Synthesizing stealthy reprogramming attacks on cardiac devices

Loading...
Thumbnail Image
Penn collection
Real-Time and Embedded Systems Lab (mLAB)
Degree type
Discipline
Subject
CPS Medical
CPS Model-Based Design
CPS Formal Methods
CPS Theory
CPS Security
medical device security
reprogramming attack
implantable cardioverter defibrillator
arrhythmia discrimination
model-based attack synthesis
Computer Engineering
Electrical and Computer Engineering
Funder
Grant number
License
Copyright date
Distributor
Related resources
Contributor
Abstract

An Implantable Cardioverter Defibrillator (ICD) is a medical device used for the detection of potentially fatal cardiac arrhythmias and their treatment through the delivery of electrical shocks intended to restore normal heart rhythm. An ICD reprogramming attack seeks to alter the device’s parameters to induce unnecessary therapy or prevent required therapy. In this paper, we present a formal approach for the synthesis of ICD reprogramming attacks that are both effective, i.e., lead to fundamental changes in the required therapy, and stealthy, i.e., are hard to detect. We focus on the discrimination algorithm underlying Boston Scientific devices (one of the principal ICD manufacturers) and formulate the synthesis problem as one of multi-objective optimization. Our solution technique is based on an Optimization Modulo Theories encoding of the problem and allows us to derive device parameters that are optimal with respect to the effectiveness-stealthiness trade-off. Our method can be tailored to the patient’s current condition, and readily generalizes to new rhythms. To the best of our knowledge, our work is the first to derive systematic ICD reprogramming attacks designed to maximize therapy disruption while minimizing detection.

Advisor
Date of presentation
2019-04-16
Conference name
Real-Time and Embedded Systems Lab (mLAB)
Conference dates
2023-05-17T23:02:40.000
Conference location
Date Range for Data Collection (Start Date)
Date Range for Data Collection (End Date)
Digital Object Identifier
Series name and number
Volume number
Issue number
Publisher
Publisher DOI
Journal Issue
Comments
Recommended citation
@inproceedings{Paoletti:2019:SSR:3302509.3311044, author = {Paoletti, Nicola and Jiang, Zhihao and Islam, Md Ariful and Abbas, Houssam and Mangharam, Rahul and Lin, Shan and Gruber, Zachary and Smolka, Scott A.}, title = {Synthesizing Stealthy Reprogramming Attacks on Cardiac Devices}, booktitle = {Proceedings of the 10th ACM/IEEE International Conference on Cyber-Physical Systems}, series = {ICCPS '19}, year = {2019}, isbn = {978-1-4503-6285-6}, location = {Montreal, Quebec, Canada}, pages = {13--22}, numpages = {10}, url = {http://doi.acm.org/10.1145/3302509.3311044}, doi = {10.1145/3302509.3311044}, acmid = {3311044}, publisher = {ACM}, address = {New York, NY, USA}, keywords = {arrhythmia discrimination, implantable cardioverter defibrillator, medical device security, model-based attack synthesis, reprogramming attack}, }
Collection