Securing health care devices
Implantable medical devices such insulin pumps and pacemakers that connect to Wi-Fi but don’t have security features are susceptible to hacking. While companies are addressing the cybersecurity of devices such as smart watches and other smart devices that are quickly becoming ubiquitous in our homes, very few teams are working on the problem of security as it relates to wearable and implantable medical devices. Saraju Mohanty, professor of computer science and engineering at UNT, realizing the void of research in The Internet of Medical Things (IoMT), decided to do something about it.
“If a credit card database is hacked or a bank account is compromised, the problem can be corrected. But if a hacker breaks into a Wi-Fi enabled implantable device like a pacemaker and drains the battery, then complicated life-threatening surgery is necessary to replace it,” Mohanty says. “And if a hacker hacks an insulin pump and controls dosage, then it can lead to serious health complications.”
Mohanty recently received a $247,000 three-year grant from the National Science Foundation to tackle this problem. Together with Elias Kougianos, professor of electrical engineering, and Elias Mpofu, professor of rehabilitation and health services, Mohanty hopes to improve the security of these devices and the data collected by launching Easy-Med, a multidisciplinary project designed to train undergraduates to tackle the potential cybersecurity problems associated with wearable and implantable medical devices. Multiple Ph.D. students are working on the immersive training project that will equip students to develop and implement hardware-assisted security solutions for health care electronics.
One example of such a solution is PMsec, an authentication system developed by a research team that includes Mohanty and Kougianos. Described in a recent paper published in the journal IEEE Transactions on Consumer Electronics, the technology uses physical unclonable functions, which generate cryptographic keys to authenticate signals coming to the device with the help of hardware, to defeat attacks to smart health care devices and maintain the integrity of the system. Mohanty says PMsec also will store the large amounts of data created by the devices. The health care industry is estimated to contribute up to 30% of the world’s stored data, making this a substantial issue.
“Cybersecurity for IoMT is not just another security issue, rather it is scary and can be life-threatening,” Mohanty says. “I hope that our research will create the maximum social impact.”