Free

WHISTL: JYVÄSKYLÄ - A Medical Device Hackathon!

Event Information

Share this event

Date and Time

Location

Location

WHISTL: JYVÄSKYLÄ @ Agora Building Room AgD122.1

University of Jyväskylä

Mattilanniemi 2

Jyväskylä

Finland

View Map

Refund Policy

Refund Policy

Refunds up to 30 days before event

Friends Who Are Going
Event description

Description

Novasano, together with MDISS, Synopsys, the University of Jyväskylä and Jyväskylä Hospital invite you to join us for the WHISTL: JYVÄSKYLÄ Medical Device Hackathon on 1-2 November 2017!

Visit Jyväskylä's very first World Health Information Security Testing Lab (WHISTL) facility, with actual medical device targets and an impressive array of advanced penetration tools to help you evaluate medical device cybersecurity, resilience, vulnerabilities and patching.

SNACKS! DRINKING!! MEDI-DIGITAL MAYHEM! PRIZES!!!!!

This is a great place to catch up with the scene and network with other experts in and around the medical device security field. The WHISTL: JYVÄSKYLÄ Medical Device Hackathon is free of charge. Join us!

THINGS TO BRING 'N STUFF:
1.) Please bring your own laptop.
2.) Feel free to bring any open source or commercial hacking tools you have along with you.
3.) Novasano engineers will be on hand to offer advice and suggest genius hacks.
4.) If you have time, take a look at the devices we plan to have onsite (links below). This list is subject to change, and we'd love your suggestions.
5.) If you are not familiar with the SYNOPSYS tools, get up to speed fast with the video tutorial links below.


DAY ONE AGENDA: 1 NOV

09:00 Doors open, people welcome to come in and work on getting tools installed.

10:00 Hackathon starts with brief introduction and getting familiar with the tools and devices. Form groups and start hacking.

17:30 SPECIAL GUEST SPEAKER talks about medical device vulnerabilites

DAY TWO AGENDA: 2 NOV

10:00 Hackathon continues

15:00 Wrap up & Awarding of Prizes

16:00 Hackathon Ends

__________

Medical Devices on Hand for Your Pleasure and Experimentation
(SUBJECT TO CHANGE)

We'll have quite a nice selection of medical devices available on-site. The devices vary from infusion pumps to patient monitoring and infusion therapy devices, with connectivity ranging from RS-232 to ethernet and Bluetooth LE. Please find below a list of planned devices, along with links to their manuals/websites/datasheets, so that you can start preparing your attacks! :-)

Philips IntelliVue MX800
https://s3.amazonaws.com/novasano-device-manuals/EQU1200417.pdf

Fresenius Agilia Link 8+, Volumat MC and Injectomat MC
https://s3.amazonaws.com/novasano-device-manuals/EQU1600743.pdf
https://s3.amazonaws.com/novasano-device-manuals/EQU1600739.pdf

B.Braun SpaceStation, Perfusor Space and Infusomat Space
https://s3.amazonaws.com/novasano-device-manuals/EQU1402930.pdf
https://s3.amazonaws.com/novasano-device-manuals/EQU1500410.pdf

GE Healthcare Carescape -series device
https://s3.amazonaws.com/novasano-device-manuals/EQU1600745.pdf

Monidor Monidrop
https://monidor.com/monidrop-en.html

Philips CX50
https://s3.amazonaws.com/novasano-device-manuals/1485-1643.pdf


SYNOPSYS TESTING AND ANALYSIS TOOLS FOR YOU!

Synopsys will provide you with access to Defensics fuzz testing and Protecode software composition analysis tools. Learn more about Synopsys Defensics https://www.synopsys.com/software-integrity/security-testing/fuzz-testing.html and have a look at the video tutorials at https://www.synopsys.com/software-integrity/training/education/video-tutorials.html Also, feel free to bring any open source tools, or commercial tools you have licensed with you.


RESPONSIBLE DISCLOSURE

We kindly ask all participants to follow responsible disclosure best practices. For your hosts, responsible and coordinated disclosure is very important. MDISS will collect all vulnerabilities found during the hackathon and report them to the vendor. If you want your name mentioned in a potential security advisory, please let us know. MDISS will be using the MD-VIPER portal for this: https://mdviper.org/. The vendors may be interested in talking directly to the person(s) who have found a vulnerability, in order to get more information. Maybe you'll get a job offer out of it ;-)

CONTACT INFO / QUESTIONS

Email MDISS at info@mdiss.org

Share with friends

Date and Time

Location

WHISTL: JYVÄSKYLÄ @ Agora Building Room AgD122.1

University of Jyväskylä

Mattilanniemi 2

Jyväskylä

Finland

View Map

Refund Policy

Refunds up to 30 days before event

Save This Event

Event Saved