en
Appendix 3. Cybersecurity
This appendix is intended for the IT network responsible at the organization where the
displaying unit is used. It contains technical information regarding the setup of the IT
network and the devices connected to the displaying unit. It also contains information
regarding the types of data contained in and transmitted from the displaying unit.
The displaying unit is of medium security risk (according to NIST) as:
• The displaying unit does not allow any input from external devices (except from Ambu
visualization devices and secured software updates).
• Essential functionality is secured in case of network problems.
Appendix 3.1. Network Setup
When preparing the network for connection to the displaying unit, the following should be
considered:
Overview of the existing ports and their communication protocols
Item Standards
used
Comments
Wireless
communication
IEEE 802.11 The device uses a WPA_Supplicant to support WPA2
Wireless communication as TKIP and CCMP. The
authentication and integrity of the communication is
provided by the underlying FIPS 140-2 compliant
chipset wireless driver.
LAN
communication
IEEE 802.3
IEEE
802.3ab
IEEE
802.3az
PICMG3.1
The device uses a standard Gigabit Ethernet controller
supporting a 1000base-T interface.
Access test ICMP / ping Allowing ease-of-discovery for hospital IT
infrastructure
Network
adaptor
configuration
DHCP Only configurable through DHCP. Special
configurations for the network adapter such as static
IP are currently not supported.
Re-routing The device does not support re-routing traffic from
Wi-Fi to LAN or vice versa, therefore the device cannot
act as a NAT (Network Address Translation) gateway.
PACS servers DICOM To support a broad range of network infrastructures
and PACS servers, the device supports DICOM without
CMS (Cryptographic Message Syntax) encryption for
transporting photo(s) and video(s) to the PACS server.
Ports There are no open ports, the device firewall only
accepts TCP responses for DICOM and replies to ICMP
ping requests.
NOTE: There are no open ports, the device firewall only accepts TCP responses for DICOM and
replies to ICMP ping requests
Appendix 3.2. Data at Rest and In Transit
The displaying unit uses SQLite3 databases to secure information about the scopes,
55
To Next Page
Loading...
