Abstract
During the pandemic, the Internet of Medical Things (IoMT) has played a key role in reducing unnecessary hospital visits and the burden on health care systems by providing home-based hospital services and ambulatory nursing services. As IoMT devices handle patient data and are connected over the Internet to the complex hospital Information and Communication Technology (ICT) infrastructure, their role in the transformation of healthcare services will introduce a range of new potential risks. Over the past years, several demonstrated attacks in the healthcare domain have indicated cyber security challenges for integrating IoMT devices.
In this paper, we experimentally evaluate the potential risks that accompany the integration of a given IoMT device, here a connected pacemaker, from a hardware and network security perspective. We take a black box testing approach to the pacemaker ecosystem and find key shortcomings that enable several practical and low-cost attacks that impact a patient’s safety and privacy. In particular, we demonstrate the ability to gain control over the home monitoring device and to perform man-in-the-middle attacks. We find that it is possible to bypass hardware security protection mechanisms, to perform remote denial of service attacks, and other attacks. Lastly, we discuss the potential trade-offs in security protection choices and mitigation techniques.
This work was funded by Reinforcing the Health Data Infrastructure in Mobility and Assurance through Data Democratization, a five-year project (grant number 28885) under the Norwegian IKTPLUSS-IKT and Digital Innovation programme.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
References
OWASP firmware security testing methodology. https://scriptingxss.gitbook.io/firmware-security-testing-methodology/
Block, C.C.: Muddy waters report - St. Jude Medical, Inc. Technical report, Muddy Waters Capital LLC (2016). http://www.muddywatersresearch.com/research/stj/mw-is-short-stj/
Bour, G., Moe, M.E.G., Borgaonkar, R.: Experimental security analysis of connected pacemakers. In: Roque, A.C.A., Fred, A.L.N., Gamboa, H. (eds.) Proceedings of the 15th International Joint Conference on Biomedical Engineering Systems and Technologies, BIOSTEC 2022, Volume 1: BIODEVICES, Online Streaming, 9–11 February 2022, pp. 35–45. SCITEPRESS (2022). https://doi.org/10.5220/0010816900003123
Bour, G.N.: Security analysis of the pacemaker home monitoring unit: a blackbox approach. Master’s thesis, NTNU (2019)
Camara, C., Peris-Lopez, P., Tapiador, J.E.: Security and privacy issues in implantable medical devices: a comprehensive survey. J. Biomed. Inform. 55, 272–289 (2015)
CISA: ICS Medical Advisory (ICSMA-20-170-05) (2020). https://us-cert.cisa.gov/ics/advisories/icsma-20-170-05. Accessed 30 Sept 2021
Denning, T., Fu, K., Kohno, T.: Absence makes the heart grow fonder: new directions for implantable medical device security. In: HotSec (2008)
Digital, N.: A clear and present danger (2022). https://digital.nhs.uk/features/a-real-and-present-danger
Europol: Covid-19 sparks upward trend in cybercrime (2022). https://www.europol.europa.eu/media-press/newsroom/news/covid-19-sparks-upward-trend-in-cybercrime
Færestrand, S.: Telekardiologi for jernmonitorering av pacemaker og icd (2010). https://www.legeforeningen.no/contentassets/4896657d08894a6886de725113d89de4/hjerteforum3-2010web08telemedisin.pdf
Golde, N., Feldmann, A.: SMS vulnerability analysis on feature phones. Master’s thesis (2011)
Halperin, D., et al.: Pacemakers and implantable cardiac defibrillators: software radio attacks and zero-power defenses. In: 2008 IEEE Symposium on Security and Privacy (SP 2008), pp. 129–142. IEEE (2008)
Secure design best practice guide (2020). https://www.iotsecurityfoundation.org/wp-content/uploads/2019/03/Best-Practice-Guides-Release-1.2.1.pdf
ISECOM: OSSTMM. https://www.isecom.org/OSSTMM.3.pdf
Justis- og beredskapsdepartementet, Helse- og omsorgsdepartementet: Forskrift om medisinsk utstyr (2005). https://lovdata.no/dokument/SF/forskrift/2005-12-15-1690/%2FT1%2Ftextsection1-5#/T1/textsection1-5
Kok, J.S., Markussen, B.A.: Fuzzing the pacemaker home monitoring unit. Master’s thesis, NTNU (2020)
Li, C., Raghunathan, A., Jha, N.K.: Improving the trustworthiness of medical device software with formal verification methods. IEEE Embed. Syst. Lett. 5(3), 50–53 (2013)
Lie, A.W.: Security analysis of wireless home monitoring units in the pacemaker ecosystem. Master’s thesis, NTNU (2019)
Marin, E., Singelée, D., Garcia, F.D., Chothia, T., Willems, R., Preneel, B.: On the (in) security of the latest generation implantable cardiac defibrillators and how to secure them. In: Proceedings of the 32nd Annual Conference on Computer Security Applications, pp. 226–236 (2016)
Mulliner, C., Golde, N., Seifert, J.P.: SMS of death: from analyzing to attacking mobile phones on a large scale (2011). https://www.usenix.org/conference/usenix-security-11/sms-death-analyzing-attacking-mobile-phones-large-scale
OWASP embedded application security (2020). https://owasp.org/www-project-embedded-application-security/
Rasmussen, K.B., Castelluccia, C., Heydt-Benjamin, T.S., Capkun, S.: Proximity-based access control for implantable medical devices. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 410–419 (2009)
Rios, B., Butts, J.: Security evaluation of the implantable cardiac device ecosystem architecture and implementation interdependencies (2017)
Rostami, M., Juels, A., Koushanfar, F.: Heart-to-heart (H2H) authentication for implanted medical devices. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 1099–1112 (2013)
Savci, H.S., Sula, A., Wang, Z., Dogan, N.S., Arvas, E.: Mics transceivers: regulatory standards and applications [medical implant communications service]. In: Proceedings of the IEEE SoutheastCon, pp. 179–182. IEEE (2005)
Schechter, S.: Security that is meant to be skin deep using ultraviolet micropigmentation to store emergency-access keys for implantable medical devices (2010)
Weinmann, R.P.: Baseband attacks: remote exploitation of memory corruptions in cellular protocol stacks. In: WOOT, pp. 12–21 (2012)
Zheng, G., Shankaran, R., Orgun, M.A., Qiao, L., Saleem, K.: Ideas and challenges for securing wireless implantable medical devices: a review. IEEE Sens. J. 17(3), 562–576 (2016)
Zheng, G., et al.: Finger-to-heart (F2H): authentication for wireless implantable medical devices. IEEE J. Biomed. Health Inform. 23(4), 1546–1557 (2018)
Zheng, G., Zhang, G., Yang, W., Valli, C., Shankaran, R., Orgun, M.A.: From WannaCry to WannaDie: security trade-offs and design for implantable medical devices. In: 2017 17th International Symposium on Communications and Information Technologies (ISCIT), pp. 1–5. IEEE (2017)
Acknowledgments
We very much appreciate the contributions of Éireann Leverett that did some of the initial hardware testing to discover the HMU debug interfaces. Finally, we are grateful to Snorre Aunet and Ingulf Helland from NTNU who took time to help us solder a connector on the HMU.
This work was funded by Reinforcing the Health Data Infrastructure in Mobility and Assurance through Data Democratization, a five-year project (grant number 28885) under the Norwegian IKTPLUSS-IKT and Digital Innovation programme. The authors gratefully acknowledge the financial support from the Research Council of Norway.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Bour, G., Lie, A.W., Kok, J.S., Markussen, B., Moe, M.E.G., Borgaonkar, R. (2023). Security Analysis of the Internet of Medical Things (IoMT): Case Study of the Pacemaker Ecosystem. In: Roque, A.C.A., et al. Biomedical Engineering Systems and Technologies. BIOSTEC 2022. Communications in Computer and Information Science, vol 1814. Springer, Cham. https://doi.org/10.1007/978-3-031-38854-5_5
Download citation
DOI: https://doi.org/10.1007/978-3-031-38854-5_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-38853-8
Online ISBN: 978-3-031-38854-5
eBook Packages: Computer ScienceComputer Science (R0)