To beat the hackers, we need to design secure medical devices

  • Posted on 18.01.2018

To beat the hackers, we need to design secure medical devices


Roman Lysecky

Associate Professor of Electrical and Computer Engineering - University of Arizona


Roman Lysecky is an Associate Professor of Electrical and Computer Engineering at the University of Arizona. He is a speaker at the MedTech Forum 2018 and his session include: Becoming Hackproof in MedTech on Thursday 25th of January.

For more information go to the MTF website and follow #MTF2018 on Twitter.

Security must become the number one concern when developing connected medical devices. Millions of connected devices have already been produced and many of these are implantable. What would happen if these products were compromised by malware?

Implantable cardiac devices, such as insulin pumps and other products with wireless connectivity and remote monitoring features, are delivering considerable benefits to patients and health systems.

However, without the right protection, this comes with significant risks that hackers might seek to exploit vulnerable devices. The nightmare scenario would be a security breach that could cause cardiac arrest or be used to extract ransom from individuals or institutions.

Failure to protect vulnerable patients from cyberattacks could undermine the lifesaving promise of these technologies, potentially breaking the Hippocratic Oath: First Do No Harm.

Producing software that is entirely and provably secure is prohibitively costly, time-consuming, and often infeasible. We need resilient systems that automatically detect any security issues and have a built-in way to mitigate any threat this may pose.

Threat detection

At my lab at the University of Arizona, we believe security should be a fundamental part of the device itself, not an afterthought or a nice-to-have feature. Our team has developed a prototype pacemaker device that detects runtime anomalies – tiny differences in the order or time it takes for the device to perform computational tasks.

For example, if it takes 20 milliseconds instead of three milliseconds to send data to the patient’s digital cardiac log, something may be wrong. Currently, if the device can detect these kinds of changes, an alert notice could be sent to a doctor who would then take action remotely to reduce the risk of harm to the patient.

In a laboratory setting, our prototype pacemaker detected 100% of common mimicry malware attacks – a kind of malware used by hackers to evade detection when compromising a device. There is still much to do in this area of research, but it’s not too soon for companies to begin incorporating robust security systems into their design processes.

Protection is better than cure

Outside of laboratory settings, we are not aware of medical devices being hacked in a way that directly threatens the life of a patient. However, it is only a matter of time before this hypothetical risk becomes all too real.

In addition to patient safety concerns, there are considerable logical, legal and financial issues at stake. Consider the recent recall of almost 500,000 implantable cardiac devices by the US Food and Drug Administration (FDA). Such a complex recall cannot be achieved overnight. One of our top concerns is what happens in the period between the identification of a vulnerability and the time it takes to fix the bug, particularly if this involves a consultation with health professionals or surgery.

This is something we are actively working on. The goal is to develop systems that can identify anomalies caused by malware or an attacker and isolate the affected components without disrupting the life-preserving functionality of the device.

This is a challenge, particularly for low-power implantable devices. However, if we want to make the most of the revolution in connected devices, we must work together to guarantee their security.

The comments are closed.