{"id":10271,"date":"2026-01-15T08:27:29","date_gmt":"2026-01-15T07:27:29","guid":{"rendered":"https:\/\/medtech-ingenieur.de\/?p=10271"},"modified":"2026-01-16T11:50:30","modified_gmt":"2026-01-16T10:50:30","slug":"stride-medizintechnik-cybersecurity","status":"publish","type":"post","link":"https:\/\/medtech-ingenieur.de\/en\/stride-medizintechnik-cybersecurity\/","title":{"rendered":"STRIDE in medical technology \u2013 Cybersecurity risk analysis according to IEC 81001-5-1"},"content":{"rendered":"

Cybersecurity is no longer seen as an option in medical technology; it's a requirement. With IEC 81001-5-1 and the MDR requirements, manufacturers of medical devices and health software must proactively identify, assess, and manage security risks. A proven and recommended approach by IEC 81001-5-1 for this is threat modeling with STRIDE.<\/p>\n

What is STRIDE?<\/h2>\n

STRIDE<\/strong> This is a Microsoft threat model for cybersecurity, and in our specific case, a threat model for medical software and devices. It categorizes six typical attack types:<\/p>\n\n\n\n\n\n\n\n\n\n\n
\n

Stride category<\/strong><\/p>\n<\/th>\n

\n

Threat type<\/strong><\/p>\n<\/th>\n

\n

Simply explained<\/strong><\/p>\n<\/th>\n

\n

Example<\/strong><\/p>\n<\/th>\n<\/tr>\n<\/thead>\n

\n

<\/strong>S<\/p>\n<\/td>\n

\n

Spoofing<\/p>\n<\/td>\n

\n

Identity theft<\/p>\n<\/td>\n

\n

An attacker is posing as a doctor.<\/p>\n<\/td>\n<\/tr>\n

\n

T<\/strong><\/p>\n<\/td>\n

\n

Tampering<\/p>\n<\/td>\n

\n

Manipulation of data or code<\/p>\n<\/td>\n

\n

Dosage data for an infusion device is being changed.<\/p>\n<\/td>\n<\/tr>\n

\n

R<\/strong><\/p>\n<\/td>\n

\n

Reputation<\/p>\n<\/td>\n

\n

Deniability of actions<\/p>\n<\/td>\n

\n

A user deletes data, and nobody can prove it.<\/p>\n<\/td>\n<\/tr>\n

\n

I<\/strong><\/p>\n<\/td>\n

\n

Information Disclosure<\/p>\n<\/td>\n

\n

Confidential data falls into the hands of unauthorized persons<\/p>\n<\/td>\n

\n

An attacker is intercepting network traffic.<\/p>\n<\/td>\n<\/tr>\n

\n

D<\/strong><\/p>\n<\/td>\n

\n

Denial of Service<\/p>\n<\/td>\n

\n

The system is overloaded or blocked.<\/p>\n<\/td>\n

\n

Vital data can no longer be transmitted.<\/p>\n<\/td>\n<\/tr>\n

\n

E<\/strong><\/p>\n<\/td>\n

\n

Elevation of Privilege<\/p>\n<\/td>\n

\n

Privilege expansion through vulnerabilities<\/p>\n<\/td>\n

\n

An exploit allows a normal user to become an administrator.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

\"\"<\/span><\/p>\n

Further information is available directly from Microsoft: Threat Modeling with STRIDE<\/a><\/p>\n

How does risk analysis with STRIDE work in medical technology?<\/h2>\n

To understand where STRIDE comes into play in the risk analysis process, this simple model is helpful:<\/p>\n

\"\"<\/span><\/p>\n

A Threat<\/strong> In this model, a potential attack method, such as... Spoofing<\/strong>, Tampering<\/strong> or Denial of Service<\/strong>, as described in the STRIDE model. A Vulnerability<\/strong> This is the vulnerability in the system that can be exploited, e.g., an unsecured interface. Asset<\/strong> The target of the attack is the vulnerability, such as confidential patient data or device availability. The vulnerability and the asset together constitute an impact, a concrete consequence, such as data loss or malfunction. Together with the threat, this ultimately results in the risk (the risk to be assessed).<\/p>\n

The right approach begins with the system context and architecture. From this, you derive a data flow diagram (DFD):<\/p>\n