The average hospital experiences more than 2,300 cyberattacks per week1, costing the industry billions annually.
Siemens Healthineers has entered into a project agreement with the Advanced Research Projects Agency for Health (ARPA-H) to undertake research focused on enhancing the cyber resilience of medical devices. ARPA-H’s Universal Patching and Remediation for Autonomous Defense (UPGRADE) program aims to create new tools to help hospitals’ information technology teams better detect and remediate cyber-threats2. Siemens Healthineers will serve as the principal research institution for the Secure Healthcare Infrastructure Enhancement and Defense (SHIELD) project under the UPGRADE program, with activities based at its AI Factory in Princeton, New Jersey.
Under the agreement, Siemens Healthineers and its research partners, Siemens Corporation, Axonius and Kraetonics, will execute this collaborative project with a budget of $6.9 million for Phase I. The goal is to develop an autonomous cyber-threat solution that enables proactive security updates, reducing the uncertainty and manual effort necessary to secure hospitals.
The SHIELD project deploys an exa-scale simulation – consisting of more than one quintillion operations per second – to identify optimal solutions for cyber resilience within medical technology products, placing particular emphasis on applications that affect continuity of care. SHIELD plans to develop a solution that addresses the difficult balance between cybersecurity, patient care, and revenue within hospital environments. When cybersecurity vulnerabilities are detected or ransomware incidents occur, hospitals may need to suspend operation of major imaging equipment until remediation. Since 2016, cyberattacks have cost the healthcare industry over $77 billion, with over $15 billion in 2023 alone3. The increasingly prevalent attacks have led to delays in treatment, cancellation of procedures, and reliance on paper records, and emergency rooms are often forced to divert ambulances4.
Hospital cyberattacks are typically carried out through pervasive vulnerabilities in IT systems. As a result, 53% of all hospital equipment currently contain critical vulnerabilities5, and 96% of hospitals have equipment with these vulnerabilities. The average time to apply critical security updates to hospital equipment is currently 491 days6 – more than one year – leaving critical vulnerabilities open to exploitation. In many cases, hospital cybersecurity teams are under-resourced and thus unable to perform all the updates available to them, and clinical staff further delay updates due to fears about updates impacting clinical workflows.
SHIELD will run detailed simulations to determine the most important systems and vulnerabilities to patch or remediate and find the best timing for those activities. The focus will be on the device and equipment interactions occurring within hospitals, with a special emphasis on patient visits to specialty areas such as imaging and lab. Large-scale medical record data will allow for detailed simulations of patient and clinical staff interactions to accurately portray the effects of device and equipment disruption on both the patients and staff. This solution will also offer alternative staffing, equipment and department options as well as patient scheduling recommendations that will best maintain patient care.
“We are grateful for the funding provided by ARPA-H to enable our research of this important issue. As AI and automation continue to advance, it is essential to address cybersecurity risks with diligence. By determining effective remediation strategies, we help safeguard patient data and ensure the continuous operation of major imaging equipment,” says Dorin Comaniciu, senior vice president, artificial intelligence and digital innovation at Siemens Healthineers.
The SHIELD team is partnering with hospital systems that are representative of the range of medical facilities in the country, from state-of-the-art to under-resourced rural community hospitals. Through its longstanding Value Partnerships with healthcare providers, Siemens Healthineers brings a uniquely grounded perspective to the SHIELD project. These deep, collaborative relationships provide insight into real-world clinical workflows, operational constraints, and cybersecurity challenges, ensuring that the research is informed by the realities hospitals face every day and will be designed to deliver practical, community-relevant impact.
“As cyber risks continue to grow across all industries, we are committed to strengthening healthcare security by prioritizing patient safety, data privacy, and cyber resilience – helping to prevent disruptions that can affect patient care,” says Carlos Arglebe, head of cybersecurity at Siemens Healthineers. “By collaborating with experts and leveraging data and technology, we can deliver faster, more effective protection where it matters most. This ARPA-H-funded project represents a unique opportunity to jointly advance cybersecurity across the healthcare ecosystem.”
ARPA-H is a biomedical funding agency within the U.S. Department of Health and Human Services that supports accelerated high-impact research to deliver health breakthroughs in years, not decades.
This research was, in part, funded by the Advanced Research Projects Agency for Health (ARPA-H). The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the United States Government.
1 World Health Day 2025: When Cyber Security Fails, So Does Public Health – Check Point Blog
3 Ransomware attacks on US healthcare organizations cost $20.8bn
4 Cyber-Attacks on Hospital Systems: A Narrative Review – ScienceDirect
5 The Ironic State of Cybersecurity in Medical Devices – PMC
