Skip to main content
SpringerLink
Log in

Recent Results in Computer Security for Medical Devices

  • Conference paper
Wireless Mobile Communication and Healthcare (MobiHealth 2011)

Abstract

The computer security community has recently begun research on the security and privacy issues associated with implantable medical devices and identified both existing flaws and new techniques to improve future devices. This paper surveys some of the recent work from the security community and highlights three of the major factors affecting security and privacy solutions for implantable medical devices: fundamental tensions, software risks, and human factors. We also present two challenges from the security community with which the biomedical community may be able to help: access to medical devices and methods for in vitro experimentation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Open Medical Device Research Library, http://www.omdrl.org/

  2. Bliznakov, Z., Mitalas, G., Pallikarakis, N.: Analysis and Classification of Medical Device Recalls. World Congress on Medical Physics and Biomedical Engineering (2006)

    Google Scholar 

  3. Broad, W.J., Markoff, J., Sanger, D.E.: Israeli Test on Worm Called Crucial in Iran Nuclear Delay (2011), http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html

  4. Denning, T., Borning, A., Friedman, B., Gill, B.T., Kohno, T., Maisel, W.H.: Patients, Pacemakers, and Implantable Defibrillators: Human Values and Security for Wireless Implantable Medical Devices. In: International Conference on Human Factors in Computing Systems (2010)

    Google Scholar 

  5. Denning, T., Fu, K., Kohno, T.: Absence Makes the Heart Grow Fonder: New Directions for Implantable Medical Device Security. In: USENIX Workshop on Hot Topics in Security (2008)

    Google Scholar 

  6. Fu, K.: Inside Risks, Reducing the Risks of Implantable Medical Devices: A Prescription to Improve Security and Privacy of Pervasive Health Care. Communications of the ACM 52(6), 25–27 (2009)

    Article  Google Scholar 

  7. Fu, K.: Software Issues for the Medical Device Approval Process. Statement to the Special Committee on Aging, United States Senate, Hearing on a Delicate Balance: FDA and the Reform of the Medical Device Approval Process (2011)

    Google Scholar 

  8. Fu, K.: Trustworthy Medical Device Software. Public Health Effectiveness of the FDA 510(k) Clearance Process: Measuring Postmarket Performance and Other Select Topics, Workshop Report (2011)

    Google Scholar 

  9. Gollakota, S., Hassanieh, H., Ransford, B., Katabi, D., Fu, K.: They Can Hear Your Heartbeats: Non-Invasive Security for Implanted Medical Devices. ACM SIGCOMM (2011)

    Google Scholar 

  10. Halperin, D., Heydt-Benjamin, T.S., Fu, K., Kohno, T., Maisel, W.H.: Security and Privacy for Implantable Medical Devices. IEEE Pervasive Computing 7, 30–39 (2008)

    Article  Google Scholar 

  11. Halperin, D., Heydt-Benjamin, T.S., Ransford, B., Clark, S.S., Defend, B., Morgan, W., Fu, K., Kohno, T., Maisel, W.H.: Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses. In: IEEE Symposium on Security and Privacy (2008)

    Google Scholar 

  12. Hanna, S., Rolles, R., Molina-Markham, A., Fu, K., Song, D.: Take Two Software Updates and See Me in the Morning: The Case for Software Security Evaluations of Medical Devices. In: USENIX Workshop on Health Security and Privacy (2011)

    Google Scholar 

  13. Israel, C.W., Barold, S.S.: Pacemaker Systems as Implantable Cardiac Rhythm Monitors. American Journal of Cardiology (2001)

    Google Scholar 

  14. Lee, S., Fu, K., Kohno, T., Ransford, B., Maisel, W.H.: Clinically Significant Magnetic Interference of Implanted Cardiac Devices by Portable Headphones. Heart Rhythm Journal 6(10), 1432–1436 (2009)

    Article  Google Scholar 

  15. Leveson, N.G., Turner, C.S.: An Investigation of the Therac-25 Accidents. Computer 26(7), 18–41 (1993)

    Article  Google Scholar 

  16. Leveson, N.G.: Safeware: System Safety and Computers. Addison-Wesley (1995)

    Google Scholar 

  17. Li, C., Raghunathan, A., Jha, N.K.: Hijacking an Insulin Pump: Security Attacks and Defenses for a Diabetes Therapy System. In: IEEE International Conference on e-Health Networking, Applications and Services (2011)

    Google Scholar 

  18. Networking and Information Technology Research and Development Program: High-Confidence Medical Devices: Cyber-Physical Systems for 21st Century Health Care (2009)

    Google Scholar 

  19. Paul, N., Klonoff, D.C.: Insulin Pump System Security and Privacy. In: USENIX Workshop on Health Security and Privacy (2010)

    Google Scholar 

  20. Rasmussen, K.B., Castelluccia, C., Heydt-Benjamin, T.S., Capkun, S.: Proximity-Based Access Control for Implantable Medical Devices. In: ACM Conference on Computer and Communications Security (2009)

    Google Scholar 

  21. Schechter, S.: Security that is Meant to be Skin Deep: Using Ultraviolet Micropigmentation to Store Emergency-Access Keys for Implantable Medical Devices. In: USENIX Workshop on Health Security and Privacy (2010)

    Google Scholar 

  22. Seidman, S.J., Ruggera, P.S., Brockman, R.G., Lewis, B., Shein, M.J.: Electromagnetic Compatibility of Pacemakers and Implantable Cardiac Defibrillators Exposed to RFID Readers. International Journal on Radio Frequency Identification Technology and Applications (2007)

    Google Scholar 

  23. Sunshine, J., Egelman, S., Almuhimedi, H., Atri, N., Cranor, L.F.: Crying Wolf: An Empirical Study of SSL Warning Effectiveness. In: USENIX Security Symposium (2009)

    Google Scholar 

  24. The Stuxnet Worm, http://www.symantec.com/business/outbreak/index.jsp?id=stuxnet/

  25. Wallace, D., Kuhn, D.: Failure Modes in Medical Device Software: An Analysis of 15 Years of Recall Data. International Journal of Reliability Quality and Safety Engineering (2001)

    Google Scholar 

  26. Whitten, A., Tygar, J.: Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0. In: USENIX Security Symposium (1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Massachusetts Amherst, USA

    Shane S. Clark & Kevin Fu

Authors
  1. Shane S. Clark
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kevin Fu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Electrical and Computer Engineering Faculty, National Technical University of Athens, 9, Iroon Polytechniou, 15773, Athens, Greece

    Konstantina S. Nikita

  2. University of Illinois at Chicago, 851 S. Morgan M/C 154, 60607, Chicago, IL, USA

    James C. Lin

  3. Dept.of Materials Science and Engineering, University of Ioannina, 451 10, Ioannina, Greece

    Dimitrios I. Fotiadis

  4. Dpto. Tecnología Fotónica, ETSI Telecomunicación, Polytechnic University of Madrid, Life Supporting Technologies, Ciudad Universitaria, s/n, 28040, Madrid, Spain

    Maria-Teresa Arredondo Waldmeyer

Rights and permissions

Reprints and permissions

Copyright information

© 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Clark, S.S., Fu, K. (2012). Recent Results in Computer Security for Medical Devices. In: Nikita, K.S., Lin, J.C., Fotiadis, D.I., Arredondo Waldmeyer, MT. (eds) Wireless Mobile Communication and Healthcare. MobiHealth 2011. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 83. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29734-2_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-29734-2_16

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-29733-5

  • Online ISBN: 978-3-642-29734-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation