Service Software - Remote Access - GE Voluson Swift Instructions For Use Manual

Note
How to contact GE
2.14 Service Software – Remote Access
Note
Voluson™ SWIFT / Voluson SWIFT+ Instructions For Use
5831612-100 Revision 4
•
Release GEHC Ultrasound validated software or use other measures as necessary to
resolve or mitigate product vulnerabilities.
•
Assess potential vulnerabilities of our systems using up-to-date commercially available
vulnerability scanning tools. Identified vulnerabilities are mitigated as appropriate based
on risk assessment of the product.
•
As an additional layer of protection against malware GE offers a Whitelisting solution
with the latest generation of Ultrasound scanners. This ensures that only approved
software is executed on the device.
We believe that this Defense in Depth strategy using the combination of the security measures
above and the security standards of Microsoft's® Windows® 10 IoT will provide security
against malware, especially for a system used in a professional, hospital grade networking
environment that itself should provide a high level of security measures.
The main software components of the Voluson™ ultrasound scanner and the underlying
Microsoft ® Windows 10 loT operating system are configured using guidance from standards
including Defense Information System Agency (DISA) Security Technical Implementation
Guides (STIGs), National Institute of Standards and Technology (NIST) Cybersecurity
Framework and Center for Internet Security (CIS) best practices.
Finally, a few points why we (as well as all other manufacturers of PC-based medical
Ultrasound devices) do not use Anti-Virus software: Commercial Anti-Virus software is
commonly used on general-purpose computers to detect the presence of malicious software
(e.g. virus, Trojan horse, worm). Anti-Virus software is useful on general-purpose computers
as they typically cannot be sufficiently hardened against the attack vectors used by malicious
software.
Voluson™ ultrasound systems however are single purpose (dedicated) devices not intended
to execute arbitrary programs or applications. Hence in Voluson™ systems the approach of
application whitelisting is considered more effective than anti-virus software to provide
additional protection against malicious software. The application whitelisting solution prevents
the execution of any unknown and unintended software on the ultrasound device.
Cybersecurity BOM is listed in the software/system info page.
For privacy and security concerns regarding GE products, visit to: http://www.ge.com/security
By using the remote access feature, a GE field engineer can access the ultrasound system via
a network connection. The field engineers are required to contact/call the affected site in
advance prior to establish a connection to the system.
Disruptive Mode:
If the field engineer requires unrestricted access to the ultrasound system the field engineer
requests to create a disruptive mode on the system. A message appears on the screen asking
for permission to switch to disruptive mode:
GE Service is requesting permission to diagnose the system remotely. Normal system
operations might be disturbed during this period. Click on YES to allow GE Service to continue
system diagnostics.
If disruptive mode is accepted, work on the system can be severely affected. Therefore, it is
not allowed to perform an exam or make a diagnosis using the ultrasound system while being
in disruptive mode.
A remote connection can affect the system's performance (e.g., in 3D/4D or Doppler mode).
Therefore, it is recommended to cease work on the system as soon as the field engineer
contacts the site and announces the remote connection.
Safety
2-29