Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
© 2015 UL LLC
Anura Fernando – Underwriters Laboratories (UL)
Security of Things
September 10, 2015
Copyright © 2015 UL LL...
Anura S Fernando
Anura S. Fernando is UL’s Principal Engineer for Medical Software &
Systems Interoperability.
Background:...
Not too long ago, we were pretty focused on
what could be done in the cloud…
Slide 3
http://gcn.com/Blogs/Pulse/2012/12/VA...
Now we’re equally interested in what is
happening around the cloud…
Slide 4
http://www.slate.com/blogs/future_tense/2014/0...
What do we call this new domain?...the “Fog”
Slide 5
http://www.bahrainweather.gov.bh/education_fog
…fog computing covers…the IoE
Slide 6
http://www.sintef.no/home/Information-and-Communication-Technology-ICT-old/Software-...
What is “fog computing” (or edge computing)
Slide 7
http://www.frontiersin.org/files/Articles/78030/fnhum-08-00370-r2/imag...
The fog uses pervasive computing technologies
Slide 8
http://2.bp.blogspot.com/-afr-gp6eyl
http://www.untitledname.com/arc...
…with many sensors creating many possibilities
Slide 9
https://blogs.synopsys.com/configurablethoughts/2012/05/sensing-you...
…and new sensor technologies emerging
regularly
Nanotechnologies integrated with textiles
10
H Zhao et al, Nanotechnology ...
Combining wearables with network technologies…
Slide 11
http://ualr.edu/sxyu1/Research.htm
In a “microbiome” of wearable sensors…
http://www.bizjournals.com/sanjose/news/2013/06/21/216-million-geeky-americans-want...
…we can become the “quantified self”
Slide 13
http://www.thethinkingbench.com/the-year-of-the-quantified-self-revolution/
So what risks may lie ahead?
Slide 14
http://www.smarterbusiness.org.uk/business_targets/view/minimiserisks
Understanding new science…What makes fog?
Slide 15
http://www.wsaz.com/blogs/askjosh/53290657.html
Understanding new science…what makes “fog”
Slide 16
Image extracted from Systems Engineering Fundamentals. Defense Acquisi...
Analyzing Risk: Hazard Based Safety Engineering
17
…or Data …or Process
Slide 18
Hazardous
Energy
Source
Transfer
Mechanism
Susceptible
Part
HBSE Premise
ENERGY TRANSFER
INJURY
AND
INADEQUATE
PE...
Applying HBSE to Wearable Technologies
19
Hazardous
Energy
Source
Transfer
Mechanism
Susceptible
Part
HBSE Premise
…or Dat...
We can see some WT IoE risks
20
Optical Radiation
(LASER, UV, etc…)
Privacy, Security, Performance if used by Dr
(Cryptogr...
Even some unique new problems can
arise…”cybersickness”
21
• Eye strain
• Headache
• Pallor
• Sweating
• Dryness of mouth
...
Different layers of the IoE system require different
risk considerations
22
http://sebokwiki.org/wiki/Applying_Life_Cycle_...
What about “big data” from the IoE…
23
http://www.districtoffuture.eu/index.php/mod.pags/mem.detalle/id.10/relcategoria.10...
Where is all this data stored? Is it secure?
Is it correct? Can I trust it?...
Slide 24
Big data problems can be due to little
differences in context
Slide 25
https://blogs.synopsys.com/configurablethoughts/201...
Who should get a reduced premium?
Slide 26
http://www.unfitbits.com/http://www.nutripro.net/become-a-morning-jogger/
Who is a hacker?
Slide 27
http://www.unfitbits.com/
http://impulse.coreatcu.com/opinions/2014/10/30/hacker-culture-bank-ac...
A hacker is…
• Someone who exploits imperfections of the system for personal or
organizational (e.g. nation state) gain.
S...
Different kinds of wearables bring different risks
Slide 29
Created by Beecham Research in Partnership with Wearable Techn...
Managing complexity is a key to security
Slide 30
http://scholar.lib.vt.edu/ejournals/JOTS/v32/v32n1/images/mcquade1.jpg
Defense in depth
Security risk
control
Asset
Breach
Privilege
Control
Managing breaches and elevation of privilege
Architecture can promote safety, security, and
robustness
Sensor A and B fail
dangerously due
to CCF
Sensor A fails
danger...
Specifications, standards, codes, and regulations
can help guide architects and developers
Slide 33
Regulations
Standards
...
Case Study – Healthcare
(ASTM F2761 ICE architecture)
Slide 34
FDA Recognized Consensus Standard
The growing Medical IoT
Slide 35
New solutions: low cost pervasive technologies
36
All this data could help improve healthcare
Slide 37
http://www.cs.purdue.edu/homes/bertino/IIS-eHealth/images/ehealth_ful...
The medical Internet of Things (mIoT)
Digital health devices — defined as “an internet-connected
device or software create...
UL participates with government agencies to
establish perspectives on risk
39
http://www2.idexpertscorp.com/images/uploa
d...
Regulators are balancing risk and innovation…
 FCC Requirements for MBAN and FDA MOU – 24 May 2012
 FDA Guidance: RF Wir...
Consumer product or medical device?
A medical device1 is "an instrument, apparatus, implement, machine,
contrivance, impla...
Labeling can make all the difference…
42
http://www.fda.gov/MedicalDevices/ProductsandMedicalProcedures/Ob
esityDevices/uc...
The struggle to characterize relative risk
Proposed in 2015 draft guidance on low risk general wellness
devices
Whether a ...
Consumer products may be regulated too
US Consumer Product Safety Commission
- Consumer Product Safety Improvement Act (e....
Not just in the US
EU data protection reform allows penalties up to 100m Euros
Ongoing attempts to strictly regulate cyber...
Standards and regulations can stimulate
thinking about the problem space.
46
Is the data properly encrypted?
47
)))))))
Cryptographic Verification
http://img.mit.edu/newsoffice/images/article_images/...
What if my wearable interacts with health IT systems?
WWW
Acme Insurance
Are there new risks to consider?
49
WWW
Acme
Insurance
How secure are my data exchanges?
1001010010100101101010
Has my data been compromised (even a little)?
51
1001010010100101101010X
Single Event Upset or Data Corruption
EXAMPLE:
How do I respond when service is lost?
52
No Data
EXAMPLE:
Reduce the likelihood of breaches
53
Addressing such system robustness issues in general can minimize
weaknesses that hack...
Standards can help establish assurance cases
Slide 54
https://buildsecurityin.us-cert.gov/bsi/1051-BSI/version/default/par...
Regulators Leverage Standards
Aug 6, 2013 FDA Recognized Consensus Standards Support
Interoperability:
There are 25 new st...
http://www.securedgenetworks.com
Technology is enabling rapid product innovation and
new safety standards and regulations ...
UL supports WT and IoE developers through
supply chain and sustainability services
Slide 57
Throughout the entire product lifecycle to
address safety, security, and performance
Slide 58
Thank You
59
Upcoming SlideShare
Loading in …5
×

Securing the Fog

590 views

Published on

Presentation on Medical device security and emerging standards for the Internet of Things. Presented by Anura Fernando of UL at The Security of Things Forum, Sept. 10, 2015.

Published in: Technology
  • I recovered from bulimia. You can too! learn more... ▲▲▲ http://ishbv.com/bulimiarec/pdf
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Securing the Fog

  1. 1. © 2015 UL LLC Anura Fernando – Underwriters Laboratories (UL) Security of Things September 10, 2015 Copyright © 2015 UL LLC ® All rights reserved Securing the Fog
  2. 2. Anura S Fernando Anura S. Fernando is UL’s Principal Engineer for Medical Software & Systems Interoperability. Background: • Degrees in Electrical Engineering, Biology/Chemistry, and Software Engineering • Over 17 years experience at UL with safety critical software and control systems certification; as well as research across many industries – process automation, alternative energy, medical, hazardous locations, appliances, optical radiation, nanotechnology, battery technologies, etc. • Research and publications in Predictive Modeling and Risk Analysis, Cybersecurity, Systems of Systems, Software, Health IT, Apps, and Medical Device safety. • Projects with numerous Fortune 500 companies, DoD, DoE, DHS, FDA, FCC, ONC, NASA and several U.S. National Laboratories Additional experience relevant for this discussion/audience: • Contributed to the development of several standards involving software and Functional Safety as a member in IEC, ISO, ASME committees and Expert Task Force member. • UL lead for the development of the AAMI/UL 2800 family of eHealth standards for interoperable medical device interface safety. • Member of the Federal Advisory Committee FDASIA WG to the Health IT Policy Committee, FDA Medical Device Interoperability Coordinating Council, Medical Device Interoperability Safety Working Group, Health Information Management Systems Society, Association for the Advancement of Medical Instrumentation, and the International Council on Systems Engineering
  3. 3. Not too long ago, we were pretty focused on what could be done in the cloud… Slide 3 http://gcn.com/Blogs/Pulse/2012/12/VA-cloud-Office-365-for-600000-users.aspx
  4. 4. Now we’re equally interested in what is happening around the cloud… Slide 4 http://www.slate.com/blogs/future_tense/2014/08/05/oregon_gulch_fire_photos_show_pyrocumulus_clouds_and_fighter_jets_over_wildfire.html
  5. 5. What do we call this new domain?...the “Fog” Slide 5 http://www.bahrainweather.gov.bh/education_fog
  6. 6. …fog computing covers…the IoE Slide 6 http://www.sintef.no/home/Information-and-Communication-Technology-ICT-old/Software-Engineering-Safety-and-Security/Research-groups/Model-Based-Systems/Ubiquitous-and-mobile-computing/
  7. 7. What is “fog computing” (or edge computing) Slide 7 http://www.frontiersin.org/files/Articles/78030/fnhum-08-00370-r2/image_m/fnhum-08-00370-g001.jpg
  8. 8. The fog uses pervasive computing technologies Slide 8 http://2.bp.blogspot.com/-afr-gp6eyl http://www.untitledname.com/archives/upload/2005/10/bicyclist-cell-phone.jpg http://i-cdn.phonearena.com/images/articles/84906-image/wear.png
  9. 9. …with many sensors creating many possibilities Slide 9 https://blogs.synopsys.com/configurablethoughts/2012/05/sensing-your-world/
  10. 10. …and new sensor technologies emerging regularly Nanotechnologies integrated with textiles 10 H Zhao et al, Nanotechnology 21 (2010) 305502
  11. 11. Combining wearables with network technologies… Slide 11 http://ualr.edu/sxyu1/Research.htm
  12. 12. In a “microbiome” of wearable sensors… http://www.bizjournals.com/sanjose/news/2013/06/21/216-million-geeky-americans-want.html?s=image_gallery
  13. 13. …we can become the “quantified self” Slide 13 http://www.thethinkingbench.com/the-year-of-the-quantified-self-revolution/
  14. 14. So what risks may lie ahead? Slide 14 http://www.smarterbusiness.org.uk/business_targets/view/minimiserisks
  15. 15. Understanding new science…What makes fog? Slide 15 http://www.wsaz.com/blogs/askjosh/53290657.html
  16. 16. Understanding new science…what makes “fog” Slide 16 Image extracted from Systems Engineering Fundamentals. Defense Acquisition University Press, 2001
  17. 17. Analyzing Risk: Hazard Based Safety Engineering 17 …or Data …or Process
  18. 18. Slide 18 Hazardous Energy Source Transfer Mechanism Susceptible Part HBSE Premise ENERGY TRANSFER INJURY AND INADEQUATE PERSONAL SAFEGUARD PERSONAL SAFEGUARD FAILURE NO PERSONAL SAFEGUARD OR INADEQUATE PERSONAL AVOIDANCE AVOIDANCE NOT POSSIBLE AVOIDANCE NOT ATTEMPTED OR BODILY EXPOSURE AND INADEQUATE EQUIPMENT SAFEGUARD EQUIPMENT SAFEGUARD FAILURE NO EQUIPMENT SAFEGUARD OR INADEQUATE EQUIPMENT SAFEGUARD EQUIPMENT SAFEGUARD FAILURE NO EQUIPMENT SAFEGUARD OR HAZARDOUS ENERGY AND (EVENT) OR (EVENT) OR HBSE Standard Injury Fault Tree No No IDENTIFY ENERGY SOURCE IS SOURCE HAZARDOUS? IDENTIFY MEANS BY WHICH ENERGY CAN BE TRANSFERRED TO A BODY PART DESIGN SAFEGUARD WHICH WILL PREVENT ENERGY TRANSFER TO A BODY PART MEASURE SAFEGUARD EFFECTIVENESS IS SAFEGUARD EFFECTIVE? DONE Yes Yes HBSE Process …or Data …or Process Analysis Drives UL’s Safety Testing and Certification
  19. 19. Applying HBSE to Wearable Technologies 19 Hazardous Energy Source Transfer Mechanism Susceptible Part HBSE Premise …or Data …or Process Are there any hazards?
  20. 20. We can see some WT IoE risks 20 Optical Radiation (LASER, UV, etc…) Privacy, Security, Performance if used by Dr (Cryptographic verification, HIPAA) Acoustic Energy Data Integrity, Usability
  21. 21. Even some unique new problems can arise…”cybersickness” 21 • Eye strain • Headache • Pallor • Sweating • Dryness of mouth • Fullness of stomach • Disorientation • Vertigo2 • Ataxia3 • Nausea • Vomiting. Viola, SIGCHI Bulletin Volume 32, Number 1 January 2000
  22. 22. Different layers of the IoE system require different risk considerations 22 http://sebokwiki.org/wiki/Applying_Life_Cycle_Processes
  23. 23. What about “big data” from the IoE… 23 http://www.districtoffuture.eu/index.php/mod.pags/mem.detalle/id.10/relcategoria.1077/relmenu.5
  24. 24. Where is all this data stored? Is it secure? Is it correct? Can I trust it?... Slide 24
  25. 25. Big data problems can be due to little differences in context Slide 25 https://blogs.synopsys.com/configurablethoughts/2012/05/sensing-your-world/
  26. 26. Who should get a reduced premium? Slide 26 http://www.unfitbits.com/http://www.nutripro.net/become-a-morning-jogger/
  27. 27. Who is a hacker? Slide 27 http://www.unfitbits.com/ http://impulse.coreatcu.com/opinions/2014/10/30/hacker-culture-bank-account-mine/ http://www.gizmag.com/funtoro-bus-coach-infotainment-system/15056/
  28. 28. A hacker is… • Someone who exploits imperfections of the system for personal or organizational (e.g. nation state) gain. Slide 28 http://sebokwiki.org/wiki/Applying_Life_Cycle_Processes http://www.ibis-instruments.com/index.php?link=en/menu/2211/protocol-analysis http://www.quora.com/What-is-wireless-sensor-network-WSN-technology
  29. 29. Different kinds of wearables bring different risks Slide 29 Created by Beecham Research in Partnership with Wearable Technologies Group http://www.hl7standards.com/blog/2013/09/12/redesigning-wearable-tech/
  30. 30. Managing complexity is a key to security Slide 30 http://scholar.lib.vt.edu/ejournals/JOTS/v32/v32n1/images/mcquade1.jpg
  31. 31. Defense in depth Security risk control Asset Breach Privilege Control Managing breaches and elevation of privilege
  32. 32. Architecture can promote safety, security, and robustness Sensor A and B fail dangerously due to CCF Sensor A fails dangerously Sensor B fails dangerously Sensor system fails dangerously
  33. 33. Specifications, standards, codes, and regulations can help guide architects and developers Slide 33 Regulations Standards Specifications Codes
  34. 34. Case Study – Healthcare (ASTM F2761 ICE architecture) Slide 34 FDA Recognized Consensus Standard
  35. 35. The growing Medical IoT Slide 35
  36. 36. New solutions: low cost pervasive technologies 36
  37. 37. All this data could help improve healthcare Slide 37 http://www.cs.purdue.edu/homes/bertino/IIS-eHealth/images/ehealth_full.jpg
  38. 38. The medical Internet of Things (mIoT) Digital health devices — defined as “an internet-connected device or software created for detection or treatment of a medical indication” — saved the US healthcare system $6 billion last year in the form of improved medication adherence, behavior modifications and fewer emergency room visits. They predict that savings will grow to $10 billion in 2015, $18 billion in 2016, $30 billion in 2017 and $50 billion in 2018. - Accenture 38
  39. 39. UL participates with government agencies to establish perspectives on risk 39 http://www2.idexpertscorp.com/images/uploa ds/ehr.jpg http://static.ddmcdn.com/gif/wireless- network-1a.jpg http://www.commercialintegrator.com/ FDA Safety and Innovation Act (FDASIA WG)
  40. 40. Regulators are balancing risk and innovation…  FCC Requirements for MBAN and FDA MOU – 24 May 2012  FDA Guidance: RF Wireless Technology…– 13 Aug 2013  FDA Guidance for Home Use Devices – 24 Nov 2014  FDA Draft Guidance: General Wellness (Low Risk) – 20 Jan 2015  FDA Guidance: Mobile Medical Applications – 25 Sept 2013  EC Guidance Document – Qualification and Classification of stand alone software (MEDDEV 2.1/6) – Jan 2012  FDA Final Rule: MDDS – 15 Feb 2011  FDA Guidance: Medical Device Data Systems, Medical Image Storage Devices, and Medical Image Communications Devices – 9 Jan 2015  FDA Guidance: Management of Cybersecurity – 2 Oct 2014
  41. 41. Consumer product or medical device? A medical device1 is "an instrument, apparatus, implement, machine, contrivance, implant, in vitro reagent, or other similar or related article, including a component part, or accessory which is: recognized in the official National Formulary, or the United States Pharmacopoeia, or any supplement to them, intended for use in the diagnosis of disease or other conditions, or in the cure, mitigation, treatment, or prevention of disease, in man or other animals, or intended to affect the structure or any function of the body of man or other animals, and which does not achieve any of its primary intended purposes through chemical action within or on the body of man or other animals and which is not dependent upon being metabolized for the achievement of any of its primary intended purposes." http://www.fda.gov/aboutfda/transparency/basics/ucm211822.htm 41
  42. 42. Labeling can make all the difference… 42 http://www.fda.gov/MedicalDevices/ProductsandMedicalProcedures/Ob esityDevices/ucm350134.htm Treat Obesity vs. Manage Weight
  43. 43. The struggle to characterize relative risk Proposed in 2015 draft guidance on low risk general wellness devices Whether a device is low risk for purposes of this guidance is determined by whether or not the product: 1) is invasive; 2) involves an intervention or technology that may pose a risk to a user’s safety if device controls are not applied, such as risks from lasers, radiation exposure, or implants; 3) raises novel questions of usability; or 4) raises questions of biocompatibility. 43
  44. 44. Consumer products may be regulated too US Consumer Product Safety Commission - Consumer Product Safety Improvement Act (e.g. wearable tech considered childrens’ “jewelry”) - Mechanisms to facilitate recalls US Federal Trade Commission - Federal Trade Commission Act (e.g. FTC levies fines against melanoma detection apps…”lacks adequate evidence to support their claims”…) - …”unfair or deceptive acts or practices in or affecting commerce; (b) seek monetary redress and other relief for conduct injurious to consumers”… Occupational Safety and Health Administration - Most employees in the US come under OSHA jurisdiction (e.g. NIOSH recommendations for body-worn RFID) 44
  45. 45. Not just in the US EU data protection reform allows penalties up to 100m Euros Ongoing attempts to strictly regulate cybersecurity in China has included tight controls of supply chain and significant IP disclosures for imported products. Cyber security is one of Australia's national security priorities under the Prime Minister's 2008 National Security Statement. Australia's national security, economic prosperity and social wellbeing rely on the availability, integrity and confidentiality of a range of information and communications technology. This includes desktop computers, the internet, telecommunications, mobile communications devices and other computer systems and networks. 45
  46. 46. Standards and regulations can stimulate thinking about the problem space. 46
  47. 47. Is the data properly encrypted? 47 ))))))) Cryptographic Verification http://img.mit.edu/newsoffice/images/article_images/20110214123646-1.jpg
  48. 48. What if my wearable interacts with health IT systems? WWW Acme Insurance
  49. 49. Are there new risks to consider? 49 WWW Acme Insurance
  50. 50. How secure are my data exchanges? 1001010010100101101010
  51. 51. Has my data been compromised (even a little)? 51 1001010010100101101010X Single Event Upset or Data Corruption EXAMPLE:
  52. 52. How do I respond when service is lost? 52 No Data EXAMPLE:
  53. 53. Reduce the likelihood of breaches 53 Addressing such system robustness issues in general can minimize weaknesses that hackers could exploit. Slide 53 http://sebokwiki.org/wiki/Applying_Life_Cycle_Processes http://www.ibis-instruments.com/index.php?link=en/menu/2211/protocol-analysis http://www.quora.com/What-is-wireless-sensor-network-WSN-technology
  54. 54. Standards can help establish assurance cases Slide 54 https://buildsecurityin.us-cert.gov/bsi/1051-BSI/version/default/part/ImageData/data/Assurance_Cases_and_LifeCycle_Processes.png Safety Standards
  55. 55. Regulators Leverage Standards Aug 6, 2013 FDA Recognized Consensus Standards Support Interoperability: There are 25 new standards grouped mainly into three categories: 1. Managing risk in a connected and networked environment; 2. Nomenclature, frameworks and medical device specific communications, including system and software lifecycle process; 3. Cybersecurity including standards from the industrial control systems arena that are relevant to medical devices. Coming soon: AAMI / UL 2800 – interoperable medical device safety
  56. 56. http://www.securedgenetworks.com Technology is enabling rapid product innovation and new safety standards and regulations are emerging 56 IDEA PRODUCT & SERVICE Managing innovation and regulatory change
  57. 57. UL supports WT and IoE developers through supply chain and sustainability services Slide 57
  58. 58. Throughout the entire product lifecycle to address safety, security, and performance Slide 58
  59. 59. Thank You 59

×