IoMT-SAF: Internet of Medical Things Security Assessment Framework

Faisal Alsubaei, Abdullah Abuhussein, Vivek Shandilya, Sajjan Shiva

Research output: Contribution to journalJournal articlepeer-review

38 Scopus citations


The emergence of the Internet of Medical Things (IoMT) has introduced a monumental change in facilitating the management of diseases, improving diseases diagnosis and treatment methods, and reducing healthcare cost and errors. This change has greatly impacted the quality of healthcare for both patients and all frontline healthcare workers. However, the IoMT is far from being immune to security and privacy breaches due to the wide variety IoMT vendors and products available on the market as well as the massive number of devices transmitting sensitive medical data wirelessly to the cloud. The lack of security awareness among healthcare users (e.g., patients, medical staff) aggravates the deficiencies and can facilitate attacks that jeopardize the patients’ lives. Therefore, ensuring the security and privacy of the IoMT becomes an urgent issue worthy of further investigation and resolution. Security cannot be planned for, managed, monitored, or controlled if it cannot be measured. However, security assessment poses problems for novice IoMT adopters when choosing security measures that are both sufficient and robust. Accordingly, we developed a web-based IoMT Security Assessment Framework (IoMT-SAF) based on a novel ontological scenario-based approach to recommend security features in IoMT and assess protection and deterrence in IoMT solutions. IoMT-SAF supports the selection of a solution that matches the stakeholder's security objectives and supports the decision-making process. The novelty of IoMT-SAF lies in its granularity, extensibility, as well as its ability to adapt to new stakeholders, and conformance to technology and medical standards.

Original languageEnglish
Article number100123
JournalInternet of Things (Netherlands)
StatePublished - Dec 2019


  • Assessment
  • Framework
  • Internet of Medical Things
  • Privacy
  • Recommendation
  • Security


Dive into the research topics of 'IoMT-SAF: Internet of Medical Things Security Assessment Framework'. Together they form a unique fingerprint.

Cite this