Agree with you - there's nothing new in the article. I gave a talk a
couple years ago at a conference on biomedical engineering, and there was
one person in the room (out of a few hundred) who had heard of Therac-25.
(Which I assume is what you were referring to with 1985.)
If the article were
hi sc-l,
Chandu Ketkar and I wrote an article about medical device security based on a
talk Chandu gave at Kevin Fu’s Archimedes conference in Ann Arbor. In the
article, we discuss six categories of security defects that Cigital discovers
again and again when analyzing medical devices for our
