Bulwark: Securing implantable medical devices communication channels

Lake Bu; Mark G. Karpovsky; Michel A. Kinsy

doi:10.1016/j.cose.2018.10.011

Bulwark: Securing implantable medical devices communication channels

Lake Bu, Mark G. Karpovsky, Michel A. Kinsy

Research output: Contribution to journal › Article › peer-review

9 Scopus citations

Abstract

Implantable medical devices (IMDs) have been used to manage a broad range of diseases and ailments. They are convenient for patients due to their small sizes, unobtrusiveness and portability using wireless monitors or controllers. However, the wireless communication between these devices and their controllers often lacks security features or mechanisms. This lack of security makes the use of these devices a fertile ground for passive and active attacks. Unlike other cyber attacks which target victims’ information or property, attacks on medical devices can threaten a victim's life. Currently, there are very few efficient solutions to these attacks which balance security, reliability, and power consumption. Therefore, in this work, we propose a robust approach for guarding against existing and potential communication-based attacks on IMDs while keeping the added hardware and power consumption low. In addition, we introduce a secure and efficient protocol for authorizing third-party medical teams to access the IMDs in the case of an emergency.

Original language	English (US)
Pages (from-to)	498-511
Number of pages	14
Journal	Computers and Security
Volume	86
DOIs	https://doi.org/10.1016/j.cose.2018.10.011
State	Published - Sep 2019
Externally published	Yes

Keywords

AMD codes
Authentication
Encryption
Implantable medical devices
Man-In-The-Middle
Robust codes
Security

ASJC Scopus subject areas

Computer Science(all)
Law

Access to Document

10.1016/j.cose.2018.10.011

Cite this

@article{f91374a91fe54cea8461423b53c92fa1,

title = "Bulwark: Securing implantable medical devices communication channels",

abstract = "Implantable medical devices (IMDs) have been used to manage a broad range of diseases and ailments. They are convenient for patients due to their small sizes, unobtrusiveness and portability using wireless monitors or controllers. However, the wireless communication between these devices and their controllers often lacks security features or mechanisms. This lack of security makes the use of these devices a fertile ground for passive and active attacks. Unlike other cyber attacks which target victims{\textquoteright} information or property, attacks on medical devices can threaten a victim's life. Currently, there are very few efficient solutions to these attacks which balance security, reliability, and power consumption. Therefore, in this work, we propose a robust approach for guarding against existing and potential communication-based attacks on IMDs while keeping the added hardware and power consumption low. In addition, we introduce a secure and efficient protocol for authorizing third-party medical teams to access the IMDs in the case of an emergency.",

keywords = "AMD codes, Authentication, Encryption, Implantable medical devices, Man-In-The-Middle, Robust codes, Security",

author = "Lake Bu and Karpovsky, {Mark G.} and Kinsy, {Michel A.}",

note = "Funding Information: This research is partially supported by the NSF grants (No. CNS-1745808) and (No. CNS-1012910). Funding Information: This research is partially supported by the NSF grants (No. CNS-1745808 ) and (No. CNS-1012910 ). Publisher Copyright: {\textcopyright} 2018 Elsevier Ltd",

year = "2019",

month = sep,

doi = "10.1016/j.cose.2018.10.011",

language = "English (US)",

volume = "86",

pages = "498--511",

journal = "Computers and Security",

issn = "0167-4048",

publisher = "Elsevier Limited",

}

TY - JOUR

T1 - Bulwark

T2 - Securing implantable medical devices communication channels

AU - Bu, Lake

AU - Karpovsky, Mark G.

AU - Kinsy, Michel A.

N1 - Funding Information: This research is partially supported by the NSF grants (No. CNS-1745808) and (No. CNS-1012910). Funding Information: This research is partially supported by the NSF grants (No. CNS-1745808 ) and (No. CNS-1012910 ). Publisher Copyright: © 2018 Elsevier Ltd

PY - 2019/9

Y1 - 2019/9

N2 - Implantable medical devices (IMDs) have been used to manage a broad range of diseases and ailments. They are convenient for patients due to their small sizes, unobtrusiveness and portability using wireless monitors or controllers. However, the wireless communication between these devices and their controllers often lacks security features or mechanisms. This lack of security makes the use of these devices a fertile ground for passive and active attacks. Unlike other cyber attacks which target victims’ information or property, attacks on medical devices can threaten a victim's life. Currently, there are very few efficient solutions to these attacks which balance security, reliability, and power consumption. Therefore, in this work, we propose a robust approach for guarding against existing and potential communication-based attacks on IMDs while keeping the added hardware and power consumption low. In addition, we introduce a secure and efficient protocol for authorizing third-party medical teams to access the IMDs in the case of an emergency.

AB - Implantable medical devices (IMDs) have been used to manage a broad range of diseases and ailments. They are convenient for patients due to their small sizes, unobtrusiveness and portability using wireless monitors or controllers. However, the wireless communication between these devices and their controllers often lacks security features or mechanisms. This lack of security makes the use of these devices a fertile ground for passive and active attacks. Unlike other cyber attacks which target victims’ information or property, attacks on medical devices can threaten a victim's life. Currently, there are very few efficient solutions to these attacks which balance security, reliability, and power consumption. Therefore, in this work, we propose a robust approach for guarding against existing and potential communication-based attacks on IMDs while keeping the added hardware and power consumption low. In addition, we introduce a secure and efficient protocol for authorizing third-party medical teams to access the IMDs in the case of an emergency.

KW - AMD codes

KW - Authentication

KW - Encryption

KW - Implantable medical devices

KW - Man-In-The-Middle

KW - Robust codes

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=85057545719&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85057545719&partnerID=8YFLogxK

U2 - 10.1016/j.cose.2018.10.011

DO - 10.1016/j.cose.2018.10.011

M3 - Article

AN - SCOPUS:85057545719

SN - 0167-4048

VL - 86

SP - 498

EP - 511

JO - Computers and Security

JF - Computers and Security

ER -

Bulwark: Securing implantable medical devices communication channels

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this