Conference PaperPDF Available

A review of security challenges, attacks and resolutions for wireless medical devices

Authors:

Figures

Content may be subject to copyright.
A Review of Security Challenges, Attacks and
Resolutions for Wireless Medical Devices
Heena Rathore, Amr Mohamed, Abdulla Al-Ali, Xiaojiang Du, Mohsen Guizani
Dept. of Computer Science and Engineering Department, Qatar University, 2713, Doha, Qatar
Dept. of Computer and Information Sciences, Temple University, Philadelphia, PA, USA
Dept. of Electrical and Computer Engineering, University of Idaho, Moscow, Idaho, USA
Email:{heena.rathore,amrm,abdulla.alali}@qu.edu.qa, xjdu@temple.edu, mguizani@gmail.com
Abstract—Evolution of implantable medical devices for human
beings has provided a radical new way for treating chronic
diseases such as diabetes, cardiac arrhythmia, cochlear, gastric
diseases etc. Implantable medical devices have provided a break-
through in network transformation by enabling and accessing the
technology on demand. However, with the advancement of these
devices with respect to wireless communication and ability for
outside caregiver to communicate wirelessly have increased its
potential to impact the security, and breach in privacy of human
beings. There are several vulnerable threats in wireless medical
devices such as information harvesting, tracking the patient, im-
personation, relaying attacks and denial of service attack. These
threats violate confidentiality, integrity, availability properties of
these devices. For securing implantable medical devices diverse
solutions have been proposed ranging from machine learning
techniques to hardware technologies. The present survey paper
focusses on the challenges, threats and solutions pertaining to the
privacy and safety issues of medical devices.
Keywords: Security, privacy, wireless medical device.
I. INTRODUCTION
Recently, with the advent of the internet of things, automa-
tion, management and monitoring of devices have become
painless and simple. Intelligent health care has gained impor-
tance in the recent past since it allows continuous monitoring
of patients away from hospitals and doctors. Nevertheless,
every year many doctors and patients enhance their personal
satisfaction through a surgical methodology that includes em-
bedded medical devices. These medical devices are currently a
pervasive part of cutting edge medicinal care. The therapeutic
improvement as far as Implantable Medical Devices (IMDs)
have brought is the powerful change in the quality of life of
the patient. Nevertheless, with the expanded life expectancy in
today’s life, the requirement for new medicines, implants, and
long-term pharmaceutical utilization has increased manifold.
These devices have extended the capacity of doctors to analyse
and treat diseases away from the patients, making extraordi-
nary commitments to the well-being and providing personal
satisfaction to patients.
IMDs are placed inside the human bodies to analyse,
monitor and respond to treat various medical conditions. These
devices range from neuro-stimulators for brain stimulator,
gastric stimulators for stomach, cardiac defibrillators for the
heart, cochlear implant for hearing, drug delivery system such
as insulin for diabetic patients, artificial eye lenses for cataracts
etc [3]. The United States remains the biggest market in
medical devices with a market size of around $148 billion,
and it is anticipated to reach medical devices sales to $185.9
billion by the year 2019 [1].
Fig. 1: Threat Model: Adversary can either disrupt the system or
hinder wireless communication
IMDs are designed in a manner to communicate wirelessly
with the outside caregiver to have access to the patient’s
data remotely. However, the information contained in the
devices can be openly accessed by adversary through internal
and communication means endangering the health of the
patients [4], [5]. As seen in Figure 1, an adversary can
attack the system components or wireless channel between
the patient wearing IMD and the caregiver. Researchers have
developed various solutions to implement the security of
medical devices ranging from shared key authentication to
wearable gadgets that handle encryption and approval. For all
intents and purposes, all such plans require standardization to
make far reaching selection conceivable, yet no standardization
association exists so far. Nonetheless, it is also mandatory to
have privacy preserving capabilities in the medical devices
since these devices contain sensitive medical information of
patients. Moreover, during emerging situations, techniques
are required that can assist the doctor or unauthenticated
caregivers to ease, secure and quicken the medical process
for healthy well-being of patients. The objective of the paper
is to present a review of various attacks and strategies used in
overcoming the attacks in IMD. Diverse solutions are present
for securing IMD which reflects how profoundly different
fields can be utilized to resolve security issues in IMD.
The remainder of the paper is organized as follows: Sec-
tion II entails the motivation for the current topic. Section III
978-1-5090-4372-9/17/$31.00 ©2017 IEEE 1495
presents the constraints that are faced in using IMDs. Security
requirements for these devices are presented in Section IV.
Section V and VI detail the types of attacks on these devices
followed by the diverse set of solutions implemented in these
devices to secure them. Section VII concludes the paper.
II. MOT IVATIO N
Technology innovation in health care have added new
innovative services that augment the limitations of providing
one-to-one healthcare through clinical and hospital doctors.
By associating a defibrillator or insulin pump to wireless,
specialists can monitor the basic individual and physiological
information about their patients remotely and in real time.
While this might be advantageous as far as observing an indi-
vidual’s human health is concerned, it leaves these life-saving
devices to life-taking ones that can disrupt their functionality,
and threaten the life of many patients, which calls for strictly
protecting these devices. On the other hand, in emergency
situations, these medicinal devices should be sufficiently open
that any suitable restorative expert can recover the data loss.
However, same openness leaves the gadget and the patient
more susceptible to the outside attacker. In late 90’s, Therac-
25 accident caused due to manufacturing or software error
reported six deaths in a row [6]. The first failure happened with
the usage of cardiac defibrillator when a 21-year-old died due
to short circuiting [7]. Moreover, insulin pumps also reported
attacks such as eavesdropping wireless communication or
controlling other medicinal gadgets to modify the expected
treatment [17]. Similarly, gastric simulators if introduced with
defective electrical signals by an adversary gives significantly
fewer symptoms for gastric emptiness making the device
functionality counter productive. Thus, IMDs should ensure
security since the patient’s life is firmly bound to the working
of IMDs. A more holistic approach which can not only detect
but also responds and recovers from the threat vulnerability
is needed. There is a need to adjust the necessities of patient
and doctors while dealing with the advantages and downsides
of this upcoming technology. The present paper presents the
survey of IMD’s security challenges, attacks and resolutions.
Although, diverse set of solutions have been proposed for
IMDs security, there are internal level and communication
level issues as discussed in the next section.
III. CONSTRAINTS ON IMPLANTABLE MEDICAL DEVICES
IMDs, on one hand, has provided a radical new way of
communication between patients and doctors while on the
other hand face diverse constraints for providing communica-
tion and monitoring services. The constraints on IMDs can be
categorised under two levels viz. internal and communication:
Internal Level Constraints: During the initial setup of
IMDs inside the body, utmost care is required to make
the IMD settle inside the system. These devices should
not only be smaller in size but should be efficient in its
operation. Cases were reported where the IMDs were re-
jected which in turn caused inflammation and pain in the
body. Also, IMD is built with a non rechargeable battery,
which can live up to 10 years. The security protocols such
as cryptographic solutions, machine learning approaches
and hashing require enormous processing which drains
the battery quickly. Moreover, if the battery is exhausted,
the whole IMD needs to be replaced which has its
own disadvantages. IMDs may likewise wish to keep
audit records of all exchanges with outside gadgets or
internal processing. These exchange logs could possibly
flood the device’s locally available memory, especially
under Denial of Service(DoS) attack or when an intruder
unequivocally tries to debilitate device memory.
Communication Level Constraints: The communication
transmission cause enormous amount of radiations and
power consumption which in turn is injurious to the
health of the patients. Moreover, many techniques ad-
dressing communication security rely on the fact that the
wireless channel of the legitimate user is stronger and in
many cases not as faded as the illegitimate user [22], [24].
However, for IMDs, the wireless channel for the body is
intrinsically faded through the patient body and because
of using low transmission power to maximize the devices
lifetime. Therefore, traditional security techniques do not
work efficiently.
IV. SECURITY REQ UI RE ME NT S FO R IMPLANTABLE
MEDICAL DEV IC ES
The goals of security services in IMD are aimed to protect
the information of the patient and also the resources of the
device. IMDs should aim at following properties [11]:
Confidentiality: IMDs should conceal information sent to
and from IMDs from illegitimate users.
Integrity: The data being processed and sent to and from
IMDs should be encrypted or should have a stronger
authentication mechanism that preserves the data from
being altered or corrupted by illegitimate personnel.
Availability: The main objective of installing an IMD
inside the body is to have regular and remote access of
a patient to doctor. The doctor and the patient should be
able to access and perform operations on the device as
and when required.
Access control: IMDs should be able to deny the permis-
sion of any unauthorised users.
Authentication: Just approved users ought to be permitted
to adjust an IMD. Doctors or device makers ought to
place limits on the settings accessible to patients to keep
them away from inadvertently or deliberately hurting.
Authorization: It is an act of granting access rights to the
user which can range from personal authorization to role
based and IMD selection [12].
Accountability: It is the act of being explained and
justifiable. IMDs keep review logs to track for potential
breakdowns on the device.
Freshness: Operations being performed should be fresh
and non-redundant. While maintaining exchange logs
and in adverse DoS attack condition an intruder can
1496
unequivocally try to debilitate device memory by sending
similar operations.
Robustness: The devices should be capable of handling
situations such as emergency circumstances or any other
abnormal situation.
Consequently, while designing a security management system
for the medical device, all the above security properties should
be attained for a concrete solution.
V. ATTACKS IN IMDS
Cyber-attacks on IMDs is a genuine and developing risk.
These attacks can point at obstructing the secrecy and val-
idation of the information by tampering the administration
trustworthiness or it can modify and exhaust network acces-
sibility. Moreover, the outcomes of the attacks can be deadly
for patients as these sudden changes can affect the life of
the patient. The intent of the attacks is to understand the
patient’s data in order to affect the patient’s health or to
suppress the quality of the device with negative intent from
competitive manufacturer’s site. The attacks vulnerabilities
incorporate unsecured wireless channels, deficient verification
or authentication mechanism, weak audit mechanisms and
negligible memory capacity. This section gives the details of
the types of attacks seen in IMD’s. Broadly, we can classify
the attacks in IMD in two groups viz internal attack and
communication attacks as shown in Figure 2.
Fig. 2: Attacks in Implantable Medical Devices
A. Internal Attacks
Internal attacks are introduced during medical device de-
ployment and while understanding real world parameters.
Here, malevolent attackers have the ability to hack pacemakers
and insulin pumps to close down doctor’s facility systems and
steal patients data. The malevolent manufacturer employee,
patient, physician or hospital administrator can get hold of
the internal system of IMD and introduce attacks such as
calibration failure, battery failure, hardware/connection failure,
modification of dosage/ data or through malware software:
Calibration attacks focus on altering the collected data to
mislead the diagnostic process of a medical patient [16].
Battery failure attacks happen when the processor and
the radio utilized as part of processing consumes a great
deal of energy while sending, handling and accepting
information. Malevolent attackers can make the device’s
memory deficient by introducing processing tasks in the
device in order to make the device counter productive.
An attacker can alter the device’s software program to
carry out harmful actions to add viruses to the device.
For instance, the attacker can intentionally overdose the
insulin amount by either single shot or chronic shot in
case of diabetic patients as described in [17].
Moreover, there are hardware/connection failure which
can be caused by factors such as natural disasters, mali-
cious and negligent third parties or legitimate actions of
third parties whose business interests conflict.
B. Communication Attacks
The communication channel between IMD and caregiver
gives a way for unauthorised people to access the medical
device. The sensitivity of data being transmitted and utilization
of unencrypted wireless channel, inadequate authentication
and access control mechanisms give rise to the communication
attacks. Communication attacks can either allow the attackers
to capture the medical device in order to trap and tunnel
the data to some other device or to deplete the resources of
the device. The communication channel can be unencrypted
and is susceptible to eavesdropping [18], replay [19] and
injection attacks [20]. Moreover, resource depletion attack
tries to deplete the resources of medical devices either by
exhausting the battery by requesting power consuming tasks
to them such as DoS or forced authentication attack.
The malicious entity can eavesdrop the communication
occurring between the gadgets and the caregiver [18]. This
listening can permit an attacker to learn about the gadgets
associated with the patient, the capacities of the gadget or the
directions and settings given to the gadget and patient health
data. Through this data, an attacker can surmise point by point
data about the present status of the patient’s afflictions and
track the patient. Also, Man-In-The-Middle (MITM) attack
occurs when the external intruder embeds itself between the
device and caregiver passing information between them and
making them trust that they are transmitting information to
each other. The external intruder disables the communication
between the two entities by allowing the information from the
medical device to pass into it. This permits an intruder to ac-
cess patient information in an unapproved way by knowing the
status of the patient’s health. The external intruder can further
expand this attack by launching DoS attack. For instance, the
intruder between the IMD and the caregiver can essentially
discard the patient’s information, prompting the device to
persistently send repeated transmissions. Replaying an old
message exchanged between the device and the caregiver
can trick the beneficiary into trusting the authenticity of the
attacker. Once the association is set up, the attacker can have
unapproved access to the patient information and thereby
corrupt it.
1497
VI. SECURITY SOLUTIONS FOR WIRELESS MEDICAL
DEV IC ES
IMDs have a diverse set of vulnerabilities that make them
prone to undependable software, limited battery or hardware
dysfunctional. These threat vulnerabilities affect the safety and
well being of the patients who are using it. Efforts to alleviate
data security dangers should be adjusted with fewer impacts on
device execution, including constrained battery life. There are
set of security solutions proposed for wireless medical devices
as described in this section.
A. Access Control Mechanisms
1) Biometric Approaches: Biometric authentication relies
on measurable physiological and individual characteristics that
can be verified. These approaches are genuine since it takes
into account the behavioural and biological characteristics to
verify and identify the individuals. The process compares and
searches for the characteristics against a number of samples
stored within the system. Screening, scanning, feature extrac-
tion and association are some of the specific tasks used in such
approaches. In order to prevent unauthorised access to IMDs a
biometric based two level secure access control was proposed
in [21]. Initially, it employs patient’s basic information i.e.
type of fingerprint, iris color and height followed by obtaining
the iris images. The reference image is chosen among the
images captured (i.e. clearest image) which is then converted
to iris code. Thereafter, discriminative bit set is acquired
from multiple iris codes for each iris. For the verification
of iris, hamming distance is used. The process is effective
and employs light weight computation and little overhead to
the device. However, storing the biometrics in the system is
similar to deploying any master key in the system. The work
presented by [23] uses ECG signals to authenticate the IMD
and the caregiver. It is based on the assumption that the IMD
user and the caregiver is near to each other. Both the parties
extract the least significant four bits from a consecutive set
of intra pulse timing intervals present in the ECG signals.
Later, it uses Neyman-Pearson hypothesis testing algorithm
for calculating the error distribution for authorizing near and
low error genuine users. The approach is able to protect
from MITM attack since IMD reveals the data only after
authenticating the caregiver. However, the scheme consumes a
lot of battery when the authentication fails since the IMD waits
for an extra cycle until it receives a genuine authentication.
2) Distance Based Approaches: Distance based access con-
trol approaches grant access to external agents through the
concept of touch and close proximity [2]. In this process,
the access is authorized by the patient being aware regarding
the information being accessed. The work presented in [22]
uses zero-power notification, zero-power authentication, and
sensible key exchange for providing authorization to the med-
ical devices. The approach works on the principle of detecting
sound emitted by the medical device through a piezoelectric
circuit element implanted in the human body. This method
attempts to avoid the use of cryptographic solutions that
puts a strain on the battery life of the medical device. In
the proposed method, the caregivers attempt to connect to
the device via a radio frequency. The piezoelectric element
in the device generates signals that can only be detected
by caregivers through a microphone. This can acoustically
identify the device and a key is shared with this method, to
get access to the patient’s information. The main advantage of
this method is that it does not consume any battery power in
the medical device. The major disadvantage of this approach
is that the piezoelectric element must be implanted only 1 cm
under the skin. Therefore, it has to be installed separately from
the medical device that is implanted deep in the patient’s body.
Another approach proposed in [13] uses Ultrasound based
distance bounding detection based on the speed of sound using
Diffie-Hellman (DH) key agreement protocol. This protocol is
used to generate the private key in order to initiate the sharing
of encrypted information of the medical device. The advantage
of this system is that only the caregivers in close proximity
can establish a connection with the device. However, the radio
signals can be used by an attacker from a distance to induce
a current in the audio receiver. This will deceive the device
to generate the key which can then be used to access the
information of the patient without being in close proximity.
The work proposed in [24] uses in-vivo Near Field Com-
munication (NFC) approach to access the patient information
in the medical device. This method authenticates access to the
medical practitioners by utilizing a NFC-enabled smart phone.
In this method, in-vivo NFC tag is inserted in human body
which can communicate with the medical practitioner through
the use of smart phone. In this case, the smart phone can then
be used to share information using mobile network or WiFi
connection. The advantage of using such method is that in-
vivo-NFC tags do not use battery power from the implanted
medical device. Instead, the power is provided by the smart
phone while accessing the information of the patient. But,
it is almost impossible to share information in the event of
the lost or damaged smart phone. According to the authors,
the key is generated only once, during the initial surgical
implantation, which is shared with the smart phone. In the
event of damaged or lost smart phone, the key cannot be
regenerated and information cannot be shared with any other
device. Due to this limitation, the proposed protocol may be
deemed useless and impractical.
3) Key Management Protocols: Symmetric [14], [19] and
public key methodologies [15] can be used to encrypt and
authenticate the data which can limit the attacks of IMD. A
symmetric key is a tool in which information is only shared
between the trusted devices and personnel, and is secured from
all other external agents. The asymmetric key, on the other
hand, has a public signature in which two keys are used. One
is made public and the other one is kept secret. Generally,
symmetric cryptographic technique is preferred as it is not a
very demanding technique in terms of computing and power
consumption. Asymmetric tools on the other hand, often result
in complex circuits, high data exchange, and communication,
between the medical device and the caregivers, before allowing
access. This results in heavy use of computing power which in
1498
turn increases the power consumption of the medical device,
reducing its reliability. A proposed solution to this problem
was to attach an external wearable device that will do the
heavy computing for the asymmetric cryptographic tool before
allowing the access to the medical device. But, a drawback to
this solution is that in the event of the damage or loss of
the external device, there will be no other way to access the
medical device.
The work presented by [25] uses physiological ECG signals
for granting access to the doctors or users. Here, ECG signal
sensor is worn in the hand of the patient which is measured by
the IMD and the caregiver simultaneously. Keys are exchanged
between the two parties having the ECG signals. Even of the
unique authentication process, the technique adds wait time
which decreases the reliability.
B. Audit Mechanisms
Audit logs are maintained in the IMDs for keeping the
record of patient’s history and the conduct of the device
over a particular time frame. The logs give data required
for sufficient patient care and also upgrades to the patient
treatment if conveyed through the IMD. However, the limited
storage memory of IMDs (1MB) where 75% is utilised in
medical functions would overflow the audit logs, which makes
the medical device prone to attacks. Overwriting the previous
non-relevant data may be an extended audit mechanism that
can be deployed in the system. Also, alarming and alerting
the provider upon completion of memory storage can be
considered as another possible approach [8]. RFID Guardian
is an external device which can be utilized for accessing and
monitoring the data and events that have been occurred. Be-
sides that, it also authenticates the registered devices, handles
keys and blocks unregistered entities. The biggest issue of
using RFID Guardian is that if the attacker is able to access
the Guardian, it will have the entire control over RFID tags [9].
C. Anomaly Detection Techniques
The work presented by [10] utilizes supervised machine
learning algorithm viz support vector machine(SVM) for treat-
ing resource depletion attack. The scheme models patient IMD
access pattern which are used to train the SVM. The access
pattern information comprises of five fields viz reader action
(identification, obtaining patient data, changing the patient
name, changing therapies etc.), time interval, location, time
and date of utilization. This information is fed into linear
and non-linear SVM for learning and classification between
bogus and genuine reader. It utilizes the patient cell phone for
authentication and verification. Linear SVM and non-linear
SVM obtains a classification accuracy for resource depletion
attack of 90% and 97% respectively. Although the system is
quite accurate, running SVM on the medical device consumes
a lot of energy which would affect the medical process.
D. External Hardware Methodologies
For dealing with the security issues, external devices are
used such as cloaker, IMDGaurd and IMD Shield as described
in this section.
1) Cloaker: A communication cloaker as devised by [26]
is an extra electronic gadget that is worn by the patient to
act as an outsider between IMD’s correspondences with the
caregiver. The cloaker ensures the security of the IMD for the
time that it is worn and gives open access to the outside world
when not worn. The IMD overlooks all other authentications
for the length of the time the clocker is worn. In emergency
situations, patients can remove the cloaker so that the IMD
reacts to all authentications. The cloaker offers a master key
to be shared with IMD which can channel all the information
between them. There are two methodologies by which the
IMD can distinguish the nearness of the cloaker. Firstly, the
IMD pings the cloaker so that the cloaker responds by giving
confirmation to it. Besides that, the IMD sends intermittent
keep-alive messages and redesigns its state agreeing to the
reaction from the cloaker. In both cases, the IMD considers
an emergency mode when it gets no reaction from the cloaker
after a holding up period. The security of the cloaker frame-
work depends upon the patient’s wearing the cloaker gadget in
any environment where unapproved interchanges may happen.
In the event that the patient overlooks or picks not to wear the
cloaker gadget, the security elements of the framework will be
ineffectual. Since the gadget secures against remote assaults
that might happen, the demonstration of wearing the gadget
may bring about mental trouble to the patient.
2) IMDGaurd: IMDGuard [27], a security mechanism for
implantable heart gadgets, which are embedded to screen or
treat cardiovascular therapeutic conditions. These are gener-
ally used in implantable cardioverter-defibrillator, pacemaker,
and ECG (electrocardiogram) sensor. IMDGuard utilises the
Guardian, a wearable gadget, to facilitate associations between
the IMD and the caregiver in a manner that gives the security
in a customary condition, and securely permits access in the
emergency situation. The patient’s specific ECG signals are
used for key sharing between the IMD and the Guardian. ECG
key extraction methodology does not require any additional
pre-conveyed software with the goal that it is difficult to
rekey the IMD when the Guardian is lost or broken. Also, it
makes the attackers not able to produce fake guardians aside
from physical contacts with the patient. Later, besides the skin
contact, it was found that video recording the face of a person
for a period of time can not only reveal movement and color
of the patient but also the heart pulse. Moreover, IMDGaurd
is also prone to MITM attack as shown in [28].
3) IMDShield: IMD Shield is another externally worn gad-
get used for IMD’s security [29]. It utilizes full duplex radio
device which acts as a jammer and a receiver. It comprises of a
jamming antenna and a receiver antenna. The jamming antenna
transmits an arbitrary flag to keep away eavesdroppers from
interpreting the IMD’s transmissions. The receiving antenna
receives the IMD’s signal and deciphers it with the help of
transmit and a receive chain. However, IMD Shield commands
do not remain confidential if the commands are sent from
the caregiver to the IMDs. Also, jamming interferes with
other radio frequency devices and do not comply with FDA
regulations.
1499
TABLE I: Comparison of Various IMD Security Mechanisms
Mechanism Overcome
Attacks
Properties
Achieved
Advantages Disadvantages
Biometric Based
Approaches
Relies on unique biological char-
acteristics for authentication. Ex-
amples: Retina scan, iris recogni-
tion [21], heart signals [23], finger-
printing, facial recognition etc.
Eavesdropping,
MITM [23]
Authentication,
confidential-
ity, integrity,
availability
Secure, unique and pri-
vate authentication, light
weight, little overhead to
the device [21]
Lack of standardization,
not able to accommodate
changes to the biometric
overtime, sample collec-
tion phase is influenced by
environmental conditions,
user training.
Distance/Proximity
Based
Approaches
Estimate the distance between the
IMD and caregiver by measuring
the sent and received transmission
in proximity through piezoelectric
element [22], Diffie Hellam pro-
tocol [13], near field communica-
tion [24].
Wireless
eavesdropping,
wireless replay
Authentication,
confidential-
ity, integrity,
authorization
Do not complicate interac-
tions of medical staff.
Weak authentication since
the attacker can make
physical contact with the
patient by approaching
close
Key Management
Protocols
Symmetric [14], public key [15]
and physiological [25] signals are
used for the generation of keys
Denial of
Service,
Eavesdropping,
replay, MITM
Authentication,
confidential-
ity
Unique and private infor-
mation. Symmetric tech-
niques are less power con-
suming as compared to
other key exchange
Decreased reliability and
extra waiting time for the
authentication
Audit Mecha-
nisms [8], [9]
Audit logs are maintained to
store the patient’s information and
IMD’s track record.
Threats against
non repudiation.
Accountability Malevolent activities can
be easily identified and
traced without any com-
putation.
Exhaust limited memory
of IMD
Anomaly Detec-
tion [10]
Classify between the normal and
abnormal activities.
Internal attacks,
resource
depletion and
malicious
communication
Availability,
confidential-
ity, integrity,
privacy
High accuracy Drains battery
External Device
Methodolo-
gies [30], [33]
Externally worn device utilizing
electrocardiagram [27], full duplex
radio device [29], share a master
key to authenticate IMD and the
caregiver [26].
Eavesdropping,
Device Capture,
Tunnelling
Confidentiality,
integrity,
robustness,
authentica-
tion
Fast response time, prior-
itizing the safety of pa-
tients, no equipment or
software alterations
Adversary can contact the
patient and extract the key.
Battery consuming tasks.
4) MedMon: MedMon [30] is an external device which
snoops all radio frequency wireless communications to/from
medical devices and utilizes multi-layered abnormality iden-
tification to distinguish possibly malignant exchanges. After
detection of malignant interaction, MedMon takes appropriate
reaction mechanism such as informing the client or block the
packets from reaching to the medical device. It prompts to
zero power overheads on these gadgets. However, it does not
provide any secured communication channel since the channel
of communication is typically not confidential.
5) Channel Estimation: The work presented in [33] uses
wearable external device to act as a middle man protector
between IMD and the adversary. Initially, the IMDs sends pilot
signals to empower external device to assess and approximate
the channel. By utilizing this information, the external device
performs data equalization and allows the pilot signals to reach
the adversary (assuming adversary cannot be nearer to the
IMD in comparison to the external device). Thus, adversary
captures weaker signals and approximate incorrect channel
estimation. Device capture and tunnelling attacks can be
avoided through such mechanism. The technique decreases the
processing complexity of IMDs and also helps in estimating
channel conditions which in turn improves the communi-
cation performance. However, prior authentication with the
wearable device is required and factors such as dispersion
in time and frequency will affect the channel estimation.
Jamming is another major threat vulnerability which exhausts
the resources of the system by sending numerous requests
simultaneously. Some of the major contributions to lessen
jamming are through frequency hopping and direct sequence
spread spectrum techniques which are studied for cardiac
pressure sensing system in [31]. These approaches can protect
the devices from eavesdropping and impersonation attack but
do not support medical devices due to limited hardware design
and band regulations [32].
Table I shows the comparative analyses of the techniques
discussed in this section.
VII. POTE NT IA L FUTURE RESEARCH DIRECTIONS
In order to provide usable and adoptable secure solutions
for wireless medical devices, additional contributions are re-
quired: (1) Accurate, real time and energy efficient techniques
to secure medical devices; (2) Efficient, usable and privacy
preserving technique for concealing the patient’s health record.
For a secure and dependable wireless medical device, follow-
ing research questions are still open:
The requirement to implement a specific level of pro-
tection conceivably disabling the service when the level
can’t be ensured.
To assess if the security arrangements in wireless medical
device ensure protection and privacy in specific temporal
1500
or spatial zone. This might be accomplished by consider-
ing, for instance, the number of clients, their movement,
their worries about security, and additionally the spatio-
temporal imperatives of the administration
Design a legitimate eavesdropper that detects malicious
network traffic leveraging machine learning techniques
Adjust and recover from the abnormal activity by chang-
ing the configuration and providing the counter mecha-
nism after detecting the threat vulnerability.
VIII. ACKN OWLEDGEMENTS
This publication was made possible by NPRP grant #8-408-
2-172 from the Qatar National Research Fund (a member of
Qatar Foundation). The statements made herein are solely the
responsibility of the authors.
REFERENCES
[1] Medtech Switzerland, 2017, “The U.S. Market for Medical Devices:
Opportunities and Challenges for Swiss Companies”
[2] AlTawy, R. and Youssef, A.M, “Security Tradeoffs in Cyber Physical
Systems: A Case Study Survey on Implantable Medical Devices”. IEEE
Access, 4, pp.959-979, 2016.
[3] 24/7 Wallst Street, “The Eleven Most Implanted Medical Devices In
America”, 2011, [accessed on 17 January, 2017]
[4] Camara, C., Peris-Lopez, P. and Tapiador, J.E. “Security and privacy is-
sues in implantable medical devices: A comprehensive survey”. Journal
of biomedical informatics, 55, pp.272-289, 2015.
[5] Clark, S.S. and Fu, K., October. “Recent results in computer security for
medical devices”. In International Conference on Wireless Mobile Com-
munication and Healthcare (pp. 111-118). Springer Berlin Heidelberg,
2011.
[6] Leveson, N.G. and Turner, C.S. “An investigation of the Therac-25
accidents”. Computer, 26(7), pp.18-41, 1993.
[7] Hauser, R.G. and Maron, B.J., “Lessons from the failure and recall of
an implantable cardioverter-defibrillator”. Circulation, 112(13), pp.2040-
2042, 2005.
[8] Gupta, S. “Implantable medical devices-cyber risks and mitigation
approaches”. In Proceedings of the Cybersecurity in Cyber-Physical
Workshop, The National Institute of Standards and Technology (NIST),
US, 2012.
[9] Rieback, M.R., Crispo, B. and Tanenbaum, A.S. “RFID Guardian:
A battery-powered mobile device for RFID privacy management”. In
Australasian Conference on Information Security and Privacy (pp. 184-
194). Springer Berlin Heidelberg, 2005.
[10] Hei, X., Du, X., Wu, J. and Hu, F. “Defending resource depletion
attacks on implantable medical devices”. In Global Telecommunications
Conference (GLOBECOM 2010), 2010 IEEE (pp. 1-5). IEEE, 2010.
[11] Rathore, H., 2016. “Mapping biological systems to network systems”.
Springer.
[12] Halperin, D., Heydt-Benjamin, T.S., Fu, K., Kohno, T. and Maisel, W.H.
“Security and privacy for implantable medical devices”. IEEE pervasive
computing, 7(1), pp.30-39, 2008.
[13] Rasmussen, K.B., Castelluccia, C., Heydt-Benjamin, T.S. and Capkun,
S. “Proximity-based access control for implantable medical devices”. In
Proceedings of the 16th ACM conference on Computer and communi-
cations security (pp. 410-419). ACM, 2009.
[14] Halperin, D., Heydt-Benjamin, T.S., Ransford, B., Clark, S.S., Defend,
B., Morgan, W., Fu, K., Kohno, T. and Maisel, W.H. “Pacemakers and
implantable cardiac defibrillators: Software radio attacks and zero-power
defenses”. In IEEE Symposium on Security and Privacy (sp 2008) (pp.
129-142). IEEE, 2008.
[15] Singh, K. and Muthukkumarasamy, V., “Authenticated key establishment
protocols for a home health care system”. In Intelligent Sensors, Sen-
sor Networks and Information, 2007. ISSNIP 2007. 3rd International
Conference on (pp. 353-358). IEEE, 2007.
[16] Yan, R., Xu, T. and Potkonjak, M. “Semantic attacks on wireless medical
devices”. In SENSORS, 2014 IEEE (pp. 482-485). IEEE, 2014.
[17] Hei, X., Du, X., Lin, S., Lee, I. and Sokolsky, O. “Patient infusion pattern
based access control schemes for wireless insulin pump system”. IEEE
Transactions on Parallel and Distributed Systems, 26(11), pp.3108-3121,
2015.
[18] Venkatasubramanian, K.K., Gupta, S.K.S., Jetley, R.P. and Jones, P.L.
“Interoperable medical devices”. IEEE Pulse, 1(2), pp.16-27, 2010.
[19] Hosseini-Khayat, S., “A lightweight security protocol for ultra-low
power ASIC implementation for wireless implantable medical devices”.
In Medical Information and Communication Technology (ISMICT), 2011
5th International Symposium on (pp. 6-9). IEEE, 2011.
[20] Rushanan, M., Rubin, A.D., Kune, D.F. and Swanson, C.M. “SoK:
Security and privacy in implantable medical devices and body area
networks”. In Security and Privacy (SP), 2014 IEEE Symposium on
(pp. 524-539). IEEE, 2014.
[21] Hei, X. and Du, X., “Biometric-based two-level secure access control
for implantable medical devices during emergencies”. In INFOCOM,
2011 Proceedings IEEE (pp. 346-350). IEEE, 2011.
[22] Halperin, D., Heydt-Benjamin, T.S., Ransford, B., Clark, S.S., Defend,
B., Morgan, W., Fu, K., Kohno, T. and Maisel, W.H. “Pacemakers and
implantable cardiac defibrillators: Software radio attacks and zero-power
defenses”. In Security and Privacy, 2008. SP 2008. IEEE Symposium
on (pp. 129-142). IEEE, 2008.
[23] Rostami, M., Juels, A. and Koushanfar, F. “Heart-to-heart (H2H): au-
thentication for implanted medical devices”. In Proceedings of the 2013
ACM SIGSAC conference on Computer and communications security
(pp. 1099-1112). ACM, 2013.
[24] Kim, B., Yu, J. and Kim, H. “In-vivo nfc: Remote monitoring of
implanted medical devices with improved privacy”. In Proceedings of
the 10th ACM Conference on Embedded Network Sensor Systems (pp.
327-328). ACM, 2012.
[25] Zheng, G., Fang, G., Shankaran, R., Orgun, M.A. and Dutkiewicz, E.
“An ECG-based secret data sharing scheme supporting emergency treat-
ment of implantable medical devices”. In Wireless Personal Multimedia
Communications (WPMC), 2014 International Symposium on (pp. 624-
628). IEEE, 2014.
[26] Denning, T., Fu, K. and Kohno, T. “Absence Makes the Heart Grow
Fonder: New Directions for Implantable Medical Device Security”. In
HotSec, 2008.
[27] Xu, F., Qin, Z., Tan, C.C., Wang, B. and Li, Q. “IMDGuard: Securing
implantable medical devices with the external wearable guardian”. In
INFOCOM, 2011 Proceedings IEEE (pp. 1862-1870). IEEE, 2011.
[28] Rostami, M., Burleson, W., Juels, A. and Koushanfar, F. “Balancing se-
curity and utility in medical devices?”. In Design Automation Conference
(DAC), 2013 50th ACM/EDAC/IEEE (pp. 1-6). IEEE, 2013.
[29] Gollakota, S., Hassanieh, H., Ransford, B., Katabi, D. and Fu, K. “They
can hear your heartbeats: non-invasive security for implantable medical
devices”. ACM SIGCOMM Computer Communication Review, 41(4),
pp.2-13, 2011.
[30] Zhang, M., Raghunathan, A. and Jha, N.K. “MedMon: Securing medical
devices through wireless monitoring and anomaly detection”. IEEE
Transactions on Biomedical circuits and Systems, 7(6), pp.871-881,
2013.
[31] Chow, E.Y., Chlebowski, A.L., Chakraborty, S., Chappell, W.J. and
Irazoqui, P.P. “Fully wireless implantable cardiovascular pressure mon-
itor integrated with a medical stent”. IEEE Transactions on Biomedical
Engineering, 57(6), pp.1487-1496, 2010.
[32] Ankarali, Z.E., Abbasi, Q.H., Demir, A.F., Serpedin, E., Qaraqe, K. and
Arslan, H. “A comparative review on the wireless implantable medical
devices privacy and security”. In Wireless Mobile Communication and
Healthcare (Mobihealth), 2014 EAI 4th International Conference on (pp.
246-249). IEEE, 2014.
[33] Ankaral, Z.E., Demir, A.F., Qaraqe, M., Abbasi, Q.H., Serpedin, E.,
Arslan, H. and Gitlin, R.D. “Physical layer security for wireless im-
plantable medical devices”. In Computer Aided Modelling and Design of
Communication Links and Networks (CAMAD), IEEE 20th International
Workshop on (pp. 144-147). IEEE, 2015.
1501
... Advanced health care systems are essential for enduring nursing, giving them a major health care knowledge [24][25][26] and transforming health care data into an important source of health care knowledge [26,27]. We spoke about the study on managing health information in the preceding segment. ...
... Advanced health care systems are essential for enduring nursing, giving them a major health care knowledge [24][25][26] and transforming health care data into an important source of health care knowledge [26,27]. We spoke about the study on managing health information in the preceding segment. ...
Chapter
Full-text available
Cyber-physical systems (CPSs) are the intelligent systems that offer an interaction among computational, software, and networking resources in a continuous and dynamic fashion. Future systems are likely to be created and developed using CPSs, which have been recognized as a significant area of research. The electric power grid, energy systems, body area networks, modern vehicles, smart homes, cooperative robotics, and smart transportation are the examples for CPS. The security aspects of CPSs can be enhanced with blockchain (BC) technology. For instance, with the combination of CPSs and blockchain, a peer-to-peer energy market is made possible where machines may automatically buy and sell energy based on parameters specified by the user. In this chapter, we summarize recent developments in the creation and applications of CPS, the state-of-the-art and pertinent concepts, numerous CPS applications that have employed blockchain, relevant solutions, and open challenging issues.
... Because of medical equipment's limited memory space, it is impossible to keep track of the exchanges made via log files. Regarding communication, medical equipment can only support short-range communication due to energy limitations (9). Due to scale, computing capacities, and energy constraints, most wearable devices can only preprocess the sensed data. ...
... This medical device stimulates the smooth muscles of the lower stomach equipment to help control chronic nausea and vomiting associated with Gastroparesis. This equipment uses wireless communication that suffers from a lack of encryption, authentication, validation mechanism, and Hardware/Software error (80), making it vulnerable to different attack types, including eavesdropping, information disclosure, tampering, jamming, and resource depletion (9). Therefore, it must be considered when the researchers conceive an IDS for multiple medical devices. ...
... Utilizing wireless healthcare technologies has several benefits. In addition, the physician in the distant server center may carefully monitor the premature baby's health and make real-time recommendations for the premature baby's recovery and long-term care [16]- [21]. ...
Article
Full-text available
Advancements in technology have made pulse oximeter devices the preferred choice for parents monitoring their baby's health. However, existing devices present challenges for infants, especially preemies, who need continuous monitoring after being discharged from the hospital. Using conventional baby car seats with wired connections and unstable external vital sign monitors may lead to inaccurate data readings. To resolve this issue, the non-invasive monitoring preemie car seat (PreeCASE) device is well-developed. In this study, we focus on investigating the consistency of the PreeCASE device in assessing the heart rate, SpO2 level, and body temperature of healthy infants. For the methods, ten healthy infants are selected to use the PreeCASE device, and the data is collected and analyzed using standard procedure. The PreeCASE device provides consistent data readings for the three main physiological parameters, heart rate SpO2 level, and body temperature that are displayed on an LCD screen based on the user’s respective levels. The PreeCASE device is precisely designed to facilitate easy and rapid monitoring of infants, especially preemie infants. This innovative device holds significant potential to improve and support pediatricians in effectively caring for infants in Malaysia.
... Improved oversight and management of IMD operations enables speedier resolution of issues and the implementation of corrective actions. The two preceding criteria indicate that overall patient monitoring and IMD operation costs will drop [134]. ...
Article
Full-text available
Bio-implanted medical devices with electronic components play a crucial role due to their effectiveness in monitoring and diagnosing diseases, enhancing patient comfort, and ensuring safety. Recently, significant efforts have been conducted to develop implantable and wireless telemetric biomedical systems. Topics such as appropriate near-field wireless communication design, power use, monitoring devices, high power transfer efficiency from external to internal parts (implanted), high communication rates, and the need for low energy consumption all significantly influence the advancement of implantable systems. In this survey, a comprehensive examination is undertaken on diverse subjects associated with near-field wireless power transfer (WPT)-based biomedical applications. The scope of this study encompasses various aspects, including WPT types, a comparative analysis of WPT types and techniques for medical devices, data transmission methods employing WPT-based modulation approaches, and the integration of WPT into biomedical implantable systems. Furthermore, the study investigates the extraction of research concerning WPT topologies and corresponding mathematical models, such as power transfer, transfer efficiency, mutual inductance, quality factor, and coupling coefficient, sourced from existing literature. The article also delves into the impact of the specific absorption rate on patient tissue. It sheds light on WPT's challenges in biomedical implants while offering potential solutions.
... Somasundaram et al. [11] comprehensively studied security challenges in implantable medical devices, underlining the potential risks of unauthorized access and manipulation of therapeutic interventions within the smart healthcare system. Rathore et al. [12] further discussed the security aspects of implantable devices, emphasizing the importance of device integrity, data protection, and the need for multi-faceted security strategies that align with evolving threat landscapes within the context of IoT communication security and protection in smart healthcare systems. ...
Article
Full-text available
Biomedical Microelectromechanical Systems (BioMEMS) serve as a crucial catalyst in enhancing IoT communication security and safeguarding smart healthcare systems. Situated at the nexus of advanced technology and healthcare, BioMEMS are instrumental in pioneering personalized diagnostics, monitoring, and therapeutic applications. Nonetheless, this integration brings forth a complex array of security and privacy challenges intrinsic to IoT communications within smart healthcare ecosystems, demanding comprehensive scrutiny. In this manuscript, we embark on an extensive analysis of the intricate security terrain associated with IoT communications in the realm of BioMEMS, addressing a spectrum of vulnerabilities that spans cyber threats, data manipulation, and interception of communications. The integration of real-world case studies serves to illuminate the direct repercussions of security breaches within smart healthcare systems, highlighting the imperative to safeguard both patient safety and the integrity of medical data. We delve into a suite of security solutions, encompassing rigorous authentication processes, data encryption, designs resistant to attacks, and continuous monitoring mechanisms, all tailored to fortify BioMEMS in the face of ever-evolving threats within smart healthcare environments. Furthermore, the paper underscores the vital role of ethical and regulatory considerations, emphasizing the need to uphold patient autonomy, ensure the confidentiality of data, and maintain equitable access to healthcare in the context of IoT communication security. Looking forward, we explore the impending landscape of BioMEMS security as it intertwines with emerging technologies such as AI-driven diagnostics, quantum computing, and genomic integration, anticipating potential challenges and strategizing for the future. In doing so, this paper highlights the paramount importance of adopting an integrated approach that seamlessly blends technological innovation, ethical foresight, and collaborative ingenuity, thereby steering BioMEMS towards a secure and resilient future within smart healthcare systems, in the ambit of IoT communication security and protection.
... Improved oversight and management of IMD operations enables speedier resolution of issues and the implementation of corrective actions. The two preceding criteria indicate that overall patient monitoring and IMD operation costs will drop [134]. ...
Preprint
Full-text available
Electronic bio-implanted medical devices are essential due to their effectiveness in monitoring, disease diagnosis, patient comfort, and safety. Recently, significant efforts have been undertaken to develop implantable and wireless telemetric biomedical systems. Topics such as appropriate near-field wireless communication design, power use, monitoring devices, high-efficiency energy transfer from external to internal parts (implanted), high communication rates, and the need for low energy consumption all significantly influence the advancement of implantable systems. This study reviews various topics related to near-field wireless power transfer (WPT)-based biomedical applications, including WPT types, comparison of WPT types and methods for medical devices, data transmission for WPT-based modulation techniques, and biomedical implantable systems-based WPT. In addition, it extracts research on WPT topologies with related mathematical models—such as power transfer, transfer efficiency, mutual inductance, quality factor, and coupling coefficient—from the literature. The article discusses the effect of specific absorption rate on patient tissue and highlights challenges and solutions for WPT in biomedical implants. Finally, it presents current issues and future developments.
Article
The Internet of Things (IoT) is a rapidly expanding network of interconnected things that use embedded sensors to gather and share data in real‐time. IoT technologies have given rise to many networking applications in our everyday life such as smart homes, smart cities, smart transport, and so forth. Smart healthcare is one such application that has been revolutionized by the IoT, introducing a new branch of IoT known as the Internet of Medical Things (IoMT). IoMT encompasses an entire ecosystem consisting of smart wearable, implantable sensing equipment's or devices, transmitters that are critical for monitoring the patients remotely and continuing the real‐time and has opened the door to new innovative smart healthcare approaches while improving patient care outcomes. IoMT wearable and embedded sensing devices are commonly utilized in smart healthcare to capture medical data and transmit the medical data in a communication network stored in the cloud. The large volume of data generated and transmitted by these IoMT devices is rising at an exponential rate, resulting in an increase in security and privacy vulnerabilities of healthcare data. To ensure the Confidentiality and integrity of the IoMT devices and the sensitive medical data, there should be proper security and privacy measures such as access control, passwords, multifactor authentication, and encryption of data generated, transmitted, or processed in the IoMT framework. In this paper, we identified the internet of things and its applications in smart healthcare systems. Additionally, the paper focuses on the architecture of IoMT, and several challenges, including the IoMT security and privacy requirements, and attack taxonomy. Furthermore, the paper thoroughly investigates both cryptographic and non‐cryptographic based security and privacy‐enhancing techniques for IoMT or healthcare systems with particular emphasis on advancements in key areas such as Homomorphic Encryption, Differential Privacy, and Federated Learning.
Article
Full-text available
The new culture of networked systems that offer everywhere accessible services has given rise to various types of security tradeoffs. In fact, with the evolution of physical systems that keep getting integrated with cyber frameworks, cyber threats have far more critical effects as they get reflected on the physical environment. As a result, the issue of security of cyber physical systems requires a special holistic treatment. In this paper, we study the tradeoff between security, safety, and availability in such systems and demonstrate these concepts on implantable medical devices as a case study. We discuss the challenges and constraints associated with securing such systems and focus on the tradeoff between security measures required for blocking unauthorized access to the device and the safety of the patient in emergency situations where such measures must be dropped to allow access. We analyze the up to date proposed solutions and discuss their strengths and limitations.
Article
Full-text available
The security issue of wireless Implantable Medical Devices (IMD) is an emerging area of research. The unique challenge here is that an IMD should be accessed by doctors with no authorization for emergency treatments while it still has to be protected from adversaries. In this paper, we propose a novel ECG-based Secret Data Sharing (ESDS) scheme in order to protect the IMD data privacy against eavesdropping and other active attacks from adversaries. The scheme establishes a secure wireless channel wherein the secret is encrypted with a random ECG bit string generated from real-time ECG signals. This secret can only be revealed by an IMD programmer which has the ability of measuring real-time ECG signals synchronously with the IMD. Since there is no pre-deployment of credentials, the IMD can be accessed by doctors without prior authorization. Performance analysis based on the real ECG data shows that the encrypted secret cannot be revealed by non-real-time or other patients' ECG signals; thus, it achieves our design goal of providing robust security.
Conference Paper
Full-text available
Nowadays wireless communication is playing a vital role in implantable medical devices (IMDs) on health-care applications. It has many advantages in remote health monitoring, treatment and prediction for critical cases. However, any drawback in security of these devices against malicious attacks may lead to serious problems, such as theft of private information, wrong treatment and even death. In this paper, a comparative review of the current literature on IMD security research is provided to have a better understanding of the state of the art and the gaps in this direction.
Conference Paper
Full-text available
Wireless communications are increasingly important in health-care applications, particularly in those that use implantable medical devices (IMDs). Such systems have many advantages in providing remote healthcare in terms of monitoring , treatment and prediction for critical cases. However, the existence of malicious adversaries, referred to as nodes, which attempt to control implanted devices, constitutes a critical risk for patients. Such adversaries may perform dangerous attacks by sending malicious commands to the IMD, and any weakness in the device authentication mechanism may result in serious problems including death. In this paper we present a physical layer (PHY) authentication technique for IMDs that does not use existing methods of cryptology. In addition to ensuring authentication, the proposed technique also provides advantages in terms of decreasing processing complexity of IMDs and enhances overall communications performance.
Article
Full-text available
Bioengineering is a field in expansion. New technologies are appearing to provide a more efficient treatment of diseases or human deficiencies. Implantable Medical Devices (IMDs) constitute one example, these being devices with more computing, decision making and communication capabilities. Several research works in the computer security field have identified serious security and privacy risks in IMDs that could compromise the implant and even the health of the patient who carries it. This article surveys the main security goals for the next generation of IMDs and analyzes the most relevant protection mechanisms proposed so far. On the one hand, the security proposals must have into consideration the inherent constraints of these small and implanted devices: energy, storage and computing power. On the other hand, proposed solutions must achieve an adequate balance between the safety of the patient and the security level offered, with the battery lifetime being another critical parameter in the design phase. Copyright © 2015. Published by Elsevier Inc.
Book
The book presents the challenges inherent in the paradigm shift of network systems from static to highly dynamic distributed systems - it proposes solutions that the symbiotic nature of biological systems can provide into altering networking systems to adapt to these changes. The author discuss how biological systems - which have the inherent capabilities of evolving, self-organizing, self-repairing and flourishing with time - are inspiring researchers to take opportunities from the biology domain and map them with the problems faced in network domain. The book revolves around the central idea of bio-inspired systems -- it begins by exploring why biology and computer network research are such a natural match. This is followed by presenting a broad overview of biologically inspired research in network systems -- it is classified by the biological field that inspired each topic and by the area of networking in which that topic lies. Each case elucidates how biological concepts have been most successfully applied in various domains. Nevertheless, it also presents a case study discussing the security aspects of wireless sensor networks and how biological solution stand out in comparison to optimized solutions. Furthermore, it also discusses novel biological solutions for solving problems in diverse engineering domains such as mechanical, electrical, civil, aerospace, energy and agriculture. The readers will not only get proper understanding of the bio inspired systems but also better insight for developing novel bio inspired solutions.
Article
Security of medical embedded systems is of vital importance. Wireless medical devices used in wireless health applications employ large number of sensors and are in particular susceptible to security attacks. They are often not physically secured and are usually used in hostile environments. We have developed theoretical and statistical framework for creating semantic attacks where data is altered in such a way that the consequences include incorrect medical diagnosis and treatment. Our approach maps a semantic attack to an instance of optimization problem where medical damage is maximized under constraints of the probability of detection and root cause tracing. We use a popular medical shoe to demonstrate that low energy and low cost of embedded medical devices increases the probability of successful attacks. We have proposed two types of semantic attacks, respectively pressure-based attack, and time-based attack under two scenarios, a shoe with 99 pressure sensors and a shoe with 20 pressure sensors. We test the effects of the attacks and compare them. Our results indicate that it is surprisingly easy to attack several essential medical metrics and to alter corresponding medical diagnosis.
Conference Paper
The computer security community has recently begun research on the security and privacy issues associated with implantable medical devices and identified both existing flaws and new techniques to improve future devices. This paper surveys some of the recent work from the security community and highlights three of the major factors affecting security and privacy solutions for implantable medical devices: fundamental tensions, software risks, and human factors. We also present two challenges from the security community with which the biomedical community may be able to help: access to medical devices and methods for in vitro experimentation. © 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering.
Conference Paper
Balancing security, privacy, safety, and utility is a necessity in the health care domain, in which implantable medical devices (IMDs) and body area networks (BANs) have made it possible to continuously and automatically manage and treat a number of health conditions. In this work, we survey publications aimed at improving security and privacy in IMDs and health-related BANs, providing clear definitions and a comprehensive overview of the problem space. We analyze common themes, categorize relevant results, and identify trends and directions for future research. We present a visual illustration of this analysis that shows the progression of IMD/BAN research and highlights emerging threats. We identify three broad research categories aimed at ensuring the security and privacy of the telemetry interface, software, and sensor interface layers and discuss challenges researchers face with respect to ensuring reproducibility of results. We find that while the security of the telemetry interface has received much attention in academia, the threat of software exploitation and the sensor interface layer deserve further attention. In addition, we observe that while the use of physiological values as a source of entropy for cryptographic keys holds some promise, a more rigorous assessment of the security and practicality of these schemes is required.