Malicious software (or malware) is software that can get on a computer and cause damage to the computer or the data on it. Malware can include computer viruses, worms, Trojan horses (Trojans), spyware, and rootkits.
Elekta software runs on Microsoft Windows or GNU/Linux operating systems. Elekta recommends that you do not install anti-malware software on computers in the treatment delivery suite (TDS)1. The design of the software on the computers in the TDS includes some protection from malware contamination. Elekta recommend that you examine the computers in the TDS out of clinical hours from a computer on the same network. If you find malware on a computer in the TDS, isolate the computer and install the operating system and software again.
The installation of anti-malware software on computers that are not in the TDS is recommended.
The Elekta anti-malware policy gives information about malware contamination from network connection or storage devices and media. The policy also includes information about the problems that can occur when you use anti-malware software. Included on this page there are two tables that give a list of Elekta software, with its applicable level of protection and policy on operating system upgrades.
In some installations, Elekta software connects to the same networks as other computers that connect to the Internet. This network connection increases the risk of contamination from malware. Elekta recommends that you use a VLAN, with no other connected computers, for computers in the TDS. We can then keep the applicable ports for some interfaces open, for example, DICOM from a treatment planning system.
The largest risk to Elekta software comes from other computers on the same network that you use to read email or go to websites that can cause malware contamination on these computers, and subsequently, other connected computers. Elekta therefore recommends that you:
The risk of malware contamination decreases when the malware tries to run on an account that does not have administrator user rights. If the malware runs on a user account without administrator user rights, the malware cannot change system files and settings. The design of Elekta software is such, that it is not necessary to use administrator user rights for the usual operation of the software.
Usually, Internet Explorer and Outlook Express are a standard part of Microsoft Windows. But on most computers in the TDS, we use an installation CD with Internet Explorer and Outlook Express removed. Where applicable, Elekta does use the security functions in the operating system, for example, the Windows Firewall.
All computers are at risk of malware contamination from storage devices and media, for example, CD-ROM, DVD-ROM, USB hard disks, and USB flash memory drives. Elekta recommends that you examine storage devices and media for malware and remove the malware before you use the device or media on a computer in the TDS.
Windows XP, and later releases, decreases the risk of malware contamination from USB devices. The AutoPlay function in these releases does not automatically start programs, without your approval, when you connect the USB device. Malware contamination from storage devices or media can occur only if you open or run a file that contains dangerous data.
Elekta does not let you install operating system security upgrades on the computer in the TDS because:
Note: The warranty on computers in the TDS states that you must not make changes to the configuration, without the correct authority of the manufacturer 2. Elekta will not be responsible for any unauthorized changes in configuration or their effect on patient safety.
The problems that can occur on systems that run anti-malware software are as follows.
The tables that follow show Elekta software with their applicable level of protection.
|Product||Level of protection|
|iView & iViewGT™|
|MOSAIQ SEQUENCER™ and SYNERGISTIQ™|
|Other MOSAIQ products|
|Product||Level of protection|
Elekta Software recommend that its customers use the information below to make their decision about antimalware protection for their software.
1. A treatment delivery suite (TDS) contains all computers connected to a Digital Accelerator, for example, Desktop Pro™, iViewGT™, XVI, MOSAIQ SEQUENCER™.
2. FDA, Guidance for Industry, Cybersecurity for Networked Medical Devices Containing Off-the-Shelf (OTS) Software, January 14, 2005.
Note: Elekta will update this policy regularly with information about other Elekta software, which will include treatment planning systems (TPS).