STRIDE Applied to a Connected Medical Device
Six STRIDE threat categories mapped onto the real attack surfaces of a connected device, firmware, BLE, mobile app, cloud, and clinician console.
What the diagram shows
S, Spoofing
Identity attacks: BLE pairing without authentication, cloned mobile app sessions, spoofed clinician console logins. Mitigations: mutual TLS, hardware-rooted device identity, MFA.
T, Tampering
Firmware modification, MITM on the radio link, mobile binary patching, database manipulation in the cloud. Mitigations: secure boot, signed updates, code signing, integrity checks.
R, Repudiation
Actions performed without audit trail, dose changes, configuration edits, clinician overrides. Mitigations: append-only audit log, non-repudiable signing, time-synced events.
I, Information disclosure
PHI leakage from BLE advertisements, mobile log files, cloud backups, or clinician UI. Mitigations: encryption at rest and in transit, minimal data on device, redacted logs.
D, Denial of service
RF jamming, battery-drain attacks, cloud API flood, clinician console lockout. Mitigations: graceful degradation, rate-limiting, offline-safe device behavior, redundancy.
E, Elevation of privilege
Unprivileged process gaining root on firmware, mobile app gaining device-admin scope, cloud user escalating to clinician role. Mitigations: least privilege, role separation, sandboxing.
Embed this diagram
Use this on your blog, internal wiki, or training deck. We only ask that the credit line and link back stay intact.
<!-- STRIDE Applied to a Connected Medical Device, Blue Goat Cyber -->
<figure>
<a href="https://bluegoatcyber.com/resources/infographics/stride-connected-device">
<img src="https://bluegoatcyber.com/resources/infographics/stride-connected-device.svg" alt="Schematic of a connected medical device showing where each STRIDE threat category (spoofing, tampering, repudiation, information disclosure, denial of service, elevation of privilege) applies across firmware, radio, mobile, cloud, and clinician console layers." loading="lazy" />
</a>
<figcaption>
<a href="https://bluegoatcyber.com/resources/infographics/stride-connected-device">STRIDE Applied to a Connected Medical Device</a> by
<a href="https://bluegoatcyber.com">Blue Goat Cyber</a>
</figcaption>
</figure>
Related reading
tagged · Threat Modeling · Risk · FDAIn-depth guides
STRIDE Threat Modeling for Medical Devices: Definitive Guide
Apply STRIDE to medical devices: per-category threat tables, FDA-grade DFD process, mapping to AAMI TIR57 and ISO 14971, and STRIDE vs PASTA/LINDDUN.
Patient-Safety-First Threat Modeling Guide
Patient-Safety Threat Modeling Worksheet A right-sized STRIDE pass that maps cybersecurity threats to ISO 14971 hazards.
De Novo Cybersecurity Submission Guide
Learn the specific cybersecurity requirements for a successful De Novo submission. Ensure FDA compliance with threat modeling, SBOM, and pen testing.
FDA 2026 Premarket Cybersecurity Guidance
Master the 2026 FDA premarket cybersecurity guidance. Ensure your medical device submission meets new SPDF, SBOM, and threat modeling requirements for approval.
From the blog
- Data Flow Diagrams for Medical Device Cybersecurity2026-06-12
- FMEA vs Threat Modeling for Medical Devices: Where Safety Risk Ends and Security Risk Begins2026-06-18
- Penetration Test Case Design for Medical Devices2026-06-11
- DREAD vs STRIDE vs PASTA Threat Modeling for Medical Devices2024-03-22
- Design FMEA for Medical Devices: dFMEA, ISO 14971 & Cybersecurity2026-06-25
Where this fits
More infographics
See allGet FDA cleared without the cybersecurity headaches.
30-minute strategy session. No cost, no commitment - just answers from people who've shipped 250+ FDA submissions.