Generic Patterns for Intrusion Detection Systems in Service-Oriented Automotive and Medical Architectures

Puder, Andreas; Rumez, Marcel; Grimm, Daniel; Sax, Eric

doi:10.3390/jcp2030037

Cited by 3 publications

(4 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As this paper concentrates on a single device, the approach can be applied to interoperable medical devices in an SDC network (compare with the approach presented in [54]). The different devices in the network may observe each other, creating a more robust system of systems.…”

Section: Discussionmentioning

confidence: 99%

“…If the estimated value is an anomaly, the UI raises an alarm triggered by the dynamic check. In a real-world OR scenario, we consider the backend system either as part of the hospital IT, as a dedicated cloud server provided by the device manufacturer, or as a supervision system directly in the OR, as proposed in [54]. In the latter scenario, the OR table would send the estimation data to the OR monitoring system via a SDC network, which has more computational resources than the embedded system of the OR table.…”

Section: Distributed Anomaly Detectionmentioning

confidence: 99%

See 1 more Smart Citation

Hybrid Anomaly Detection in Time Series by Combining Kalman Filters and Machine Learning Models

Puder,

Zink,

Seidel

et al. 2024

Sensors

Self Cite

View full text Add to dashboard Cite

Due to connectivity and automation trends, the medical device industry is experiencing increased demand for safety and security mechanisms. Anomaly detection has proven to be a valuable approach for ensuring safety and security in other industries, such as automotive or IT. Medical devices must operate across a wide range of values due to variations in patient anthropometric data, making anomaly detection based on a simple threshold for signal deviations impractical. For example, surgical robots directly contacting the patient’s tissue require precise sensor data. However, since the deformation of the patient’s body during interaction or movement is highly dependent on body mass, it is impossible to define a single threshold for implausible sensor data that applies to all patients. This also involves statistical methods, such as Z-score, that consider standard deviation. Even pure machine learning algorithms cannot be expected to provide the required accuracy simply due to the lack of available training data. This paper proposes using hybrid filters by combining dynamic system models based on expert knowledge and data-based models for anomaly detection in an operating room scenario. This approach can improve detection performance and explainability while reducing the computing resources needed on embedded devices, enabling a distributed approach to anomaly detection.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Distributed Anomaly Detectionmentioning

confidence: 99%

Hybrid Anomaly Detection in Time Series by Combining Kalman Filters and Machine Learning Models

Puder,

Zink,

Seidel

et al. 2024

Sensors

Self Cite

View full text Add to dashboard Cite

show abstract

“…Since the integration of SOA in the automotive and medical industries is increasing, the shift in communication patterns will also impact information security measures. In [ 67 ], the authors compared different SOA protocols in these industries and explained the underlying communication patterns, showing that both domains can exploit synergies. They also presented a methodology for developing an SOA-based Intrusion Detection System (IDS) by deriving relevant features.…”

Section: Related Workmentioning

confidence: 99%

“…The cybersecurity goals result in the following requirements (see also [ 19 , 67 ]): R1 Security properties (authenticity, integrity, confidentiality) must be ensured for network communication. R2 Patient harm resulting from the misuse of connectivity interfaces needs to always be avoided by the system.…”

Section: Heavens 20 Use Casementioning

confidence: 99%

Threat Assessment and Risk Analysis (TARA) for Interoperable Medical Devices in the Operating Room Inspired by the Automotive Industry

2023

Self Cite

View full text Add to dashboard Cite

Prevailing trends in the automotive and medical device industry, such as life cycle overarching configurability, connectivity, and automation, require an adaption of development processes, especially regarding the security and safety thereof. The changing requirements imply that interfaces are more exposed to the outside world, making them more vulnerable to cyberattacks or data leaks. Consequently, not only do development processes need to be revised but also cybersecurity countermeasures and a focus on safety, as well as privacy, have become vital. While vehicles are especially exposed to cybersecurity and safety risks, the medical devices industry faces similar issues. In the automotive industry, proposals and draft regulations exist for security-related risk assessment processes. The medical device industry, which has less experience in these topics and is more heterogeneous, may benefit from drawing inspiration from these efforts. We examined and compared current standards, processes, and methods in both the automotive and medical industries. Based on the requirements regarding safety and security for risk analysis in the medical device industry, we propose the adoption of methods already established in the automotive industry. Furthermore, we present an example based on an interoperable Operating Room table (OR table).

show abstract

A Mixed E/E-Architecture for Interconnected Operating Tables Inspired by the Automotive Industry

Puder

Vetter

Rumez

et al. 2022

J. Med. Robot. Res.

View full text Add to dashboard Cite

Since interoperability in the operating room (OR) is considered a main factor to increase safety and improve the quality of surgeries, new challenges arise for the medical device industry in this increasingly connected environment. Therefore, new architectural approaches are needed, some of which may be inspired by other domains. In the meantime, novel communication paradigms are also gaining practical relevance in the automotive industry, which faces similar challenges. As a result, service-oriented architectures (SOAs) are often considered to provide a higher degree of flexibility for changes during the development and after product deployment. In this paper, we derive requirements of future networked OR tables from challenges and trends ahead. Based on these requirements, we propose a mixed electric and electronic architecture (E/E-architecture) inspired by the state-of-the-art measures from automotive domain and present an Identity and Access Management (IAM) approach to improve system security. In addition, a prototypical implementation is used to demonstrate the practicality of the proposed solution and to discuss necessary adjustments to the development process resulting from a mixed E/E-architecture approach.

show abstract

Generic Patterns for Intrusion Detection Systems in Service-Oriented Automotive and Medical Architectures

Cited by 3 publications

References 42 publications

Hybrid Anomaly Detection in Time Series by Combining Kalman Filters and Machine Learning Models

Hybrid Anomaly Detection in Time Series by Combining Kalman Filters and Machine Learning Models

Threat Assessment and Risk Analysis (TARA) for Interoperable Medical Devices in the Operating Room Inspired by the Automotive Industry

A Mixed E/E-Architecture for Interconnected Operating Tables Inspired by the Automotive Industry

Contact Info

Product

Resources

About