Security challenges and solutions for closed-loop artificial pancreas systems

This work presents security solutions related to multi-sensor closed-loop artificial pancreas (AP) systems. The proposed AP system is built on a heterogeneous platform incorporating a smartphone, activity sensors, a glucose monitor, an insulin pump, a laptop hosting the multi-variable control algorithm and a cloud server. Developing a secure AP system is essential for mass adoption among diabetes patients. However, various communication interfaces and dynamics among the AP components result in multiple security vulnerabilities and intrusion points. We first identify the threats related to both AP data communication and AP data storage. Then, we propose several cryptography and authentication measures to address the threats related to the man-in-the-middle attacks.

[1]  Colleen Swanson,et al.  SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks , 2014, 2014 IEEE Symposium on Security and Privacy.

[2]  Ali Cinar,et al.  Multivariable Adaptive Identification and Control for Artificial Pancreas Systems , 2014, IEEE Transactions on Biomedical Engineering.

[3]  Ali Cinar,et al.  Sensor fusion and distributed platform development for artificial pancreas , 2015, 2015 IEEE International Conference on Electro/Information Technology (EIT).

[4]  Ali Cinar,et al.  Cyber-Physical Platform Development for Multivariable Artificial Pancreas Systems , 2015, Int. J. Handheld Comput. Res..

[5]  Nathanael Paul,et al.  Insulin Pump System Security , 2010, HealthSec.

[6]  N. Jha,et al.  Attacking and Defending a Diabetes Therapy System , 2014 .

[7]  Mert Sevil,et al.  Communication challenges in a multi-sensor closed-loop artificial pancreas system , 2016, 2016 IEEE Wireless Health (WH).

[8]  Niraj K. Jha,et al.  Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system , 2011, 2011 IEEE 13th International Conference on e-Health Networking, Applications and Services.

[9]  Meng Zhang,et al.  Trustworthiness of Medical Devices and Body Area Networks , 2014, Proceedings of the IEEE.

[10]  Kurt Rohloff,et al.  An end-to-end security architecture to collect, process and share wearable medical device data , 2015, 2015 17th International Conference on E-health Networking, Application & Services (HealthCom).

[11]  Stephanie Guerlain,et al.  DiAs User Interface: A Patient-Centric Interface for Mobile Artificial Pancreas Systems , 2013, Journal of diabetes science and technology.

[12]  Ali Cinar,et al.  An Integrated Multivariable Artificial Pancreas Control System , 2014, Journal of diabetes science and technology.

[13]  Kevin Fu,et al.  Design challenges for secure implantable medical devices , 2012, DAC Design Automation Conference 2012.

[14]  C. Cobelli,et al.  Artificial Pancreas: Past, Present, Future , 2011, Diabetes.

[15]  C. Cobelli,et al.  The Artificial Pancreas in 2016: A Digital Treatment Ecosystem for Diabetes , 2016, Diabetes Care.