-tenders\/opportunities\/portal\/screen\/how-to-participate\/org-details\/999999999\/project\/101094901\/program\/43108390\/details"},{"key":"e_1_3_2_1_9_1","unstructured":"ENsuring Secure and Safe CMD Design with Zero TRUST Principles (ENTRUST) Project ID: 101095634 https:\/\/ec.europa.eu\/info\/funding-tenders\/opportunities\/portal\/screen\/how-to-participate\/org-details\/999999999\/project\/101095634\/program\/43108390\/details"},{"key":"e_1_3_2_1_10_1","unstructured":"ISO\/IEC 27001:2022. Information security cybersecurity and privacy protection. Information security management systems: Requirements. https:\/\/www.iso.org\/standard\/iso-iec-27001-2022-v1"},{"key":"e_1_3_2_1_11_1","unstructured":"ISO\/IEC 27005:2022. Information security cybersecurity and privacy protection. Guidance on managing information security risks. https:\/\/www.iso.org\/standard\/80585.html"},{"key":"e_1_3_2_1_12_1","unstructured":"NIST Risk Management Framework (RMF) https:\/\/csrc.nist.gov\/projects\/risk-management\/about-rmf"},{"key":"e_1_3_2_1_13_1","unstructured":"NIST Cybersecurity Framework https:\/\/www.nist.gov\/cyberframework"},{"key":"e_1_3_2_1_14_1","unstructured":"NIST Privacy Framework https:\/\/www.nist.gov\/privacy-framework"},{"key":"e_1_3_2_1_15_1","unstructured":"ISO\/IEC 27701:2019. Security techniques. Extension to ISO\/IEC 27001 and ISO\/IEC 27002 for privacy information management. Requirements and guidelines. https:\/\/www.iso.org\/standard\/71670.html"},{"key":"e_1_3_2_1_16_1","unstructured":"ISO 14971:2019. Medical devices: Application of risk management to medical devices. https:\/\/www.iso.org\/standard\/72704.html"},{"key":"e_1_3_2_1_17_1","unstructured":"ISO\/IEC 27002:2022. Information security cybersecurity and privacy protection: Information security controls. https:\/\/www.iso.org\/standard\/75652.html"},{"key":"e_1_3_2_1_18_1","volume-title":"Request for Comments: 4949. Internet Security Glossary, Version 2.","author":"Shirey","year":"2007","unstructured":"R. Shirey, Network Working Group, Request for Comments: 4949. Internet Security Glossary, Version 2. August 2007"},{"key":"e_1_3_2_1_19_1","volume-title":"How the new European regulation on medical devices will affect innovation. Nature biomedical engineering, 4(6), 585-590","author":"Ben-Menahem S. M.","year":"2020","unstructured":"Ben-Menahem, S. M., Nistor-Gallo, R., Macia, G., von Krogh, G., & Goldhahn, J. (2020). How the new European regulation on medical devices will affect innovation. Nature biomedical engineering, 4(6), 585-590."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1201\/9781003383543-20"},{"key":"e_1_3_2_1_21_1","volume-title":"Data Protection, and Artificial Intelligence in Medical Devices. In Inspection of Medical Devices: For Regulatory Purposes (pp. 417-445). Cham: Springer Nature Switzerland.","author":"Jeli\u0107 L.","year":"2023","unstructured":"Jeli\u0107, L. (2023). Cybersecurity, Data Protection, and Artificial Intelligence in Medical Devices. In Inspection of Medical Devices: For Regulatory Purposes (pp. 417-445). Cham: Springer Nature Switzerland."},{"key":"e_1_3_2_1_22_1","unstructured":"Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing 24. Directive 95\/46\/EC (General Data Protection Regulation). https:\/\/eur-lex.europa.eu\/eli\/reg\/2016\/679\/oj"},{"key":"e_1_3_2_1_23_1","unstructured":"Directive (EU) 2022\/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union amending Regulation (EU) No 910\/2014 and Directive (EU) 2018\/1972 and repealing Directive (EU) 2016\/1148 (NIS 2 Directive). https:\/\/eur-lex.europa.eu\/eli\/dir\/2022\/2555"},{"key":"e_1_3_2_1_24_1","unstructured":"Directive (EU) 2016\/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union. Available at: Directive - 2016\/1148 - EN - EUR-Lex (europa.eu)"},{"key":"e_1_3_2_1_25_1","volume-title":"Cybersecurity of Medical Devices: Regulatory Challenges in the EU (September 30","author":"Biasin","year":"2020","unstructured":"Biasin, Elisabetta and Kamenjasevic, Erik, Cybersecurity of Medical Devices: Regulatory Challenges in the EU (September 30, 2020). The Future of Medical Device Regulation: Innovation and Protection, Cambridge University Press, 2020, Available at SSRN: https:\/\/ssrn.com\/abstract=3855491"},{"key":"e_1_3_2_1_26_1","unstructured":"European Union. 2019. Regulation (EU) 2019\/881 of the European Parliament and of the Council of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526\/2013 (Cybersecurity Act). EUR-Lex - 32019R0881 - EN - EUR-Lex (europa.eu)"},{"key":"e_1_3_2_1_27_1","volume-title":"NOVEMBER","author":"Milojevic","year":"2023","unstructured":"Milojevic, Dusko. \u201cIs it time to update the Medical Device Coordination Group's Guidance on Cybersecurity for Medical Devices?\u201d Blog Post, 14 NOVEMBER 2023. Available at: Is it time to update the Medical Device Coordination Group's Guidance on Cybersecurity for Medical Devices? - CiTiP blog (kuleuven.be)"},{"key":"e_1_3_2_1_28_1","unstructured":"Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL LAYING DOWN HARMONISED RULES ON ARTIFICIAL INTELLIGENCE (ARTIFICIAL INTELLIGENCE ACT) AND AMENDING CERTAIN UNION LEGISLATIVE ACTS. EUR-Lex - 52021PC0206 - EN - EUR-Lex (europa.eu)"},{"key":"e_1_3_2_1_29_1","unstructured":"Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on horizontal cybersecurity requirements for products with digital elements and amending Regulation (EU) 2019\/1020. EUR-Lex - 52022PC0454 - EN - EUR-Lex (europa.eu)."}],"event":{"name":"PETRA '24: The PErvasive Technologies Related to Assistive Environments Conference","location":"Crete Greece","acronym":"PETRA '24"},"container-title":["Proceedings of the 17th International Conference on PErvasive Technologies Related to Assistive Environments"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3652037.3663894","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3652037.3663894","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T15:41:11Z","timestamp":1755877271000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3652037.3663894"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,6,26]]},"references-count":29,"alternative-id":["10.1145\/3652037.3663894","10.1145\/3652037"],"URL":"https:\/\/doi.org\/10.1145\/3652037.3663894","relation":{},"subject":[],"published":{"date-parts":[[2024,6,26]]},"assertion":[{"value":"2024-06-26","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}