skip to main content
10.1145/3440943.3444733acmconferencesArticle/Chapter ViewAbstractPublication PagesiceaConference Proceedingsconference-collections
research-article

Comments on "Securing implantable cardiac medical devices": Use of radio frequency energy harvesting

Published: 27 September 2021 Publication History

Abstract

Implantable Medical Devices (IMDs) have evolved over the years to stretch their application areas to provide a range of services from health-care to public safety. In order to handle such information, the high strength security and the proper authentication are required. For this, Ellouze et al. have proposed an authentication protocol for IMDs in 2013. The security in IMD that they propose and mention is reasonable, but some aspects are expected to be vulnerable to attack. In addition, not only are such schemes need to be secured, but their security should also be formally verified against their security requirements. Thus, we confirm the security of the authentication protocol for IMDs that have not been objectively verified through formal verification tool such as BAN-logic. Consequently, in this paper, Ellouze et al. are turned out to be insecure.

References

[1]
J. Esch, "Implanted Medical Devices and Vulnerabilities to Hackers", MEDdesign, August 26, 2019.
[2]
David J. Slotwiner and Thomas F. Deering and Kevin Fu and Andrea M. Russo and Mary N. Walsh and George F. van Hare, "Cybersecurity vulnerabilities of cardiac implantable electronic devices: Communication strategies for clinicians---Proceedings of the Heart Rhythm Society's Leadership Summit", Heart Rhythm, 15(2), pp. e61-e67, July 2018.
[3]
S. Tanwar et al., "Human Arthritis Analysis in Fog Computing Environment Using Bayesian Network Classifier and Thread Protocol", in IEEE Consumer Electronics Magazine, vol. 9, no. 1, pp. 88--94, 1 Jan. 2020
[4]
Sungkwan Kim et al., "A Brief Survey on Rootkit Techniques in Malicious Codes", Journal of Internet Services and Information Security (JISIS), 2(3/4): 134-147, Nov. 2012.
[5]
J. Kang et al., "Supervised learning-based Lifetime Extension of Wireless Sensor Network Nodes", Journal of Internet Services and Information Security (JISIS), 9(4): 59-67, November 2019.
[6]
C.T. Yang et al. "Implementation of a Software-Defined Storage Service with Heterogeneous Storage Technologies", Journal of Internet Services and Information Security (JISIS), 9(3): 74-97, August 2019.
[7]
Viktoriia Korzhuk et al., "Identification of Attacks against Wireless Sensor Networks Based on Behaviour Analysis Grahpics Processing Units", Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), Vol. 10, No. 2, pp.1-21, June 2019.
[8]
Pairat Thorncharoensri et al., "Efficient Controlled Signature for a Large Network with Multi Security-level Setting", Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), Vol. 10, No. 3, pp.1-20, September 2019.
[9]
M. Rushanan, A. D. Rubin, D. F. Kune and C. M. Swanson, "SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks", 2014 IEEE Symposium on Security and Privacy, San Jose, CA, 2014, pp. 524--539.
[10]
S. Challa et al., "Authentication Protocols for Implantable Medical Devices: Taxonomy, Analysis and Future Directions", in IEEE Consumer Electronics Magazine, vol. 7, no. 1, pp. 57--65, Jan. 2018.
[11]
Cámara Núñez, M. C., Peris López, P., & Estévez Tapiador, J. M. (2015). Security and privacy issues in implantable medical devices: A comprehensive survey.
[12]
Ellouze, N., Allouche, M., Ahmed, H. B., Rekhis, S., & Boudriga, N. (2014). Security of implantable medical devices: limits, requirements, and proposals. Security and Communication Networks, 7(12), 2475--2491.
[13]
K. B. Rasmussen et al., "Proximity-based access control for implantable medical devices", in Proc. 16th ACM Conf. Computer and Communications Security (CCS 2009), Chicago, IL, 2009, pp. 410--419.
[14]
C. S. Jang et al., "Hybrid security protocol for wireless body area networks", Wireless Commun. Mobile Comput., vol. 11, no. 2, pp. 277--288, 2011.
[15]
N. Ellouze et al., "Securing implantable cardiac medical devices: Use of radio frequency energy harvesting", in Proc. 3rd Int. Workshop on Trustworthy Embedded Devices (TrustED 2013), Berlin, Germany, 2013, pp. 35--42.
[16]
D. He and S. Zeadally, "Authentication protocol for an ambient assisted living system", IEEE Commun. Mag., vol. 53, no. 1, pp. 71--77, 2015.
[17]
M. Burrows et al., "A logic of authentication", Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences 426, no. 1871 (1989): 233--271.

Cited By

View all
  • (2021)Can Formal Security Verification Really Be Optional? Scrutinizing the Security of IMD Authentication ProtocolsSensors10.3390/s2124838321:24(8383)Online publication date: 15-Dec-2021

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ACM ICEA '20: Proceedings of the 2020 ACM International Conference on Intelligent Computing and its Emerging Applications
December 2020
219 pages
ISBN:9781450383042
DOI:10.1145/3440943
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 September 2021

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Formal Verification
  2. Implantable Medical Devices
  3. Mutual Authentication
  4. Privacy

Qualifiers

  • Research-article
  • Research
  • Refereed limited

Funding Sources

  • National Research Foundation of Korea

Conference

ACM ICEA '20
Sponsor:

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)2
  • Downloads (Last 6 weeks)2
Reflects downloads up to 15 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2021)Can Formal Security Verification Really Be Optional? Scrutinizing the Security of IMD Authentication ProtocolsSensors10.3390/s2124838321:24(8383)Online publication date: 15-Dec-2021

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media