SlideShare a Scribd company logo

The Harsh Reality of Slow Movers

ā€¢
ā€¢
The Security of Things Forum
The Security of Things Forum

Medical device security and cyber risk: a presentation by Ben Ransford, CTO of Virta Labs

Technology
1 of 37
Download to read offline
ā˜¤ TM Not So Fast! The Harsh Reality of Slow Movers Ben Ransford, Ph.D.Virta Laboratories, Inc.ben@virtalabs.com @secthings 2015
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM ā€“George Santayana, The Life of Reason vol. 1 ā€œThose who cannot remember the past are condemned to repeat it.ā€ 2
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Outline ā€¢ Medical-device security: a cautionary tale ā€¢ Lessons for IoT ā€¢ Outside-the-box anomaly/malware detection 3
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Amazing devices! 4 1957 Photos: Medtronic, Computer History Museum
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Amazing devices! 5 Therac-25 (ca. 1980s) Photo: SIUE
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Amazing devices! 6 EFIBRILLATOR (AED) W mated external deļ¬brillators ntessential software-based ty. The term deļ¬brillator that use large electrical that might otherwise lead e divided into two types: types of deļ¬brillators treat adically different in design lowing analogy: implanted s external deļ¬brillators are er are prescribed and tuned er are available for general two further classiļ¬cations automated. Trained health external deļ¬brillators to . Our work analyzes the eļ¬brillators (AEDs) that a g may use to treat a more rdiac arrhythmias such as Fig. 1. The Cardiac Science G3 Plus exploited to install our custom ļ¬rmware. The AED displays DEVICE COMPROMISED. administered can be 150-300 Joules, which can be administered multiple times on one battery before the device requires a External Deļ¬brillator (1985ā€“) Photo: Steve Hanna et al., ā€œTake Two Software Updates and See Me in the Morningā€¦ā€, USENIX HealthTech 2011
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Amazing devices! 7 Patient monitor Infusion pump Photos: Philips, Hospira, The Register/Medtronic Insulin pump
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Amazing devices! 8 2003ā€Ø pacemaker 2013ā€Ø pacemaker prototype Photos: Ben Ransford; Medtronic
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM What Could Go Wrong? ā€¢ Increasing software dependence ā€¢ Increasing software complexity ā€¢ Deeper integration with medical records, hospital IT, patientsā€™ homes & bodies ā€¢ 1980s: 6% of recalls due to software* ā€¢ 2005ā€“9: 18% of recalls due to software* 9 * Hanna et al., HealthTech 2011
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Amazing harmful devices! 10 Therac-25 (ca. 1980s, recalled 1987) Photo: SIUE
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Amazing open devices! 11 EFIBRILLATOR (AED) W mated external deļ¬brillators ntessential software-based ty. The term deļ¬brillator that use large electrical that might otherwise lead e divided into two types: types of deļ¬brillators treat adically different in design lowing analogy: implanted s external deļ¬brillators are er are prescribed and tuned er are available for general two further classiļ¬cations automated. Trained health external deļ¬brillators to . Our work analyzes the eļ¬brillators (AEDs) that a g may use to treat a more rdiac arrhythmias such as Fig. 1. The Cardiac Science G3 Plus exploited to install our custom ļ¬rmware. The AED displays DEVICE COMPROMISED. administered can be 150-300 Joules, which can be administered multiple times on one battery before the device requires a External Deļ¬brillator (1985ā€“) Photos: Hanna et al., ā€œTake Two Software Updates and See Me in the Morningā€¦ā€, USENIX HealthTech 2011 return address is checked, which allows us to redirect progra ļ¬‚ow into arbitrary code. Fig. 2. AEDUpdate buffer overļ¬‚ow. Executed code includes a message b showing the potential ļ¬‚ow of the vulnerability from the AED (if the ļ¬rmw were replaced) to the software.
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 2008: šŸ˜ŗā‡ šŸ‘œ ā€¢ Academic study of an implantable deļ¬brillator (IEEE S&P ā€˜08) ā€¢ Focused security community on medical devicesā€¦ oopsie! 12 Photos: Medtronic, Ben Ransford
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 13 ā€¢ No authentication ā€¢ No encryption ā€¢ Unauthorized shocks Photos: Ben Ransford
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 2009ā€“2011 ā€¢ Insulin pump & deļ¬brillator hacks (Barnaby Jack, J. Radcliļ¬€e, others) ā€¢ No authentication ā€¢ Unauthorized bolus 14 Photo: The Register/Medtronic
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Wall Street Journal, June 2013, on a catheterization lab shut down by malware ā€œ...records show that malware had infected computer equipment needed for procedures to open blocked arteries after heart attacks.ā€ 15 2013
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 2013 ā€¢ Pharmaceutical compounder (HealthTech ā€™13) ā€¢ Must be on network, patching forbidden 16 Photo: Ben Ransford
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 17 Photo: Ohemaa's MD Major hospitals say: 3ā€“5 years: >90% of medical devices will be on the network
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Lessons for IoT! 18
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM A RECIPE FOR SUCCESS 19
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Donā€™t Patch the OS ā€¢ Microsoft has ļ¬gured out Windows security by now ā€¢ The Linux kernel is perfect, always works ā€¢ ā€œAlternativeā€ OSes wonā€™t be targeted 20
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Donā€™t Patch Libraries ā€¢ You wrote all of the deviceā€™s code & libraries ā€¢ No need to update OpenSSL, PHP, Apache, etc. 21
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Use Default Secrets ā€¢ Use default passwords whenever possible ā€¢ Make passwords diļ¬ƒcult to change ā€¢ Ship master keys w/ devices ā€¢ Hard-code credentials 22
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Be Very Liberal in What You Accept ā€¢ Download software via insecure channels ā€¢ Donā€™t cryptographically sign software ā€¢ Itā€™s probably ļ¬ne ā€¢ Who would tamper with ļ¬rmware? ā€¢ Anyway tampering is illegal 23 II. AUTOMATED EXTERNAL DEFIBRILLATOR (AED) OVERVIEW In this section, we introduce automated external deļ¬brillators and discuss why they represent a quintessential software-based medical device to investigate security. The term deļ¬brillator refers to a broad class of devices that use large electrical shocks to treat cardiac arrhythmias that might otherwise lead to a fatal outcome. Deļ¬brillators are divided into two types: implantable or external. While both types of deļ¬brillators treat cardiac arrhythmias, the devices are radically different in design and purpose. One could draw the following analogy: implanted deļ¬brillators are to mobile phones as external deļ¬brillators are to public phone call boxes. The former are prescribed and tuned to a particular person whereas the latter are available for general use when you can ļ¬nd one. There are two further classiļ¬cations of external deļ¬brillators: manual or automated. Trained health care professionals may use manual external deļ¬brillators to treat a wide range of arrhythmias. Our work analyzes the second class: automated external deļ¬brillators (AEDs) that a person with limited medical training may use to treat a more limited (but common) number of cardiac arrhythmias such as ventricular ļ¬brillation. Fig. 1. The Cardiac Science G3 Plus exploited to install our custom ļ¬rmware. The AED displays DEVICE COMPROMISED. administered can be 150-300 Joules, which can be administered Photo: Steve Hanna et al., ā€œTake Two Software Updates and See Me in the Morningā€¦ā€, USENIX HealthTech 2011
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Obscurity == Security ā€¢ Nobody will scan your devices ā€¢ Nobody will obtain your ļ¬rmware via JTAG ā€¢ Compilation is the same as encryption ā€¢ Leave a network port open for ā€œdebuggingā€ 24 Photo: Dotmed
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 25 VOILƀ!
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Deep Integration ā†’ Fixity ā€¢ Once something works, donā€™t want to touch it ā€¢ Sometimes replacement is really hard ā€¢ Environment changes ā†’ threats change too 26 Major surgery,ā€Ø ~10yr battery Photo: Ben Ransford
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM IoT and Slow Movers ā€¢ You want integration + customer dependence? ā€¢ All bets are oļ¬€ once a Thing is deployed ā€¢ Customers will depend on your old/stale code ā€¢ Customers will depend on your old URLs ā€¢ You think you know how customers will use your product, but you donā€™t ā€¢ Optimize products & processes for patchability 27
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM The Mess Weā€™re In ā€¢ Major healthcare breaches afoot (Anthem: 80M!) ā€¢ Attackers roost on systems that wonā€™t get patched (TrapX ā€œMedjackā€ report) ā€¢ Backward thinking about patching ā€¢ Perimeter security is not a solution ā€¢ ā€œEndpoint securityā€ vendors ignore medical devices (as they ignore Things) 28
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 29
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Outside the Box ā€¢ Nonintrusive monitoring ā€¢ No software installation ā€¢ Devices stay in service ā€¢ Use the power side channel to infer tasks, detect unusual behavior incl. malware 30 (In beta!) Photo: Ben Ransford/Virta Labs
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 31 Photo: Atomic Toasters
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 32
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Current Consumption Varies ā€¢ Todayā€™s CPUs and software are careful to use power management! ā€¢ Modern systems exhibit high dynamic range ā€¢ Workloads āžž patterns of high/low ā€¢ CPU busy āžž more current ā€¢ Peripherals busy āžž more current ā€¢ Idle time āžž less current 33 Image: Apple
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Learning from Analog Data ā€¢ Collect data during representative activity ā€¢ Constantly collect power signals ā€¢ Featurize signals, feed features to machine learning ā€¢ Feed analysis results back to customers ā€¢ Crowdsource problems across customers 34
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Qā€™s We Can A ā€¢ What state is the device in? Have we seen this state before? ā€¢ Does the device have certain kinds of malware? ā€¢ How fast is it doing its work? 35
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 36 VIRTA LABORATORIES UNKNOWN MALWARE
Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Takeaways ā€¢ For IoT manufacturers: Recognize security debt, plan for long lifecycle ā€¢ For users: Insist on coherent patching strategies that have a time dimension ā€¢ For security researchers: Roll up sleevesā€Ø ā€Ø ā€Ø Twitter: @virtalabs / @br_ā€Ø Beta program: https://www.virtalabs.com/ 37

Recommended

Patient Centric Cyber Monitoring with DocBox and Evolver
Patient Centric Cyber Monitoring with DocBox and EvolverPatient Centric Cyber Monitoring with DocBox and Evolver
Patient Centric Cyber Monitoring with DocBox and EvolverThe Security of Things Forum
Ā 
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011 Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011 shawn_merdinger
Ā 
Network Connected Medical Devices - A Case Study
Network Connected Medical Devices - A Case StudyNetwork Connected Medical Devices - A Case Study
Network Connected Medical Devices - A Case StudySophiaPalmira
Ā 
Medical device security presentation - Frank Siepmann
Medical device security presentation - Frank SiepmannMedical device security presentation - Frank Siepmann
Medical device security presentation - Frank SiepmannFrank Siepmann
Ā 
CyberSecurity Medical Devices
CyberSecurity Medical DevicesCyberSecurity Medical Devices
CyberSecurity Medical DevicesSuresh Mandava
Ā 
[Wroclaw #6] Medical device security
[Wroclaw #6] Medical device security[Wroclaw #6] Medical device security
[Wroclaw #6] Medical device securityOWASP
Ā 
Cybersecurity in medical devices
Cybersecurity in medical devicesCybersecurity in medical devices
Cybersecurity in medical devicesSafisSolutions
Ā 
Collaborative Approaches for Medical Device & Healthcare Cybersecurity
Collaborative Approaches for Medical Device & Healthcare CybersecurityCollaborative Approaches for Medical Device & Healthcare Cybersecurity
Collaborative Approaches for Medical Device & Healthcare CybersecurityDr Dev Kambhampati
Ā 

Recommended

Patient Centric Cyber Monitoring with DocBox and Evolver
Patient Centric Cyber Monitoring with DocBox and EvolverPatient Centric Cyber Monitoring with DocBox and Evolver
Patient Centric Cyber Monitoring with DocBox and EvolverThe Security of Things Forum
Ā 
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011 Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011 shawn_merdinger
Ā 
Network Connected Medical Devices - A Case Study
Network Connected Medical Devices - A Case StudyNetwork Connected Medical Devices - A Case Study
Network Connected Medical Devices - A Case StudySophiaPalmira
Ā 
Medical device security presentation - Frank Siepmann
Medical device security presentation - Frank SiepmannMedical device security presentation - Frank Siepmann
Medical device security presentation - Frank SiepmannFrank Siepmann
Ā 
CyberSecurity Medical Devices
CyberSecurity Medical DevicesCyberSecurity Medical Devices
CyberSecurity Medical DevicesSuresh Mandava
Ā 
[Wroclaw #6] Medical device security
[Wroclaw #6] Medical device security[Wroclaw #6] Medical device security
[Wroclaw #6] Medical device securityOWASP
Ā 
Cybersecurity in medical devices
Cybersecurity in medical devicesCybersecurity in medical devices
Cybersecurity in medical devicesSafisSolutions
Ā 
Collaborative Approaches for Medical Device & Healthcare Cybersecurity
Collaborative Approaches for Medical Device & Healthcare CybersecurityCollaborative Approaches for Medical Device & Healthcare Cybersecurity
Collaborative Approaches for Medical Device & Healthcare CybersecurityDr Dev Kambhampati
Ā 
Security for Implantable Medical Devices (IMDs)
Security for Implantable Medical Devices (IMDs)Security for Implantable Medical Devices (IMDs)
Security for Implantable Medical Devices (IMDs)HCL Technologies
Ā 
Security for Healthcare Devices - Will Your Device Be Good Enough?
Security for Healthcare Devices - Will Your Device Be Good Enough?Security for Healthcare Devices - Will Your Device Be Good Enough?
Security for Healthcare Devices - Will Your Device Be Good Enough?Rio Valdes
Ā 
Medical device security_anirudh
Medical device security_anirudhMedical device security_anirudh
Medical device security_anirudhanirudh duggal
Ā 
Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...3GDR
Ā 
Securing the Healthcare Industry : Implantable Medical Devices
Securing the Healthcare Industry : Implantable Medical DevicesSecuring the Healthcare Industry : Implantable Medical Devices
Securing the Healthcare Industry : Implantable Medical DevicesTandhy Simanjuntak
Ā 
Killed by code 2015
Killed by code 2015Killed by code 2015
Killed by code 2015Flaskdata.io
Ā 
Security and Privacy in Implantable Medical Devices
Security and Privacy in Implantable Medical DevicesSecurity and Privacy in Implantable Medical Devices
Security and Privacy in Implantable Medical DevicesMichael Rushanan
Ā 
Embedded systems in biomedical applications
Embedded systems in biomedical applicationsEmbedded systems in biomedical applications
Embedded systems in biomedical applicationsSeminar Links
Ā 
Implantable medical devices
Implantable medical devicesImplantable medical devices
Implantable medical devicesNeeraj Verma
Ā 
IEC 80001 and Planning for Wi-Fi Capable Medical Devices
IEC 80001 and Planning for Wi-Fi Capable Medical DevicesIEC 80001 and Planning for Wi-Fi Capable Medical Devices
IEC 80001 and Planning for Wi-Fi Capable Medical DevicesAli Youssef
Ā 
Challenges and-opportunities-in-software-driven-medical-sciences
Challenges and-opportunities-in-software-driven-medical-sciencesChallenges and-opportunities-in-software-driven-medical-sciences
Challenges and-opportunities-in-software-driven-medical-sciencesPEPGRA Healthcare
Ā 
Healthcare cyber powerpoint
Healthcare cyber powerpointHealthcare cyber powerpoint
Healthcare cyber powerpointsafecities
Ā 
Design of Self-Learning System for Diagnosing Health Parameters using ANFIS
Design of Self-Learning System for Diagnosing Health Parameters using ANFISDesign of Self-Learning System for Diagnosing Health Parameters using ANFIS
Design of Self-Learning System for Diagnosing Health Parameters using ANFISIRJET Journal
Ā 
What You Need to Know About Intelligent Network Segmentation
What You Need to Know About Intelligent Network SegmentationWhat You Need to Know About Intelligent Network Segmentation
What You Need to Know About Intelligent Network SegmentationMedigate
Ā 
Ultra-Low Power, Secure IoT Platform for Predicting Cardiovascular Diseases
Ultra-Low Power, Secure IoT Platform for Predicting Cardiovascular DiseasesUltra-Low Power, Secure IoT Platform for Predicting Cardiovascular Diseases
Ultra-Low Power, Secure IoT Platform for Predicting Cardiovascular DiseasesBHAVANA KONERU
Ā 
The state of healthcare (ill)legality
The state of healthcare (ill)legalityThe state of healthcare (ill)legality
The state of healthcare (ill)legalityanirudh duggal
Ā 
Avaali-IOT HealthCare Applications
Avaali-IOT HealthCare ApplicationsAvaali-IOT HealthCare Applications
Avaali-IOT HealthCare ApplicationsAvaali Solutions
Ā 
PreScouter Internet of Medical Things: Industry Roundtable Webinar
PreScouter Internet of Medical Things: Industry Roundtable WebinarPreScouter Internet of Medical Things: Industry Roundtable Webinar
PreScouter Internet of Medical Things: Industry Roundtable WebinarPreScouter
Ā 
Capturing Data and Improving Outcomes for Humans and Machines Using the Inter...
Capturing Data and Improving Outcomes for Humans and Machines Using the Inter...Capturing Data and Improving Outcomes for Humans and Machines Using the Inter...
Capturing Data and Improving Outcomes for Humans and Machines Using the Inter...Altoros
Ā 
Proper Use of Tools
Proper Use of ToolsProper Use of Tools
Proper Use of ToolsMLG College of Learning, Inc
Ā 
Realtime embedded systems
Realtime embedded systemsRealtime embedded systems
Realtime embedded systemsFaisal Shehzad
Ā 
06.09.26.Handout
06.09.26.Handout06.09.26.Handout
06.09.26.HandoutMohammad Al-Ubaydli
Ā 

More Related Content

What's hot

Security for Implantable Medical Devices (IMDs)
Security for Implantable Medical Devices (IMDs)Security for Implantable Medical Devices (IMDs)
Security for Implantable Medical Devices (IMDs)HCL Technologies
Ā 
Security for Healthcare Devices - Will Your Device Be Good Enough?
Security for Healthcare Devices - Will Your Device Be Good Enough?Security for Healthcare Devices - Will Your Device Be Good Enough?
Security for Healthcare Devices - Will Your Device Be Good Enough?Rio Valdes
Ā 
Medical device security_anirudh
Medical device security_anirudhMedical device security_anirudh
Medical device security_anirudhanirudh duggal
Ā 
Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...3GDR
Ā 
Securing the Healthcare Industry : Implantable Medical Devices
Securing the Healthcare Industry : Implantable Medical DevicesSecuring the Healthcare Industry : Implantable Medical Devices
Securing the Healthcare Industry : Implantable Medical DevicesTandhy Simanjuntak
Ā 
Killed by code 2015
Killed by code 2015Killed by code 2015
Killed by code 2015Flaskdata.io
Ā 
Security and Privacy in Implantable Medical Devices
Security and Privacy in Implantable Medical DevicesSecurity and Privacy in Implantable Medical Devices
Security and Privacy in Implantable Medical DevicesMichael Rushanan
Ā 
Embedded systems in biomedical applications
Embedded systems in biomedical applicationsEmbedded systems in biomedical applications
Embedded systems in biomedical applicationsSeminar Links
Ā 
Implantable medical devices
Implantable medical devicesImplantable medical devices
Implantable medical devicesNeeraj Verma
Ā 
IEC 80001 and Planning for Wi-Fi Capable Medical Devices
IEC 80001 and Planning for Wi-Fi Capable Medical DevicesIEC 80001 and Planning for Wi-Fi Capable Medical Devices
IEC 80001 and Planning for Wi-Fi Capable Medical DevicesAli Youssef
Ā 
Challenges and-opportunities-in-software-driven-medical-sciences
Challenges and-opportunities-in-software-driven-medical-sciencesChallenges and-opportunities-in-software-driven-medical-sciences
Challenges and-opportunities-in-software-driven-medical-sciencesPEPGRA Healthcare
Ā 
Healthcare cyber powerpoint
Healthcare cyber powerpointHealthcare cyber powerpoint
Healthcare cyber powerpointsafecities
Ā 
Design of Self-Learning System for Diagnosing Health Parameters using ANFIS
Design of Self-Learning System for Diagnosing Health Parameters using ANFISDesign of Self-Learning System for Diagnosing Health Parameters using ANFIS
Design of Self-Learning System for Diagnosing Health Parameters using ANFISIRJET Journal
Ā 
What You Need to Know About Intelligent Network Segmentation
What You Need to Know About Intelligent Network SegmentationWhat You Need to Know About Intelligent Network Segmentation
What You Need to Know About Intelligent Network SegmentationMedigate
Ā 
Ultra-Low Power, Secure IoT Platform for Predicting Cardiovascular Diseases
Ultra-Low Power, Secure IoT Platform for Predicting Cardiovascular DiseasesUltra-Low Power, Secure IoT Platform for Predicting Cardiovascular Diseases
Ultra-Low Power, Secure IoT Platform for Predicting Cardiovascular DiseasesBHAVANA KONERU
Ā 
The state of healthcare (ill)legality
The state of healthcare (ill)legalityThe state of healthcare (ill)legality
The state of healthcare (ill)legalityanirudh duggal
Ā 
Avaali-IOT HealthCare Applications
Avaali-IOT HealthCare ApplicationsAvaali-IOT HealthCare Applications
Avaali-IOT HealthCare ApplicationsAvaali Solutions
Ā 
PreScouter Internet of Medical Things: Industry Roundtable Webinar
PreScouter Internet of Medical Things: Industry Roundtable WebinarPreScouter Internet of Medical Things: Industry Roundtable Webinar
PreScouter Internet of Medical Things: Industry Roundtable WebinarPreScouter
Ā 

What's hot (18)

Security for Implantable Medical Devices (IMDs)
Security for Implantable Medical Devices (IMDs)Security for Implantable Medical Devices (IMDs)
Security for Implantable Medical Devices (IMDs)
Ā 
Security for Healthcare Devices - Will Your Device Be Good Enough?
Security for Healthcare Devices - Will Your Device Be Good Enough?Security for Healthcare Devices - Will Your Device Be Good Enough?
Security for Healthcare Devices - Will Your Device Be Good Enough?
Ā 
Medical device security_anirudh
Medical device security_anirudhMedical device security_anirudh
Medical device security_anirudh
Ā 
Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...
Ā 
Securing the Healthcare Industry : Implantable Medical Devices
Securing the Healthcare Industry : Implantable Medical DevicesSecuring the Healthcare Industry : Implantable Medical Devices
Securing the Healthcare Industry : Implantable Medical Devices
Ā 
Killed by code 2015
Killed by code 2015Killed by code 2015
Killed by code 2015
Ā 
Security and Privacy in Implantable Medical Devices
Security and Privacy in Implantable Medical DevicesSecurity and Privacy in Implantable Medical Devices
Security and Privacy in Implantable Medical Devices
Ā 
Embedded systems in biomedical applications
Embedded systems in biomedical applicationsEmbedded systems in biomedical applications
Embedded systems in biomedical applications
Ā 
Implantable medical devices
Implantable medical devicesImplantable medical devices
Implantable medical devices
Ā 
IEC 80001 and Planning for Wi-Fi Capable Medical Devices
IEC 80001 and Planning for Wi-Fi Capable Medical DevicesIEC 80001 and Planning for Wi-Fi Capable Medical Devices
IEC 80001 and Planning for Wi-Fi Capable Medical Devices
Ā 
Challenges and-opportunities-in-software-driven-medical-sciences
Challenges and-opportunities-in-software-driven-medical-sciencesChallenges and-opportunities-in-software-driven-medical-sciences
Challenges and-opportunities-in-software-driven-medical-sciences
Ā 
Healthcare cyber powerpoint
Healthcare cyber powerpointHealthcare cyber powerpoint
Healthcare cyber powerpoint
Ā 
Design of Self-Learning System for Diagnosing Health Parameters using ANFIS
Design of Self-Learning System for Diagnosing Health Parameters using ANFISDesign of Self-Learning System for Diagnosing Health Parameters using ANFIS
Design of Self-Learning System for Diagnosing Health Parameters using ANFIS
Ā 
What You Need to Know About Intelligent Network Segmentation
What You Need to Know About Intelligent Network SegmentationWhat You Need to Know About Intelligent Network Segmentation
What You Need to Know About Intelligent Network Segmentation
Ā 
Ultra-Low Power, Secure IoT Platform for Predicting Cardiovascular Diseases
Ultra-Low Power, Secure IoT Platform for Predicting Cardiovascular DiseasesUltra-Low Power, Secure IoT Platform for Predicting Cardiovascular Diseases
Ultra-Low Power, Secure IoT Platform for Predicting Cardiovascular Diseases
Ā 
The state of healthcare (ill)legality
The state of healthcare (ill)legalityThe state of healthcare (ill)legality
The state of healthcare (ill)legality
Ā 
Avaali-IOT HealthCare Applications
Avaali-IOT HealthCare ApplicationsAvaali-IOT HealthCare Applications
Avaali-IOT HealthCare Applications
Ā 
PreScouter Internet of Medical Things: Industry Roundtable Webinar
PreScouter Internet of Medical Things: Industry Roundtable WebinarPreScouter Internet of Medical Things: Industry Roundtable Webinar
PreScouter Internet of Medical Things: Industry Roundtable Webinar
Ā 

Similar to The Harsh Reality of Slow Movers

Capturing Data and Improving Outcomes for Humans and Machines Using the Inter...
Capturing Data and Improving Outcomes for Humans and Machines Using the Inter...Capturing Data and Improving Outcomes for Humans and Machines Using the Inter...
Capturing Data and Improving Outcomes for Humans and Machines Using the Inter...Altoros
Ā 
Realtime embedded systems
Realtime embedded systemsRealtime embedded systems
Realtime embedded systemsFaisal Shehzad
Ā 
IOT_BASED_PATIENT_MONITORING_SYSTEM_Anan.docx
IOT_BASED_PATIENT_MONITORING_SYSTEM_Anan.docxIOT_BASED_PATIENT_MONITORING_SYSTEM_Anan.docx
IOT_BASED_PATIENT_MONITORING_SYSTEM_Anan.docxhashelectrolabs
Ā 
IOT BASED HEALTH MONITORING BY USING PULSE OXIMETER AND ECG
IOT BASED HEALTH MONITORING BY USING PULSE OXIMETER AND ECGIOT BASED HEALTH MONITORING BY USING PULSE OXIMETER AND ECG
IOT BASED HEALTH MONITORING BY USING PULSE OXIMETER AND ECGPonselvanV
Ā 
Maintain Peace of Mind 24/7 with Lab Monitoring and Alerting
Maintain Peace of Mind 24/7 with Lab Monitoring and AlertingMaintain Peace of Mind 24/7 with Lab Monitoring and Alerting
Maintain Peace of Mind 24/7 with Lab Monitoring and AlertingElemental Machines
Ā 
Emergency Tracking System for Women using Body Sensors Via Wrist Watches usin...
Emergency Tracking System for Women using Body Sensors Via Wrist Watches usin...Emergency Tracking System for Women using Body Sensors Via Wrist Watches usin...
Emergency Tracking System for Women using Body Sensors Via Wrist Watches usin...IRJET Journal
Ā 
ATM System using Augmented Reality Technology
ATM System using Augmented Reality TechnologyATM System using Augmented Reality Technology
ATM System using Augmented Reality TechnologyIRJET Journal
Ā 
Securing IoT medical devices
Securing IoT medical devicesSecuring IoT medical devices
Securing IoT medical devicesBenjamin Biwer
Ā 
14983184 industrial-security-system-using-auto-dialer
14983184 industrial-security-system-using-auto-dialer14983184 industrial-security-system-using-auto-dialer
14983184 industrial-security-system-using-auto-dialera_subramaniyam
Ā 
Vivek_Presentation1.pptx
Vivek_Presentation1.pptxVivek_Presentation1.pptx
Vivek_Presentation1.pptxVishalLabde
Ā 
Android Based Patient Health Monitoring System
Android Based Patient Health Monitoring SystemAndroid Based Patient Health Monitoring System
Android Based Patient Health Monitoring SystemIRJET Journal
Ā 
Introduction to Random NumbersRandom numbers are extremely impor.docx
Introduction to Random NumbersRandom numbers are extremely impor.docxIntroduction to Random NumbersRandom numbers are extremely impor.docx
Introduction to Random NumbersRandom numbers are extremely impor.docxvrickens
Ā 
Wearable Electronic Medical Devices: What Fails & Why?
Wearable Electronic Medical Devices: What Fails & Why?Wearable Electronic Medical Devices: What Fails & Why?
Wearable Electronic Medical Devices: What Fails & Why?Cheryl Tulkoff
Ā 
ealth Monitoring System in Emergency Using IoT: A Review
ealth Monitoring System in Emergency Using IoT: A Reviewealth Monitoring System in Emergency Using IoT: A Review
ealth Monitoring System in Emergency Using IoT: A ReviewIRJET Journal
Ā 
IRJET-Design of Automatic Smart Medication Dispenser
IRJET-Design of Automatic Smart Medication DispenserIRJET-Design of Automatic Smart Medication Dispenser
IRJET-Design of Automatic Smart Medication DispenserIRJET Journal
Ā 

Similar to The Harsh Reality of Slow Movers (20)

Capturing Data and Improving Outcomes for Humans and Machines Using the Inter...
Capturing Data and Improving Outcomes for Humans and Machines Using the Inter...Capturing Data and Improving Outcomes for Humans and Machines Using the Inter...
Capturing Data and Improving Outcomes for Humans and Machines Using the Inter...
Ā 
Proper Use of Tools
Proper Use of ToolsProper Use of Tools
Proper Use of Tools
Ā 
Realtime embedded systems
Realtime embedded systemsRealtime embedded systems
Realtime embedded systems
Ā 
06.09.26.Handout
06.09.26.Handout06.09.26.Handout
06.09.26.Handout
Ā 
IOT_BASED_PATIENT_MONITORING_SYSTEM_Anan.docx
IOT_BASED_PATIENT_MONITORING_SYSTEM_Anan.docxIOT_BASED_PATIENT_MONITORING_SYSTEM_Anan.docx
IOT_BASED_PATIENT_MONITORING_SYSTEM_Anan.docx
Ā 
IOT BASED HEALTH MONITORING BY USING PULSE OXIMETER AND ECG
IOT BASED HEALTH MONITORING BY USING PULSE OXIMETER AND ECGIOT BASED HEALTH MONITORING BY USING PULSE OXIMETER AND ECG
IOT BASED HEALTH MONITORING BY USING PULSE OXIMETER AND ECG
Ā 
Presentation
PresentationPresentation
Presentation
Ā 
Maintain Peace of Mind 24/7 with Lab Monitoring and Alerting
Maintain Peace of Mind 24/7 with Lab Monitoring and AlertingMaintain Peace of Mind 24/7 with Lab Monitoring and Alerting
Maintain Peace of Mind 24/7 with Lab Monitoring and Alerting
Ā 
Emergency Tracking System for Women using Body Sensors Via Wrist Watches usin...
Emergency Tracking System for Women using Body Sensors Via Wrist Watches usin...Emergency Tracking System for Women using Body Sensors Via Wrist Watches usin...
Emergency Tracking System for Women using Body Sensors Via Wrist Watches usin...
Ā 
ATM System using Augmented Reality Technology
ATM System using Augmented Reality TechnologyATM System using Augmented Reality Technology
ATM System using Augmented Reality Technology
Ā 
Ch2 Presentation
Ch2 PresentationCh2 Presentation
Ch2 Presentation
Ā 
Securing IoT medical devices
Securing IoT medical devicesSecuring IoT medical devices
Securing IoT medical devices
Ā 
14983184 industrial-security-system-using-auto-dialer
14983184 industrial-security-system-using-auto-dialer14983184 industrial-security-system-using-auto-dialer
14983184 industrial-security-system-using-auto-dialer
Ā 
Vivek_Presentation1.pptx
Vivek_Presentation1.pptxVivek_Presentation1.pptx
Vivek_Presentation1.pptx
Ā 
Android Based Patient Health Monitoring System
Android Based Patient Health Monitoring SystemAndroid Based Patient Health Monitoring System
Android Based Patient Health Monitoring System
Ā 
Introduction to Random NumbersRandom numbers are extremely impor.docx
Introduction to Random NumbersRandom numbers are extremely impor.docxIntroduction to Random NumbersRandom numbers are extremely impor.docx
Introduction to Random NumbersRandom numbers are extremely impor.docx
Ā 
Wearable Electronic Medical Devices: What Fails & Why?
Wearable Electronic Medical Devices: What Fails & Why?Wearable Electronic Medical Devices: What Fails & Why?
Wearable Electronic Medical Devices: What Fails & Why?
Ā 
06.09.26.Handout
06.09.26.Handout06.09.26.Handout
06.09.26.Handout
Ā 
ealth Monitoring System in Emergency Using IoT: A Review
ealth Monitoring System in Emergency Using IoT: A Reviewealth Monitoring System in Emergency Using IoT: A Review
ealth Monitoring System in Emergency Using IoT: A Review
Ā 
IRJET-Design of Automatic Smart Medication Dispenser
IRJET-Design of Automatic Smart Medication DispenserIRJET-Design of Automatic Smart Medication Dispenser
IRJET-Design of Automatic Smart Medication Dispenser
Ā 

Recently uploaded

Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
Ā 
FULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | DelhiFULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | Delhisoniya singh
Ā 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
Ā 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
Ā 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
Ā 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
Ā 
Swan(sea) Song ā€“ personal research during my six years at Swansea ... and bey...
Swan(sea) Song ā€“ personal research during my six years at Swansea ... and bey...Swan(sea) Song ā€“ personal research during my six years at Swansea ... and bey...
Swan(sea) Song ā€“ personal research during my six years at Swansea ... and bey...Alan Dix
Ā 
Scaling API-first ā€“ The story of a global engineering organization
Scaling API-first ā€“ The story of a global engineering organizationScaling API-first ā€“ The story of a global engineering organization
Scaling API-first ā€“ The story of a global engineering organizationRadu Cotescu
Ā 
WhatsApp 9892124323 āœ“Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 āœ“Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 āœ“Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 āœ“Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
Ā 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
Ā 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
Ā 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
Ā 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
Ā 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
Ā 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
Ā 
Transcript: #StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024BookNet Canada
Ā 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
Ā 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
Ā 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
Ā 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
Ā 

Recently uploaded (20)

Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
Ā 
FULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | DelhiFULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY šŸ” 8264348440 šŸ” Call Girls in Diplomatic Enclave | Delhi
Ā 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
Ā 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Ā 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
Ā 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Ā 
Swan(sea) Song ā€“ personal research during my six years at Swansea ... and bey...
Swan(sea) Song ā€“ personal research during my six years at Swansea ... and bey...Swan(sea) Song ā€“ personal research during my six years at Swansea ... and bey...
Swan(sea) Song ā€“ personal research during my six years at Swansea ... and bey...
Ā 
Scaling API-first ā€“ The story of a global engineering organization
Scaling API-first ā€“ The story of a global engineering organizationScaling API-first ā€“ The story of a global engineering organization
Scaling API-first ā€“ The story of a global engineering organization
Ā 
WhatsApp 9892124323 āœ“Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 āœ“Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 āœ“Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 āœ“Call Girls In Kalyan ( Mumbai ) secure service
Ā 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Ā 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Ā 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
Ā 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Ā 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
Ā 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
Ā 
Transcript: #StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: Whatā€™s new for BISAC - Tech Forum 2024
Ā 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Ā 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
Ā 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
Ā 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Ā 

The Harsh Reality of Slow Movers

  • 1. ā˜¤ TM Not So Fast! The Harsh Reality of Slow Movers Ben Ransford, Ph.D.Virta Laboratories, Inc.ben@virtalabs.com @secthings 2015
  • 2. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM ā€“George Santayana, The Life of Reason vol. 1 ā€œThose who cannot remember the past are condemned to repeat it.ā€ 2
  • 3. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Outline ā€¢ Medical-device security: a cautionary tale ā€¢ Lessons for IoT ā€¢ Outside-the-box anomaly/malware detection 3
  • 4. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Amazing devices! 4 1957 Photos: Medtronic, Computer History Museum
  • 5. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Amazing devices! 5 Therac-25 (ca. 1980s) Photo: SIUE
  • 6. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Amazing devices! 6 EFIBRILLATOR (AED) W mated external deļ¬brillators ntessential software-based ty. The term deļ¬brillator that use large electrical that might otherwise lead e divided into two types: types of deļ¬brillators treat adically different in design lowing analogy: implanted s external deļ¬brillators are er are prescribed and tuned er are available for general two further classiļ¬cations automated. Trained health external deļ¬brillators to . Our work analyzes the eļ¬brillators (AEDs) that a g may use to treat a more rdiac arrhythmias such as Fig. 1. The Cardiac Science G3 Plus exploited to install our custom ļ¬rmware. The AED displays DEVICE COMPROMISED. administered can be 150-300 Joules, which can be administered multiple times on one battery before the device requires a External Deļ¬brillator (1985ā€“) Photo: Steve Hanna et al., ā€œTake Two Software Updates and See Me in the Morningā€¦ā€, USENIX HealthTech 2011
  • 7. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Amazing devices! 7 Patient monitor Infusion pump Photos: Philips, Hospira, The Register/Medtronic Insulin pump
  • 8. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Amazing devices! 8 2003ā€Ø pacemaker 2013ā€Ø pacemaker prototype Photos: Ben Ransford; Medtronic
  • 9. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM What Could Go Wrong? ā€¢ Increasing software dependence ā€¢ Increasing software complexity ā€¢ Deeper integration with medical records, hospital IT, patientsā€™ homes & bodies ā€¢ 1980s: 6% of recalls due to software* ā€¢ 2005ā€“9: 18% of recalls due to software* 9 * Hanna et al., HealthTech 2011
  • 10. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Amazing harmful devices! 10 Therac-25 (ca. 1980s, recalled 1987) Photo: SIUE
  • 11. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Amazing open devices! 11 EFIBRILLATOR (AED) W mated external deļ¬brillators ntessential software-based ty. The term deļ¬brillator that use large electrical that might otherwise lead e divided into two types: types of deļ¬brillators treat adically different in design lowing analogy: implanted s external deļ¬brillators are er are prescribed and tuned er are available for general two further classiļ¬cations automated. Trained health external deļ¬brillators to . Our work analyzes the eļ¬brillators (AEDs) that a g may use to treat a more rdiac arrhythmias such as Fig. 1. The Cardiac Science G3 Plus exploited to install our custom ļ¬rmware. The AED displays DEVICE COMPROMISED. administered can be 150-300 Joules, which can be administered multiple times on one battery before the device requires a External Deļ¬brillator (1985ā€“) Photos: Hanna et al., ā€œTake Two Software Updates and See Me in the Morningā€¦ā€, USENIX HealthTech 2011 return address is checked, which allows us to redirect progra ļ¬‚ow into arbitrary code. Fig. 2. AEDUpdate buffer overļ¬‚ow. Executed code includes a message b showing the potential ļ¬‚ow of the vulnerability from the AED (if the ļ¬rmw were replaced) to the software.
  • 12. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 2008: šŸ˜ŗā‡ šŸ‘œ ā€¢ Academic study of an implantable deļ¬brillator (IEEE S&P ā€˜08) ā€¢ Focused security community on medical devicesā€¦ oopsie! 12 Photos: Medtronic, Ben Ransford
  • 13. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 13 ā€¢ No authentication ā€¢ No encryption ā€¢ Unauthorized shocks Photos: Ben Ransford
  • 14. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 2009ā€“2011 ā€¢ Insulin pump & deļ¬brillator hacks (Barnaby Jack, J. Radcliļ¬€e, others) ā€¢ No authentication ā€¢ Unauthorized bolus 14 Photo: The Register/Medtronic
  • 15. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Wall Street Journal, June 2013, on a catheterization lab shut down by malware ā€œ...records show that malware had infected computer equipment needed for procedures to open blocked arteries after heart attacks.ā€ 15 2013
  • 16. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 2013 ā€¢ Pharmaceutical compounder (HealthTech ā€™13) ā€¢ Must be on network, patching forbidden 16 Photo: Ben Ransford
  • 17. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 17 Photo: Ohemaa's MD Major hospitals say: 3ā€“5 years: >90% of medical devices will be on the network
  • 18. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Lessons for IoT! 18
  • 19. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM A RECIPE FOR SUCCESS 19
  • 20. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Donā€™t Patch the OS ā€¢ Microsoft has ļ¬gured out Windows security by now ā€¢ The Linux kernel is perfect, always works ā€¢ ā€œAlternativeā€ OSes wonā€™t be targeted 20
  • 21. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Donā€™t Patch Libraries ā€¢ You wrote all of the deviceā€™s code & libraries ā€¢ No need to update OpenSSL, PHP, Apache, etc. 21
  • 22. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Use Default Secrets ā€¢ Use default passwords whenever possible ā€¢ Make passwords diļ¬ƒcult to change ā€¢ Ship master keys w/ devices ā€¢ Hard-code credentials 22
  • 23. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Be Very Liberal in What You Accept ā€¢ Download software via insecure channels ā€¢ Donā€™t cryptographically sign software ā€¢ Itā€™s probably ļ¬ne ā€¢ Who would tamper with ļ¬rmware? ā€¢ Anyway tampering is illegal 23 II. AUTOMATED EXTERNAL DEFIBRILLATOR (AED) OVERVIEW In this section, we introduce automated external deļ¬brillators and discuss why they represent a quintessential software-based medical device to investigate security. The term deļ¬brillator refers to a broad class of devices that use large electrical shocks to treat cardiac arrhythmias that might otherwise lead to a fatal outcome. Deļ¬brillators are divided into two types: implantable or external. While both types of deļ¬brillators treat cardiac arrhythmias, the devices are radically different in design and purpose. One could draw the following analogy: implanted deļ¬brillators are to mobile phones as external deļ¬brillators are to public phone call boxes. The former are prescribed and tuned to a particular person whereas the latter are available for general use when you can ļ¬nd one. There are two further classiļ¬cations of external deļ¬brillators: manual or automated. Trained health care professionals may use manual external deļ¬brillators to treat a wide range of arrhythmias. Our work analyzes the second class: automated external deļ¬brillators (AEDs) that a person with limited medical training may use to treat a more limited (but common) number of cardiac arrhythmias such as ventricular ļ¬brillation. Fig. 1. The Cardiac Science G3 Plus exploited to install our custom ļ¬rmware. The AED displays DEVICE COMPROMISED. administered can be 150-300 Joules, which can be administered Photo: Steve Hanna et al., ā€œTake Two Software Updates and See Me in the Morningā€¦ā€, USENIX HealthTech 2011
  • 24. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Obscurity == Security ā€¢ Nobody will scan your devices ā€¢ Nobody will obtain your ļ¬rmware via JTAG ā€¢ Compilation is the same as encryption ā€¢ Leave a network port open for ā€œdebuggingā€ 24 Photo: Dotmed
  • 25. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 25 VOILƀ!
  • 26. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Deep Integration ā†’ Fixity ā€¢ Once something works, donā€™t want to touch it ā€¢ Sometimes replacement is really hard ā€¢ Environment changes ā†’ threats change too 26 Major surgery,ā€Ø ~10yr battery Photo: Ben Ransford
  • 27. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM IoT and Slow Movers ā€¢ You want integration + customer dependence? ā€¢ All bets are oļ¬€ once a Thing is deployed ā€¢ Customers will depend on your old/stale code ā€¢ Customers will depend on your old URLs ā€¢ You think you know how customers will use your product, but you donā€™t ā€¢ Optimize products & processes for patchability 27
  • 28. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM The Mess Weā€™re In ā€¢ Major healthcare breaches afoot (Anthem: 80M!) ā€¢ Attackers roost on systems that wonā€™t get patched (TrapX ā€œMedjackā€ report) ā€¢ Backward thinking about patching ā€¢ Perimeter security is not a solution ā€¢ ā€œEndpoint securityā€ vendors ignore medical devices (as they ignore Things) 28
  • 29. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 29
  • 30. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Outside the Box ā€¢ Nonintrusive monitoring ā€¢ No software installation ā€¢ Devices stay in service ā€¢ Use the power side channel to infer tasks, detect unusual behavior incl. malware 30 (In beta!) Photo: Ben Ransford/Virta Labs
  • 31. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 31 Photo: Atomic Toasters
  • 32. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 32
  • 33. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Current Consumption Varies ā€¢ Todayā€™s CPUs and software are careful to use power management! ā€¢ Modern systems exhibit high dynamic range ā€¢ Workloads āžž patterns of high/low ā€¢ CPU busy āžž more current ā€¢ Peripherals busy āžž more current ā€¢ Idle time āžž less current 33 Image: Apple
  • 34. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Learning from Analog Data ā€¢ Collect data during representative activity ā€¢ Constantly collect power signals ā€¢ Featurize signals, feed features to machine learning ā€¢ Feed analysis results back to customers ā€¢ Crowdsource problems across customers 34
  • 35. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Qā€™s We Can A ā€¢ What state is the device in? Have we seen this state before? ā€¢ Does the device have certain kinds of malware? ā€¢ How fast is it doing its work? 35
  • 36. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM 36 VIRTA LABORATORIES UNKNOWN MALWARE
  • 37. Not So Fast! @secthings 2015 Ā© ben@virtalabs.com TM Takeaways ā€¢ For IoT manufacturers: Recognize security debt, plan for long lifecycle ā€¢ For users: Insist on coherent patching strategies that have a time dimension ā€¢ For security researchers: Roll up sleevesā€Ø ā€Ø ā€Ø Twitter: @virtalabs / @br_ā€Ø Beta program: https://www.virtalabs.com/ 37