Securing Pacemakers using Runtime Monitors over Physiological Signals-Reference-Cited by-同舟云学术

Securing Pacemakers using Runtime Monitors over Physiological Signals

Published:2024-01-06 Issue: Volume: Page:
ISSN:1539-9087
Container-title:ACM Transactions on Embedded Computing Systems
language:en
Short-container-title:ACM Trans. Embed. Comput. Syst.

Author:

Panda Abhinandan¹,Pinisetty Srinivas¹,Roop Partha²

Affiliation:

1. Indian Institute of Technology Bhubaneswar, India

2. University of Auckland, New Zealand

Abstract

Wearable and implantable medical devices (IMDs) are increasingly deployed to diagnose, monitor, and provide therapy for critical medical conditions. Such medical devices are safety-critical cyber-physical systems (CPSs). These systems support wireless features introducing potential security vulnerabilities. Although these devices undergo rigorous safety certification processes, runtime security attacks are inevitable. Based on published literature, IMDs such as pacemakers and insulin infusion systems can be remotely controlled to inject deadly electric shocks and excess insulin, posing a threat to a patient’s life. While prior works based on formal methods have been proposed to detect potential attack vectors using different forms of static analysis, these have limitations in preventing attacks at runtime. This paper discusses a formal framework for detecting cyber-physical attacks on a pacemaker by monitoring its security policies at runtime. We propose a wearable device that senses the Electrocardiogram (ECG) and Photoplethysmogram (PPG) of the body to detect attacks in a pacemaker. To facilitate the design of this device, we map the security policies of a pacemaker w.r.t ECG and PPG, paving the way for designing formal verification monitors for pacemakers for the first time using multiple physiological signals. The proposed monitoring framework allows the synthesis of parallel monitors from a given set of desired security policies, where all the monitors execute concurrently and generate an alarm to the user in the case of policy violation. Our implementation and the performance evaluation results demonstrate the technical feasibility of designing such a wearable device for attack detection in pacemakers. This device is separate from the pacemaker, ensuring no need for re-certification of pacemakers. Our approach is amenable to the application of security patches when new attack vectors are detected, making the approach ideal for runtime monitoring of medical CPSs.

Publisher

Association for Computing Machinery (ACM)

Link

https://dl.acm.org/doi/pdf/10.1145/3638286

Reference49 articles.

1. Rajeev Alur and David L Dill . 1994. A theory of timed automata. Theoretical computer science 126, 2 ( 1994 ), 183–235. Rajeev Alur and David L Dill. 1994. A theory of timed automata. Theoretical computer science 126, 2 (1994), 183–235.

2. The relationship between the photoplethysmographic waveform and systemic vascular resistance

3. Adrian Baranchuk , Marwan M Refaat , Kristen K Patton , Mina K Chung , Kousik Krishnan , Valentina Kutyifa , Gaurav Upadhyay , John D Fisher , Dhanunjaya R Lakkireddy , American College of Cardiology, et al . 2018 . Cybersecurity for cardiac implantable electronic devices: what should you know?Journal of the American College of Cardiology 71, 11(2018), 1284–1288. Adrian Baranchuk, Marwan M Refaat, Kristen K Patton, Mina K Chung, Kousik Krishnan, Valentina Kutyifa, Gaurav Upadhyay, John D Fisher, Dhanunjaya R Lakkireddy, American College of Cardiology, et al. 2018. Cybersecurity for cardiac implantable electronic devices: what should you know?Journal of the American College of Cardiology 71, 11(2018), 1284–1288.

4. S Serge Barold , Roland X Stroobandt , and Alfons F Sinnaeve . 2008. Cardiac Pacemakers step by step: An illustrated guide . John Wiley & Sons . S Serge Barold, Roland X Stroobandt, and Alfons F Sinnaeve. 2008. Cardiac Pacemakers step by step: An illustrated guide. John Wiley & Sons.

5. Runtime Verification for LTL and TLTL

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Quantum-Blockchain Healthcare System for Invasive and No-Invasive-IoMT Data;Lecture Notes in Computer Science;2024