Project Summary
Digital medical devices include continuous glucose monitoring systems, foot pressure feedback systems and insulin pumps. These technologies are personal devices in the sense that they support individuals to better manage their own health and are instrumental in supporting a digitally enabled healthcare system.
Although digital medical devices represent a major step forward in supporting personal health management and represent the future of healthcare services, concerns remain about cyber security of these resource-constrained medical devices and connected systems.
This EPSRC Connectivity Award brings together colleagues from across Lancaster University working in medical devices, clinical research and cyber security, together with key industry and NHS partners to build UK capability and capacity for medical device cyber security research.
The project aims to:
- Understand cyber-clinical risk and the nature of cyber security vulnerabilities for digital medical devices,
- Develop novel technologies to prevent/mitigate cyber-attacks for digital medical devices,
- Inform national standards and certification processes for cyber security of digital medical devices.
Project Outputs and Connected Activities
- Parliamentary meeting on ‘Harnessing Health Innovation’.
- Parliamentary meeting on AI and Healthcare: Innovations for a Healthier Tomorrow.
- Neil Reeves has been a member of the British Standards Institution (BSI) committee (April-November 2025) for a fast-tracked standardisation document – Publicly Available Specification (PAS) on Continuous glucose monitoring systems. Neil Reeves and the project team contributed their expertise and underpinning research knowledge from this project towards the development of the cyber security specification for this BSI standardisation document (PAS). The PAS was published on 30.11.2025 – ‘PAS 2600:2025 Continuous glucose monitoring systems – Design verification and validation of performance – Specification’.
- A blog post on the project has been published with our project partner the Lister Alliance.
Complementary Research Activity
The project is complemented by Lancaster University’s £19m strategic investment in ‘Security and Protection Science’, including new campus facilities with state-of-the-art ‘Data Cyber Quarter’, supporting new partnership opportunities with cyber industry.
To help this EPSRC project engage more widely with industrial partners and build UK capacity in the cyber security of medical devices, the project benefits from Lancaster University being the lead academic partner in business engagement and co-working incubators including the Digital Security Hub (DiSH) in Greater Manchester and the ‘North West Cyber Security Connect for Commercialisation’ (NW CyberCom).
This EPSRC Connectivity Award also complements the Lancaster-led EPSRC Place-based Impact Accelerator ‘Cyber Focus’ with a prominent health workstream that aims to galvanise the Northwest cyber ecosystem by forging trusted interconnections that instil confidence in research-led impact partnerships to propel national prosperity and protection/security.
