Cybersecurity questions

Hello,

I’m using slicer as part of my Master’s thesis and just have some questions regarding cybersecurity for my ethics application. I couldn’t find them anywhere else so hoping someone here would be able to answer!

I’m planning on using 3D slicer locally only, and with data that I have anonymized and sourced myself. Using this version of slicer:

  1. Is there any known cybersecurity certification, policies and procedures?
  2. Any data breach policy?
  3. Any penetration testing or vulnerability testing?

Thank you so much for any help.

I’ve never heard of cybersecurity concerns raised for 3D Slicer in research project ethics approvals. This might be some misunderstanding, as it is a local application that you use in a trusted environment, on trusted data, by trusted people, without any external access. It is about as secure as any other local applications with a similarly sized user base. For example, Blender has a few magnitudes more users, but its security status seems to be similar to Slicer’s (see [1] and [2]).

Several customized 3D Slicer applications have obtained FDA approvals, where you need to answer similar questions. However, these answers are not available publicly and they are only valid in the context of a specific product anyway.

The Slicer security policy is avaialable here. If you have any specific concerns then you can ask here and we may expand this document or maybe we’ll put together some Slicer security FAQ based on the result of the discussion. Or you can contact 3D Slicer commercial partners for advice on how they usually answer these questions in their regulatory applications.