GlobalSupervision: Dominik Noß More details:
Software in the medical sector is part of the critical infrastructure. Vulnerabilities pose a threat for the operation in clinics and medical centers, which can result in physical harm to patients.
- Goal of this thesis:
- Survey existing fuzzers and the fuzzing strategies they use. Evaluate efficiency of different fuzzers and fuzzing strategies in application to HL7 implementations such as Mirth connect
- Find software bugs and responsibly report them to the creator
The fuzzing and the consequential fixing of bugs shall improve stability of the software and prevent their use for attacks on the medical sector.
- Java Fuzzing:
All relevant standards. Registration is required, but disposable email addresses work fine. Start with “HL7 Version 2.9 Messaging Standard”: http://www.hl7.org/implement/standards/product_brief.cfm?product_id=185
HL7 Browser (to fiddle with HL7 Messages): http://www.nule.org/?page_id=62
Mirth Connect HL7 Server: https://www.nextgen.com/products-and-services/nextgen-connect-integration-engine-downloads