Foundational Security Principles for Medical Application Platforms
We describe a preliminary set of security requirements for safe and secure next-generation medical systems, consisting of dynamically composable units, tied together through a real-time safety-critical middleware. We note that this requirement set is not the same for individual (stand-alone) devices or for electronic health record systems, and we must take care to define system-level requirements rather than security goals for components. The requirements themselves build on each other such that it is difficult or impossible to eliminate any one of the requirements and still achieve high-level security goals.
This work was supported by National Science Foundation grants CNS 1239543, and CNS 1224007, and National Institutes of Health grant 1U01EB012470-01.
- 1.Hatcliff, J., King, A., Lee, I., MacDonald, A., Fernando, A., Robkin, M., Vasserman, E.Y., Weininger, S., Goldman, J.M.: Rationale and architecture principles for medical application platforms. In: Proceedings of the International Conference on Cyber-Physical Systems (ICCPS) (2012)Google Scholar
- 2.Goldman, J.M.: CIMIT/TATRC symposium on developing a plug-and-play open networking standard for the operating room of the future (May 2005)Google Scholar
- 3.Burleson, W.P., Clark, S.S., Ransford, B., Fu, K.: Design challenges for secure implantable medical devices. In: Proceedings of the Design Automation Conference (DAC) (June 2012)Google Scholar
- 4.Clark, S.S., Fu, K.: Recent results in computer security for medical devices. In: Nikita, K.S., Lin, J.C., Fotiadis, D.I., Arredondo Waldmeyer, M.-T. (eds.) MobiHealth 2011. LNICST, vol. 83, pp. 111–118. Springer, Heidelberg (2012)Google Scholar
- 5.Conmy, P., Nicholson, M., McDermid, J.: Safety assurance contracts for integrated modular avionics. In: Proceedings of the 8th Australian Workshop on Safety Critical Systems and Software (SCS) (2003)Google Scholar
- 6.Objective Interface Systems, Inc.: Multiple independent levels of security (MILS) — technical primer. http://www.ois.com/Products/mils-technical-primer.html (2011)
- 7.Brucker, A.D., Petritsch, H.: Extending access control models with break-glass. In: Proceedings of the ACM Symposium on Access Control Models and Technologies, New York, NY, USA, pp. 197–206. ACM (2009)Google Scholar
- 8.Anderson, R.J.: A security policy model for clinical information systems. In: Proceedings of the IEEE Symposium on Security and privacy, pp. 30–43 (1996)Google Scholar
- 9.United States Congress: Health Insurance Portability and Accountability Act, Privacy Rule. 45 CFR 164 (1996)Google Scholar
- 10.United States Congress: Gramm-Leach-Bliley Act, Financial Privacy Rule. 15 USC §6801–§6809Google Scholar
- 11.Accorsi, R.: Safe-keeping digital evidence with secure logging protocols: state of the art and challenges. International Conference on IT Security Incident Management and IT Forensics, pp. 94–110 (2009)Google Scholar
- 12.Arney, D., Weininger, S., Whitehead, S.F., Goldman, J.M.: Supporting medical device adverse event analysis in an interoperable clinical environment: design of a data logging and playback system. In: International Conference on Biomedical Ontology (ICBO) (July 2011)Google Scholar