1. CYBERSECURITY AND CARDIAC
IMPLANTABLE ELECTRONIC DEVICES
Under the guidance of
Ms. Sivasankari K and Ms. Judy Flavia B
(Assistant Professor,
Department of Computer Science and Engineering)
RA2011030020101 - R. Santosh Krishnaa
RA2011030020114 – Sriniketh Krishna V
RA2011030020120 – Vamshik Aashishwar
SRM Institute of Science and Technology, Ramapuram Campus
DEPARTMENT OF COMPUTER SCIENCE AND
ENGINEERING
Batch No: 8
19-Nov-21
Department of Computer Science and
Engineering
1
2. ABSTRACT
Today, cardiac implantable electronic devices (CIEDs), such as pacemakers and
ICDs, play a significant role in healthcare ecosystems as patient life support
devices. A dedicated programmer device is used to program, control and
configure the CIEDs on a regular basis. The programmer device is open to
external connections (e.g., USB, Bluetooth, etc.) and thus it might be exposed to a
variety of cyber-attacks by which an attacker can manipulate the programmer
device’s operations and consequently harm the patient. In this paper, we present
CardiWall, a detection and prevention system designed to protect ICDs from
cyber-attacks aimed at the programmer device. This work has six different layers
of protection, leveraging medical experts’ knowledge, statistical methods and
machine learning algorithms. The CardiWall system has been extensively
evaluated in two comprehensive experiments. For the evaluation, data was
gathered for a period of four years and 775 benign clinical commands that are
related to hundreds of different patients and 28 malicious clinical commands were
used. Internet of Medical Things or IoMT is the most wanted technology in the
healthcare sector.
19-Nov-21
Department of Computer Science and
Engineering
2
3. INTRODUCTION
An implanted medical device is a medical device that is implanted within the
patient’s body. The number of people who use implanted medical devices, such as
cardiac implantable electronic devices (CIEDs), is increasing each year. Cardiac
implantable electronic device (CIED) replacement is surgery to replace a device
that helps control your heart rhythm. The procedure may replace an implantable
cardioverter defibrillator (ICD) or a pacemaker. In most cases, it's a simple
outpatient procedure that doesn't require ovrnight hospitalization. More and more
people undergo surgery to receive an implanted device every year, including
influential and prominent individuals around the world, such as former U.S. Vice
President, Dick Cheney and Israel President, Reuven Rivlin. In 2013, Cheney’s
implantable cardioverter defibrillator (ICD) was replaced by another device
without wireless capability, in order to mitigate the risk of device tampering by a
terrorist.
19-Nov-21
Department of Computer Science and
Engineering
3
4. INTRODUCTION(Contd..)
According to the survey, CIEDs usually contain an embedded operating system
(e.g., Windows or Linux) and advanced electronic components, all of which are
aimed at improving a patient’s physical functioning. These advanced electronic
components could suffer from the same security breaches and vulnerabilities that
exist in the operating systems they are based on, or alternatively, they can suffer
from new vulnerabilities associated with their additional components. In both
cases, attackers aim at exploiting such breaches and vulnerabilities in order to
manipulate the normal behavior of the medical device and launch their attack. In
recent years, there has been an increase in the discovery of vulnerabilities and
risks associated with pacemakers and ICDs. For the first time in history, the FDA
announced that a firmware update would be executed on every Abbott’s
pacemaker found by MedSec to be vulnerable to cyber-attacks, instead of issuing a
massive recall of the devices. This finding supports the claim that implantable
devices are hackable.
19-Nov-21
Department of Computer Science and
Engineering
4
5. INTRODUCTION(Contd..)
The programmer device allows connections from other devices and peripherals,
such as a keyboard, mouse, or flash drive, via a USB socket, Bluetooth, and
Ethernet, in order to allow doctors or technicians to more comfortably use the
programmer device and to give them the ability to extract data from it. These
connectivity capabilities open the door to cyber-attacks, enabling attackers to
penetrate the programmer devices and inject malware into them. For instance, a
doctor could attach an infected USB flash drive to the programmer device that can
install a malware or cause a firmware update to the programmer device using
malware resident on the connected USB device. In each case, the original
functionality of the programmer device can be altered according to the attacker’s
aims, a scenario which can endanger patients.
19-Nov-21
Department of Computer Science and
Engineering
5
6. OBJECTIVE
This paper details the proposed Secure Implanted Medical Device (SIMD) system.
The SIMD system is an add-on module for existing medical devices. This solution
is differentiable from the currently proposed solutions in two ways. The first is
that it is applicable to a wide spectrum of medical devices. The second
differentiating aspect of this proposed solution is that it can be readily deployed by
any medical device manufacturer in the near term. This allows it to be used to
mitigate current vulnerabilities.
19-Nov-21
Department of Computer Science and
Engineering
6
7. SCOPE
As stated earlier there are a number of ways to hack ICDs and harm the patient.
The programmer device of the ICDs allows connections from other devices and
peripherals, such as a keyboard, mouse, or flash drive, via a USB socket,
Bluetooth, and Ethernet which makes them vulnerable to cyber attacks by
attackers. For instance, a doctor could attach an infected USB flash drive to the
programmer device that can install a malware or cause a firmware update to the
programmer device using malware resident on the connected USB device. In each
case, the original functionality of the programmer device can be altered according
to the attacker’s aims, a scenario which can endanger patients.
CIEDs monitored using IOT have drawbacks as well. IoT imposes major
vulnerabilities with such interconnection and any disturbance could cause
significant destruction or life-impeding demands. Various attacks may be made to
jeopardize both IoT implantable therapeutic equipment and networks. Security and
privacy concerns should also be considered, such as identification, data integrity,
confidentiality, authentication, and user and service privacy.
19-Nov-21
Department of Computer Science and
Engineering
7
8. PROBLEM STATEMENT
The current system is inefficient. Pacemakers are susceptible to
hacking and somebody very near to the patient can do so with assistive
devices. Patient safety issues with respect to pacemakers are largely
confined to those resulting from oversensing or the potential of sudden
battery depletion. As happens with other causes of electromagnetic
interference (radiation therapy, electrocautery, and welding) the detection
of signals of noncardiac origin may inhibit pacing, inducing prolonged
periods of asystole with the consequent risk of syncope or sudden death.
Sudden battery depletion is also most clinically relevant in a pacing-
dependent patient.
19-Nov-21
Department of Computer Science and
Engineering
8
9. 19-Nov-21
Department of Computer Science and
Engineering
9
RELATED WORKS
S.NO TITLE ABOUT ADVANTAGES LIMITATIONS
1. Wireless power
transmission
equipment used for
implantable
cardiac
pacemakers
A novel inductive
power transfer
(IPT) system with
redundant parallel
receiving coils is
proposed to
enhance the
system's power
capacity and the
WPT system is
still guaranteed to
work properly in
the event of a fault
in any of the
receiving coils.
The WPT system
is still guaranteed
to work properly in
the event of a fault
in any of the
receiving coils, to
avoid affecting the
health and safety
of users due to the
power supply of
the implantable
cardiac
pacemakers.
The long-term
stability of the
continuous supply
of energy to these
implanted medical
devices.
10. 19-Nov-21
Department of Computer Science and
Engineering
10
2 CardiWall: A
Trusted Firewall
for the Detection of
Malicious Clinical
Programming of
Cardiac
Implantable
Electronic Devices
CardiWall, a novel
detection and
prevention system
designed to protect
ICDs from cyber-
attacks aimed at
the programmer
device.
Cardiwall prevents
cyber attacks on
the CIED and thus
protects the
patient’s life.
The programmer
device is open to
external
connections (e.g.,
USB, Bluetooth,
etc.), and thus it is
exposed to a
variety of cyber-
attacks.
3 A Secure
Framework for
Remote
Healthcare
Monitoring
using the
Internet of
Medical Things
In this paper, we
propose a secure
framework for
healthcare
monitoring using
the Internet of
Medical Things
(IoMT).
Prevents security
attacks and leakage
of sensitive data.
The four methods
have a linear
computational
complexity O(n)
RELATED WORKS
11. 19-Nov-21
Department of Computer Science and
Engineering
11
4. Security and
privacy issues of
data-over-sound
technologies
used in IoT
healthcare
devices
This paper presents
an analysis of an IoT
healthcare device, a
mobile
electrocardiograph,
which is capable of
maintaining data-
over-sound
communication with
a smartphone.
Successfully
reversed the
proprietary data-
over-sound protocol
used by the IoT
healthcare device
and subsequently
identified several
vulnerabilities
associated with the
device.
Internet of things
(IoT) healthcare
devices use
proprietary protocol
communications.
These proprietary
protocols are not
audited and may
present security
flaws.
5. A New Security
Framework for
Remote Patient
Monitoring Devices
This paper presents a
framework for
secure and private
communications
between wearable
medical devices and
patient monitoring
systems.
Developing a
framework for
combating
unauthorized access
to data through the
compromising of
computer security.
Specifically, hiding
targets from cyber-
attackers could
prevent our system
from future cyber-
attacks.
Connecting a
patient's pacemaker
to the Internet has
many advantages for
this connectivity
opens a new door for
cyber-attackers to
steal the patient data
or even control the
pacemaker or
damage it.
RELATED WORKS
12. EXISTING SYSTEM
The existing system is not too effective. Medical devices have been targets of
hacking for over a decade, and this cybersecurity issue has affected many types of
medical devices. Lately, the potential for hacking of cardiac devices (pacemakers
and defibrillators) claimed the attention of the media, patients, and health care
providers. This is a burgeoning problem that our newly electronically connected
world faces.
Cardiac implantable electronic device (CIED) replacement is surgery to replace a
device that helps control your heart rhythm. The procedure may replace an
implantable cardioverter defibrillator (ICD) or a pacemaker. In most cases, it's a
simple outpatient procedure that doesn't require overnight hospitalization.
19-Nov-21
Department of Computer Science and
Engineering
12
13. PROPOSED SYSTEM
25/8/2021 yolov3
1. CardiWall provides a defense mechanism against attacks that are initiated from
compromised programmer device aimed at CIEDs.
2. CardiWall inspects and analyzes the content of the programmings sent from the
programmer device to the ICD, rather than the meta-data (e.g., information about
the connection used, etc.).
3. CardiWall uses a real dataset, originating from real CIED patients’ treatments at
different hospitals and clinics, of programmings sent to patients’ ICD devices.
4. CardiWall can be used for detecting design and implementation bugs in the
programmer’s software, preventing human errors (e.g., technicians, doctors, etc.); it
can also be used by interns for educational purposes.
15. MODULES
There are 6 layers:-
Deterministic Rules
Parameters’ Values Outliers
Parameters’ Change Outlier
Delta Of Change
Combinations Of Parameters
Classic ML Algorithms
19-Nov-21
Department of Computer Science and
Engineering
15
16. Module Description
DETERMINISTIC LAYER
This layer contains a set of rules that were written and defined by cardiology
experts who know the parameters that are configured in each programming device
and are aware of the dangers that can result from certain values for certain
parameters.
PARAMETERS’ VALUES OUTLIERS
When the system tests a new programming, it will go through all of the
programming’s parameters and check whether it contains a parameter with a
value. The probability of appearance should be lower than a threshold value which
is set based on a predefined baseline threshold value. In cases in which there is
such a parameter value, the system will issue an alert that this programming as
malicious or anomalous. The system will also flag the parameter and its value, so
the doctor can see why the system has issued an alert.
19-Nov-21
Department of Computer Science and
Engineering
16
17. Module Description
PARAMETERS’ CHANGE OUTLIERS
In this layer, the system learns the number of times each specific parameter’s
value was changed during a visit for each parameter, over all the patients and
visits. Based on that the system calculates the probability of a change of each of
the parameters. We have 2 values as the values of the parameters before and after
the visit. The system will issue an alert about a malicious programming if one or
more values have changed, and the value of one of these parameters is less than
the specific threshold. The system will also flag the parameter and its value, so the
doctor can see why the system has issued an alert.
19-Nov-21
Department of Computer Science and
Engineering
17
18. Module Description
AMOUNT/DELTA OF CHANGE
Like the previous layer, this layer also deals with the changes that have been made
to the values of the parameters in the programming from the data collection.
However, in this layer the system notes the probability of the change of a
parameter’s value by a specific delta amount. For example, let’s say the system
checks the probability of changing the basic rate parameter by any possible delta
value. When the system tests a new programming which changes a parameter with
delta value, and that value is less than the predefined threshold value, the system
will issue an alert flagging this programming as malicious or anomalous. The
system will also flag the parameter and its value, so the doctor can see why the
system has issued an alert.
19-Nov-21
Department of Computer Science and
Engineering
18
19. Module Description
COMBINATIONS OF PARAMETERS
In this layer, the system learns the probability of each combination of values of
every pair of two parameters in the programmings from the data collected.
When the system tests a new programming, it will check all of the combinations
of every pair of parameter values in order to find a combination with the
probability that is less than a predefined threshold value. If the system finds such
a combination, it will issue an alert flagging this programming as malicious. The
system will also flag the parameter and its value, so the doctor can see why the
system has issued an alert.
19-Nov-21
Department of Computer Science and
Engineering
19
20. Module Description
CLASSIC MACHINE LEARNING ALGORITHMS
In this layer we use machine learning algorithm which suits the anomaly detection
problem, in order to detect anomalies in new programmings. This machine
learning approach is added as the final layer. Machine learning methods have
demonstrated the ability to find relations between the various features that
represent data (in our case, these are the configuration parameters of the ICDs),
and this ability, which cannot be applied by simple statistics or a human expert,
might improve our results. The key is to extract the informative features from the
data and leverage them using the appropriate machine learning algorithm.
19-Nov-21
Department of Computer Science and
Engineering
20
21. Conclusion
In this paper, CardiWall, a novel detection and prevention system aimed at the
detection of malicious clinical commands sent from the programmer device to
implantable cardioverter defibrillators. The CardiWall system consists of six
different layers. Layers I-VI are aimed at the detection of several kinds of
anomalies, i.e., anomaly values of parameters, anomaly combinations of values of
parameters and anomalies in the change of the values of parameters. Layer VI uses
OneClass SVM, a classic machine learning algorithm for anomaly detection, in
order to improve the performance of the system. The novel detection system was
evaluated extensively in two comprehensive experiments. For the evaluation, we
used a collection of 803 programming samples. Each programming contains 260
parameters that configure the patient’s ICD. The benign programming’s, 775 in
total, of hundreds of different patients were obtained from different programmer
devices. The malicious programming’s, 28 in total, were created by two
cardiology experts, and are intended to harm the patients in different ways, in case
they will be delivered to their ICDs.
19-Nov-21
Department of Computer Science and
Engineering
21
22. Conclusion (contd..)
Therefore by using Firewall Systems as a middle man in between the programmer
device and an ICD we can protect the patient’s life from attacks. Not only does it
protect the patient’s life by helping the ICDs to function better, the medical
experts can do their job in the medical side and the cyber experts can take care of
the technical side.
19-Nov-21
Department of Computer Science and
Engineering
22
23. REFERENCES
[1] M. J. P. Raatikainen, D. O. Arnar, K. Zeppenfeld, J. L. Merino, F. Levya, G.
Hindriks, and K.-H. Kuck, ‘‘Statistics on the use of cardiac electronic devices and
electrophysiological procedures in the European society of cardiology countries: 2014
report from the European heart rhythm association,’’ Europace, vol. 17, no. 1, pp. i1–
i75, Jan. 2019.
[2] J. News. (2019). Israel’s President Rivlin to be Fitted With a Pacemaker.
[3] T. Verge. (2020). Dick Cheney had the Wireless Disabled on his Pacemaker to
Avoid Risk of Terrorist Tampering
[4] C. Camara, P. Peris-Lopez, and J. E. Tapiador, ‘‘Security and privacy issues in
implantable medical devices: A comprehensive survey,’’ J. Biomed. Informat., vol.
55, pp. 272–289, Jun. 2019.
[5] Safety Alerts for Human Medical Products—Implantable Cardiac Pacemakers by
Abbott (formerly St. Jude Medical): Safety Communication— Firmware Update to
Address Cybersecurity Vulnerabilities, FDA, Silver Spring, MD, USA, 2020.
19-Nov-21
Department of Computer Science and
Engineering
23