Millions of patients benefit from implantable medical devices that treat chronic ailments such as cardiac arrhythmia, diabetes, and Parkinson's disease with various combinations of electrical therapy and drug infusion. The latest devices utilize unlicensed radio communication for diagnostic and therapeutic functions --- allowing doctors to remotely monitor patients' vital signs via the Web and provide a new level of care not feasible in the old model of purely clinical checkups. However, the rapid convergence of medical devices with wireless communication and Internet connectivity gives rise to an unaddressed breed of risk to security and privacy. Such devices must now defend against *intentional* malfunctions caused by malevolence.
Our interdisciplinary research team used a software radio to test in vitro the security and privacy of a real implantable cardioverter defibrillator. Our findings demonstrate a variety of threats to patient privacy and device safety. For instance, an unauthenticated wireless command causes a shock that is known to induce a fatal heart rhythm. Our zero-power approaches use cryptography, acoustic communication, and RF power harvesting to help mitigate the risk of such intentional malfunctions without exposing the implanted battery to denial of service (See IEEE Symp. on Security & Privacy 2008).
This research is joint with the University of Massachusetts Amherst, the University of Washington, and the Beth Israel Deaconess Medical Center.
Back to Workshop II: Applications of Internet MRA to Cyber-Security