Security Tradeoffs in Cyber Physical Systems: A Case Study Survey on Implantable Medical Devices

The new culture of networked systems that offer everywhere accessible services has given rise to various types of security tradeoffs. In fact, with the evolution of physical systems that keep getting integrated with cyber frameworks, cyber threats have far more critical effects as they get reflected on the physical environment. As a result, the issue of security of cyber physical systems requires a special holistic treatment. In this paper, we study the tradeoff between security, safety, and availability in such systems and demonstrate these concepts on implantable medical devices as a case study. We discuss the challenges and constraints associated with securing such systems and focus on the tradeoff between security measures required for blocking unauthorized access to the device and the safety of the patient in emergency situations where such measures must be dropped to allow access. We analyze the up to date proposed solutions and discuss their strengths and limitations.

[1]  Jiafu Wan,et al.  A General Test Platform for Cyber-Physical Systems: Unmanned Vehicle with Wireless Sensor Network Navigation , 2011 .

[2]  Eryk Dutkiewicz,et al.  An ECG-based Secret Data Sharing scheme supporting emergency treatment of Implantable Medical Devices , 2014, 2014 International Symposium on Wireless Personal Multimedia Communications (WPMC).

[3]  Carmen C. Y. Poon,et al.  A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health , 2006, IEEE Communications Magazine.

[4]  Gengfa Fang,et al.  A non-key based security scheme supporting emergency treatment of wireless implants , 2014, 2014 IEEE International Conference on Communications (ICC).

[5]  Fengyuan Xu,et al.  IMDGuard: Securing implantable medical devices with the external wearable guardian , 2011, 2011 Proceedings IEEE INFOCOM.

[6]  Chunliu Zhan,et al.  Cardiac Device Implantation in the United States from 1997 through 2004: A Population-based Analysis , 2007, Journal of General Internal Medicine.

[7]  Kyung-Sup Kwak,et al.  The Internet of Things for Health Care: A Comprehensive Survey , 2015, IEEE Access.

[8]  Helge Janicke,et al.  Cyber warfare: Issues and challenges , 2015, Comput. Secur..

[9]  Alan Borning,et al.  Patients, pacemakers, and implantable defibrillators: human values and security for wireless implantable medical devices , 2010, CHI.

[10]  Kaiyu Wan,et al.  Context-Aware Security Solutions for Cyber-Physical Systems , 2012, Mobile Networks and Applications.

[11]  Noureddine Boudriga,et al.  Digital Investigation of Security Attacks on Cardiac Implantable Medical Devices , 2014, AIDP.

[12]  Esther S Takeuchi,et al.  Batteries used to Power Implantable Biomedical Devices. , 2012, Electrochimica acta.

[13]  Eric S. K. Yu,et al.  A Goal Oriented Approach for Modeling and Analyzing Security Trade-Offs , 2007, ER.

[14]  Mark Mohammad Tehranipoor,et al.  Detecting malicious inclusions in secure hardware: Challenges and solutions , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[15]  Srdjan Capkun,et al.  On Limitations of Friendly Jamming for Confidentiality , 2013, 2013 IEEE Symposium on Security and Privacy.

[16]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[17]  Sandeep K. S. Gupta,et al.  Proximity based access control in smart-emergency departments , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06).

[18]  Insup Lee,et al.  Challenges and Research Directions in Medical Cyber–Physical Systems , 2012, Proceedings of the IEEE.

[19]  Gunnar Klein,et al.  Electromagnetic Interference in Patients with Implanted Cardioverter-Defibrillators and Implantable Loop Recorders , 2002, Indian pacing and electrophysiology journal.

[20]  Daniel McDuff,et al.  Advancements in Noncontact, Multiparameter Physiological Measurements Using a Webcam , 2011, IEEE Transactions on Biomedical Engineering.

[21]  Farinaz Koushanfar,et al.  Heart-to-heart (H2H): authentication for implanted medical devices , 2013, CCS.

[22]  Steve Hanna,et al.  Take Two Software Updates and See Me in the Morning: The Case for Software Security Evaluations of Medical Devices , 2011, HealthSec.

[23]  Stephen Tisch,et al.  The latest evidence on target selection in deep brain stimulation for Parkinson’s disease , 2014, Journal of Clinical Neuroscience.

[24]  Hyogon Kim,et al.  In-vivo NFC: remote monitoring of implanted medical devices with improved privacy , 2012, SenSys '12.

[25]  Kevin Fu,et al.  Design challenges for secure implantable medical devices , 2012, DAC Design Automation Conference 2012.

[26]  Meng Zhang,et al.  MedMon: Securing Medical Devices Through Wireless Monitoring and Anomaly Detection , 2013, IEEE Transactions on Biomedical Circuits and Systems.

[27]  Bruno Sinopoli,et al.  Challenges for Securing Cyber Physical Systems , 2009 .

[28]  Čapkun Srdjan On the security and privacy risks in cochlear implants , 2010 .

[29]  Srdjan Capkun,et al.  Distance Hijacking Attacks on Distance Bounding Protocols , 2012, 2012 IEEE Symposium on Security and Privacy.

[30]  David W. Chadwick,et al.  How to Break Access Control in a Controlled Manner , 2006, 19th IEEE Symposium on Computer-Based Medical Systems (CBMS'06).

[31]  Thomas S. Heydt-Benjamin,et al.  s ecurity and p rivacy for Implantable medical Devices Protecting implantable medical devices against attack without compromising patient health requires balancing security and privacy goals with traditional goals such as safety and utility. , 2008 .

[32]  Stephen E. McLaughlin Securing Control Systems from the Inside: A Case for Mediating Physical Behaviors , 2013, IEEE Security & Privacy.

[33]  Srdjan Capkun,et al.  Proximity-based access control for implantable medical devices , 2009, CCS.

[34]  V. S. Mallela,et al.  Trends in Cardiac Pacemaker Batteries , 2004, Indian pacing and electrophysiology journal.

[35]  Kevin Fu,et al.  Absence Makes the Heart Grow Fonder: New Directions for Implantable Medical Device Security , 2008, HotSec.

[36]  Xiaojiang Du,et al.  Biometric-based two-level secure access control for Implantable Medical Devices during emergencies , 2011, 2011 Proceedings IEEE INFOCOM.

[37]  Kevin Fu,et al.  They can hear your heartbeats: non-invasive security for implantable medical devices , 2011, SIGCOMM.

[38]  Jakob E. Bardram,et al.  Context-Aware User Authentication - Supporting Proximity-Based Login in Pervasive Computing , 2003, UbiComp.

[39]  Yih-Chun Hu,et al.  Body Area Network Security: Robust Key Establishment Using Human Body Channel , 2012, HealthSec.

[40]  Patricia A. H. Williams,et al.  Cybersecurity vulnerabilities in medical devices: a complex environment and multifaceted problem , 2015, Medical devices.

[41]  Juan E. Tapiador,et al.  Security and privacy issues in implantable medical devices: A comprehensive survey , 2015, J. Biomed. Informatics.

[42]  Cédric Lauradoux,et al.  Distance Bounding Protocols on TH-UWB Radios , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[43]  Nitesh Saxena,et al.  On pairing constrained wireless devices based on secrecy of auxiliary channels: the case of acoustic eavesdropping , 2010, CCS '10.

[44]  W.D. Jones Black boxes get green light [car crash data recorders] , 2004, IEEE Spectrum.

[45]  Stuart E. Schechter Security That Is Meant to Be Skin Deep: Using Ultraviolet Micropigmentation to Store Emergency-Access Keys for Implantable Medical Devices , 2010, HealthSec.

[46]  Ayan Banerjee,et al.  Ensuring Safety, Security, and Sustainability of Mission-Critical Cyber–Physical Systems , 2012, Proceedings of the IEEE.

[47]  Dong Hoon Lee,et al.  Biometric Based Secure Communications without Pre-deployed Key for Biosensor Implanted in Body Sensor Networks , 2011, WISA.

[48]  Jeremy A. Hansen,et al.  A taxonomy of vulnerabilities in implantable medical devices , 2010, SPIMACS '10.

[49]  Kevin Fu,et al.  Recent Results in Computer Security for Medical Devices , 2011, MobiHealth.

[50]  Achim D. Brucker,et al.  Extending access control models with break-glass , 2009, SACMAT '09.

[51]  D. Panescu Emerging Technologies [wireless communication systems for implantable medical devices] , 2008, IEEE Engineering in Medicine and Biology Magazine.

[52]  Sajal K. Das,et al.  Handbook on Securing Cyber-Physical Critical Infrastructure , 2012 .

[53]  Aditya P. Mathur,et al.  Aligning Cyber-Physical System Safety and Security , 2014, CSDM Asia.

[54]  P.E. Chadwick Regulations and Standards for Wireless applications in eHealth , 2007, 2007 29th Annual International Conference of the IEEE Engineering in Medicine and Biology Society.

[55]  Siddhartha Kumar Khaitan,et al.  Design Techniques and Applications of Cyberphysical Systems: A Survey , 2015, IEEE Systems Journal.

[56]  Lan Wang,et al.  Securing wireless implantable devices for healthcare: Ideas and challenges , 2009, IEEE Communications Magazine.

[57]  Nathanael Paul,et al.  Using Bowel Sounds to Create a Forensically-aware Insulin Pump System , 2013, HealthTech.

[58]  Carl A. Gunter,et al.  Addressing Safety and Security Contradictions in Cyber-Physical Systems , 2009 .

[59]  Martin L. Griss,et al.  Context-Aware Authentication Framework , 2009, MobiCASE.

[60]  Kevin Fu,et al.  Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[61]  Fan Zhang,et al.  OPFKA: Secure and efficient Ordered-Physiological-Feature-based key agreement for wireless Body Area Networks , 2013, 2013 Proceedings IEEE INFOCOM.

[62]  Yeun-Ho Joung,et al.  Development of Implantable Medical Devices: From an Engineering Perspective , 2013, International neurourology journal.

[63]  S. Shankar Sastry,et al.  Secure Control: Towards Survivable Cyber-Physical Systems , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[64]  Debdeep Mukhopadhyay,et al.  Hardware Security - Design, Threats, and Safeguards , 2014 .

[65]  Tieniu Tan,et al.  A survey on visual surveillance of object motion and behaviors , 2004, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[66]  Batya Friedman,et al.  CPS: beyond usability: applying value sensitive design based methods to investigate domain characteristics for security for implantable cardiac devices , 2014, ACSAC '14.

[67]  Farinaz Koushanfar,et al.  Balancing security and utility in Medical Devices? , 2013, 2013 50th ACM/EDAC/IEEE Design Automation Conference (DAC).

[68]  Sandeep K. S. Gupta,et al.  Criticality aware access control model for pervasive applications , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications (PERCOM'06).

[69]  Kwang Suk Park,et al.  Validation of heart rate extraction using video imaging on a built-in camera system of a smartphone , 2012, 2012 Annual International Conference of the IEEE Engineering in Medicine and Biology Society.

[70]  Chang-Seop Park Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices , 2014, BioMed research international.

[71]  Niraj K. Jha,et al.  Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system , 2011, 2011 IEEE 13th International Conference on e-Health Networking, Applications and Services.

[72]  Colleen Swanson,et al.  SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks , 2014, 2014 IEEE Symposium on Security and Privacy.

[73]  Monika Darji,et al.  Emergency Aware, Non-invasive, Personalized Access Control Framework for IMDs , 2014, SNDS.

[74]  Kenneth A Ellenbogen,et al.  Leads and longevity: how long will your pacemaker last? , 2008, Europace : European pacing, arrhythmias, and cardiac electrophysiology : journal of the working groups on cardiac pacing, arrhythmias, and cardiac cellular electrophysiology of the European Society of Cardiology.

[75]  Victor C. M. Leung,et al.  A survey on security issues in smart grids , 2016, Secur. Commun. Networks.

[76]  Jie Wu,et al.  Defending Resource Depletion Attacks on Implantable Medical Devices , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[77]  Taskin Koçak,et al.  A Survey on Smart Grid Potential Applications and Communication Requirements , 2013, IEEE Transactions on Industrial Informatics.

[78]  Insup Lee,et al.  Security and Interoperable-Medical-Device Systems, Part 2: Failures, Consequences, and Classification , 2012, IEEE Security & Privacy.

[79]  Sandeep K. S. Gupta,et al.  Biosec: a biometric based approach for securing communication in wireless networks of biosensors implanted in the human body , 2003, 2003 International Conference on Parallel Processing Workshops, 2003. Proceedings..