Thanks to cheaper and more powerful CPUs as well as improved software platforms, eHealth devices are spreading. They promise to keep us in our home for longer, and to provide better, more precise care, all the while containing rising health care costs. eHealth devices already include emergency alert systems, connected blood pressure monitors and oximeters, and many more.
An attractive business model for hackers
Health devices are increasing relying on connectivity with an ever-growing surface of attacks. There are becoming a target for cybercriminal organizations willing to exploit vulnerabilities to launch cyberattacks and create serious damage.

In effect, there are attractive business models for hackers for exploiting vulnerabilities of eHealth devices, in particular when attacks can be performed remotely, even when they require a substantial investment (>1M$) during the so-called identification phase.
How we can help
At ProvenRun we help answering to those threats by providing:
- Security consulting services such as performing security risk analysis, defining security architectures and certification requirements,
- Security engineering services for the development of ad-hoc solutions,
- Solutions to secure-by-design connected devices that are exposed to attacks.
Security-by-design solutions
When securing-by-design an eHealth device, security engineers can in effect rely on three pillars to be integrated as part of the device’s Trusted Computing Base (TCB):
- Secure elements or hardware coprocessors for the Root of Trust, cryptographic operations and transactions,
- Secure Operating Systems (OSs) or Trusted Execution Environments (TEEs),
- Hardware- or software-based hypervisors.
A secure OS for security critical services
The TCB always includes critical security functions that need to remain small and simple to remain verifiable, especially on complex hardware such as modern microprocessors or microcontrollers. Implementing these security functions require high-level abstractions of the hardware, typically provided by an Operating System (OS). Because the correctness of the security functions depends on the correctness of these high-level abstractions, the OS that implements them is also part of the TCB and should be free from exploitable vulnerabilities.
Our TCB secure software components
At ProvenRun, we provide unique critical off-the-shelf TCB software components that can be used to secure-by-design eHealth devices:
- ProvenCore: an ultra-secure OS, that can be used also as a TEE, available for ARM Cortex-A, Cortex-M and RISC-V processors.
- ProvenCore-M: a ultra-secure RTOS available for ARM Cortex-M and RISC-V processors.
- ProvenVisor: A secure hypervisor for virtualization solutions, available for ARM Cortex-A processors.

With ProvenCore, ProvenCore-M and ProvenVisor, ProvenRun brings to the market secure-by-design solutions that provide a distinctively higher security level and a lower cost of security than any existing solutions, and the ability to withstand to remote cyberattacks and avoid the compromise of eHealth devices that would lead to high losses.
Contact us for more details on how we can help.