Wayne Burleson
Benjamin Ransford
ABSTRACT
Implantable medical devices, or IMDs, are increasingly being used to improve patients' medical outcomes. Designers of IMDs already balance safety, reliability, complexity, power consumption, and cost. However, recent research has demonstrated that designers should also consider security and data privacy to protect patients from acts of theft or malice, especially as medical technology becomes increasingly connected to other systems via wireless communications or the Internet. This survey paper summarizes recent work on IMD security. It discusses sound security principles to follow and common security pitfalls to avoid. As trends in power efficiency, sensing, wireless systems and bio-interfaces make possible new and improved IMDs, they also underscore the importance of understanding and addressing security and privacy concerns in an increasingly connected world.
- D. Arney, R. Jetley, P. Jones, I. Lee, and O. Sokolsky. Formal methods based development of a PCA infusion pump reference model: Generic infusion pump (GIP) project. In Proceedings of the 2007 Joint Workshop on High Confidence Medical Devices, Software, and Systems and Medical Device Plug-and-Play Interoperability, HCMDSS-MDPNP '07, pages 23--33. IEEE Computer Society, 2007. Google Scholar
Digital Library
- D. Arney, M. Pajic, J. M. Goldman, I. Lee, R. Mangharam, and O. Sokolsky. Toward patient safety in closed-loop medical device systems. In Proceedings of the 1st ACM/IEEE International Conference on Cyber-Physical Systems, ICCPS '10, pages 139--148. ACM, 2010. Google ScholarDigital Library
- C. Beck, D. Masny, W. Geiselmann, and G. Bretthauer. Block cipher based security for severely resource-constrained implantable medical devices. In Proceedings of 4th International Symposium on Applied Sciences in Biomedical and Communication Technologies, ISABEL '11, pages 62:1--62:5. ACM, October 2011. Google ScholarDigital Library
- M. Bishop. Computer Security: Art and Science. Addison-Wesley Professional, 2003.Google Scholar
- G. De Micheli, S. Ghoreishizadeh, C. Boero, F. Valgimigli, and S. Carrara. An integrated platform for advanced diagnostics. In Design, Automation & Test in Europe Conference & Exhibition, DATE '11. IEEE, March 2011.Google Scholar
- T. Denning, K. Fu, and T. Kohno. Absence makes the heart grow fonder: New directions for implantable medical device security. In Proceedings of USENIX Workshop on Hot Topics in Security (HotSec), July 2008. Google ScholarDigital Library
- X. Fan, G. Gong, K. Lauffenburger, and T. Hicks. FPGA implementations of the Hummingbird cryptographic algorithm. In Proceedings of the IEEE International Symposium on Hardware-Oriented Security and Trust, HOST '10, pages 48--51, June 2010.Google ScholarCross Ref
- X. Fan, H. Hu, G. Gong, E. Smith, and D. Engels. Lightweight implementation of Hummingbird cryptographic algorithm on 4-bit microcontrollers. In International Conference for Internet Technology and Secured Transactions, ICITST '09, pages 1--7, November 2009.Google Scholar
- K. Fu. Trustworthy medical device software. In Public Health Effectiveness of the FDA 510(k) Clearance Process: Measuring Postmarket Performance and Other Select Topics: Workshop Report, Washington, DC, July 2011. IOM (Institute of Medicine), National Academies Press.Google Scholar
- S. Gollakota, H. Hassanieh, B. Ransford, D. Katabi, and K. Fu. They can hear your heartbeats: Non-invasive security for implanted medical devices. In Proceedings of ACM SIGCOMM, August 2011. Google ScholarDigital Library
- P. Gould and A. Krahn. Complications associated with implantable cardioverter--defibrillator replacement in response to device advisories. Journal of the American Medical Association (JAMA), 295(16):1907--1911, April 2006.Google Scholar
- S. Guan, J. Gu, Z. Shen, J. Wang, Y. Huang, and A. Mason. A wireless powered implantable bio-sensor tag system-on-chip for continuous glucose monitoring. In Proceedings of the IEEE Biomedical Circuits and Systems Conference, BioCAS '11, November 2011.Google ScholarCross Ref
- A. Guiseppi-Elie. An implantable biochip to influence patient outcomes following trauma-induced hemorrhage. Analytical and Bioanalytical Chemistry, 399(1):403--419, January 2011.Google ScholarCross Ref
- D. Halperin, T. S. Heydt-Benjamin, K. Fu, T. Kohno, and W. H. Maisel. Security and privacy for implantable medical devices. IEEE Pervasive Computing, Special Issue on Implantable Electronics, 7(1):30--39, January 2008. Google ScholarDigital Library
- D. Halperin, T. S. Heydt-Benjamin, B. Ransford, S. S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W. H. Maisel. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In Proceedings of the 29th IEEE Symposium on Security and Privacy, May 2008. Google ScholarDigital Library
- A. Hintz. Fingerprinting websites using traffic analysis. In R. Dingledine and P. Syverson, editors, Proceedings of the Privacy Enhancing Technologies workshop, PET '02. Springer-Verlag, LNCS 2482, April 2002. Google ScholarDigital Library
- S. Hosseini-Khayat. A lightweight security protocol for ultra-low power ASIC implementation for wireless implantable medical devices. In Proceedings of the 5th International Symposium on Medical Information Communication Technology, ISMICT '11, pages 6--9, March 2011.Google ScholarCross Ref
- R. P. Jetley, P. L. Jones, and P. Anderson. Static analysis of medical device software using CodeSonar. In Proceedings of the 2008 Workshop on Static Analysis, SAW '08, pages 22--29. ACM, 2008. Google ScholarDigital Library
- I. Lee, G. J. Pappas, R. Cleaveland, J. Hatcliff, and B. H. Krogh. High-confidence medical device software and systems. IEEE Computer, 39(4):33--38, 2006. Google ScholarDigital Library
- C. Li, A. Raghunathan, and N. K. Jha. Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system. In Proceedings of the 13th IEEE International Conference on e-Health Networking, Applications, and Services, Healthcom '11, June 2011.Google Scholar
- K. Nohl, D. Evans, Starbug, and H. Plötz. Reverse-engineering a cryptographic RFID tag. In Proceedings of the 17th USENIX Security Symposium, pages 185--194, July 2008. Google ScholarDigital Library
- S. O'Driscoll, A. Poon, and T. Meng. A mm-sized implantable power receiver with adaptive link compensation. In Proceedings of the International Solid-State Circuits Conference, ISSCC '09, pages 294--295, 295a. IEEE, February 2009.Google ScholarCross Ref
- N. Paul, T. Kohno, and D. C. Klonoff. A review of the security of insulin pump infusion systems. Journal of Diabetes Science and Technology, 5(6):1557--1562, November 2011.Google ScholarCross Ref
- K. Poulsen. Hackers assault epilepsy patients via computer. Wired.com, http://www.wired.com/politics/security/news/2008/03/epilepsy, March 2008.Google Scholar
- J. Rabaey, M. Mark, D. Chen, C. Sutardja, C. Tang, S. Gowda, M. Wagner, and D. Werthimer. Powering and communicating with mm-size implants. In Design, Automation & Test in Europe Conference & Exhibition, DATE '11. IEEE, 2011.Google Scholar
- J. Radcliffe. Hacking medical devices for fun and insulin: Breaking the human SCADA system. Black Hat Conference presentation slides, August 2011.Google Scholar
- K. B. Rasmussen, C. Castelluccia, T. S. Heydt-Benjamin, and S. Čapkun. Proximity-based access control for implantable medical devices. In Proceedings of the 16th ACM Conference on Computer and Communications Security, pages 410--419, 2009. Google ScholarDigital Library
- P. Roberts. Blind attack on wireless insulin pumps could deliver lethal dose. Threatpost (blog post), http://threatpost.com/en_us/blogs/blind-attack-wireless-insulin-pumps-could-deliver-lethal-dose-102711, October 2011.Google Scholar
- D. Takahashi. Excuse me while I turn off your insulin pump. VentureBeat, http://venturebeat.com/2011/08/04/excuse-me-while-i-turn-off-your-insulin-pump/, August 2011.Google Scholar
- F. Xu, Z. Qin, C. C. Tan, B. Wang, and Q. Li. IMDGuard: Securing implantable medical devices with the external wearable guardian. In Proceedings of the 30th IEEE International Conference on Computer Communications, INFOCOM '11, pages 1862--1870, April 2011.Google ScholarCross Ref
Index Terms
- Design challenges for secure implantable medical devices
Recommendations
Patients, pacemakers, and implantable defibrillators: human values and security for wireless implantable medical devices
CHI '10: Proceedings of the SIGCHI Conference on Human Factors in Computing SystemsImplantable medical devices (IMDs) improve patients' quality of life and help sustain their lives. In this study, we explore patient views and values regarding their devices to inform the design of computer security for wireless IMDs. We interviewed 13 ...
Balancing security and utility in medical devices?
DAC '13: Proceedings of the 50th Annual Design Automation ConferenceImplantable Medical Devices (IMDs) are being embedded increasingly often in patients' bodies to monitor and help treat medical conditions. To facilitate monitoring and control, IMDs are often equipped with wireless interfaces. While convenient, wireless ...
Researchers Fight to Keep Implanted Medical Devices Safe from Hackers
Implantable medical devices have become increasingly popular, and a growing number are equipped with wireless communications technology to increase their usefulness. However, this could make the devices susceptible to hackers.
Comments