Telemedicine: MEDICAL DEVICE SECURITY RESEARCH SURVEY

Lead Institution: University of Massachusetts Amherst

Project Leader: Kevin Fu

Research Progress

  • Abstract
    Recent development in medical device security has been feverish and not particularly focused. Through two broad surveys, we looked at recent advances, categorize them, identify common themes and areas of improvements for the community.

  • Focus of the research/Market need for this project
    Manufacturers and patients lack regular access to well-designed security mechanisms. The Solutions proposed by the academic community might not span the entire system. The need for secure medical devices is clear, but understanding the tradeoffs from previous studies is critical to develop viable solutions.

    This work is applicable to single devices as well as multi-device systems, spanning implantable devices and external devices

  • Project Aims/Goals
    Understanding the fundamental factors in designing secure architectures for medical devices.

  • Key Conclusions/Significant Findings/Milestones reached/Deliverables
    Survey of recent security papers reported to the scientific and computer engineering community to get engineers and researchers quickly up to speed with the field.

    Revisited in 2014, with a far more comprehensive scope, including body area networks. A large portion of the effort has gone to secure the wireless telemetry, but more work remains to be done on the firmware and sensing inputs of implantable medical devices.

  • Materials Available for Other Investigators/interested parties
    Dissemination via publication, accompanying talk and digital updates.

  • Market entry strategies
    Dissemination via publication, accompanying talk and digital updates.

Bibliography
SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks
Michael Rushanan, Colleen Swanson, Denis Foo Kune, and Aviel D. Rubin
Proceedings of the 35th Annual IEEE Symposium on Security and Privacy; May 2014

Recent Results in Computer Security for Medical Devices
Shane S. Clark and Kevin Fu
ICST Conference on Wireless Mobile Communication and Healthcare (MobiHealth), October 2011