Upload
berniece-hunt
View
218
Download
0
Tags:
Embed Size (px)
Citation preview
Security and Privacy for Implantable Medical Devices
Presented by : Dilip Simha.C.R.
Authors and Publication
• Daniel Halperin, Thomas S. Heydt-Benjamin, Kevin Fu, Tadayoshi Kohno, and William H. Maisel
• Pervasive Computing, IEEE (Volume:7, Issue: 1 )
Topics
• What are IMD’s?.• Need of Security and Privacy.• Design issues• Types of intruders• Methods to deal with security issues• Tensions• Future research
What are Implantable Medical Devices
• Monitor and treat physiological conditions.• Placed inside the body• Examples
• Pacemakers• ICD’s(Implantable cardiac defibrillators)• Drug delivery systems• Neurostimulators
Importance of IMD’s
• Used in treatment of diseases like• Cardiac arrhythmia• Diabetes • Parkinson’s disease
• Over 25 million US citizens are dependent on IMD’s.
Modern day IMD’s
• Enable remote monitoring over long-range• Communicate with other interoperating
IMD’s
Criteria for design of IMD’s
• Safety and Utility goals• Security and Privacy goals
Safety and Utility goals
• Data accuracy• Device Identification• Configurability• Updatable Software• Multidevice Coordination• Auditable
Data accuracy
• Measured and stored data should be accurate.
• Incudes data about physiological conditions and timing.
Device Identification
• Authorized personnel must detect the presence of IMD’s.
• Example- ICD’s removal before heart surgery• FDA considered attaching RFID(Radio
Frequency ID) to IMD’s.
Configurability
• Authorized personnel must be able to change IMD settings.
• ICD’s and Open loop Insulin pumps.
Updatable Software
• Appropriately engineered updates are necessary
• Updates need to come from authorized personnel
Multidevice Coordination
• Current IMD’s have some examples of coordination• CROS(Contralateral routing of signals) hearing Aid.
• Projected future devices use more coordination• closed loop insulin delivery system
Auditable
• In case of failure• Device’s operational history to manufacturers.
• Might differ from the data received by healthcare professionals.
Resource Efficient
• Power consumption• More energy for wireless communications.• Must minimize computation and communication.
• Data storage requirements
Security and Privacy Goals
• Authorization• Availability• Device software and settings• Device Existence Privacy• Device-type privacy• Specific Device ID privacy• Measurement and Log privacy• Bearer privacy• Data integrity
Authorization
• Personal Authorization• Specific basic rights are granted• Patients and primary-care physicians
• Role-based authorization• Authorized for a set of tasks• Physician or Ambulance Computer
• IMD selection• Only interact with intended devices.
Availability
• DoS attack prevention• Intruder should not be able to
• Drain battery• Overflow data storage• Jam the communication
Device software and settings
• Authorized personnel should only modify IMD’s.
• Avoid accidental malfunctions.
Device existence privacy
• IMD’s are expensive.• Avoid detection by unauthorized personnel.
Specific device ID privacy
• Attacker should not be able to track IMD’s.• Location privacy.
Measurement and log privacy
• Private information about measurements and audit log data.
Bearer Privacy
• Private information of patient• Name• Medical history• Detailed diagnoses.
Data integrity
• Avoid tampering of past data.• Avoid inducing modifications to future data.
Classes of adversaries
• Passive adversaries• Active adversaries• Coordinated adversaries• Insiders
Tensions
• Security v/s Accessibility• Security v/s Device resources• Security v/s Usability
Research directions
• Fine grained access control• Open access with revocation and second-
factor authentication• Accountability• Patient awareness via secondary channels• Authorization via secondary channels • Shift computation to external devices
QUESTIONS?