Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Introduction Kapitel lesen Erstes Kapitel lesen

2014 | OriginalPaper | Buchkapitel

7. Design Challenges for Secure Implantable Medical Devices

verfasst von : Benjamin Ransford, Shane S. Clark, Denis Foo Kune, Kevin Fu, Wayne P. Burleson

Erschienen in: Security and Privacy for Implantable Medical Devices

Verlag: Springer New York

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Implantable medical devices (IMDs) are increasingly being used to improve patients’ medical outcomes. Designers of IMDs already balance safety, reliability, complexity, power consumption, and cost. However, recent research has demonstrated that designers should also consider security and data privacy to protect patients from acts of theft or malice, especially as medical technology becomes increasingly connected to other systems via wireless communications or the Internet. This survey paper summarizes recent work on IMD security. It discusses sound security principles to follow and common security pitfalls to avoid. As trends in power efficiency, sensing, wireless systems, and biointerfaces make possible new and improved IMDs, they also underscore the importance of understanding and addressing security and privacy concerns in an increasingly connected world.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Segue
Nächstes Kapitel Attacking and Defending a Diabetes Therapy System
Fußnoten
1
See Bishop’s textbook [6] for a comprehensive introduction to security.
 
Literatur
1.
R. J. Anderson. Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley, 2008.
2.
D. Arney, R. Jetley, P. Jones, I. Lee, and O. Sokolsky. Formal methods based development of a PCA infusion pump reference model: Generic infusion pump (GIP) project. In Proceedings of the 2007 Joint Workshop on High Confidence Medical Devices, Software, and Systems and Medical Device Plug-and-Play Interoperability, HCMDSS-MDPNP ’07, pages 23–33. IEEE Computer Society, 2007.
3.
D. Arney, M. Pajic, J. M. Goldman, I. Lee, R. Mangharam, and O. Sokolsky. Toward patient safety in closed-loop medical device systems. In Proceedings of the 1st ACM/IEEE International Conference on Cyber-Physical Systems, ICCPS ’10, pages 139–148. ACM, 2010.
4.
5.
C. Beck, D. Masny, W. Geiselmann, and G. Bretthauer. Block cipher based security for severely resource-constrained implantable medical devices. In Proceedings of 4th International Symposium on Applied Sciences in Biomedical and Communication Technologies, ISABEL ’11, pages 62:1–62:5. ACM, October 2011.
6.
M. Bishop. Computer Security: Art and Science. Addison-Wesley Professional, 2003.
7.
S. Clark, T. Goodspeed, P. Metzger, Z. Wasserman, K. Xu, and M. Blaze. Why (special agent) johnny (still) can’t encrypt: a security analysis of the apco project 25 two-way radio system. In Proceedings of the 20th USENIX conference on Security. USENIX Association, 2011.
8.
G. De Micheli, S. Ghoreishizadeh, C. Boero, F. Valgimigli, and S. Carrara. An integrated platform for advanced diagnostics. In Design, Automation & Test in Europe Conference & Exhibition, DATE ’11. IEEE, March 2011.
9.
A. de Saint-Exupéry. Terre des Hommes. Editions Gallimard, 1939.
10.
T. Denning, A. Borning, B. Friedman, B. T. Gill, T. Kohno, and W. H. Maisel. Patients, pacemakers, and implantable defibrillators: human values and security for wireless implantable medical devices. In Proc. International Conference on Human Factors in Computing Systems (CHI), 2010.
11.
T. Denning, K. Fu, and T. Kohno. Absence makes the heart grow fonder: New directions for implantable medical device security. In Proceedings of USENIX Workshop on Hot Topics in Security (HotSec), July 2008.
12.
X. Fan, G. Gong, K. Lauffenburger, and T. Hicks. FPGA implementations of the Hummingbird cryptographic algorithm. In Proceedings of the IEEE International Symposium on Hardware-Oriented Security and Trust, HOST ’10, pages 48–51, June 2010.
13.
X. Fan, H. Hu, G. Gong, E. Smith, and D. Engels. Lightweight implementation of Hummingbird cryptographic algorithm on 4-bit microcontrollers. In International Conference for Internet Technology and Secured Transactions, ICITST ’09, pages 1–7, November 2009.
14.
N. Ferguson, B. Schneier, and T. Kohno. Cryptography Engineering: Design Principles and Practical Applications. Wiley, 2010.
15.
D. Foo Kune, J. Backes, S. S. Clark, D. B. Kramer, M. R. Reynolds, K. Fu, Y. Kim, and W. Xu. Ghost talk: mitigating EMI signal injection attacks against analog sensors. In Proceedings of the 34th Annual IEEE Symposium on Security and Privacy, May 2013.
16.
K. Fu. Trustworthy medical device software. In Public Health Effectiveness of the FDA 510(k) Clearance Process: Measuring Postmarket Performance and Other Select Topics: Workshop Report, Washington, DC, July 2011. IOM (Institute of Medicine), National Academies Press.
17.
S. Gollakota, N. Ahmed, N. Zeldovich, and D. Katabi. Secure in-band wireless pairing. In Proceedings of the 20th USENIX Security Symposium, August 2011.
18.
S. Gollakota, H. Hassanieh, B. Ransford, D. Katabi, and K. Fu. They can hear your heartbeats: non-invasive security for implanted medical devices. In Proceedings of ACM SIGCOMM, Aug. 2011.
19.
P. Gould and A. Krahn. Complications associated with implantable cardioverter–defibrillator replacement in response to device advisories. Journal of the American Medical Association (JAMA), 295(16):1907–1911, April 2006.
20.
S. Guan, J. Gu, Z. Shen, J. Wang, Y. Huang, and A. Mason. A wireless powered implantable bio-sensor tag system-on-chip for continuous glucose monitoring. In Proceedings of the IEEE Biomedical Circuits and Systems Conference, BioCAS ’11, November 2011.
21.
A. Guiseppi-Elie. An implantable biochip to influence patient outcomes following trauma-induced hemorrhage. Analytical and Bioanalytical Chemistry, 399(1):403–419, January 2011.CrossRef
22.
D. Halperin, T. S. Heydt-Benjamin, K. Fu, T. Kohno, and W. H. Maisel. Security and privacy for implantable medical devices. IEEE Pervasive Computing, Special Issue on Implantable Electronics, 7(1):30–39, January 2008.CrossRef
23.
D. Halperin, T. S. Heydt-Benjamin, B. Ransford, S. S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W. H. Maisel. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In Proceedings of the 29th Annual IEEE Symposium on Security and Privacy, pages 129–142, May 2008.
24.
D. Halperin, T. S. Heydt-Benjamin, B. Ransford, S. S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W. H. Maisel. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In Proceedings of the 29th IEEE Symposium on Security and Privacy, May 2008.
25.
A. Hintz. Fingerprinting websites using traffic analysis. In R. Dingledine and P. Syverson, editors, Proceedings of the Privacy Enhancing Technologies workshop, PET ’02. Springer, LNCS 2482, April 2002.
26.
G. Hoglund and G. McGraw. Exploiting Software: How to Break Code. Addison-Wesley Professional, 2004.
27.
S. Hosseini-Khayat. A lightweight security protocol for ultra-low power ASIC implementation for wireless implantable medical devices. In Proceedings of the 5th International Symposium on Medical Information Communication Technology, ISMICT ’11, pages 6–9, March 2011.
28.
R. P. Jetley, P. L. Jones, and P. Anderson. Static analysis of medical device software using CodeSonar. In Proceedings of the 2008 Workshop on Static Analysis, SAW ’08, pages 22–29. ACM, 2008.
29.
A. Kerckhoffs. La cryptographie militaire. Journal des Sciences Militaires, IX, Jan 1883.
30.
I. Lee, G. J. Pappas, R. Cleaveland, J. Hatcliff, and B. H. Krogh. High-confidence medical device software and systems. IEEE Computer, 39(4):33–38, 2006.CrossRef
31.
A. K. Lenstra. Key lengths. In H. Bidgoli, editor, Handbook of Information Security, Volume 1: Key Concepts, Infrastructure, Standards and Protocols., page …John Wiley, 2006.
32.
C. Li, A. Raghunathan, and N. K. Jha. Hijacking an insulin pump: security attacks and defenses for a diabetes therapy system. In Proceedings of the 13th IEEE International Conference on e-Health Networking, Applications, and Services, Healthcom ’11, June 2011.
33.
G. McGraw. Software Security: Building Security In. Addison-Wesley Professional, 2006.
34.
G. McGraw, S. Migues, and J. West. Building Security In Maturity Model, BSIMM4 edition, September 2012.
35.
T. Mitre Corporation. Common vulnerabilities and exposures.
36.
S. J. Murdoch, S. Drimer, R. Anderson, and M. Bond. Chip and PIN is broken. In Proc. IEEE Symposium on Security and Privacy (SP), May 2010.
37.
K. Nohl, D. Evans, Starbug, and H. Plötz. Reverse-engineering a cryptographic RFID tag. In Proceedings of the 17th USENIX Security Symposium, pages 185–194, July 2008.
38.
S. O’Driscoll, A. Poon, and T. Meng. A mm-sized implantable power receiver with adaptive link compensation. In Proceedings of the International Solid-State Circuits Conference, ISSCC ’09, pages 294–295,295a. IEEE, February 2009.
39.
N. Paul, T. Kohno, and D. C. Klonoff. A review of the security of insulin pump infusion systems. Journal of Diabetes Science and Technology, 5(6):1557–1562, November 2011.
40.
41.
J. Rabaey, M. Mark, D. Chen, C. Sutardja, C. Tang, S. Gowda, M. Wagner, and D. Werthimer. Powering and communicating with mm-size implants. In Design, Automation & Test in Europe Conference & Exhibition, DATE ’11. IEEE, 2011.
42.
J. Radcliffe. Hacking medical devices for fun and insulin: Breaking the human SCADA system. Black Hat Conference presentation slides, August 2011.
43.
K. B. Rasmussen, C. Castelluccia, T. S. Heydt-Benjamin, and S. Čapkun. Proximity-based access control for implantable medical devices. In Proceedings of the 16th ACM Conference on Computer and Communications Security, pages 410–419, 2009.
44.
45.
J. Sunshine, S. Egelman, H. Almuhimedi, N. Atri, and L. F. Cranor. Crying wolf: An empirical study of SSL warning effectiveness. In Proceedings USENIX Security Symposium, 2009.
46.
47.
48.
49.
J. Viega and G. McGraw. Building Secure Software: How to Avoid Security Problems the Right Way. Addison-Wesley Professional, 2001.
50.
F. Xu, Z. Qin, C. C. Tan, B. Wang, and Q. Li. IMDGuard: Securing implantable medical devices with the external wearable guardian. In Proceedings of the 30th IEEE International Conference on Computer Communications, INFOCOM ’11, pages 1862–1870, April 2011.
Metadaten
Titel
Design Challenges for Secure Implantable Medical Devices
verfasst von
Benjamin Ransford
Shane S. Clark
Denis Foo Kune
Kevin Fu
Wayne P. Burleson
Copyright-Jahr
2014
Verlag
Springer New York
Buch
Security and Privacy for Implantable Medical Devices

Print ISBN: 978-1-4614-1673-9

Electronic ISBN: 978-1-4614-1674-6

Copyright-Jahr: 2014

DOI
https://doi.org/10.1007/978-1-4614-1674-6_7

Neuer Inhalt

    Bildnachweise