Title

From WannaCry to WannaDie: Security trade-offs and design for implantable medical devices

Document Type

Conference Proceeding

Publisher

Institute of Electrical and Electronics Engineers Inc.

School

School of Science

RAS ID

25215

Comments

Originally published as : Zheng, G., Zhang, G., Yang, W., Valli, C., Shankaran, R., & Orgun, M. A. (2017, September). From WannaCry to WannaDie: Security trade-offs and design for implantable medical devices. In Communications and Information Technologies (ISCIT), 2017 17th International Symposium on (pp. 1-5). IEEE. Original article can be found here

Abstract

Healthcare sectors are increasingly facing cyber security challenges and threats from adversaries due to numerous security flaws and the lack of security safeguards in medical devices. Among these medical devices and systems, security issues that concern implantable medical devices (IMDs) have attracted attention from both academia and the industry. In this paper, we discuss security vulnerabilities in current IMD products by presenting security tests and demonstrations performed by researchers. Based on this, three critical trade-offs in the IMD security design are analyzed, namely security vs. accessibility in medical emergencies, emergency access vs. checkup access and strong security requirements vs. limited IMD resources. Biometrics based security solutions can provide support for emergency access and thus are surveyed, including those using electrocardiogram signals, iris and fingerprints. During the design, we propose to adopt the concept of decoupled design and usable security in order to develop a viable security solution for the IMDs.

DOI

10.1109/ISCIT.2017.8261228

Share

 
COinS