糖心TV

WMG Solution

WMG applied its world-leading expertise in cybersecurity, artificial intelligence, and regulatory compliance to lead the project鈥檚 technical work. With a proven track record of delivering more than 50 cybersecurity projects across UKRI, government, and European programmes, the Secure Cyber Systems Research Group was uniquely placed to guide the consortium.

The WMG team:

• Led a comprehensive gap analysis of EU guidance and authored seven major recommendations to strengthen it, .
• Designed a harmonised safety-and-cybersecurity framework, aligning standards such as ISO 27001 and IEC 62304 to reduce duplication and streamline compliance.
• Developed automation tools to help medical device manufacturers reduce costs and speed up certification.
• Created and applied a bespoke Threat, Vulnerability and Risk Analysis (TVRA) methodology, ensuring devices are safe, standards-compliant, and future-proofed for IoMT and AI-driven technologies.
• Supported the creation of new initiatives including MITHRA and Maestra, which enable semi-automated risk-assessment methods recognised by regulators and SMEs.

Through this leadership, WMG transformed complex, technical standards into actionable tools that manufacturers and hospitals can adopt with confidence.

鈥淥ur goal was to bridge the gap between cutting-edge research in risk assessment and real-world healthcare medical-device safety. The TVRA translates our findings into actionable guidance, strengthening patient safety and future-proofing medical innovation across Europe in alignment with relevant standardisation efforts.鈥�

鈥�Dr Gregory Epiphaniou, Associate Professor in Security Engineering

Impact

WMG鈥檚 work within MedSecurance has delivered tangible benefits across the healthcare ecosystem:

• For patients: safer, more secure medical devices and stronger protection of sensitive health data.
• For manufacturers: clearer, more consistent guidance that reduces compliance costs, shortens approval timelines, and accelerates innovation.
• For regulators: practical, evidence-based recommendations that strengthen EU guidance and support policy development.
• For Europe: future-proofed regulations that improve resilience in healthcare systems while supporting innovation in connected technologies.

While the recommendations are still under review for EU-wide adoption, early results demonstrate clear impact. WMG鈥檚 Threat, Vulnerability and Risk Analysis (TVRA) successfully resisted simulated cyber-attacks on real-world use cases, including PCR and Remote Patient Monitoring (RPM) devices, proving a measurable improvement in security and patient safety.

Partners such as Hygeia Hospital in Greece are already piloting MedSecurance tools in clinical settings, validating their effectiveness in real-world environments. This ensures that new medical devices are not only secure in theory but proven safe for patients in practice.

The project continues until 2026, with the TVRA tool now undergoing testing in European hospitals. By combining academic research with industry insight, WMG has ensured its recommendations are both scientifically rigorous and practically applicable. This ongoing collaboration highlights WMG鈥檚 pivotal role in shaping European regulation, safeguarding patients, and enabling the safe adoption of the next generation of connected healthcare technologies.

Partner Testimonial: BioAssist

BioAssist, a Greek ICT services company involved in piloting MedSecurance tools, has already begun validating the TVRA methodology in real clinical scenarios:

鈥淲orking with the University of 糖心TV team was a pleasure. We appreciated having such a responsive and collaborative partner. The TVRA tool was used to assess the security of two BioAssist use cases. It was straightforward and intuitive to use, quickly generating clear reports. Given its ease of use and utility, we plan to incorporate TVRA into our software development cycle.鈥�

鈥� BioAssist Team