Case Study: Baxter Connex Spot Monitor Shared Key
A secure-by-design case study showing how a default cryptographic key created a shared failure domain across connected patient monitors.
A secure-by-design case study showing how a default cryptographic key created a shared failure domain across connected patient monitors.
A secure-by-design case study showing how hard-coded credentials, weak firmware integrity, exposed interfaces, and insufficient logging affected a portable ventilator.
A secure-by-design case study showing how hidden firmware functionality, insecure update behavior, and patient-data exposure affected a connected patient monitor.
A secure-by-design case study showing how service credential exposure in a networked medical imaging ecosystem can affect patient-data integrity and availability.
A secure-by-design case study showing how local access, hard-coded credentials, kiosk escape, and command injection can affect clinical devices.
Practical guidance for connected-product teams assessing cryptographic algorithms, protocols, keys, firmware integrity, data protection, crypto agility, and CRA evidence.
A practical guide to assessing whether Espressif ESP32 chips and modules can support secure-by-design controls, CRA readiness, supplier evidence, and lifecycle commitments.
A practical hub for secure-by-design case studies, routing real product vulnerabilities by failure pattern, control area, evidence lesson, and product-team check.
A secure-by-design evidence pack is a structured collection of documents, records, and technical artefacts that helps show how a connected product was designed, built, assessed, released, supported, and maintained.
A practical secure-by-design maturity model for connected-product teams assessing CRA readiness, product-security practices, evidence quality, vulnerability handling, secure updates, and lifecycle support.
Starter policy templates and outlines for connected-product teams covering coordinated vulnerability disclosure, vulnerability handling, security updates, secure development, and CRA evidence records.
A practical guide to assessing whether STM32 parts and ST collateral can support secure-by-design controls, CRA readiness, supplier evidence, and lifecycle commitments.
A practical guide to classifying embedded device architectures and understanding how MCUs, embedded Linux systems, and hybrid designs affect secure-by-design controls, CRA readiness, and evidence.