Researchers from MIT and the University of Massachusetts-Amherst in August will show off a security system they say will prevent anyone from hacking into medical implants such as heart defibrillators or pacemakers to alter operation or steal personal information.
From the group's research paper, They Can Hear Your Heartbeats: Non-Invasive Security forImplantable Medical Devices: "The past few years have produced innovative health-oriented networking and wireless communication technologies, ranging from low-power medical radios that harvest body energy to wireless sensor networks for in-home monitoring and diagnosis.
More cool news: High-tech healthcare technology gone wild
"Today, such wireless systems have become an intrinsic part of many modern medical devices. In particular, implantable medical devices (IMDs), including pacemakers, cardiac defibrillators, insulin pumps, and neurostimulators all feature wireless communication. Adding wireless connectivity to the medical devices has enabled remote monitoring of patients' vital signs and improved care providers' ability to deliver timely treatment, leading to a better health care system.
"Recent work, however, has shown that such wireless connectivity can be exploited to compromise the confidentiality of the IMD's transmitted data or to send the IMD unauthorized commands- even commands that cause the IMD to deliver an electric shock to the patient. In other systems, designers use cryptographic methods to provide confidentiality and prevent unauthorized access."
The researchers said they have developed a transmitter they call a shied, that could be worn around a person's neck or as a wristwatch. The shield acts as a gateway that relays messages between the IMD and authorized endpoints. It uses a physical-layer mechanism to secure its communication with the IMD, and it uses a standard cryptographic channel to communicate with other authorized endpoints, the researchers stated.
"The shield blocks passive eavesdropping that threatens the confidentiality of the IMD's transmissions, and active transmission of unauthorized radio commands to the IMD. First, to provide confidentiality for the IMD's transmissions, the shield continuously listens for those transmissions and jams them so that they cannot be decoded by eavesdroppers.
"The shield uses a novel radio design to simultaneously receive the IMD's signal and transmit a jamming signal. The shield then transmits the IMD's signal to an authorized endpoint using standard cryptographic techniques. Second, to protect the IMD against commands from unauthorized endpoints, the shield listens for unauthorized transmissions addressing the IMD and jams them," the researchers stated.
Whether medical-device companies will invest in security systems like the shield - and whether patients will be willing to carry shields around with them - probably depends on how grave they consider the threat of attack to be. The researchers note in an MIT release that no such attacks have been documented to date. On the other hand, the Federal Communications Commission has recently moved implantable medical devices to a new frequency band that makes wireless communication with them possible across much greater distances.
The research paper on the shield will be presented at the Association for Computing Machinery's August Sigcomm conference.
Follow Michael Cooney on Twitter: nwwlayer8
Layer 8 Extra
Check out these other hot stories: