Towards trustworthy medical devices and body area networks

Proceedings - Design Automation Conference

Volumn , Issue , 2013, Pages

  Zhang, Meng ^a   Raghunathan, Anand ^b   Jha, Niraj K ^a  

^a Princeton University   (United States)

^b PURDUE UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

BODY AREA NETWORK; CATASTROPHIC CONSEQUENCES; FUNCTIONAL COMPLEXITY; HARDWARE FAILURES; MEDICAL CONDITIONS; POTENTIAL THREATS; SIDE CHANNEL ATTACK; WEARABLE MEDICAL DEVICES;

COMPUTER AIDED DESIGN; DIAGNOSIS; NETWORK SECURITY; NETWORKS (CIRCUITS);

BIOMEDICAL EQUIPMENT;

EID: 84879854202     PISSN: 0738100X     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2463209.2488751     Document Type: Conference Paper

References (49)

1. ARM trustzone technology overview. http://www.arm.com/products/CPUs/arch- trustzone.htm.
2. Infected apps found in Google's Android market, 2011. http://www.securitynewsdaily.com.
3. Intel Health Guide, 2011. http://www.careinnovations.com/products/ healthguide.
4. An overview of IEEE 802.15.6 standard, 2011. arxiv.org/pdf/1102.4106.
5. iPhone malware paradigm, 2012. http://www.crosstalkonline.org.
6. N. Aaraj, A. Raghunathan, and N. K. Jha. Virtualization-based framework for malware defense. In Proc. Conf. Detection of Intrusions and Malware & Vulnerability Assessment, pages 64-87, Jul. 2008.
7. N. Aaraj, A. Raghunathan, and N. K. Jha. Analysis and design of a hardware/software trusted platform module for embedded systems. ACM Trans. Embed. Comput. Syst., 8:8:1-8:31, Jan. 2009.
8. S. T. Ali, V. Sivaraman, and D. Ostry. Zero reconciliation secret key generation for body-worn health monitoring devices. In Proc. ACM Conf. Security and Privacy in Wireless and Mobile Networks, pages 39-50, 2012.
9. D. Arney, R. Jetley, P. Jones, I. Lee, and O. Sokolsky. Formal methods based development of a PCA infusion pump reference model: Generic infusion pump (GIP) project. In Proc. Joint Workshop High Confidence Medical Devices, Software, and Systems and Medical Device Plug-and-Play Interoperability, pages 23-33, Jun. 2007.
10. D. Arora, S. Ravi, A. Raghunathan, and N. K. Jha. Secure embedded processing through hardware-assisted run-time monitoring. In Proc. Design, Automation and Test in Europe Conf., volume 1, pages 178-183, Mar. 2005.
11. H. Baldus, S. Corroy, A. Fazzi, K. Klabunde, and T. Schenk. Human-centric connectivity enabled by body-coupled communications. IEEE Comm. Mag., 47:172-178, Jun. 2009.
12. W. Burleson, S. S. Clark, B. Ransford, and K. Fu. Design challenges for secure implantable medical devices. In Proc. Design Automation Conf., pages 12-17, 2012.
13. L. Cordeiro, B. Fischer, H. Chen, and J. Marques-Silva. Semiformal verification of embedded software in medical devices considering stringent hardware constraints. In Proc. IEEE Int. Conf. Embedded Software and Systems, pages 396-403, May 2009.
14. T. Denning, K. Fu, and T. Kohno. Absence makes the heart grow fonder: New directions for implantable medical device security. In Proc. Conf. Hot Topics in Security, pages 1-7, Jul. 2008.
15. D. Donoho. Compressed sensing. IEEE Trans. Information Theory, 52(4):1289-1306, Apr. 2006.
16. S. Gollakota, H. Hassanieh, B. Ransford, D. Katabi, and K. Fu. They can hear your heartbeats: Non-invasive security for implantable medical devices. In Proc. ACM Conf. Special Interest Group on Data Communication, Aug. 2011.
17. D. Halperin, T. S. Heydt-Benjamin, B. Ransford, S. S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W. H. Maisel. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In Proc. IEEE Symp. Security and Privacy, pages 129-142, May 2008.
18. G. P. Hancke and S. C. Centre. Eavesdropping attacks on high-frequency RFID tokens. In Proc. Workshop RFID Security, pages 100-113, Jul. 2008.
19. E. Haselsteiner and K. Breitfuss. Security in near field communication. In Proc. Workshop RFID Security, pages 3-13, Jul. 2006.
20. C. Israel and S. Barold. Pacemaker systems as implantable cardiac rhythm monitors. American J. Cardiology, 88(4):442-445, Aug. 2001.
21. R. Jetley, S. P. Iyer, P. L. Jones, and W. Spees. A formal approach to pre-market review for medical device software. In Proc. Int. Conf. Computer Software and Applications, pages 169-177, Sep. 2006.
22. C. Jilek, S. Tzeis, T. Reents, H.-L. Estner, S. Fichtner, S. Ammar, J. Wu, G. Hessling, I. Deisenhofer, and C. Kolb. Safety of implantable pacemakers and cardioverter defibrillators in the magnetic field of a novel remote magnetic navigation system. J. Cardiovascular Electrophysiology, 21(10):1136-1141, Oct. 2010.
23. P. Kocher, J. Jaffe, and B. Jun. Differential power analysis. In Proc. Int. Cryptology Conf., pages 388-397, Aug. 1999.
24. C. Li, A. Raghunathan, and N. K. Jha. Improving the trustworthiness of medical device software with formal verification methods. under review.
25. C. Li, A. Raghunathan, and N. K. Jha. Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system. In Proc. IEEE Int. Conf. e-Health Networking, Applications and Services, Jun. 2011.
26. P. Li and R. Bashirullah. A wireless power interface for rechargeable battery operated medical implants. IEEE Trans. Circuits and Systems, 54(10):912-916, Oct. 2007.
27. P.-C. Liu, H.-C. Chang, and C.-Y. Lee. A low overhead DPA countermeasure circuit based on ring oscillators. IEEE Trans. Circuits and Systems, 57:546-550, Jul. 2010.
28. R. E. Lyons and W. Vanderkulk. The use of triple-modular redundancy to improve computer reliability. IBM J. Res. Dev., 6:200-209, Apr. 1962.
29. S. Mathur, W. Trappe, N. Mandayam, C. Ye, and A. Reznik. Radio-telepathy: Extracting a secret key from an unauthenticated wireless channel. In Proc. ACM Int. Conf. Mobile Computing and Networking, pages 128-139, 2008.
30. P. D. Mitcheson, E. M. Yeatman, G. K. Rao, A. S. Holmes, and T. C. Green. Energy harvesting from human and machine motion for wireless electronic devices. Proc. IEEE, 96(9):1457-1486, Sep. 2008.
31. T. Moore. IEEE 802.11-01/610r02: 802.1.x and 802.11 key interactions. Technical report, Microsoft Research, 2001.
32. W. R. Moore. A review of fault-tolerant techniques for the enhancement of integrated circuit yield. Proc. IEEE, 74(5):684-698, May 1986.
33. R. Muresan and S. Gregori. Protection circuit against differential power analysis attacks for smart cards. IEEE Trans. Comput., 57:1540-1549, Nov. 2008.
34. V. Pournaghshband, M. Sarrafzadeh, and P. Reiher. Securing legacy mobile medical devices. In Proc. Int. Conf. Wireless Mobile Communication and Healthcare, 2012.
35. J. Radcliffe. Hacking medical devices for fun and insulin: Breaking the human SCADA System. In Proc. Black Hat Technical Security Conf., July-Aug. 2011.
36. B. Randell. System structure for software fault tolerance. SIGPLAN Not., 10:437-449, Apr. 1975.
37. K. B. Rasmussen, C. Castelluccia, T. S. Heydt-Benjamin, and S. Capkun. Proximity-based access control for implantable medical devices. In Proc. ACM Conf. Computer and Communications Security, pages 410-419, Nov. 2009.
38. K. Sandler, L. Ohrstrom, L. Moy, and R. McVay. Killed by code: Software transparency in implantable medical devices, 2010. http://www.softwarefreedom. org.
39. H. S. Savci, A. Sula, Z. Wang, N. S. Dogan, and E. Arvas. MICS transceivers: Regulatory standards and applications. Proc. IEEE, pages 179-182, Apr. 2005.
40. S. Schechter. Security that is meant to be skin deep: Using ultraviolet micropigmentation to store emergency-access keys for implantable medical devices. Technical Report MSR-TR-2010-33, Microsoft Research, Apr. 2010.
41. S. W. Smith and S. Weingart. Building a high-performance, programmable secure coprocessor. Comput. Netw., 31:831-860, Apr. 1999.
42. J. Sorber, M. Shin, R. Peterson, C. Cornelius, S. Mare, A. Prasad, Z. Marois, E. Smithayer, and D. Kotz. An amulet for trustworthy wearable mHealth. In Proc. Workshop Mobile Computing Systems Applications, pages 7:1-7:6, 2012.
43. J. M. Sorber, M. Shin, R. Peterson, and D. Kotz. Plug-n-Trust: Practical trusted sensing for mHealth. In Proc. Int. Conf. Mobile Systems, Applications, and Services, pages 309-322, 2012.
44. K. Tiri and I. Verbauwhede. Charge recycling sense amplifier based logic: Securing low power security ICs against DPA. In Proc. European Solid-State Circuits Conf., pages 179-182, 2004.
45. "Trusted Computing Group". https://www.trustedcomputinggroup. org.
46. F. Xu, Z. Qin, C. C. Tan, B. Wang, and Q. Li. IMDGuard: Securing implantable medical devices with the external wearable guardian. In Proc. IEEE Int. Conf. Computer Communications, pages 1862-1870, Apr. 2011.
47. M. Zhang and N. K. Jha. FinFET-based power management for improved DPA resistance with low overhead. ACM J. Emerg. Technol. Comput. Syst., 7(3):10:1-10:16, Aug. 2011.
48. M. Zhang, M. M. Kermani, A. Raghunathan, and N. K. Jha. Energy-efficient and secure sensor data transmission using encompression. In Proc. Int. Conf. VLSI Design, Jan. 2013.
49. M. Zhang, A. Raghunathan, and N. K. Jha. MedMon: Securing medical devices through wireless monitoring and anomaly detection. accepted for publication in IEEE Trans. Biomedical Circuits and Systems.