Research articleIoMT-SAF: Internet of Medical Things Security Assessment Framework
Introduction
The Internet of Medical Things (IoMT) is an amalgamation of medical devices and applications that are connected through networks. For patients, medical professionals, researchers, and insurers, the IoMT is a vibrant force that enables a myriad of use cases such as remote medical assistance, data insights, drugs management, operations augmentation, tracking patients, staff, and inventory, and many others. Currently, one-third of IoT devices are found in health care; this number is expected to increase by 2025, with health care accounting for approximately 40% of the total global worth of IoT technology (i.e., $6.2 trillion) [1]. In addition, about 60% of healthcare organizations have already embraced IoT solutions, and that percentage is likely to increase to around 87% by the end of 2019 [2].
One of the most prevalent problems currently facing IoMT solutions is security and privacy fragility. The Federal Bureau of Investigation (FBI) warned that current IoMT devices are severely vulnerable to exploitation of weak authentication, outdated technologies, among others [3]. The IoMT has been at the forefront of cyber-attacks in recent years. Recent studies have shown that nearly 90% of healthcare organizations utilizing the IoT have reported at least one security breach [2]. Another study showed that out of more than 370 organizations using the IoMT, about 35% of them have suffered at least one cybersecurity breach in 2016 [4]. MEDJACK 2, an analysis report of malware used to attack IoMT systems, showed how attacks can be successfully implemented in IoMT environments to steal medical data and instantiate ransomware attacks [5]. In fact, about 45% of all ransomware attacks in 2017 were in the healthcare sector [6]. For example, in 2018, attackers encrypted medical records in a hospital in Indiana, causing the hospital to pay $50,000 to restore the data [7]. Another form of ransomware attack is the disruption of medical services, which can lead to costly restorations as happened with a hospital in California in 2016 [8]. The largest ransomware attack on medical systems was reported in 2017 with more than 200,000 devices worldwide [9].
There are many reasons behind the lack of robust security in the IoMT, which cause such attacks. The complexity and incompatibility issues resulting from the wide variety of IoMT technologies, which are inherently insecure such as wireless sensor network and cloud, has led to many security issues [10]. Moreover, healthcare manufacturers have rushed to embrace IoT without a profound understanding of its security risks. According to a recent survey, only 17% of device makers and 15% of medical staff are aware of the IoMT security issues and take serious measures to prevent them [11]. In addition, a study from Zingbox, a popular IoMT solution provider, revealed that the most common types of security alerts in IoMT devices originate from user practice issues such as accessing malicious contents through the embedded browsers [12]. This lack of security awareness explains why the U.S. alone has more than 36,000 medical devices that are easily discoverable on Shodan, a search engine for IoT devices [13]. Moreover, physical security of medical devices is often overlooked because it is commonly thought that if an attacker has physical access to the device, there is nothing more that can be done to protect it [14]. Furthermore, while the IoT, in general, is lacking security standards, the IoMT requires extra efforts to regulate and ensure its security due to the sensitivity of the data and critical nature of the operations involved. Despite the U.S. Food and Drug Administration (FDA) efforts to secure medical devices, only 10% of these devices require a rigorous review to be approved under FDA Class III, which includes the devices with high risk (e.g., pacemakers) [15]. All these factors make the IoMT vulnerable to severe cyber-attacks [16]. Such attacks do not only affect the financial stability, brand reputation, and business continuity but more importantly, can put the entire medical infrastructure and millions of patients’ lives at risk.
Hence, IoMT stakeholders are obligated to ensure robust security measures in the IoMT that consider the sensitivity of medical data and the criticality of procedures in the medical domain. However, the stakeholders struggle to choose secure IoMT solutions because adopters are still confused by the constant and rapid evolution in IoT technologies [17,18]. This confusion leaves adopters uncertain about which security measures are appropriate to their solutions [19]. IoMT stakeholders often have no option but to trust the offered security of solutions. To make informed decisions, adopters should instead be enabled to measure and verify security themselves. It is also important to enable adopters to select security measures based on their requirements because security goals depend not only on the scenario but also on the adopter's tolerance to risks and assets. Hence, there is an urgent need for an assessment model that is structured to allow security expandability as IoMT technologies evolve, and quantitative to allow for an objective ranking of solutions in terms of their security.
To address this need, in this paper we present IoMT Security Assessment Framework (IoMT-SAF) to enable IoMT stakeholders to assess the degree of security provided in IoMT solutions. IoMT-SAF is based on a stakeholder-oriented, scenario-based, and ontological approach that identifies potential security issues and recommends countermeasures for specific IoMT consumption scenarios. Based on the recommended security measures, IoMT-SAF also recommends thorough security assessment attributes. These attributes are used in the flexible assessment method utilized in IoMT-SAF to enable users to choose their security requirements and to rank IoMT solutions in terms of degree of security. The following sections describe: background on the IoMT in Section 2, summary of related work in Section 3, our IoMT Security Assessment Framework (IoMT-SAF) in Section 4, a case study in Section 5, evaluation of the framework in Section 6, and limitations and concluding remarks including the future work, are discussed in Sections 7 and 8, respectively.
Section snippets
Background
As shown in Fig. 1, the typical components in IoMT solutions are defined by the Open Web Application Security Project (OWASP) as follows [20]. (1) Endpoints: The FDA defines connected medical devices (i.e., IoMT endpoints) as medical devices that are connected to hospital networks, the Internet, or to other medical devices [21]. For the purposes of comprehensiveness, the present work also considers nonmedical devices which can be used in IoMT environments, such as ambient sensors. (2) Gateways:
Related work
Related research on measuring and comparing security has quite a long history. However, because of the newness of IoMT, very little research is currently available on recommending and evaluating security for IoMT solutions. The following paragraph summarizes the previous efforts in this area and highlights their limitations and challenges.
Some of these efforts focused on patient monitoring and do not fit other use cases [25,26]. Other researchers went into developing tools to assess and compare
Internet of Medical Things Security Assessment Framework (IoMT-SAF)
IoMT-SAF (available at flsubaei.pythonanywhere.com) is a python web application that allows users to assess the security of IoMT solutions based on their consumption scenario. As shown in Fig. 2, the presented framework has two main modules. These are the recommendation and assessment modules. Both modules were described in detail in our previous works [46] and [47], respectively. The following subsections briefly describe the modules and explain how users can interact with them to learn about
Case study
To demonstrate how IoMT-SAF can be utilized to analyze and rank IoMT solutions in terms of their degree of security, we show a different scenario y (see Fig. 23). As shown in Fig. 24, this scenario comprises two popular cloud-based IoT platforms that are being used widely in IoMT, namely, Microsoft Azure IoT Hub [52] and KaaIoT KAA [53]. Because these solutions do not have version numbers, IoMT-SAF considers the date of adding the solution profile as the version number. The identified issues
Evaluation
IoMT-SAF enables users to make decisions regarding security in currently available IoMT solutions based on an integrated, quantitative-based assessment method that uses recommended scenario-specific security assessment criteria. The following subsections discuss evaluation criteria for IoMT-SAF modules, as well as three methods of evaluation (i.e., vulnerability-based, expert-based, and survey-based).
Limitations
A key challenge to use IoMT-SAF is the lengthiness and complexity of defining the security profiles. This is due to IoMT-SAF's large pool of assessment attributes (i.e., 260 question). However, as described in Section 4, we added some functionalities that make this task easier without compromising the quality of work (i.e., comprehensiveness). First, the recommendation module effectively filters the list of attributes to only ones that are directly related to the scenario. In addition, common
Conclusion and future work
In this paper, we presented an IoMT Security Assessment Framework (IoMT-SAF), a web application that is based on a novel ontological scenario-based approach to ensure security in IoMT solutions. IoMT-SAF recommends a detailed list of assessment attributes that covers necessary security measures. This enables IoMT adopters to choose and enforce security in IoMT solutions based on their security objectives, which differ depending on the scenario. The novelty of IoMT-SAF lies in its ability to
Declaration of Competing Interest
The authors declare that they have no known competing financial interests or personal relationshipsthat could have appeared to influence the work reported in this paper.
References (58)
- et al.
Evaluation on security system of internet of things based on fuzzy-AHP method
- et al.
Towards composable threat assessment for Medical IoT (MIoT)
Procedia Comput. Sci.
(2017) - A Guide to the Internet of Things Infographic, Intel.....
87% of healthcare organizations will adopt internet of things technology by 2019
HIPAA J.
(2017)- Internet Crime Complaint Center (IC3) | Internet of Things Poses Opportunities for Cyber Crime, (2015)....
- Cyber Risk Services | Deloitte US | Enterprise Risk Services, Deloitte United States. (n.d.)....
- M. Smith, MEDJACK 2: Old Malware Used in New Medical Device Hijacking Attacks to Breach Hospitals, Network World....
- N. Weinberg, Securing IoT in Healthcare is Critical, CSO Online. (2018)....
- Vic Ryckaert, Hackers held patient data ransom, so Indiana hospital system paid $50,000, USA TODAY. (2018)....
- R. Winton, Hollywood hospital pays $17,000 in bitcoin to hackers; FBI investigating, Latimes.Com. (2016)....
Study: healthcare staff lacking in basic security awareness, putting medical infrastructure at risk
Healthcare IT News
IoT security suffers from a lack of awareness
CIO
Risk-based adaptive security for smart IoT in eHealth
Risk-driven security metrics development for an e-health IoT application
New security guidance for early adopters of the IoT
Cloud Secur. Alliance
Cited by (112)
A systematic state-of-art review on digital identity challenges with solutions using conjugation of IOT and blockchain in healthcare
2024, Internet of Things (Netherlands)On the design of an AI-driven secure communication scheme for internet of medical things environment
2023, Digital Communications and NetworksCOUNT: Blockchain framework for resource accountability in e-healthcare
2023, Computer CommunicationsFederated learning for secure IoMT-applications in smart healthcare systems: A comprehensive review
2023, Knowledge-Based SystemsGBEAKA: Group-based efficient authentication and key agreement protocol for LPIoMT using 5G
2023, Internet of Things (Netherlands)