Medical devices have been transformed from standalone to fully connected devices that provide an end-to-end service. There is a real opportunity to improve security, not only for safety, but to unlock the patient benefits and enhanced functionality.
In 2017 a vulnerability was discovered in an implantable cardiac pacemaker that could allow an attacker to control the device. The US Food and Drugs Agency (FDA) has issued three further safety communications after security vulnerabilities were discovered in insulin pumps and implantable cardiac devices, and a vulnerability was found in the software component, IPNet, used in safety critical operating systems such as VxWorks.
In the UK, the WannaCry ransom-ware attack on the NHS in 2017 underlined the implications of cybersecurity threats to medical systems.
Design security architecture
Considering security during the development process safeguards the design and also reduces development and manufacture costs.
Connecting anything to the internet carries inherent risks. Implementing frameworks such as the Common Criteria, and following guidelines and advice, such as the UK’s National Cyber Security Centre (NCSC) Secure Development and Deployment Guidance can help to define processes and goals for a device’s security architecture.
An attack may not compromise any data but could still reduce quality of service. This is particularly important when functionality relies upon infrastructure or services maintained by others.
Developing encryption requires rigorous test and verification, yetSoC-based products may mean that creating a bespoke solution is unnecessary. Microchip, Maxim and NXP are just a few of the companies offering an off-the-shelf secure coprocessor-based hardware solution.
Partnering with established cloud providers, such as Amazon, Microsoft, IBM and Google, also offers an opportunity to access cloud services, software to support remote device authentication and reporting and management functions.
Once the design is complete, tools such as penetration testing will help to highlight any weaknesses. No solution is completely secure, so mitigation strategies, such as maintenance updates, must be designed into the architecture.
The British Medical Journal found that there was an increase in the number of FDA submissions for devices containing software, from 10% in 2002 to around 18% in 2016. The number of submissions that specifically mention cyber security measures rose from 1% to over 5% in the same period.
We expect this trend to continue with the increasing development of machine learning, data science and algorithm development.
The broader security implications for devices range from the increased attack surface through to the security of the data. There are regulatory requirements to consider (such as HIPAA in the US and GDPR in Europe) for processing and sharing clinical data, as well as how the device will be used and maintained by the healthcare provider.
To unlock the potential of a true real time data driven approach, direct-to-cloud connectivity is an attractive architecture, but existing Bluetooth Low Energy or Wi-Fi solutions that rely upon a user installing an application on devices will not meet this need. Wide area network (WAN) telecommunications technologies, such as LTE-M and NB-IoT, are interesting for applications that can bear the cost.
There is likely to be increasing focus in forthcoming communications standards on low cost, low latency channels to allow for a more frictionless experience for users.
While communication technology continues to evolve, edge computing will be a key enabling technology that will drive innovation in medical devices in the short to medium term. It will allow data processing to support enhanced clinical diagnostics and device manufacturers to gather data for research and offer more advanced assistive technologies.
Companies like Arm continue to invest and develop products that offer improved hardware acceleration for data processing and more seamless integrated workflows with machine learning tools like TensorFlow and Caffe.
Hardware engineers need to consider the careful balance between system functionality, complexity and the effort required for verification and validation. Given the evolving nature of security threats it makes sense to shift to a service provision model.
Methodologies like DevSecOps and the tools and technologies that support them will find a place in medical service architectures of the future.
It is an exciting time to be working in healthcare and medical device development as we drive towards smarter diagnostics tools and more personalised medicine. Device security will be crucial in improving interconnectivity.
Adam Pledger is medical electronics expert and Sophie Mear is security expert, both at PA Consulting