Presentation is loading. Please wait.

Presentation is loading. Please wait.

Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Zac Chupka Jeff Signore.

Published byMyrtle Patterson Modified over 8 years ago

Similar presentations

Presentation on theme: "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Zac Chupka Jeff Signore."— Presentation transcript:

1 Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Zac Chupka Jeff Signore

2 Disclosure The researchers omit details that would act as a guide for someone to attack an implantable medical device Focuses more on the security and privacy vulnerabilities in implantable medical devices

3 Overview Technology Vulnerabilities Techniques Experiment Prevention Conclusions

4 Implantable Medical Devices (IMDs) Wireless reprogrammable medical devices that are implanted in a patient’s body Implantable Cardioverter Defibrillators (ICDs) Pacemakers Neurostimulators Drug pumps Between 1990-2002: 2.6 million IMDs implanted in US patients

5 ICDs Monitor and responds to heart activity Include modes for pacing and defibrillation Implanted in the chest with leads that connect to the chambers of the heart Practitioner can interact with ICD post surgery using an external commercial device programmer Perform diagnostics Read and write private data Adjust therapy settings

6 ICDs Self contained with respect to power and connectivity Non-rechargeable internal batteries No physical external connections Designed to last for many years

7 Other Equipment Used Oscilloscope Tests functionality of equipment that generates electrical signal Measures changing voltage of signal and displays as a waveform on a graph Antennas Universal Software Radio Peripheral device that interacts with open source GNU Radio libraries

8 Overview Technology Vulnerabilities Techniques Experiment Prevention Conclusions

9 Vulnerabilities Addressing the security and privacy issues with the communication between the ICD and the external ICD programmer used by practitioners Attacks classified as three types of adversary classes Commercial ICD programmer passive adversary active adversary

10  Adversaries Commercial ICD programmer No mechanisms in place to determine if the external programmer is being used by authorized personnel Passive adversary Eavesdrop on communications Record Radiofrequency messages output by devices Active adversary Generates arbitrary radiofrequency traffic

11 Overview Technology Vulnerabilities Techniques Experiment Prevention Conclusions

12 Reverse Engineering Transmissions Captured RF transmissions using the oscilloscope and USRP at 175 kHz Processed these signals using Matlab to determine the type of data it was transmitting

13 Reverse Engineering Transmissions Intercepting Programmer Directly connect to device carry raw bits from programmer to processing equipment Intercepting ICD Made dummy patient name Analyzed RF signal to determine the phase shift to determine the modulation scheme

14 Eavesdropping Used USRP to eavesdrop on the transmission data using the GNU radio Set up an eavesdropping timeline to determine the where and when to listen in on bidirectional conversations between devices

15 Overview Technology Vulnerabilities Techniques Experiment Prevention Conclusions

16 Passive Attacks (Eavesdropping) Replay attacks used to obtain information: First, auto-identification command used to retrieve limited device information Once identified, additional personal information is requested using interrogation command Cardiac data also obtained under certain conditions, such as with a strong magnet

17 Active Attacks (Changing Information) Replay attacks used with GNU radio to modify ICD information: Change patient name Change ICD clock - date and/or time Change therapies - programmed responses to cardiac events

18 Active Attacks (Other Attacks) Induce fibrillation Apply a ~1 Joule command shock to the patient’s heart at a precise point in the patient’s cardiac rhythm. Unconfirmed attacks Power denial of service Insecure software updates Buffer overflow vulnerabilities.

19 Overview Technology Vulnerabilities Techniques Experiment Prevention Conclusions

20 Notification for Patients: WISPer Wireless Identification and Sensing Platform: tiny embedded system with RFID circuitry and microcontroller After WISPer receives wireless requests, it chirps Tested with and without bacon

21 Authentication Challenge-response type authentication Programmers know master key IMD knows identity Both have to calculate IMD specific key based on master key and identity, and must match results for authentication to occur. Master key not suitable for large- scale deployment: too risky

22 Sensible Key Exchange A distribution of a symmetric cryptographic key over a human perceptible sensory channel IMD generates a key and broadcasts it as sound wave, only strong enough to be received by a patient in contact with the microphone

23 Conclusions Important that the authors have revealed the security and privacy risks These experiments aren’t practical or feasible in a real world situation These risks and prevention techniques for IMDs should be taken into account for future development

24 Inner Workings of an ICD Inside is a magnetic switch A close magnetic field allows the ICD to transmit telemetry data which includes EKG readings The magnetic field comes from a magnet in the external programmer when placed in proximity of the patient’s ICD The model of ICD used is intended for short range wireless communications

Download ppt "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Zac Chupka Jeff Signore."

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Smart Card Security Xufen Gao CS 265 Spring, 2004 San Jose State University.

Smart Card Security Xufen Gao CS 265 Spring, 2004 San Jose State University.
By Md Emran Mazumder Ottawa University Student no: 6282845.

By Md Emran Mazumder Ottawa University Student no:
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
NFC Devices: Security and Privacy

NFC Devices: Security and Privacy
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks 0 Fall 2014 Presenter: Kun Sun, Ph.D. Michael Rushanan*, Denis Foo Kune,

SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks 0 Fall 2014 Presenter: Kun Sun, Ph.D. Michael Rushanan*, Denis Foo Kune,
Imbedded SSR Mode-S Logic Control Unit University of Stellenbosch Department of Electrical & Electronic Engineering K. Gastrow 4 December 2009.

Imbedded SSR Mode-S Logic Control Unit University of Stellenbosch Department of Electrical & Electronic Engineering K. Gastrow 4 December 2009.
Timo Kasper Crete, Greece May 10, 2007 An Embedded System for Practical Security Analysis of Contactless Smartcards Timo Kasper, Dario Carluccio and Christof.

Timo Kasper Crete, Greece May 10, 2007 An Embedded System for Practical Security Analysis of Contactless Smartcards Timo Kasper, Dario Carluccio and Christof.
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Authors: Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin.

Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Authors: Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Lesson Title: Threats to and by an RFID system Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Threats to and by an RFID system Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
1 A study on Location Aware Computing Presenter : Narendiran Visvanathan Instructor : Dr. Chin-Chih Chang Course : CS 898T Mobile and Wireless Networks.

1 A study on Location Aware Computing Presenter : Narendiran Visvanathan Instructor : Dr. Chin-Chih Chang Course : CS 898T Mobile and Wireless Networks.
Software Defined Radio Mentor: Dr. Brian Banister Sponsor: Comtech AHA Team: Brad Eylander, Dylan Kievit, Jeff Chang, Ted Storms Acknowledgements: Dr.

Software Defined Radio Mentor: Dr. Brian Banister Sponsor: Comtech AHA Team: Brad Eylander, Dylan Kievit, Jeff Chang, Ted Storms Acknowledgements: Dr.
Implantable Cardioverter Defibrillator Rebecca Boduch Biomedical Engineering University of Rhode Island.

Implantable Cardioverter Defibrillator Rebecca Boduch Biomedical Engineering University of Rhode Island.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
802.11 Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
A Framework for Patient Monitoring A. L. Praveen Aroul, William Walker, Dinesh Bhatia Department of Electrical Engineering University of Texas at Dallas.

A Framework for Patient Monitoring A. L. Praveen Aroul, William Walker, Dinesh Bhatia Department of Electrical Engineering University of Texas at Dallas.
Applied Cryptography for Network Security

Applied Cryptography for Network Security

Similar presentations

Ads by Google