Home Browse Possible security threats coming from IOT medicine sensor calibration...
ALL Metrics
-
Views
-
Downloads
Get PDF
Get XML
Cite
Export
Track
Review

Possible security threats coming from IOT medicine sensor calibration process

[version 1; peer review: awaiting peer review]
Laimonas Kairiukstis
https://orcid.org/0009-0000-2102-9070
1Kamilė Kairiūkštytė1Edvinas Norvilas1
Laimonas Kairiukstis
https://orcid.org/0009-0000-2102-9070
1Kamilė Kairiūkštytė1Edvinas Norvilas1
PUBLISHED 27 Nov 2025
Author details Author details
OPEN PEER REVIEW
REVIEWER STATUS AWAITING PEER REVIEW

This article is included in the Software and Hardware Engineering gateway.

This article is included in the Cybersecurity collection.

Abstract

The global deployment of over seven billion IoT measuring devices in critical fields like healthcare and industrial safety systems exposes a pressing vulnerability to cyber-attacks, where compromised data integrity can lead to severe financial or life-threatening incidents. Calibration is the fundamental process ensuring measurement uniformity, yet the immense scale of the IoT makes traditional laboratory calibration physically impossible. Consequently, the calibration process must migrate on-site, relying on remote communication with calibration standards—a paradigm known as Calibration as a Service (CaaS). This digital shift, however, introduces significant cybersecurity risks into the very foundation of measurement trust. This paper addresses this critical challenge by presenting a comprehensive Standard Operating Procedure (SOP) for Secure IoT Measuring System Calibration. The proposed framework establishes the necessary protocols to protect the calibration process within a CaaS infrastructure. We further emphasize that the development and deployment of such secure IoT systems necessitate dedicated collaboration between IT security specialists and domain experts, ensuring that device integrity is prioritized from inception to safeguard end-users in an increasingly connected and vulnerable digital ecosystem.

Keywords

Calibration, Security, Data, IoT Medical device, Standard Operating Procedure

Corresponding author: Laimonas Kairiukstis
Competing interests: No competing interests were disclosed.
Grant information: This work was supported by the Lietuvos Inžinerijos Kolegija Higher Education Institution.
The funders had no role in study design, data collection and analysis, decision to publish, or preparation of the manuscript.
Copyright:  © 2025 Kairiukstis L et al. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
How to cite: Kairiukstis L, Kairiūkštytė K and Norvilas E. Possible security threats coming from IOT medicine sensor calibration process [version 1; peer review: awaiting peer review]. F1000Research 2025, 14:1327 (https://doi.org/10.12688/f1000research.172017.1) First published: 27 Nov 2025, 14:1327 (https://doi.org/10.12688/f1000research.172017.1) Latest published: 27 Nov 2025, 14:1327 (https://doi.org/10.12688/f1000research.172017.1)

1. Introduction

1.1 Challenges of digital transformation in metrology

The use of IoT measurement devices is rapidly increasing across all areas of life — including industry, households, agriculture, and medicine. However, this growing deployment also raises various metrological challenges caused by factors such as device aging, unstable power supply, and environmental influences like vibration, temperature fluctuations, and other external conditions.1 Additionally, although to a lesser extent, cybersecurity issues can also impact measurement reliability. Metrology forms the foundation of the entire quality infrastructure. Without reliable measurements, it is impossible to conduct any research — from electronics and mechanics to medicine or management. To ensure product quality, prevent production losses, and avoid physical harm or even death, the calibration of IoT measuring devices (IoTM) must be performed at appropriate intervals, and their suitability for measurement must be continuously verified and validated. Due to calibration a uninterrupted link between the measuring device and the SI system units is formed. However, it is practically impossible to calibrate large number of IoTM devices in laboratories, in this situation, the solution becomes calibration performed onsite.1

In this article we will use the terms described in the International Vocabulary of Metrology (VIM). This guidance harmonizes worldwide fundamental terminology and thus allows the science of metrology to improve. In Chapter 5 of the VIM, “Measurement standards (etalons) and metrological traceability”, calibration is defined as an operation performed on a measuring instrument or a measuring system that, under specified conditions establishes a relation between the values with measurement uncertainties provided by measurement standards and corresponding indications with associated measurement uncertainties and uses this information to establish a relation for obtaining a measurement result from an indication.2 Some authors use the concept of calibration incorrectly, for example, calibration is not just adjustment of a measuring system or verification of calibration, which frequently inaccurately called “selfcalibration”. Calibration of devices used in the healthcare sector is a key step in protecting lives, therefore the accuracy, precision, and performance of the devices become extremely important.3 The global medical equipment calibration services market size was estimated at US$1.7 billion in 2024 and is expected to grow over the next decade to US$4.8 billion by 2034 owing to the rising demand for accuracy and regulatory compliance in medical devices.4

It is important to understand that calibration may be expressed by a statement, calibration function, diagram, curve or table.2 The calibration can be performed directly between the primary measurement standard and the secondary measurement standard or using an intermediate measurement system calibrated by the primary measurement standard, with the measurement result assigned to the secondary measurement standard.2

All measurement systems, including IoTM devices, must have an unbroken chain of metrological traceability to an international or national measurement standard. Continuous calibration monitoring is extremely important for metrological traceability, as it allows the identification of factors contributing to measurement uncertainty and a more accurate assessment of the conformity of the measurement result to the standard.2 The measurement system, measurement result and calibration interfaces can be depicted in Figure 1 below. This diagram illustrates that data transmission occurs throughout all processes, thereby revealing two key security risks for IoTM devices: the potential for data leakage or intentional modification, and the specific locations where these threats may arise.

adfcd33c-ff6f-4344-92f1-f5138bdc78f0_figure1.gif

Figure 1. Conceptual diagram about “calibration”.2

To ensure measurement traceability and compliance with quality standards, measuring devices require accredited calibration certificates. Traditionally, these are issued on paper, which complicates the work of technical supervisors, increases logistical costs, extends device downtime, and hinders automation in facilities with numerous instruments.

To address these inefficiencies, the industry is moving toward digital calibration certificates for IoT devices. However, this shift presents not only metrological challenges but also demands robust IT security and a stable data transmission network. This is particularly difficult given the constraint of limited power sources, especially when a device should operate without changing batteries for the minimum 5 years.

The implementation of digital technologies in metrology, as we can see, is a slow process, historically most likely related to the tradition of providing standards and measurement services. The responsibility arising during this process makes even minimal changes slow and consistent, in order to avoid any financial, emotional or health damage.5 National Metrology Institutes (NMIs) have plans to provide secure and traceable Digital Calibration Certificates (DCCs), but this project is still on the hold due lack of reliable, secure and traceable infrastructure, therefore the digitalization process in metrology lags behind progress in other areas and new projects just starting in this area.6 The concept6 of digital calibration certificates was introduced by scientist from National Metrology Institute of Germany within the project Smartcon framework7 in 2018 and continues in the Euramet project “Development of digital calibration certificates” till 2026. The preliminary results of introduction paper free DCC inside IoT measurement systems are described in the article.6 The requirements for DCC calibration infrastructure and certificate structure are described in the sources.79

In order to transmit digital metrology data over public networks, such as the Internet, security must be ensured, only then will the data not be compromised by various means during transmission, especially by malicious actors on the Internet.5 However, the implementation of DCC in any chosen measurement area to enable calibration as a service for IoTM devices without human intervention (machine-to-machine communication) makes preparation an appropriate secure infrastructure necessary.

The article examines wearable and implanted devices (IMDs) in medicine, aims to determine the impact of Calibration Errors on Medical Device Security and at the end of the analysis, a Standard Operating Procedure for calibration of IoTM will be proposed as a result.

1.2 Security challenges in measurement systems used in healthcare

With the growing trend that medicine should be personalized and advancements in microelectronics, materials science, and wireless communication the number of personalized IoT sensors used in the healthcare system is increasing every year. This shows US $33.85 billion global market for health care wearables in 2023 and expected rising trend with US $250 billion market by 2030.10 The World Health Organization (WHO) believes with the Global Health Strategy for 2025-2028 6 billion people will enjoy better health and well-being and 7 billion people to be better protected from health emergencies,11 we believe that medical devices calibration process improvement could also contribute to this plan. Since 2010 WHO organizes Global Forum on Medical Devices, in 2025 June 2-4 were the fifth forum, in which were defined methods for increasing access to essential and priority medical devices were defined, examples of best practices from countries in medical device regulation, evaluation, and governance were shared, and the development and use of innovative, appropriate, and affordable technologies to address global health priorities were demonstrated.

Wearable medical devices are considered to have one or more than one of the four main functions: monitoring, screening, detection and prediction.11 From general vital signs monitoring to specialized sensors designed to diagnose, monitor symptoms, and treat specific diseases from different body systems - cardiovascular, neurological, psychological, musculoskeletal.12,13 These sensors are already incorporated in our everyday life. Continuous monitoring data collected through IoT technologies can enhance the knowledge base for decision-making and is inherently different from routine clinical consultations.14 However, it also possesses the risk of information overload in the healthcare system.15 The cross-sectional study in 2025 showed that female users and with higher income levels have greater likelihood of usage, on other hand data sharing declines drastically with age.16

Implantable cardioverter defibrillators, pacemakers, insulin pumps, deep brain stimulators and drug delivery systems are examples of IMDs used for long-term use, i.e. for the treatment of chronic diseases. However, former US Vice President Dick Cheney’s wireless connectivity of heart pacemaker was disabled due to national security concerns, such as the pacemaker’s set by cybercriminals at frequency being incompatible with life.17 This applies not only to pacemakers, but also to other devices, such as insulin pumps, which may use similar principles to regulate insulin delivery, increasing medicaments dosage or brainjacking can lead to physical or psychological harm and even to death and experiments conducted by scientists show that this is indeed possible.1820

Therefore, medical devices are subject to strict controls and regulations worldwide. In Europe, any medical device must be certified to ensure its safety, effectiveness and consistent quality level. If all regulatory requirements are met, the device can receive the CE mark in Europe.21 It is important to notice that sensor specificity of current wearable devices can be low, which may lead to over detection of benign nonclinical related signals, resulting in misdiagnosis, unnecessary examinations, and patient anxiety.22 Accordingly, the calibration process and protection against tampering with the set parameters become extremely important. This could give patients, their relatives and medical staff greater confidence in these devices. Bonan Zhang et al. in a 2025 survey on security and privacy issues in wearable health monitoring devices also noticed a lack of standard communication protocols, which could help manufacturers design new devices not only orienting towards development and design of risk assessment.22 A good balance between regulation and innovation is necessary, as the constant progress in this field often outpaces regulatory updates, creating a significant gap between the development of wearable and implantable medical devices and the establishment of the necessary regulatory requirements.

1.3 Regulations, standards and guidelines for medical devices

In the healthcare sector—whether in hospitals or among medical device manufacturers—patient safety remains the highest priority. To safeguard this principle, strict regulations, standards, and guidelines govern the development, calibration, use, and quality control of medical devices worldwide. Compliance with frameworks such as FDA guidelines requires structured risk management processes, comprehensive documentation, and clearly defined roles and responsibilities.23

During data acquisition, risks inevitably arise as a combination of the potential consequences of unwanted events and the likelihood of their occurrence. Currently, no single standardized methodology exists for assessing software security and the risks specific to IoT-based measurement systems. As a result, manufacturers and researchers draw upon various standards and recommendations issued by international organizations such as ISO and WELMEC (European Cooperation in Legal Metrology).

For IoT-related risk assessment, the ISO/IEC 27005:2022 standard provides guidance on managing information security, cybersecurity, and privacy risks.26 More domain-specific is the WELMEC Guide 7.6 Software Risk Assessment for Measuring Instruments, 24 based on the EU Measuring Instruments Directive (2014/32/EU; MID). This directive defines legal requirements for measuring instruments falling under legal metrology, which manufacturers must meet before placing devices on the market. WELMEC Guide 7.6 further specifies risk classes, baseline requirements for embedded software in measurement instruments, and detailed provisions for long-term data storage and secure transmission of measurement results.

In their survey, Karie et al. identified approximately 80 ISO/IEC security standards, 32 ETSI standards, and 37 conventional security assessment frameworks, including seven NIST special publications on security techniques applicable to IoT-enabled health monitoring environments.25

Table 1 below summarizes key international and national regulations, standards, and guidelines relevant to medical device calibration, cybersecurity, data integrity, metrology, and traceability. These frameworks form the basis for the Standard Operating Procedure (SOP) for secure calibration processes presented in the final chapter of this work.

Table 1. Regulation and standards for medical devices calibrations.

Category StandardKey requirements/Purpose
International standards for general calibrationISO/IEC 17025:2017Ensures calibration labs are technically competent and traceable to SI units.
ISO 9001:2015Establishes a quality management system with documented calibration procedures.
ANSI/NCSL Z540.3-2006 (US)Defines calibration system requirements including uncertainty evaluation.
ANSI/NCSL Z540.3-2006 (US)Guides calculation and reporting of calibration uncertainty.
International standards for medical devicesFDA 21 CFR Part 11Ensures secure and auditable electronic calibration records.
ISO 13485Maintains safe and effective calibration processes for medical devices.
International Cybersecurity & Data Integrity StandardsNIST SP 800-53 (Rev. 5)Protects calibration systems with secure access controls.
IEC 62443 (Industrial IoT Security)Secures calibration in industrial systems against tampering.
ISO/IEC 27001:2022Safeguards calibration data from unauthorized changes.
NISTIR 8228 (IoT Security)Recommends secure calibration practices for IoT devices.
International Metrology & Traceability StandardsJCGM 100:2008 (GUM)Standardizes how to report calibration uncertainty.
BIPM SI Brochure (9th Edition)Ensures calibration traceability to SI units.
EURAMET cg-18 (Europe)Gives regional guidance for temperature device calibration.

These standards precisely describe how calibration laboratories, measurement systems and with them related processes must be done to ensure accuracy, reliability, and security. Medical devices are no exceptions; they must be calibrated following in standards described requirements. As already mentioned, they can be international or national, requirements or quality control tests may vary depending on this. Main European Union regulations are Medical Devices Regulation (MDR) describing how medical devices must be approved for safety and their performance.26 The MDR also includes part about IT security in medical devices, to ensure data and device performance regulation from unauthorized access. As medical devices development never stops, new measurement methods, their implementation of IoT devices, hardware or software improvement also are necessary and regulations that must be regularly updated.

2. Key components of a cybersecurity protocol for calibration data security and calibration process security measures

The main components ensuring the safety of the calibration process can be listed as follows: identification, protection, access control, detection, response, and recovery. During the identification phase we should understand and prioritize assets, risks, and vulnerabilities to ensure that all critical data and systems are recognized and assessed for potential threats. To make it easier to do this, it is recommended to use the following regulations on medical devices.27 For protection of the measurement system, safeguards, firewalls should be implemented, used encryption protocols, and secure communication protocols to protect data and systems from unauthorized access and cyber threats.27,28 Calibration data is particularly important; therefore, access control and multi-factor authentication should ensure only authorized personnel access of sensitive data.29 During the system working time we should do non-stop monitoring, which will allow us to detect cybersecurity events promptly. Consequently, establishment of mechanisms detecting cybersecurity events such as intrusion detection systems which monitor for and respond to suspected security breaches.30 During the response phase development and implementation of an effective response plan to address and mitigate the impact of cybersecurity incidents is essential.27 Although manufacturers try to reduce the cost of equipment as much as possible, when it comes to the calibration process, we must ensure its recovery. At this stage we should ensure efficient recovery and resilience after a cybersecurity incident by having data backup and recovery plans in place.27,29

It is also worth considering additional security measures such as Data Integrity and Cryptography Services, CIA Triad, Defense in Depth. Data Integrity and Cryptography Services ensure the integrity of data through cryptographic services and evaluate access requests based on roles. CIA Triad can emphasize confidentiality, integrity, and availability to prevent unauthorized access, ensure data accuracy, and optimize user access.31 Defense in Depth (DID) implements a multilayered approach to security, making it difficult for attackers to bypass all security layers.32

These previously mentioned components collectively form a robust cybersecurity protocol aimed at protecting calibration data from various cyber threats and ensuring the integrity and availability of the data. For IoT measuring systems, calibration security is critical to ensure data integrity, measurement accuracy, and system reliability. The calibration process must be protected against both intentional tampering and accidental errors.

Key Security Measures for IoT Calibration Process Security are listed below in Table 2.

Table 2. Security measures and implementation recommendations.

Security measureMethodImplementation recommendations
Authentication and Access ControlImplemented multi-factor authentication for calibration personnel
Role-based access control for calibration functions
Secure credential management for calibration devices		Secure Calibration Workflow: Establish a documented, auditable calibration procedure; Implement digital workflow with approval requirements; Include verification steps after calibration
Data Integrity ProtectionDigital signatures for calibration certificates
Cryptographic hash verification of calibration parameters
Secure logging of all calibration activities with timestamps		Device Security: Secure boot mechanisms for calibration equipment; Regular security updates for calibration software; Hardware security modules for sensitive operations
Secure CommunicationEncrypted channels for calibration data transmission
Certificate-based device authentication
Protection against man-in-the-middle attacks during calibration		Blockchain for immutable calibration records; AI-assisted anomaly detection in calibration data; Secure enclaves for calibration computations
Physical SecurityTamper-evident seals on calibration interfaces
Secure storage of calibration reference standards
Environmental monitoring for calibration areas		Audit and Compliance: Maintain detailed calibration records with chain-of-custody; Regular security audits of calibration processes; Compliance with relevant standards (ISO/IEC 17025, NIST guidelines)
Process SecurityAutomated verification of calibration results against expected ranges
Cross-validation with redundant measurement systems when possible
Secure update mechanisms for calibration algorithms		Anomaly Detection: Monitor for unusual calibration patterns; Implement alerts for suspicious calibration activities; Statistical process control for calibration results

Proper implementation of these security measures helps ensure that IoT measurement systems maintain their accuracy and reliability throughout their operational lifecycle.

3. Standard Operating Procedure (SOP) for secure IoT measuring system calibration

Standard Operating Procedures (SOPs) are structured, written instructions designed to achieve uniformity and repeatability in critical processes. They are essential in high-risk industries such as healthcare, where quality, safety, and compliance with regulatory frameworks must be consistently maintained.33 In this section, we propose a step-by-step SOP for the calibration of IoT-enabled medical measuring devices. The procedure clearly defines roles and responsibilities across participants, establishes common terminology to facilitate communication between IT engineers, medical staff, and measurement specialists, and integrates both metrological and cybersecurity requirements. While adaptable to other domains, the SOP is particularly tailored to reducing measurement uncertainties and mitigating risks related to data integrity and system security.

The SOP consists of seven key components:

  • 1. Purpose

  • 2. Scope

  • 3. Responsibilities

  • 4. Equipment & Requirements

  • 5. Procedure

  • 6. Records & Compliance

  • 7. Training & Competence

  • 1. Purpose. This SOP defines the secure calibration process for IoT measuring systems to ensure accuracy, data integrity, and protection against tampering or unauthorized modifications.

  • 2. Scope. SOP applies to:

    • IoT-based measurement devices requiring periodic calibration;

    • Calibration technicians, engineers, and quality assurance personnel;

    • Third-party calibration service providers, calibration laboratories.

  • 3. Responsibilities are distributed among the participants in the process as follows:

    • Quality Manager: Approves calibration procedures and audits compliance;

    • Calibration Technician: Performs calibration following this SOP;

    • IT Security Team: Ensures secure data transmission and access controls;

    • Device Owner: Verifies calibration status and reports anomalies.

  • 4. Equipment & Requirements. This part describes the equipment used inside the measuring process and requirements from a metrological and IT security perspective. It describes the following requirements:

    • Certified reference standards (traceable to NIST/ISO/IEC 17025);

    • Secure calibration software/hardware with authentication;

    • Tamper-evident seals and logging tools;

    • Encrypted communication channels.

  • 5. Procedure part is divided in following parts:

    5.1 Pre-Calibration Security Checks. Authentication should be done, therefore only authorized personnel with multi-factor authentication (MFA) may access calibration tools. Additionally, role-based permissions should be set in order to restrict calibration parameter changes. Device Integrity Check should be performed in order to verify that the IoT device has no physical tampering. For example, the responsible person should check that seals have no intact. The physical inspection of the measuring instrument is followed by the equipment software inspection and a check for firmware/software version consistency is applied in order to verify that there are no unauthorized modifications to source code. During the calibration process the secure connection setup should be done and the use of TLS/SSL encryption for data transfer between IoT device and calibration tool should be established. During connection setup the person, who makes calibration, should ensure calibration equipment has valid digital certificates.

    5.2 Calibration Execution is carried out by procedures and additional documents listed in ISO17025 standard. Firstly, reference standard verification is performed, i.e. it is checked if calibration standards are within validity period. Secondly, environmental conditions are recorded. In case of automated calibration process the cryptographically signed calibration scripts to prevent tampering should be used. In order to avoid environmental influences during calibration, it is necessary to ensure that as few environmental factors as possible are present during the process or their influence is minimized. For example, if wireless interference is a risk, calibration can be performed in a controlled environment like a Faraday cage. Thirdly, if applicable the cross-validation can be done to ensure the quality of calibration. In this step we can compare results with a secondary reference device and apply statistical checks to detect anomalies.

    5.3 Post-Calibration Security Measures. At this step following tasks should be executed: Digital Certification & Logging, Tamper-Evident Sealing and Data Sync & Backup. A digitally signed calibration certificate will be generated, with its hash stored in a secure ledger to ensure authenticity. All actions, including the responsible technician, timestamps, and adjustments, will be logged for audit purposes. Tamper-evident seals will be applied to calibration ports, and each seal’s unique ID will be recorded in the calibration log. Calibration data will be securely transmitted to the central IoT management system, and backup logs will be preserved in a write-once, read-many (WORM) system to prevent tampering.

    5.4 Anomaly Handling. During calibration, unexpected events may occur that may affect the overall performance of the measurement system, therefore, after the process we must investigate if calibration results deviate beyond acceptable limits. If so, we should flag the device for investigation. During calibration, data are exchanged between the reference device and the calibrated device. At this point, hacking is possible, therefore, a check for potential cybersecurity breaches (e.g., firmware tampering) must be performed. If malicious activity is suspected the steps of escalation of the IT security team should be defined.

  • 6. Records & Compliance. All mandatory documentation must be maintained, including digitally signed calibration certificates, access logs identifying the personnel, who performed the calibration, environmental condition records (where applicable), and cryptographic hash values of calibration parameters. An audit trail shall be preserved for a minimum of several years in accordance with regulatory requirements, with all logs stored in an immutable format—preferably using blockchain or WORM-based systems.

  • 7. Training & Compliance. All personnel are required to complete training in both calibration procedures and cybersecurity awareness, and annual re-certification is mandatory to maintain compliance and competence for persons involved in the calibration process.

4. Conclusions

Although we can say in a simplified way that only data is exchanged during the calibration process, it is particularly important to understand how important this data is for the safety of devices. The development of the Standard Operating Procedure helps to avoid malfunctions in measuring instruments, which can result in huge losses or even fatalities, when it comes to medical devices. After conducting a literature review on the cybersecurity of medical measuring instruments, calibration and IoT devices, it is quite clear that metrology is closely related to IT and medicine and when solving the issue of security of medical measuring instruments, knowledge of only one area is not enough. Therefore, interdisciplinary cooperation is necessary, i.e. after calibration, anomaly handling must be performed by a medical technician or measurement specialist, who will be able to notice deviations of the measuring instrument from the usual mode. The IT professional from his side can program that the malfunction is noticed as soon as possible after using AI and ML tools.

The ever-increasing number of IoT devices, including in medicine, poses increasing security and metrology problems, which can be solved only by digitizing the international metrology system. The use of digital calibration certificates, the creation of calibration as a service and calibration as infrastructure are the first steps towards ensuring the quality of a global quality infrastructure. As the only way to ensure the quality of the measurements made, we see ensuring periodic calibration of measuring instruments, which due to the abundance of IoT devices will be forced to move from physical laboratories as close as possible to the sensors, i.e. more and more wandering will be carried out on site instead of doing it in the laboratory.

Interdisciplinary projects within educational programs are fundamentally important. They unite students from diverse fields such as medicine, electronics, and IT, providing crucial exposure to the integrated processes that ensure the reliable operation of medical Internet of Things (IoT) devices.

A practical example of this approach was a project that brought together three different institutions. Under the guidance of a professor from measurement sciences, a team was formed comprising students from medical, IT, and electronics disciplines. This collaboration was highly productive, resulting in the creation of a detailed Standard Operating Procedure (SOP).

This SOP is not merely an academic exercise; it is designed to serve as the foundational framework for future experiments and development. Its primary future application will be in the creation of a “calibration-as-a-service” solution for medical IoT devices. This service will streamline the development process and ensure consistent, traceable calibration.

Therefore, promoting this type of interdisciplinary cooperation between the scientific fields of IT, medicine, electronics, and measurement engineering is essential. It is through such partnerships that we can develop the necessary infrastructure to guarantee data security and establish measurement uniformity. As a direct result, we will be able to confidently rely on the data generated by measuring instruments used in clinical medicine, thereby enhancing patient care and safety.

Declaration of Generative AI and AI-assisted technologies in the writing process.

The GPT-5 was used for language improvement and idea exploration.

Data availability

No data are associated with this article.

References

  • 1.  Kairiūkštis L:Metrology Challenges in Implementing Digital Calibration Certificates for Internet of Things Measurement (Iotm) Devices.2023.
  • 2.  International vocabulary of metrology – Basic and general concepts and associated terms (VIM) 3rd edition.2012.Reference Source
  • 3.  Department of Pharmaceutics, Government Pharmacy Institute, Patna, Bihar-800007, IndiaKumar R:Calibration of Medical Devices: Method and Impact on Operation Quality. Int. J. Pharm. Sci. 2023; 16: 1–14. Publisher Full Text
  • 4.  Global Market Insights Inc:Medical Equipment Calibration Services Market – By Service Type, By Equipment Type, By Calibration Type, By End Use & Global Forecast, 2025-2034.2025.
  • 5.  Mustapaa T, Autiosalo J, Nikander P, et al.:Digital Metrology for the Internet of Things. 2020 Global Internet of Things Summit (GIoTS). Dublin, Ireland:IEEE;2020; pp. 1–6. Publisher Full Text
  • 6.  Balslev-Harder D, Bošnjaković A, Brown C, et al.:DCC2GO – Supporting the implementation of Digital Calibration Certificates in the European metrology community. Measurement: Sensors. 2025; 38: 101499. Publisher Full Text
  • 7.  Hutzschenreuter D, Härtig F, Wiedenhöfer T, et al.:SmartCom Digital-SI (D-SI) XML exchange format for metrological data version 1.3.0.2019. Publisher Full Text Reference Source
  • 8.  Nikander P, Elo T, Mustapää T, et al.:Document specifying rules for the secure use of DCC covering legal aspects of metrology.2020. Publisher Full Text
  • 9.  Grasso Toro F: PDF/A-3 solution for digital calibration certificates.
  • 10.  Grand View Research: Wearable Medical Devices Market Summary. 2024. Reference Source
  • 11.  Canali S, Schiaffonati V, Aliverti A:Challenges and recommendations for wearable devices in digital health: Data quality, interoperability, health equity, fairness. PLOS Digit. Health. 2022; 1: e0000104. PubMed Abstract | Publisher Full Text | Free Full Text
  • 12.  Iqbal SMA, Mahgoub I, Du E, et al.:Advances in healthcare wearable devices. NPJ Flexible Electron. 2021; 5: 9. Publisher Full Text
  • 13.  Godinho C, Domingos J, Cunha G, et al.:A systematic review of the characteristics and validity of monitoring technologies to assess Parkinson’s disease. J. NeuroEngineering Rehabil. 2016; 13: 24. PubMed Abstract | Publisher Full Text | Free Full Text
  • 14.  Azodo I, Williams R, Sheikh A, et al.:Opportunities and Challenges Surrounding the Use of Data From Wearable Sensor Devices in Health Care: Qualitative Interview Study. J. Med. Internet Res. 2020; 22: e19542. PubMed Abstract | Publisher Full Text | Free Full Text
  • 15.  Hall A, Walton G:Information overload within the health care system: a literature review. Health Inf. Libr. J. 2004; 21: 102–108. Publisher Full Text
  • 16.  Chandrasekaran R, Sadiq TM, Moustakas E:Usage Trends and Data Sharing Practices of Healthcare Wearable Devices Among US Adults: Cross-Sectional Study. J. Med. Internet Res. 2025; 27: e63879. PubMed Abstract | Publisher Full Text | Free Full Text
  • 17.  Dick Cheney RB:Reflections of a Former Vice President on Long-Time Cardiac Experiences. Baylor Univ. Med. Cent. Proc. 2009; 22: 276–278. PubMed Abstract | Publisher Full Text | Free Full Text
  • 18.  Best J:Could implanted medical devices be hacked? BMJ. 2020; 368: m102. PubMed Abstract | Publisher Full Text
  • 19.  Rehman MMU, Rehman HZU, Khan ZH:Cyber-Attacks on Medical Implants: A Case Study of Cardiac Pacemaker Vulnerability. IJCDS. 2020; 09: 1229–1235. Publisher Full Text
  • 20.  Pugh J, Pycroft L, Sandberg A, et al.:Brainjacking in deep brain stimulation and autonomy. Ethics Inf. Technol. 2018; 20: 219–232. PubMed Abstract | Publisher Full Text | Free Full Text
  • 21.  Ravizza A, De Maria C, Di Pietro L, et al.:Comprehensive Review on Current and Future Regulatory Requirements on Wearable Sensors in Preclinical and Clinical Testing. Front. Bioeng. Biotechnol. 2019; 7: 313. PubMed Abstract | Publisher Full Text | Free Full Text
  • 22.  Zhang B, Chen C, Lee I, et al.:A survey on security and privacy issues in wearable health monitoring devices. Comput. Secur. 2025; 155: 104453. Publisher Full Text
  • 23.  Ramalingam PS, Muthunayagam S:Medical device portfolio cleanup. Trends in Development of Medical Devices. Elsevier;2020; pp. 155–176. Publisher Full Text
  • 24.  WELMEC Guide 7.6 Software Risk Assessment for Measuring Instruments. 2021.Reference Source
  • 25.  Karie NM, Sahri NM, Yang W, et al.:A Review of Security Standards and Frameworks for IoT-Based Smart Environments. IEEE Access. 2021; 9: 121975–121995. Publisher Full Text
  • 26.  Pandey M, Gupta A:Image encryption of medical images. Advances in Computers. Elsevier;2025; pp. 345–406. Publisher Full Text
  • 27.  Regulation (EU) 2017/745 of the European Parliament and of the Council of 5 April 2017 on medical devices, amending Directive 2001/83/EC, Regulation (EC) No 178/2002 and Regulation (EC) No 1223/2009 and repealing Council Directives 90/385/EEC and 93/42/EEC (Text with EEA relevance.).2025.Reference Source
  • 28.  Karner M, Peltola J, Jerne M, et al.: Intelligent Secure Trustable Things. Cham:Springer Nature Switzerland;2024. Publisher Full Text
  • 29.  Xie H, Song G, Shi Z, et al.:Reinforcement learning for vehicle-to-grid: A review. Advances in Applied Energy. 2025; 17: 100214. Publisher Full Text
  • 30.  Yalli JS, Hasan MH, Jung LT, et al.:Authentication schemes for Internet of Things (IoT) networks: A systematic review and security assessment. Internet of Things. 2025; 30: 101469. Publisher Full Text
  • 31.  Villarreal V, Fontecha J, Hervas R, et al.:Mobile and ubiquitous architecture for the medical control of chronic diseases through the use of intelligent devices: Using the architecture for patients with diabetes. Futur. Gener. Comput. Syst. 2014; 34: 161–175. Publisher Full Text
  • 32.  Chhor CM, Raichandani S, Du Preez L, et al.:Data governance in radiology Part I: Overview of data management approaches to radiology. Curr. Probl. Diagn. Radiol. 2025; 54: 554–561. PubMed Abstract | Publisher Full Text
  • 33.  Johnson K, Morais C, Patelli E:Enhancing procedure quality: Advanced language tools for identifying ambiguity and high-potential violation triggers. Reliab. Eng. Syst. Saf. 2025; 264: 111308. Publisher Full Text

Comments on this article Comments (0)

Version 1
VERSION 1 PUBLISHED 27 Nov 2025
Comment
Author details Author details
Competing interests
Grant information
Article Versions (1)
Copyright
Download
 
Export To
metrics
Views Downloads
F1000Research - -
PubMed Central
Data from PMC are received and updated monthly.
 - -
Citations
SEE MORE DETAILS
CITE
how to cite this article
Kairiukstis L, Kairiūkštytė K and Norvilas E. Possible security threats coming from IOT medicine sensor calibration process [version 1; peer review: awaiting peer review]. F1000Research 2025, 14:1327 (https://doi.org/10.12688/f1000research.172017.1)
NOTE: If applicable, it is important to ensure the information in square brackets after the title is included in all citations of this article.
track
receive updates on this article
Track an article to receive email alerts on any updates to this article.

Open Peer Review

Current Reviewer Status:
AWAITING PEER REVIEW
AWAITING PEER REVIEW
?
Key to Reviewer Statuses VIEW
ApprovedThe paper is scientifically sound in its current form and only minor, if any, improvements are suggested
Approved with reservations A number of small changes, sometimes more significant revisions are required to address specific details and improve the papers academic merit.
Not approvedFundamental flaws in the paper seriously undermine the findings and conclusions

Comments on this article Comments (0)

Version 1
VERSION 1 PUBLISHED 27 Nov 2025
Comment

Open Peer Review

Reviewer Status

AWAITING PEER REVIEW

Comments on this article

All Comments(0)

Add a comment
Sign up for content alerts

Browse by related subjects

    Alongside their report, reviewers assign a status to the article:
    Approved - the paper is scientifically sound in its current form and only minor, if any, improvements are suggested
    Approved with reservations - A number of small changes, sometimes more significant revisions are required to address specific details and improve the papers academic merit.
    Not approved - fundamental flaws in the paper seriously undermine the findings and conclusions
    Sign In
    If you've forgotten your password, please enter your email address below and we'll send you instructions on how to reset your password.

    The email address should be the one you originally registered with F1000.
    Email address not valid, please try again

    You registered with F1000 via Google, so we cannot reset your password.

    To sign in, please click here.

    If you still need help with your Google account password, please click here.

    You registered with F1000 via Facebook, so we cannot reset your password.

    To sign in, please click here.

    If you still need help with your Facebook account password, please click here.

    Code not correct, please try again
    Email us for further assistance.
    Server error, please try again.