{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,11]],"date-time":"2025-09-11T16:53:08Z","timestamp":1757609588881,"version":"3.44.0"},"reference-count":0,"publisher":"IOS Press","isbn-type":[{"type":"electronic","value":"9781643686158"}],"license":[{"start":{"date-parts":[[2025,9,3]],"date-time":"2025-09-03T00:00:00Z","timestamp":1756857600000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,9,3]]},"abstract":"<jats:p>Introduction: The growing number of connected medical devices in hospitals poses serious operational technology (OT) security challenges. Effective countermeasures require a structured analysis of the communication interfaces and security configurations of individual devices. State of the art: Although Manufacturer Disclosure Statements for Medical Device Security (MDS2, Version 2019) offer relevant information, they are rarely integrated into cybersecurity workflows. Existing studies are limited in scope and lack scalable methodologies for systematic evaluation. Concept: This study analyzed 209 MDS2 documents and 161 security white papers to extract structured information on ports, protocols, and protective measures. Over 52,000 question\u2013answer pairs were converted into a machine-readable format using customized parsing and validation routines. The aim was to establish whether this dataset could inform risk assessments and future applications involving Large Language Models (LLMs). Implementation: The analysis revealed 367 distinct ports, including common protocols such as HTTPS (443), DICOM (104), and RDP (3389), as well as vendor-specific proprietary ports. Approximately 40% of the devices used over 20 ports, indicating a broad attack surface. OCR errors and inconsistent formatting required manual corrections. A consolidated dataset was developed to support clustering, comparison across vendors and versions, and preparation for downstream LLM use, particularly via structured SBOM and configuration data. Lessons learned: Although no model training was conducted, the structured dataset can support AI-based OT security workflows. The findings highlight the critical need for up-to-date, machine-readable manufacturer data in standardized formats and schemas. Such information could greatly enhance the automation, comparability, and scalability of hospital cybersecurity measures.<\/jats:p>","DOI":"10.3233\/shti251404","type":"book-chapter","created":{"date-parts":[[2025,9,3]],"date-time":"2025-09-03T10:24:51Z","timestamp":1756895091000},"source":"Crossref","is-referenced-by-count":0,"title":["Systematic Evaluation of Manufacturer Disclosure Statements for Medical Device Security (MDS2) to Strengthen Hospital OT Security Measures \u2013 Lessons Learned"],"prefix":"10.3233","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7403-1158","authenticated-orcid":false,"given":"Stefan","family":"Stein","sequence":"first","affiliation":[{"name":"Department of Computer Science and Media, Brandenburg University of Applied Sciences, Brandenburg an der Havel, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1129-437X","authenticated-orcid":false,"given":"Michael","family":"Pilgermann","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Media, Brandenburg University of Applied Sciences, Brandenburg an der Havel, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9888-8460","authenticated-orcid":false,"given":"Martin","family":"Sedlmayr","sequence":"additional","affiliation":[{"name":"Institute for Medical Informatics and Biometry, Dresden University of Technology, Dresden, Germany"}]}],"member":"7437","container-title":["Studies in Health Technology and Informatics","German Medical Data Sciences 2025: GMDS Illuminates Health"],"original-title":[],"link":[{"URL":"https:\/\/ebooks.iospress.nl\/pdf\/doi\/10.3233\/SHTI251404","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,3]],"date-time":"2025-09-03T10:24:52Z","timestamp":1756895092000},"score":1,"resource":{"primary":{"URL":"https:\/\/ebooks.iospress.nl\/doi\/10.3233\/SHTI251404"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,9,3]]},"ISBN":["9781643686158"],"references-count":0,"URL":"https:\/\/doi.org\/10.3233\/shti251404","relation":{},"ISSN":["0926-9630","1879-8365"],"issn-type":[{"type":"print","value":"0926-9630"},{"type":"electronic","value":"1879-8365"}],"subject":[],"published":{"date-parts":[[2025,9,3]]}}}