From WannaCry to WannaDie: Security trade-offs and design for implantable medical devices
Document Type
Conference Proceeding
Publisher
Institute of Electrical and Electronics Engineers Inc.
School
School of Science
RAS ID
25215
Abstract
Healthcare sectors are increasingly facing cyber security challenges and threats from adversaries due to numerous security flaws and the lack of security safeguards in medical devices. Among these medical devices and systems, security issues that concern implantable medical devices (IMDs) have attracted attention from both academia and the industry. In this paper, we discuss security vulnerabilities in current IMD products by presenting security tests and demonstrations performed by researchers. Based on this, three critical trade-offs in the IMD security design are analyzed, namely security vs. accessibility in medical emergencies, emergency access vs. checkup access and strong security requirements vs. limited IMD resources. Biometrics based security solutions can provide support for emergency access and thus are surveyed, including those using electrocardiogram signals, iris and fingerprints. During the design, we propose to adopt the concept of decoupled design and usable security in order to develop a viable security solution for the IMDs.
DOI
10.1109/ISCIT.2017.8261228
Access Rights
subscription content
Comments
Zheng, G., Zhang, G., Yang, W., Valli, C., Shankaran, R., & Orgun, M. A. (2017, September). From WannaCry to WannaDie: Security trade-offs and design for implantable medical devices. In Communications and Information Technologies (ISCIT), 2017 17th International Symposium on (pp. 1-5). IEEE. Available here