Threat modeling for medical devices

The FDA is now frequently requesting a threat model for software as a medical device submissions. Thankfully there is a handy tool you can use to create a high quality threat model using the established STRIDE method.

Source: https://www.fda.gov/medical-devices/digital-health-center-excellence/cybersecurity

Download the Microsoft Threat Modeling tool:

Microsoft Threat Modeling Tool overview — Azure | Microsoft Learn

Choose the “Medical Device Model”

Diagram your device, its components, its environment and what it interacts with. Notice that this template has quite a few medical specific devices and protocols. Use the “view” menu to select diagram mode if its not already in this mode.

Then right click and select properties for each element. This will allow you to better define the properties.

Now select view and choose analysis mode to them define your threats and their mitigations using the STRIDE methodology.

More info: STRIDE (security) — Wikipedia.

You are almost ready to build your full report. But don’t forget to fill out your threat model’s information. Go to file, then threat model information to do this.

Now click any blank space on your diagram to remove the focus on any one particular element. Then go to “Reports” and choose “Full Report” to create an HTML readable report.