Mobile medical devices today incorporate an increasingly broad array of consumer-style electronics technology: wireless connectivity, software-controlled functionality, and even open-source software.
This combination introduces unique opportunities for improved usability and improved patient outcomes. It also poses new risks for patient safety. Just as with mobile phones and tablets, as the devices become more commonplace and the potential value of accessing those devices increases, the number and nature of malicious attacks is likely to increase substantially. Here is a brief overview of the opportunities to enhance the patient experience with these new technologies, and the kind of steps that can mitigate some of the more common attack vectors.
Yes -- your new glucose pump is vulnerable, as are other medical devices. Even if it is still just an idea known only to you, it is vulnerable to kidnapping and sodium pentothal. Of course, that does not mean we should stop thinking of new ideas for glucose pumps that can dramatically improve patient outcomes, and/or patient quality of life, or that reduce costs, or in other ways improve the overall practice of healthcare. While the example of kidnapping and “truth serum” may sound extreme, it highlights two key observations: every device has vulnerabilities, and many times the risk of these vulnerabilities being exploited is acceptable.
This article will explore some of the more common usability enhancements available for medical device manufacturers today, vulnerabilities, and exploits associated with those enhancements, and some suggestions for approaches that may mitigate the risk of exploitation. This article is not a prescription for a completely secure device. One important element of security measures is keeping them secret. When you develop a security strategy for your new device, be sure not to overlook the fact that limiting the number of people with detailed knowledge of your strategy limits the risk of successful attacks.
While it is not possible to outline a specific set of measures that will work for every product for any specific vulnerability, it is possible to outline a process that includes the key steps needed to create a formal security strategy for your new device.
Decide what to protect
The very first step is to decide what is important to protect. Your strategy will depend on whether you are protecting company IP, patient data, patient safety, or preventing unauthorized service usage. Start by recognizing that you cannot eliminate all exploitation risk for any vulnerability, and decide what level of time, effort, and cost are justified to address the identified vulnerabilities. Keep your security strategy secret.
The fewer people who know the details of the security measures you have put in place, the longer those measures are likely to be effective. For each of the vulnerabilities that you need to address, consider layered strategies -- use a password and a proprietary data format to protect patient data, use secure EEPROM and online verification to protect the integrity of your executable software image. Finally, create a plan to provide updates or patches in the event that an exploit does become widely available or widely known.
Determine how to protect it
The list of hardware features that enhance usability of consumer (and medical) devices is relatively ubiquitous: Ethernet, WiFi, Bluetooth (BT), USB, GPS, accelerometers, haptic, touch, and audio. Less prevalent technologies like FireWire (IEEE1394), ZigBee, and NFC are also beginning to enter the mainstream. Generally, they fall into a few different categories in terms of the enhancements they provide.
Remote data access allows both patients and healthcare professionals more up-to-date information about the patient status (sensor data via USB/BT), device status, usage patterns (dosing/therapy records), and behavior (GPS & accelerometer data). Data collection via ZigBee, BT, and USB-connected sensors provides enhanced information for patients and healthcare workers to make decisions about patient care. When utilized in the User eXperience (UX) design, augmented man-machine interface (MMI) features -- touch, haptic, audio -- offer an opportunity to reduce mistakes by improving the clarity and simplicity of the task workflow.