Date of this Version
David Arney, Krishna Venkatasubramanian, Oleg Sokolsky, and Insup Lee, "Biomedical Devices and Systems Security", 33rd Annual International Conference of the IEEE Engineering in Medicine and Biology Society (EMBC '11) , 2376-2379. August 2011. http://dx.doi.org/10.1109/IEMBS.2011.6090663
Medical devices have been changing in revolutionary ways in recent years. One is in their form-factor. Increasing miniaturization of medical devices has made them wearable, light-weight, and ubiquitous; they are available for continuous care and not restricted to clinical settings. Further, devices are increasingly becoming connected to external entities through both wired and wireless channels. These two developments have tremendous potential to make healthcare accessible to everyone and reduce costs. However, they also provide increased opportunity for technology savvy criminals to exploit them for fun and profit. Consequently, it is essential to consider medical device security issues.
In this paper, we focused on the challenges involved in securing networked medical devices. We provide an overview of a generic networked medical device system model, a comprehensive attack and adversary model, and describe some of the challenges present in building security solutions to manage the attacks. Finally, we provide an overview of two areas of research that we believe will be crucial for making medical device system security solutions more viable in the long run: forensic data logging, and building security assurance cases.
33rd Annual International Conference of the IEEE Engineering in Medicine and Biology Society (EMBC '11)
© 2011 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Date Posted: 07 September 2011
This document has been peer reviewed.