Balancing Security and Utility in Medical Devices?

ABSTRACT Implantable Medical Devices (IMDs) are being embedded increasingly often in patients' bodies to monitor and help treat medical conditions. To facilitate monitoring and control, IMDs are often equipped with wireless interfaces. While convenient, wireless connectivity raises the risk of malicious access to an IMD that can potentially infringe patients' privacy and even endanger their lives. Thus, while ease of access to IMDs can be vital for timely medical intervention, too much ease is dangerous. Obvious approaches, such as passwords and certificates, are unworkable at large scale given the lack of central authorities and frequent emergencies in medical settings. Additionally, IMDs are heavily constrained in their power consumption and computational capabilities. Designing access-control mechanisms for IMDs that can meet the many constraints of real-world deployment is an important research challenge. In this paper, we review proposed approaches to the accesscontrol problem for IMDs, including the problem of secure pairing (and key distribution) between an IMD and another device, such as a programmer. (We also treat related technologies, such as bodyarea networks.) We describe some limitations of well-conceived proposals and reveal security weaknesses in two proposed cryptographic pairing schemes. Our intention is to stimulate yet more inventive and rigorous research in the intriguing and challenging areas of IMD security and medical-device security in general

Security and privacy issues in implantable medical devices: A comprehensive survey

Bioengineering is a field in expansion. New technologies are appearing to provide a more efficient treatment of diseases or human deficiencies. Implantable Medical Devices (IMDs) constitute one example, these being devices with more computing, decision making and communication capabilities. Several research works in the computer security field have identified serious security and privacy risks in IMDs that could compromise the implant and even the health of the patient who carries it. This article surveys the main security goals for the next generation of IMDs and analyzes the most relevant protection mechanisms proposed so far. On the one hand, the security proposals must have into consideration the inherent constraints of these small and implanted devices: energy, storage and computing power. On the other hand, proposed solutions must achieve an adequate balance between the safety of the patient and the security level offered, with the battery lifetime being another critical parameter in the design phase

Security Trade-offs in Cyber Physical Systems: A Case Study Survey on Implantable Medical Devices

The new culture of networked systems that offer everywhere accessible services has given rise to various types of security trade-offs. In fact, with the evolution of physical systems that keep getting integrated with cyber frameworks, cyber threats have far more critical effects as they get reflected on the physical environment. As a result, the issue of security of cyber physical systems requires a special holistic treatment. In this paper, we study the trade-off between security, safety and availability in such systems and demonstrate these concepts on implantable medical devices as a case study. We discuss the challenges and constraints associated with securing such systems and focus on the trade-off between security measures required for blocking unauthorized access to the device, and the safety of the patient in emergency situations where such measures must be dropped to allow access. We analyze the up to date proposed solutions and discuss their strengths and limitations