Blue Goat Cyber logoBlue Goat CyberSMMedical Device Cybersecurity
    K
    All infographics
    Threat modeling

    STRIDE Applied to a Connected Medical Device

    Six STRIDE threat categories mapped onto the real attack surfaces of a connected device, firmware, BLE, mobile app, cloud, and clinician console.

    Last reviewed 2026-06-10

    What the diagram shows

    S, Spoofing

    Identity attacks: BLE pairing without authentication, cloned mobile app sessions, spoofed clinician console logins. Mitigations: mutual TLS, hardware-rooted device identity, MFA.

    T, Tampering

    Firmware modification, MITM on the radio link, mobile binary patching, database manipulation in the cloud. Mitigations: secure boot, signed updates, code signing, integrity checks.

    R, Repudiation

    Actions performed without audit trail, dose changes, configuration edits, clinician overrides. Mitigations: append-only audit log, non-repudiable signing, time-synced events.

    I, Information disclosure

    PHI leakage from BLE advertisements, mobile log files, cloud backups, or clinician UI. Mitigations: encryption at rest and in transit, minimal data on device, redacted logs.

    D, Denial of service

    RF jamming, battery-drain attacks, cloud API flood, clinician console lockout. Mitigations: graceful degradation, rate-limiting, offline-safe device behavior, redundancy.

    E, Elevation of privilege

    Unprivileged process gaining root on firmware, mobile app gaining device-admin scope, cloud user escalating to clinician role. Mitigations: least privilege, role separation, sandboxing.

    Embed this diagram

    Use this on your blog, internal wiki, or training deck. We only ask that the credit line and link back stay intact.

    <!-- STRIDE Applied to a Connected Medical Device, Blue Goat Cyber -->
    <figure>
      <a href="https://bluegoatcyber.com/resources/infographics/stride-connected-device">
        <img src="https://bluegoatcyber.com/resources/infographics/stride-connected-device.svg" alt="Schematic of a connected medical device showing where each STRIDE threat category (spoofing, tampering, repudiation, information disclosure, denial of service, elevation of privilege) applies across firmware, radio, mobile, cloud, and clinician console layers." loading="lazy" />
      </a>
      <figcaption>
        <a href="https://bluegoatcyber.com/resources/infographics/stride-connected-device">STRIDE Applied to a Connected Medical Device</a> by
        <a href="https://bluegoatcyber.com">Blue Goat Cyber</a>
      </figcaption>
    </figure>

    Related reading

    tagged · Threat Modeling · Risk · FDA

    In-depth guides

    From the blog

    Where this fits

    Threat Modeling hubThreat modeling serviceSTRIDE vs DREAD vs PASTA

    More infographics

    See all

    FDA Premarket Cybersecurity Submission Flow

    Anatomy of an FDA-Ready SBOM

    FDA Deficiency Letter Response Decision Tree

    The SPDF Lifecycle: Premarket to Postmarket

    Ready when you are

    Get FDA cleared without the cybersecurity headaches.

    30-minute strategy session. No cost, no commitment - just answers from people who've shipped 250+ FDA submissions.