Improving Implantable Medical Device Security Through Cooperative Jamming
Files
TR Number
Date
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Implantable medical devices (IMDs) are medically necessary devices embedded in a human body that monitor chronic disorders or automatically deliver therapies, such as insulin pumps or pacemakers. Typically, they are small form-factor devices with limited battery and processing power. Most IMDs have wireless capabilities that allow them to share data with an offboard programming device, such as a smartphone application, that has more storage and processing power than the IMD itself. Additionally, the programming device can send commands back to the IMD to change its settings according to the treatment plan. As such, wirelessly sharing information between an IMD and offboard device can help medical providers monitor the patient's health remotely while giving the patient more insight into their condition, more autonomy, and fewer in-person appointments.
However, serious security concerns have arisen as researchers have demonstrated it is possible to hack these devices to obtain sensitive information or potentially harm the patient. This is particularly easy to do as most IMDs transmit their data in the clear to avoid allocating their limited resources to encrypting their packets. As these concerns and the percentage of the American population with IMDs grows, there is another fear that bad actors could exploit the link between the programming device and IMD. Theoretically, a hacker could launch a man in the middle attack to send the IMD unauthorized commands, reprogramming it to act as a radio, sniffing signals of interest in the environment. As such, the hacker could use the IMD as a software defined radio (SDR) that captures sensitive or even classified information without the patient's knowledge. If this were to happen, it is possible an unwitting person with an IMD who has access to classified or sensitive information could be used to exfiltrate data that, in the wrong hands, could be used for corporate espionage or to the detriment of national security. While governing bodies agree that cybersecurity risks are present in IMD systems, there are no requirements for IMD manufacturers to create their devices with security measures that mitigate these risks. Researchers have proposed physical, technical, and administrative security measures for IMDs, but other existing wireless security techniques may apply to the healthcare space and need to be explored.
Beamforming is an array signal processing technique that relies on individual elements of antenna arrays adjusting their phase and amplitude to create an overall effect of directing RF energy in a particular direction. Similarly, cooperative beamforming uses several physically separate "friendly" beamforming-capable devices to collectively send artificial noise to eavesdroppers while ensuring the signal is successfully received by the intended receiver. Although there are several cooperative jamming algorithms, they share the underlying principles of minimizing SINR at potential eavesdroppers while maximizing the SINR at the intended receiver.
Researchers exploring cooperative jamming have largely used models to estimate its impact on channel secrecy. While RF propagation and communication system modeling provides valuable insight into system performance, many theoretical and empirical models are limited by the extent to which the operational environment matches that of the model itself. Ray tracing, alternatively, is more widely applicable as it accounts for a 3D environment and the objects a signal interacts with in that space. A ray is defined as an individual RF signal that travels in a straight line through a uniform medium; obeys the laws of reflection, refraction, and diffraction; and carries energy. As the ray interacts with objects in the environment, its energy will decrease by some amount that depends on the materials and geometry of the object.
While research has predominantly focused on applications like cellular communications, the same principles of minimizing SINR at potential eavesdroppers while maximizing the SINR at the intended receiver can be applied to IMDs. As IMD use cases assume the programmer is nearby, the friendly nodes will not need to act as relays and can instead focus all their power on jamming. The number of cooperative jammers will be low to simulate the number of devices an individual might have in a workspace or office setting, like a personal phone, smart watch, or laptop, and realistic power constraints will be observed. Further, ray tracing software will provide additional visual insights into how various building materials like drywall, concrete, brick, and glass impact cooperative jamming. Through these simulations, the trade-off between secrecy rate and physical separation and layout of friendly nodes can be determined, which in turn may inform how companies or individuals can protect their proprietary and personal information.