The Health and Medical Security (HMS) Lab at Johns Hopkins University conducts cybersecurity research focused on protecting patient safety and strengthening trust in modern healthcare technologies.
The HMS Lab was founded more than a decade ago under Professor Emeritus Avi Rubin, pioneering research at the intersection of security and medicine.
Today, the lab has been renewed under Dr. Michael Rushanan, bringing industry-facing insight into medical device security engineering, software supply chain risk (including SBOMs), applied cryptography, and hands-on “break it to build it” security education.
The HMS Lab advances the security, safety, and resilience of health technologies through rigorous, hands-on cybersecurity research and education. We build practical tools and evidence-driven insights to help manufacturers, clinicians, regulators, and researchers design medical systems that are secure-by-design.
All of our research output is transparent (open source) and reproducible. Any findings that may impact patient safety are managed through responsible disclosure procedures before releasing public artifacts.
- Kaixin, Dibyajyoti, Ramit, Zhicheng to present "A Hands-On Platform for Medical Device Security Education" at SIGCSE'25 (Feb 19, 2026, St. Louis, MI).
- Published GitHub repo at medical-device-education-platform.
- Jiarou and Mandy presented “A Zero-Knowledge Framework for Confidential and Verifiable SBOM Validation” at ACSAC 2025 (Dec 8–12, 2025, Honolulu, HI).
- Published GitHub repo at zkp-sbom-framework.
- Logan presented “Compliance v. Completeness: A Case Study on SBOMs in Consideration of FDA Premarket Cybersecurity Guidance” at HealthSec’25 (Dec 9, 2025).
- Published GitHub repo at sbom-completeness.
- Mike presented “The SBOM Transparency v. Exposure Dilemma: A Case Study on Adversarial Access to Public SBOMs in Healthcare” at HealthSec’25 (Dec 9, 2025).
- Published GitHub repo at sbom-transparency.
Please see people.md for current lab members and alums.
Please see publications.md for a list of publications from the HMS lab.
Please contact Dr. Michael Rushanan (Principal Investigator) at mrushan1@jh.edu for any questions.
