An artificial cadaver used by the U of M Security and Privacy Research (SPQR) Lab headed by Professor Kevin Fu. Researchers in SPQR use the artificial cadaver to test the security and privacy of various medical devices, including heart rate sensors, pacemakers, defibrillators, drug delivery systems, and neurostimulators. Photo: Joseph Xu
As worn medical devices are becoming more common and some are merging with the world of consumer technology, security is becoming an issue that scientists are trying to address before real problems arise. A lot of published research in this field focuses on manipulating digital signals in an attempt to confuse and disrupt the normal functionality of implants.
An international team of researchers has instead focused on the analog sensors that many of today’s devices use. The investigators used real devices, which were placed in saline solution or artificial cadavers, and researchers showed that under limited controlled conditions they were able to cause some disruption of functionality by beaming radio signals of various frequencies at the devices. The team does note that practically it would be very difficult to use their technique to disrupt medical devices and that implants in particular are hard to manipulate.
From a University of Michigan press release:
In the category of medical devices, the researchers tested cardiac defibrillators and pacemakers in open air to determine which radio waveforms could cause interference. Then they exposed the medical devices to those waveforms in a both a saline bath and a patient simulator. The experiments suggest that the human body likely acts as a shield, protecting the medical devices to a large degree, the researchers said.
They found that in the saline bath and the patient simulator, a perpetrator would need to be within five centimeters—about two inches—away to cause interference. Current guidelines instruct patients to keep potential sources of interference at least 27 centimeters, or 10.5 inches, away from their chest.
“People with pacemakers and defibrillators can remain confident in the safety and effectiveness of their implants,” said Kevin Fu, U-M associate professor of electrical engineering and computer science. “Patients already protect themselves from interference by keeping transmitters like phones away from their implants. The problem is that emerging medical sensors worn on the body, rather than implanted, could be more susceptible to this type of interference.”
University of Michigan press statement: Security risks found in sensors for heart devices, consumer electronics…