HOME  |  NEWS  |  BLOGS  |  MESSAGES  |  FEATURES  |  VIDEOS  |  WEBINARS  |  RESOURCE CENTER  |  INDUSTRIES
REGISTER   |   LOGIN   |   HELP
Blogs
Guest Blogs

Medical Device Vulnerabilities: What to Protect & How to Protect It

NO RATINGS

Mobile medical devices today incorporate an increasingly broad array of consumer-style electronics technology: wireless connectivity, software-controlled functionality, and even open-source software.

This combination introduces unique opportunities for improved usability and improved patient outcomes. It also poses new risks for patient safety. Just as with mobile phones and tablets, as the devices become more commonplace and the potential value of accessing those devices increases, the number and nature of malicious attacks is likely to increase substantially. Here is a brief overview of the opportunities to enhance the patient experience with these new technologies, and the kind of steps that can mitigate some of the more common attack vectors.

Yes -- your new glucose pump is vulnerable, as are other medical devices. Even if it is still just an idea known only to you, it is vulnerable to kidnapping and sodium pentothal. Of course, that does not mean we should stop thinking of new ideas for glucose pumps that can dramatically improve patient outcomes, and/or patient quality of life, or that reduce costs, or in other ways improve the overall practice of healthcare. While the example of kidnapping and “truth serum” may sound extreme, it highlights two key observations: every device has vulnerabilities, and many times the risk of these vulnerabilities being exploited is acceptable.

This article will explore some of the more common usability enhancements available for medical device manufacturers today, vulnerabilities, and exploits associated with those enhancements, and some suggestions for approaches that may mitigate the risk of exploitation. This article is not a prescription for a completely secure device. One important element of security measures is keeping them secret. When you develop a security strategy for your new device, be sure not to overlook the fact that limiting the number of people with detailed knowledge of your strategy limits the risk of successful attacks.

While it is not possible to outline a specific set of measures that will work for every product for any specific vulnerability, it is possible to outline a process that includes the key steps needed to create a formal security strategy for your new device.

Decide what to protect
The very first step is to decide what is important to protect. Your strategy will depend on whether you are protecting company IP, patient data, patient safety, or preventing unauthorized service usage. Start by recognizing that you cannot eliminate all exploitation risk for any vulnerability, and decide what level of time, effort, and cost are justified to address the identified vulnerabilities. Keep your security strategy secret.

The fewer people who know the details of the security measures you have put in place, the longer those measures are likely to be effective. For each of the vulnerabilities that you need to address, consider layered strategies -- use a password and a proprietary data format to protect patient data, use secure EEPROM and online verification to protect the integrity of your executable software image. Finally, create a plan to provide updates or patches in the event that an exploit does become widely available or widely known.

Determine how to protect it
The list of hardware features that enhance usability of consumer (and medical) devices is relatively ubiquitous: Ethernet, WiFi, Bluetooth (BT), USB, GPS, accelerometers, haptic, touch, and audio. Less prevalent technologies like FireWire (IEEE1394), ZigBee, and NFC are also beginning to enter the mainstream. Generally, they fall into a few different categories in terms of the enhancements they provide.

Remote data access allows both patients and healthcare professionals more up-to-date information about the patient status (sensor data via USB/BT), device status, usage patterns (dosing/therapy records), and behavior (GPS & accelerometer data). Data collection via ZigBee, BT, and USB-connected sensors provides enhanced information for patients and healthcare workers to make decisions about patient care. When utilized in the User eXperience (UX) design, augmented man-machine interface (MMI) features -- touch, haptic, audio -- offer an opportunity to reduce mistakes by improving the clarity and simplicity of the task workflow.

Page 1 / 2 Next >
View Comments: Newest First|Oldest First|Threaded View
Page 1/2  >  >>
tekochip
User Rank
Platinum
Unique Data Format
tekochip   4/4/2013 3:29:45 PM
NO RATINGS
Using a unique data format is an often overlooked area of security. Simply packing bytes and using bit fields not only makes the data packet smaller, but does prevent all bit the technically savvy from monitoring the data.


Nancy Golden
User Rank
Platinum
Re: Layered Strategies and the Need For It
Nancy Golden   4/4/2013 2:53:19 PM
NO RATINGS
I certainly see your point, Alan. Current trends are taking technology usage out of the hands of specialists and into those of less technical users who may inadvertently create a security breach that allows sensitive information to either be accessed or corrupted. Networking is definitely on the increase in medical applications for easier sharing of data - I can see how this increases the need for security...

Alan Walsh
User Rank
Iron
Regarding cost of medical devices
Alan Walsh   4/4/2013 2:50:17 PM
NO RATINGS
Thanks all for your comments on the article.  Apologies for the delay in responding.  I lost track of when the article was going live.  I think there are three main contributors to the cost of medical devices.  One is definitely the higher development costs to meet regulatory and safety requirements.  However the "typical" medical device takes much less overall cost to develop than the iPhone for example.  Liability is another big piece, and I think the third important piece is the relatively low volumes.  At Logic PD I have worked with a variety of very recognizable device manufacturers, and volumes for some of the devices that we've worked on with large-scale development efforts can be in the 100's per year.  If you sell only about 1,000 in ten years every million you spend on development adds $1000 to the cost of each unit.  Such low volumes also increases the cost of the components that go into the device (buying a million memory chips is a much lower unit cost than buying 100).

Alan Walsh
User Rank
Iron
Re: Layered Strategies and the Need For It
Alan Walsh   4/4/2013 2:43:53 PM
NO RATINGS
Nancy, first off apologies for the delay in responding.  I lost track of when the article was going live.  Absolutely most of what I described is generally applicable to consumer devices as well as medical devices.  Device and information security is generally a fairly mature and active area of development, and I was trying to illustrate some of the areas where medical device designers and manufacturers should be paying more attention to security, in an environment that historically has had fewer security concerns (non-networked devices, used in controlled environments, by trained health care professionals).

Alan Walsh
User Rank
Iron
Re: Malicious Intent
Alan Walsh   4/4/2013 2:41:11 PM
NO RATINGS
Greg, first off apologies for the delay in responding.  I lost track of when the article was going live.  I agree completely.  The focus of the article was intended to be FDA regulated devices, not so much data protection that would be governed by HIPAA.  In fact I was motivated to write because of the reports in 2011 that an insulin pump had been successfully hacked, and was able to be programmed maliciously over a wireless connection.

Alan Walsh
User Rank
Iron
Re: Secure OS?
Alan Walsh   4/4/2013 2:36:01 PM
NO RATINGS
Charles, first off apologies for the delay in responding.  I lost track of when the article was going live.  The level of level of security depends on the safetly classification of the device.  In cases of lowest patient risk something like SELinux or SEAndroid (Security Ehanced) may be appropriate.  In cases of higher risk most closed source OS options that offer packages specifically for medical device development will be closed-source, and provide an appropriate level of security as a starting point.  In terms of networked devices one aspect of security outside scope of my post is IT policy.  The range and nature of devices that connect to your network, and whether or not persistent storage is all encrypted, and whether it's possible to install new apps, etc all contribute to overall security.

Greg M. Jung
User Rank
Platinum
Malicious Intent
Greg M. Jung   2/27/2013 8:18:27 PM
NO RATINGS
From a patient safety standpoint, I'm not as concerned with the pirating of medical information as I am about a hacker who infiltrates the medical device with malicious intent.  I think we should consider ways to mitigate hacker risk if a medical device is connected to a network and could be vulnerable to an attack on its operating system (where applicable).

Charles Murray
User Rank
Blogger
Re: Valuable information
Charles Murray   2/25/2013 7:47:58 PM
Good point, NadineJ. Hackers could misuse information about communicable diseases and psychiatric treatment (among other things) to cause to a great deal of trouble for unsuspecting patients.  

Ann R. Thryft
User Rank
Blogger
Re: Valuable information
Ann R. Thryft   2/20/2013 5:38:28 PM
NO RATINGS
The high cost of medical devices is due in part to a longer history of liability problems than of leaked data, a much more recent concern. Other factors like very high performance and the high cost of middlemen no doubt contribute yet more cost. But I think Cabe's point about leaked data is a good one--that's probably going to be a contributing factor to higher device costs in the near future.

Cabe Atwell
User Rank
Blogger
Re: Valuable information
Cabe Atwell   2/20/2013 4:51:06 PM
NO RATINGS
If medical history wasn't important, politicians wouldn't get so worried over it. I say leaked data is a big deal.

C

Page 1/2  >  >>
Partner Zone
More Blogs from Guest Blogs
On April 21, NASA launched a novel project, putting into orbit three satellites that employ an off-the-shelf commercial smartphone as the control system.
The Last Power project aims to make the EU independent from other developed countries on wide band-gap semiconductors.
The legacy endpoint devices that control our critical infrastructure (utility systems, water treatment plants, military networks, industrial control systems, etc.) are some of the most vulnerable devices on the Internet.
In a switched-capacitor filter, capacitors and switches take the place of resistors and accurately reproduce the characteristics of continuous-time Bessel, Butterworth, and elliptical filters.
How should engineers respond to high-risk technologies?
Design News Webinar Series
5/30/2013 11:00 a.m. California / 2:00 p.m. New York / 7:00 p.m. London
5/29/2013 11:00 a.m. California / 2:00 p.m. New York / 7:00 p.m. London
6/25/2013 11:00 a.m. California / 2:00 p.m. New York / 7:00 p.m. London
6/27/2013 11:00 a.m. California / 2:00 p.m. New York / 7:00 p.m. London
Resource Center
Sponsored content
More Resource Center
Blogs from Our Sponsors
From Dell / Intel®
New Paradigms in Design Work
 Scott Hamilton, vertical market strategist for Dell Precision workstations, 5/2/2013    5
Early in my career, I worked as a draftsman and remember the days of drawing on vellum with numbered pencils and Mylar with plastic lead. This was a fun experience in the sense that I ...
From Dell / Intel®
Increased Workstation Performance Is as Easy as 'DPPO'
 Trey Morton, Dell, 4/25/2013    2
I've been using workstations for more than 10 years and love finding ways to get more performance from my system. With demanding professional applications that require more power each ...
From Dell / Intel®
Taking Some of the Grit out of Manufacturing
 Kirsten Billhardt, Manufacturing Industry Marketing Strategist, Dell, 3/26/2013    5
A lasting memory from my first job as an engineer in an auto assembly plant is standing on hard concrete at six in the morning, vending-machine coffee clutched in hand, listening to ...
Quick Poll
The Continuing Education Center offers engineers an entirely new way to get the education they need to formulate next-generation solutions.
Jun 24 - 28, Design Your Own Android App
SEMESTERS: 1  |  2  |  3


DN Radio
Sponsored by
NEXT UPCOMING BROADCAST
For industrial control applications, or even a simple assembly line, that machine can go almost 24/7 without a break. But what happens when the task is a little more complex? That’s where the “smart” machine would come in. The smart machine is one that has some simple (or complex in some cases) processing capability to be able to adapt to changing conditions. Such machines are suited for a host of applications, including automotive, aerospace, defense, medical, computers and electronics, telecommunications, consumer goods, and so on. This radio show will show what’s possible with smart machines, and what tradeoffs need to be made to implement such a solution.
Twitter Feed
Design News Twitter Feed
Like Us on Facebook

Sponsored Content

Technology Marketplace

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
Copyright © 2013 UBM Canon, A UBM company, All rights reserved. Privacy Policy | Terms of Service