Threat Modelling, Security Architecture and Controls for Medical Devices: Attacking and Defending

You will gain experience with articulating threats in a threat model, how to apply tools like MITRE ATT&CK and D3FEND to construct a two-sided narrative to security controls in your architecture

In this course participants will gain experience with articulating threats in a threat model, how to apply tools like MITRE ATT&CK and D3FEND to construct a two-sided narrative to security controls in your architecture. We will investigate the concept of digital artifacts, and how attacking a system exposes changes opposed to defending it can secure them.

This course is more technical and prepares cybersecurity engineers to deliver on regulatory requirements for Medical Device cybersecurity controls, such as FDA pre-market Guidance and MDCG 2019-16.

It should be noted that the approach presented is a best practice to discover and structure security, not just from documentation point-of-view, but also from designing and developing security in products. The concept of technical threat modelling helps enumerate assets, map; infrastructure, operational activities, and the systems itself, then decompose them to structurally categorize the needed levels of hardening, detection coverage and other security controls associated with it.

Upon completion, you will: 

  1. Be able to utilize a toolset to perform technical threat modelling
  2. Know the recommended security functions for regulatory requirements, such as FDA pre-market
  3. Have the knowledge to perform a structured way documentation of a cyber security analysis in your design and architecture
  4. Have gained knowledge of a technical toolset to help enumerate and discover security controls in your system


  • Introduction to the use of MITRE ATT&CK and D3FEND
  • Understanding FDA pre-market security controls and their appliance of NIST SP 800-57
  • Introduction to technical threat modelling
  • Introduction to a structured way to reason about security controls

Security architecture and controls cannot be exhaustively taught in two days; hence the goal is to provide a toolset to enable you to perform the activities in your organization. The two days are divided into a day of introducing threat modelling along with asset management, mapping networks, dataflow, operational mapping, and secure configuration, while the second day will investigate applied security hardening, isolation, security information and event management for an embedded medical device.

The course format is classroom presentations, exercises, and workgroups.

Target group
To get the most out of this training, participants should have a technical background and be familiar with the concepts of cybersecurity at intermediate level. The course is catering to help meet the technical security functions in medical device manufacturing.
The course is suitable for organizations looking into cybersecurity product development/risk-management.
The course is relevant for: 

  • Cybersecurity Quality Assurance / Quality Assurance Engineering
  • Cybersecurity Regulatory Affairs
  • Cybersecurity Product Responsible
  • Cybersecurity System Engineer
  • Cybersecurity Product Owner
  • Cybersecurity Program Manager
  • Security Champions in Development Department
  • Cybersecurity/Software Engineers
  • Cybersecurity Test and Verification

Jens Schønberg
CEO, Founder and Principal Cybersecurity Specialist, JBS Consultancy


Indtast et "Purchase order number" hvis din virksomhed forlanger det på fakturaen.


mp@medicoindustrien.dks billede
Morten Petersen