Ever since it has been shown that modern implantable devices can be hijacked by hackers, researches have been working to overcome the issue. Now engineers at Swiss Federal Institute of Technology and the French National Institute for Research in Computer Science and Control developed a technology that uses ultrasound to gauge the proximity of the device communicating with the implant.
MIT Technology Review explains:
Under their plan, a device will always be accessible from up to 10 meters away, and will normally enforce a series of authentication steps before allowing access. In an emergency, however, when the device detects that the patient using it is in trouble, it will grant access to anyone who is physically close to the patient (within about three centimeters).
Other researchers have suggested requiring wireless reading devices to be physically close to an implant in order to access it. But Castelluccia says that attackers can get around this by using a strong radio transmitter to mimic close proximity. To solve this issue, his plan calls for ultrasound waves to be used in addition to radio signals–the speed of sound allows the device to calculate with confidence how far away the reader is.
Castelluccia says the device only needs a microphone in order to detect the ultrasound and that he doesn’t expect the protocol to consume much power–a key concern with an implantable medical device because it’s hard to replace the battery. Because the device won’t respond to requests that come from outside the predetermined distance, it would also be harder for an attacker to wear down the battery by forcing it to process one request after another.
More from Technology Review…