Skip to content

Commit 4c71a07

Browse files
authored
Update README.md (#9)
1 parent 9dce65c commit 4c71a07

1 file changed

Lines changed: 40 additions & 22 deletions

File tree

README.md

Lines changed: 40 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
1-
RiskOps Health / IoMT — Open-Source Toolkit
1+
# RiskOps Health / IoMT — Open-Source Toolkit
2+
23
License: MIT
34
Python: 3.9+
45
Tests
56
Coverage
6-
Empowering small healthcare orgs to manage IoMT cybersecurity risks with a lightweight, scriptable framework.
7-
Overview
7+
8+
### Empowering small healthcare orgs to manage IoMT cybersecurity risks with a lightweight, scriptable framework.
9+
10+
## Overview
811
Focus: Risk assessment, compliance mapping (ISO 27001, HIPAA, GDPR), and IoMT-focused detection/pentest tools for clinics, labs, and practices.
912
Inspired by EBIOS RM – no heavy tools or consultants needed.
10-
Why RiskOps?
13+
14+
## Why RiskOps?
1115

1216
Challenges for SMEs: Limited time, budget, staff, and IoMT-specific tools.
1317
Solutions Provided:
@@ -17,28 +21,30 @@ Detection rules for HL7/DICOM (pilot).
1721
Non-intrusive pentest checklists (design phase).
1822

1923

20-
Key Features
21-
GRC Engine (src/riskops/grc/)
24+
## Key Features
25+
26+
### GRC Engine (src/riskops/grc/)
2227

2328
Load/validate CSV risk matrices.
2429
Score risks (Probability × Impact).
2530
Map to controls: ISO 27001, HIPAA, GDPR.
2631
Gap analysis & reports.
2732
90% test coverage.
2833

29-
Detection (Pilot)
34+
### Detection (Pilot)
3035

3136
HL7/DICOM rules.
3237
Data flow docs (PACS, RIS, HIS).
3338

34-
Pentest Light (Design)
39+
### Pentest Light (Design)
3540

3641
SAFE approach: Non-intrusive checks.
3742
Attack surface & hardening reviews.
3843

39-
Project Status
44+
## Project Status
4045
Active development: GRC stable; detection/pentest in pilot. Experimental parts may evolve.
41-
Quality Pipeline
46+
47+
## Quality Pipeline
4248

4349
Type: mypy
4450
Lint: ruff
@@ -47,17 +53,21 @@ Tests: pytest (>90% coverage)
4753
Security: SBOM (syft), scans (trivy) via tools/sec_checks.sh
4854

4955
CI: GitHub Actions for QA, security, builds.
50-
Quickstart
51-
bashgit clone https://github.com/mak3r-cyber/healthcare-iomt-risk.git
56+
57+
## Quickstart
58+
```bash
59+
git clone https://github.com/mak3r-cyber/healthcare-iomt-risk.git
5260
cd healthcare-iomt-risk
5361
python -m venv venv
5462
. venv/bin/activate
5563
pip install -r requirements.txt -e .
5664
pytest tests/test_grc -v
5765
python tools/csv2xlsx.py # Generates risk_matrix.xlsx
66+
```
5867
Output: Excel with scored matrix, heatmap, dashboard.
59-
Structure
60-
text.
68+
69+
## Structure
70+
```text
6171
├── 01-Research/ # IoMT refs
6272
├── 02-Matrices/ # CSV inputs
6373
├── 03-Methodology/ # EBIOS RM docs
@@ -69,9 +79,12 @@ text.
6979
├── tests/ # Unit tests
7080
├── tools/ # Utils (csv2xlsx, sec_checks)
7181
└── LICENSE, ROADMAP.md...
72-
Business Processes
82+
```
83+
84+
## Business Processes
7385
Reusable: Incident Mgmt, Risk Mgmt, Access, ISO 27001, NIS2. See 05-Business-Processes/.
74-
Methodology
86+
87+
## Methodology
7588
EBIOS RM Light steps:
7689

7790
Scope
@@ -82,29 +95,34 @@ Treatment
8295
Monitor
8396

8497
Covers: GDPR Art.32, ISO 27001, HDS, EU MDR, NIS2.
85-
Sources
98+
99+
## Sources
86100

87101
Regulators: CNIL, ANSSI, EU.
88102
Standards: ISO 27k, NIST 800-30/66.
89103
Med Devices: FDA, IEC 62304/80001, CVEs.
90104
Protocols: HL7 FHIR, DICOM, BLE, 802.1X.
91105

92-
Roadmap
106+
## Roadmap
93107

94108
v0.2.x: Stable GRC, 25+ scenarios, Excel tool, HL7 pilot.
95109
Next: Case studies, reports, 50+ risks, enriched modules, FR/EN support.
96110

97-
Contribute
111+
## Contribute
98112
Welcome! Areas: Risks, cases, tools, docs, fixes.
99-
bashgit checkout -b feature/xyz
113+
```bash
114+
git checkout -b feature/xyz
100115
# Code...
101116
git commit -m "feat: xyz"
102117
git push origin feature/xyz
103118
# PR to main
104-
Authors
119+
```
120+
121+
## Authors
105122
Kamilia & Lazreg Meliani
106123
Cybersecurity Leads: GRC, ISO, EBIOS, Audits.
107-
Contact
124+
125+
## Contact
108126

109127
Issues: GitHub.
110128
LinkedIn: Kamilia Meliani.

0 commit comments

Comments
 (0)