IMDfence: Architecting a Secure Protocol for Implantable Medical Devices
Over the past decade, focus on the security and privacy aspects of implantable medical devices (IMDs) has intensified, driven by the multitude of cybersecurity vulnerabilities found in various existing devices. However, due to their strict computational, energy and physical constraints, conventional...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
IEEE
2020-01-01
|
Series: | IEEE Access |
Subjects: | |
Online Access: | https://ieeexplore.ieee.org/document/9165063/ |
id |
doaj-fd8288270ed5453aa8e2cae53d581205 |
---|---|
record_format |
Article |
spelling |
doaj-fd8288270ed5453aa8e2cae53d5812052021-03-30T01:57:56ZengIEEEIEEE Access2169-35362020-01-01814794814796410.1109/ACCESS.2020.30156869165063IMDfence: Architecting a Secure Protocol for Implantable Medical DevicesMuhammad Ali Siddiqi0https://orcid.org/0000-0002-8554-7077Christian Doerr1Christos Strydis2https://orcid.org/0000-0002-0935-9322Department of Neuroscience, Erasmus Medical Center, Rotterdam, CN, The NetherlandsCyber Threat Intelligence Laboratory, Hasso Plattner Institute, University of Potsdam, Potsdam, GermanyDepartment of Neuroscience, Erasmus Medical Center, Rotterdam, CN, The NetherlandsOver the past decade, focus on the security and privacy aspects of implantable medical devices (IMDs) has intensified, driven by the multitude of cybersecurity vulnerabilities found in various existing devices. However, due to their strict computational, energy and physical constraints, conventional security protocols are not directly applicable to IMDs. Custom-tailored schemes have been proposed instead which, however, fail to cover the full spectrum of security features that modern IMDs and their ecosystems so critically require. In this paper we propose IMDfence, a security protocol for IMD ecosystems that provides a comprehensive yet practical security portfolio, which includes availability, non-repudiation, access control, entity authentication, remote monitoring and system scalability. The protocol also allows emergency access that results in the graceful degradation of offered services without compromising security and patient safety. The performance of the security protocol as well as its feasibility and impact on modern IMDs are extensively analyzed and evaluated. We find that IMDfence achieves the above security requirements at a mere less than 7% increase in total IMD energy consumption, and less than 14 ms and 9 kB increase in system delay and memory footprint, respectively.https://ieeexplore.ieee.org/document/9165063/Authentication protocolbattery-depletion attackbattery DoSdenial-of-service attackIMDimplantable medical device |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Muhammad Ali Siddiqi Christian Doerr Christos Strydis |
spellingShingle |
Muhammad Ali Siddiqi Christian Doerr Christos Strydis IMDfence: Architecting a Secure Protocol for Implantable Medical Devices IEEE Access Authentication protocol battery-depletion attack battery DoS denial-of-service attack IMD implantable medical device |
author_facet |
Muhammad Ali Siddiqi Christian Doerr Christos Strydis |
author_sort |
Muhammad Ali Siddiqi |
title |
IMDfence: Architecting a Secure Protocol for Implantable Medical Devices |
title_short |
IMDfence: Architecting a Secure Protocol for Implantable Medical Devices |
title_full |
IMDfence: Architecting a Secure Protocol for Implantable Medical Devices |
title_fullStr |
IMDfence: Architecting a Secure Protocol for Implantable Medical Devices |
title_full_unstemmed |
IMDfence: Architecting a Secure Protocol for Implantable Medical Devices |
title_sort |
imdfence: architecting a secure protocol for implantable medical devices |
publisher |
IEEE |
series |
IEEE Access |
issn |
2169-3536 |
publishDate |
2020-01-01 |
description |
Over the past decade, focus on the security and privacy aspects of implantable medical devices (IMDs) has intensified, driven by the multitude of cybersecurity vulnerabilities found in various existing devices. However, due to their strict computational, energy and physical constraints, conventional security protocols are not directly applicable to IMDs. Custom-tailored schemes have been proposed instead which, however, fail to cover the full spectrum of security features that modern IMDs and their ecosystems so critically require. In this paper we propose IMDfence, a security protocol for IMD ecosystems that provides a comprehensive yet practical security portfolio, which includes availability, non-repudiation, access control, entity authentication, remote monitoring and system scalability. The protocol also allows emergency access that results in the graceful degradation of offered services without compromising security and patient safety. The performance of the security protocol as well as its feasibility and impact on modern IMDs are extensively analyzed and evaluated. We find that IMDfence achieves the above security requirements at a mere less than 7% increase in total IMD energy consumption, and less than 14 ms and 9 kB increase in system delay and memory footprint, respectively. |
topic |
Authentication protocol battery-depletion attack battery DoS denial-of-service attack IMD implantable medical device |
url |
https://ieeexplore.ieee.org/document/9165063/ |
work_keys_str_mv |
AT muhammadalisiddiqi imdfencearchitectingasecureprotocolforimplantablemedicaldevices AT christiandoerr imdfencearchitectingasecureprotocolforimplantablemedicaldevices AT christosstrydis imdfencearchitectingasecureprotocolforimplantablemedicaldevices |
_version_ |
1724186176452034560 |