Table of Contents
Advertisement
Required properties
A connected device must meet the following requirements:
– Only authorized persons may have access to the data transmitted via the RFID
port.
– All device interfaces must be protected against malware and computer viruses.
The RFID system of the connected device must comply with section 15 of the FCC
guidelines and the royalty-free RSS guidelines of Industry Canada and meet the
following conditions:
– The device must not cause any dangerous interference.
– The device must not be susceptible to damage caused by interference
reception, including interference causing undesired operating conditions.
15.26.6
Security events
The following description refers to the safety instruction in the "Network security"
chapter (see "Security events", page 17).
The device monitors and logs events that may indicate that security has been
compromised or a potential security attack. These security events are recorded in
the security event log.
The following provides examples of possible security events:
– Failed authentication events
– Software installation events
– Configuration events
– Network anomalies
The number of previous failed authentication attempts is displayed. This indicates
unauthorized attempts to access password-protected functions. These access
attempts can only be made directly at the device. The persons attempting to access
these functions therefore must be potential users.
If security events that require direct action by the IT representative of the health-
care facility occur, a message of potential breaches or attacks is immediately sent
via SNMP. This message enables further investigations and subsequent measures.
Dräger tools for recording and analyzing SNMP traps are available via
ServiceConnect. Alternatively, tools of third-party manufacturers can be used for
SNMP monitoring.
Security events of relevance for clinical application are also reported on the device
and recorded in the logbook.
Service personnel and specialized service personnel can generate a device status
report (DSR) with all entries in the security event log, logbook, and information log.
The device status report is encrypted and can be decrypted and automatically
analyzed by specialized service personnel.
The list of software components for this device can be requested from Dräger.
Dräger will notify the customer with an adequate lead time when the cybersecurity
support for the device ends and security patches are no longer provided.
|
Instructions for use
Atlan A100 (XL), A300 (XL), A350 (XL) SW 2.1n
Technical data
307
Advertisement
Table of Contents
