Biomedical devices and systems security

Arney, David; Venkatasubramanian, Krishna K.; Sokolsky, Oleg; Lee, Insup

doi:10.1109/iembs.2011.6090663

Cited by 36 publications

(23 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The second type of adversaries, passive, eavesdrop for the purposes of acquiring private data stored in a device. They also note four classes of targets that adversaries attack within medical device systems: patient physical security, patient data security (privacy), medical device physical security, and data security of the health-care institution that deploys the device [26]. Burleson et al [20] note that threat modeling is vital to assessing the security vulnerabilities to medical devices, and the risk posed by the vulnerabilities varies along with the nature of the data or the ramification of actuation.…”

Section: Risks For Medical Devicesmentioning

confidence: 99%

See 1 more Smart Citation

Attack-Graph Threat Modeling Assessment of Ambulatory Medical Devices

Luckett¹,

McDonald²,

Glisson³

2017

Proceedings of the 50th Hawaii International Conference on System Sciences (2017)

View full text Add to dashboard Cite

show abstract

Section: Risks For Medical Devicesmentioning

confidence: 99%

“…Arney et al [26] state that adversaries who attack medical devices can be classified into two categories, active and passive. Active adversaries have the ability to spy on communications among devices, network controllers and supervisors.…”

Section: Risks For Medical Devicesmentioning

confidence: 99%

Attack-Graph Threat Modeling Assessment of Ambulatory Medical Devices

Luckett¹,

McDonald²,

Glisson³

2017

Proceedings of the 50th Hawaii International Conference on System Sciences (2017)

View full text Add to dashboard Cite

show abstract

“…These devices have the potential to be tampered with, reprogrammed by unauthorized users or subject to device-specific hazards [5]. Devices can be targeted though their firmware upgrades or through connections to the network interface when connected through remote attacks, in addition to local attacks.…”

Section: Introductionmentioning

confidence: 99%

“…Security is crucial for the long term viability of all types of networked medical devices [5]. These devices have the potential to be tampered with, reprogrammed by unauthorized users or subject to device-specific hazards [5].…”

Section: Introductionmentioning

confidence: 99%

A Study into Detecting Anomalous Behaviours within HealthCare Infrastructures

Boddy

Hurst

Mackay

et al. 2016

2016 9th International Conference on Developments in eSystems Engineering (DeSE)

View full text Add to dashboard Cite

Abstract-The theft of medical data, which is intrinsically valuable, can lead to loss of patient privacy and trust. With increasing requirements for valuable and accurate information, patients need to be confident that their data is being stored safely and securely. However, medical devices are vulnerable to attacks from the digital domain, with many devices transmitting data unencrypted wirelessly to electronic patient record systems. As such, it is now becoming more necessary to visualise data patterns and trends in order identify erratic and anomalous data behaviours. In this paper, a system design for modelling data flow within healthcare infrastructures is presented. The system assists information security officers within healthcare organisations to improve the situational awareness of cyber security risks. In addition, a visualisation of TCP Socket Connections using real-world network data is put forward, in order to demonstrate the framework and present an analysis of potential risks.

show abstract

“…And in the area of biomedical devices the issue of security of these devices has been increasingly critical because the development trend of these devices will connect them to other entities through both wired and wireless channels. It is therefore important to consider medical device security issues [12].…”

Section: Introductionmentioning

confidence: 99%

Generalized Attack Model for Networked Control Systems, Evaluation of Control Methods

Sargolzaei¹,

Yen²,

Abdelghani³

et al. 2017

ICA

View full text Add to dashboard Cite

Networked Control Systems (NCSs) have been implemented in several different industries. The integration with advanced communication networks and computing techniques allows for the enhancement of efficiency of industrial control systems. Despite all the advantages that NCSs bring to industry, they remain at risk to a spectrum of physical and cyber-attacks. In this paper, we elaborate on security vulnerabilities of NCSs, and examine how these vulnerabilities may be exploited when attacks occur. A general model of NCS designed with three different controllers, i.e., proportional-integral-derivative (PID) controllers, Model Predictive control (MPC) and Emotional Learning Controller (ELC) are studied. Then three different types of attacks are applied to evaluate the system performance. For the case study, a networked pacemaker system using the Zeeman nonlinear heart model (ZHM) as the plant combined with the above-mentioned controllers to test the system performance when under attacks. The results show that with Emotional Learning Controller (ELC), the pacemaker is able to track the ECG signal with high fidelity even under different attack scenarios.

show abstract

Biomedical devices and systems security

Cited by 36 publications

References 6 publications

Attack-Graph Threat Modeling Assessment of Ambulatory Medical Devices

Attack-Graph Threat Modeling Assessment of Ambulatory Medical Devices

A Study into Detecting Anomalous Behaviours within HealthCare Infrastructures

Generalized Attack Model for Networked Control Systems, Evaluation of Control Methods

Contact Info

Product

Resources

About