1 research outputs found
Digital Investigation of Security Attacks on Cardiac Implantable Medical Devices
A Cardiac Implantable Medical device (IMD) is a device, which is surgically
implanted into a patient's body, and wirelessly configured using an external
programmer by prescribing physicians and doctors. A set of lethal attacks
targeting these devices can be conducted due to the use of vulnerable wireless
communication and security protocols, and the lack of security protection
mechanisms deployed on IMDs. In this paper, we propose a system for postmortem
analysis of lethal attack scenarios targeting cardiac IMDs. Such a system
reconciles in the same framework conclusions derived by technical investigators
and deductions generated by pathologists. An inference system integrating a
library of medical rules is used to automatically infer potential medical
scenarios that could have led to the death of a patient. A Model Checking based
formal technique allowing the reconstruction of potential technical attack
scenarios on the IMD, starting from the collected evidence, is also proposed. A
correlation between the results obtained by the two techniques allows to prove
whether a potential attack scenario is the source of the patient's death.Comment: In Proceedings AIDP 2014, arXiv:1410.322