Protect implants from malware

Hackers could use malware to interfere with the operation of implanted medical devices causing life-threatening conditions.

An engineer from the University of Arizona’s Department of Electrical and Computer Engineering is working to protect medical devices from potentially life-threatening malware and security vulnerabilities.

Roman Lysecky, an associate professor in the University of Arizona (UA) Department of Electrical and Computer Engineering, says the issue of cyber-breaches is no longer contained to just computers and smartphones.

"Industry analysts predict that by 2020, most of the 20 billion electronic devices on the market will be interconnected — and millions of these will be implantable medical devices," he said.

Implantable medical devices are increasingly connected through the Internet or via wireless technologies. These devices, which include cardiac pacemakers and defibrillators, insulin pumps, and brain neurostimulators, are able to pipe data to medical professionals, and receive instructions over the network.

Many implantable medical devices have sensors to monitor vital signs such as heart rate, and transmit data to health care providers’ computers in real time. This allows doctors to evaluate a patient remotely, and make adjustments to the performance of the device in order to improve their condition or save their life in an emergency.

However, this connectivity poses both benefits and risks. Along with concerns about unauthorized access to confidential patient information, hackers could also use malware to interfere with the operation of the implanted medical device, causing life-threatening conditions like cardiac arrest.

“This hasn't happened yet, to our knowledge," said Lysecky, an expert in connected, or embedded, electronic systems. "But security researchers have proved it is possible."

While pacemakers are not yet required to have built-in malware detection and mitigation capabilities, the pressure is building, as both patients and doctors become increasingly aware of the potential security issues around implanted devices.

Lysecky is pioneering technologies to enable IMDs to detect malware and help ensure the devices will continue functioning properly in a patient when their security is breached. He has built a prototype of a network-connected pacemaker and is running experiments based on case studies of malware infecting other types of embedded systems.

In one project, Lysecky is working with Jerzy Rozenblit, UA Distinguished Professor and Oglethorpe Endowed Chair in the Department of Electrical and Computer Engineering and professor of surgery in the UA College of Medicine, to develop runtime anomaly detection.

The technology detects if there are small changes in the timing of how computations and data are transmitted from the pacemaker to a cardiac data log, to reveal the potential presence of malware.

The technology is reliant on the fact that the implanted medical device has very precise, millisecond-level timing when it comes to data transmissions. The presence of malware can cause a disruption to these timings, effectively signaling its presence.

The technology would immediately alert a doctor, who could then take action remotely.

The team has achieved a 100-per cent detection rate for mimicry malware using runtime anomaly detection in the prototype pacemaker system.

In another project, Lysecky is working to make medical implants more resistant to side-channel attacks, by developing mathematical models to analyse changes not only in timing but also in power consumption and electromagnetic radiation.

[Nominations are now open for the Engineers Australia Biomedical Engineering Awards. Find out more.]