Abstract
European and national initiatives, as well as changes in the standards, have led to a dramatic increase in the demand for interconnected medical devices during the last few years. In addition to the increased connectivity of devices in a larger network, economic reasons demand for AI (artificial intelligence) enhanced support functions even in the medical devices domain. Both connectivity and the usage of AI in safety-relevant devices are the basis for new and additional challenges for the manufacturers. The more devices become networked, the more they become targets of cyber-attacks. This means that safety of medical devices can no longer be guaranteed without adequate cyber-security measures. These cyber-security measures must cover the whole design of the devices including their internal neural networks to ensure that the inferences are free from influences from attackers. Modern, advanced attack vectors demand for very advanced countermeasures to ensure or even increase cyber-security of medical devices in this environment. This industrial experience paper will show the required concert of measures that is accompanied by a security informed safety analysis from the earliest steps of development to increase general safety and security in the design of a modern intensive care ventilator.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Symantec Corp.: ISTR: Internet Security Threat Report, vol. 24 (2019)
https://www.theregister.co.uk/2015/07/24/car_hacking_using_dab/
https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
Schmittner, C., Ma, Z., Puschner, P.: Limitation and improvement of STPA-Sec for safety and security co-analysis. In: Skavhaug, A., Guiochet, J., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2017. LNCS, vol. 9923, pp. 195–209. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-45480-1_16
Friedberg, I., McLaughlin, K., Smith, P., Laverty, D., Sezer, S.: STPA-SafeSec: safety and security analysis for cyber-physical systems. J. Inf. Secur. Appl. 34, 183–196 (2017)
Becker, U.: STPA guided systems engineering. In: Gallina, B., Skavhaug, A., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2018. LNCS, vol. 11094, pp. 164–176. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99229-7_15
Becker, U.: Increasing safety of neural networks in medical devices. In: Romanovsky, A., Troubitsyna, E., Gashi, I., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2019. LNCS, vol. 11699, pp. 127–136. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26250-1_10
Wilkie, A.J.: Schanuel’s conjecture and the decidability of the real exponential field. In: Hart, B.T., Lachlan, A.H., Valeriote, M.A. (eds.) Algebraic Model Theory, pp. 223–230. Springer, Dordrecht (1997). https://doi.org/10.1007/978-94-015-8923-9_11
Brown, T.B., Mané, D., Roy, A., Abadi, M., Gilmer, J.: Adversarial Patch (2018). arXiv:1712.09665v2
Lobo, J.P., Charchalakis, P., Stipidis, E.: Safety and security aware framework for the development of feedback control systems, University of Brighton (2012)
Cárdenas, A.A., Amin, S., Sastry, S.: Secure Control: Towards Survivable Cyber-Physical Systems. University of California, Berkley (2008)
Wu, B., et al.: Shift: A Zero FLOP, Zero Parameter Alternative to Spatial Convolutions, December 2017. arXiv:1711.08141v2
Zhang, X., Zhou, X., Lin, M., Sun, J.: ShuffleNet: An Extremely Efficient Convolutional Neural Network for Mobile Devices, December 2017. arXiv:201707.01083v2
Eykholt, K., et al.: Robust Physical-World Attacks on Deep Learning Visual Classification, April 2018. arXiv:1707.08945v5
Madry, A., Makelov, A., Tsipras, D., Schmidt, L., Vladu, A.: Towards Deep Learning Models Resistant to Adversarial Attacks, September 2019. arXiv:1706.06083v4
Papernot, N., McDaniel, P., Wu, X., Jha, S., Swami, A.: Distillation as a Defense to Adversarial Perturbations against Deep Neural Networks, March 2016. arXiv:1511.04508v2
Papernot, N., McDaniel, P., Swami, A., Harang, R.: Crafting Adversarial Input Sequences for Recurrent Neural Networks, April 2016. arXiv:1604.08275v1
Challen, R., Denny, J., Pitt, M., Gompels, L., Edwards, T., Tsaneva-Atanasova, K.: Artificial intelligence, bias and clinical safety. BMJ Qual. Saf. (2019). https://doi.org/10.1136/bmjqs-2018-008370
Prasad, N., Cheng, I.-F., Chivers C.: A reinforcement learning approach to weaning of mechanical ventilation in intensive care units, April 2017. arXiv:1704.06300v2
Yu, F., Qin, Z., Liu, C., Zhao, L., Wang, Y., Chen, X.: Interpreting and evaluating neural network robustness. In: Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence (IJCAI-19), pp 4199–4205 (2019)
Littlewood, B., Strigini, L.: Redundancy and diversity in security. In: Samarati, P., Ryan, P., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 423–438. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30108-0_26
Laszka, A., Abbas, W., Vorobeychik, Y., Koutsoukos, X.: Synergistic security for the Industrial Internet of Things: Integrating Redundancy, Diversity, and Hardening (2018). arXiv:1808.09090v1
IEC CD TR 60601-4-5: Medical electrical equipment – Part 4-5 Guidance and interpretation – Safety related technical security specifications for medical devices (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Becker, U. (2020). Cyber-Security of Neural Networks in Medical Devices. In: Casimiro, A., Ortmeier, F., Bitsch, F., Ferreira, P. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2020. Lecture Notes in Computer Science(), vol 12234. Springer, Cham. https://doi.org/10.1007/978-3-030-54549-9_19
Download citation
DOI: https://doi.org/10.1007/978-3-030-54549-9_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-54548-2
Online ISBN: 978-3-030-54549-9
eBook Packages: Computer ScienceComputer Science (R0)