Vulnerabilities of the Artificial Pancreas System and Proposed Cryptographic Solutions

Type I Diabetes Mellitus is the most common form of diabetes in people under the age of 30. Current treatment for Type I Diabetes Mellitus includes lifelong monitoring of blood glucose levels and administration of insulin injections, but medical advances in the hybrid closed-loop artificial pancreas are a possible improvement in the maintenance of this disease. Our goal is to build a simulation of the artificial pancreas using three Raspberry Pi computers and an implementation of the OpenAPS algorithm. We will also build an artificial pancreas system using two Raspberry Pi computers, a Medtronic insulin pump, and an implementation of the OpenAPS algorithm. We are investigating the vulnerabilities of the two artificial pancreas systems by using common hacking resources such as Kali Linux equipped with Wireshark and other tools. One challenge with securing the artificial pancreas system and other implantable medical devices is the limitations of the computational power and energy storage. Through an analysis of the vulnerabilities of the system, we will design and perform experiments to propose a lightweight cryptographic algorithm that ensures the security of the data transmissions while operating with constrained resources

Vulnerabilities of the Artificial Pancreas System and Proposed Cryptographic Solutions

We live in a world of cyber-enabled, wireless devices that enhance many aspects of life, including the treatment of diabetes. Type I Diabetes is a chronic autoimmune disorder characterized by destruction of pancreatic β-cells and subsequent deficiency of insulin - a crucial hormone in regulating blood glucose levels. Current treatment includes lifelong monitoring of blood glucose levels and injection of insulin. The development of an Artificial Pancreas System is automating the maintenance of this disease by integrating wireless devices to continuously monitor glucose levels and deliver insulin without patient interaction. Artificial Pancreas Systems and other Implantable Medical Devices (IMD) are shrinking in physical size which limits their storage, power, and processing capacity making them unsuitable for modern encryption. The lack of security features in lightweight devices results in the unsecure transmission of data between their components. The National Institute of Standards and Technology (NIST) has called for encryption algorithms to be considered as the lightweight cryptographic standard. Our team demonstrates how an adversary can exploit the vulnerabilities of the Artificial Pancreas System to cause irreversible damage to a patient. We implement ForkAE, a candidate for the lightweight encryption standard, to combat the vulnerabilities using our simulation of the Artificial Pancreas System