defibrillators: Software radio attacks and zero-power
defenses. In Proceedings of the IEEE Symposium on
Security and Privacy, May 2008.
16. Hansen, J.A. and Hansen, N.M. A taxonomy of
vulnerabilities in implantable medical devices. In
Proceedings of SPIMACS’ 10, (Chicago, IL, Oct. 8, 2010).
17. Howard, M. and Lipner, S. The Security Development
Lifecycle. Microsoft Press, 2006.
18. International Standards Organization. Medical
devices—Application of risk management to medical
devices. ISO 14971:2007.
19. Jee, E. et al. A safety-assured development approach
for real-time software, Proc. IEEE Int. Conf. Embed.
Real-time Comput. Syst. Appl. (Aug. 2010), 133–142.
20. Kaplan, D. Black Hat: Insulin pumps can be hacked.
SC Magazine, (Aug. 04, 2011).
21. King, S. T. et al. Designing and implementing malicious
hardware. In Proceedings of the 1st Usenix Workshop
on Large-Scale Exploits and Emergent Threats. Fabian
Monrose, ed. USENIX Association, Berkeley, CA.
22. Kolata, G. Of fact, fiction and Cheney’s defibrillator.
New York Times, (Oct. 27, 2013).
23. Kramer, D.B. et al. Security and privacy qualities
of medical devices: An analysis of fda postmarket
surveillance. PLoS ONE 7, 7 (2012), e40200;
24. Li, C., Raghunathan, A. and Jha, N.K. Improving the
trustworthiness of medical device software with
formal verification methods. IEEE Embedded Systems
Letters 5, 3 (Sept. 2013), 50–53.
25. McGraw, G. Software security. IEEE Security & Privacy
2, 2 (Mar-Apr 2004), 80–83.
26. Nixon, C. et al. Academic Dual Chamber Pacemaker.
University of Minnesota, 2008.
27. Ross, R.S. Guide for Conducting Risk Assessments.
NIST Special Publication 800-30 Rev. 1, Sept. 2012.
28. Rostami, M., Juels, A. and Koushanfar F. Heart-to-Heart (H2H): Authentication for implanted medical
devices. In Proceedings for ACM SIGSAC Conference
on Computer & Communications Security. ACM, New
York, NY, 1099–1112.
29. Sanger, D.E. and Shanker, T. N.S.A. devises radio pathway
into computers. New York Times (Jan. 14, 2014).
30. Skorobogatov, S. and Woods, C. Breakthrough
silicon scanning discovers backdoor in military chip,
cryptographic hardware and embedded systems.
Lecture Notes in Computer Science 7428 (2012),
31. Sorber, J. et al. An amulet for trustworthy wearable
mHealth. In Proceedings of the 12th Workshop on
Mobile Computing Systems & Applications. ACM, New
York, N Y.
32. Venere, E. New firewall to safeguard against medical-device hacking. Purdue University News Service, Apr.
33. Vockley, M. Safe and Secure? Healthcare in the
cyberworld. AAMI (Advancing Safety in Medical
Technology) BI&T – Biomedical Instrumentation &
Technology, May/June 2012.
34. Weaver, C. Patients put at risk by computer viruses.
Wall Street Journal (June 13, 2013).
35. Wei, S., Potkonjak, M. The undetectable and
unprovable hardware Trojan horse. In Proceedings of
the ACM Design Automation Conference (Austin, TX,
May 29 –June 07, 2013).
36. Wirth, A. Cybercrimes pose growing threat to medical
devices. Biomed Instrum Technol. 45, 1 (Jan/Feb
37. World Health Organization. Medical device regulations:
Global overview and guiding principles. 2003.
Johannes Sametinger ( firstname.lastname@example.org) is
an associate professor in the Department of Information
Systems at the Johannes Kepler University Linz, Austria.
Jerzy Rozenblit ( email@example.com) is Distinguished
Professor in the Department of Electrical and Computer
Engineering/Dept. of Surgery at the University of Arizona,
Roman Lysecky ( firstname.lastname@example.org) is an
associate professor in the Department of Electrical
and Computer Engineering at the University of Arizona,
Peter Ott ( email@example.com) is an associate
professor in the College of Medicine, Sarver Heart Center
at the University of Arizona, Tucson, AZ.
© 2015 ACM 000107/82/15/04 15.00
unauthorized people. Technically viable systems may nonetheless be undesirable to patients.
The general population is increasingly concerned about the misuse of
the Internet in many aspects of their
daily life, for example, banking fraud or
identity theft. As a cardiologist and elec-tro-physiologist, one of the authors (P.
Ott, M.D.) has observed an increase in
patients’ awareness of security issues,
who question the safety of implanted
devices in the digital realm. We expect
such concerns will become even more
pressing. A small study has shown perceived security, safety, freedom from
unwanted cultural and historical associations, and self-image must be taken
into account when designing countermeasures for medical devices.
We need more information about
how concerned patients are about
the security of the devices they are
using. A user study could reveal what
specific, additional steps patients are
willing to take in order to increase security. This will give manufacturers
valuable information. We will need
to increase security awareness of all
stakeholders, that is, manufacturers,
patients, doctors, and medical institutions. Additionally, the devices’
security states must be more visible,
understandable, and accessible for
IT infrastructure. In order to protect
medical devices, the surrounding IT
environment must be secured as well.
Focusing on medical devices, we will
refrain from enumerating regular countermeasures found in IT security. These
are appropriate for health care security or medical device security as well,
for example, erasing hard disks before
disposing of them, backing up data, or
BYOD (bring your own device) policies.
Off-the-shelf devices like smartphones
or tablets also increasingly store, process, and transmit sensitive medical
data. This data must be protected from
malware on these devices.
IT infrastructure must guarantee
privacy of medical data according to
the Health Insurance Portability and
Accountability Act (HIPAA). However,
safety is at stake as well. For medi-
cal devices, it is important to keep in
mind regular IT devices pose a threat
to medical devices also when they in-
teroperate directly or indirectly. Most
importantly, medical devices should
always assume their surroundings
might have been compromised.
Securing medical devices means protecting human life, human health,
and human well-being. It is also about
protecting and securing the privacy of
sensitive health information. We see
an increase in the use of mobile medical applications as well as an increase
in medical devices that use wireless
communication and utilize Internet
connections. New sensing technology
provides opportunities for telemedi-cine with the promise to make health
care more cost effective. Unless appropriate countermeasures are taken,
the doors stand wide open for the
misuse of sensitive medical data and
even for malware and attacks that put
human life in danger.
1. Alemzadeh, H., Iyer, R.K. and Kalbarczyk, Z. Analysis
of safety-critical computer failures in medical devices.
IEEE Security & Privacy 11, 4, (July-Aug. 2013), 14-26.
2. Boston Scientific. PACEMAKER System
3. Denning, T., Fu, K. and Kohno, T. Absence makes the
heart grow fonder: New directions for implantable
medical device security. In Proceedings of USENIX
Workshop on Hot Topics in Security, July 2008.
4. Denning, T., Matsuoka, Y. and Kohno, T. Neurosecurity:
Security and privacy for neural devices. Neurosurgical
Focus 27, 1 (July 2009).
5. Denning, T. et al. Patients, pacemakers, and
implantable defibrillators: Human values and
security for wireless implantable medical devices. In
Proceedings of the 28th International Conference on
Human Factors in Computing Systems, 2010.
6. Food and Drug Administration. MAUDE—Manufacturer
and User Facility Device Experience; http://www.
7. Food and Drug Administration. Is The Product A
Medical Device? http://www.fda.gov/MedicalDevices/
8. Food and Drug Administration. Medical Devices –
Classify Your Medical Device; http://www.fda.gov/
9. Food and Drug Administration Safety Communication:
Cybersecurity for Medical Devices and Hospital Networks;
June 2013. http://www.fda.gov/ MedicalDevices/
10. Food and Drug Administration. Content of premarket
submissions for management of cybersecurity
in medical devices—Draft guidance for industry
and Food and Drug administration staff, June
14, 2013; http://www.fda.gov/medicalDevices/
11. Fox News. Antivirus Program Goes Berserk, Freezes
PCs. Apr. 22, 2010.
12. Fu, K. and Blum, J. Controlling for cybersecurity risks
of medical device software. Commun. ACM 56, 10
(Oct. 2013), 35–37.
13. Gollakota, S. et al. They can hear your heartbeats:
Non-invasive security for implantable medical devices.
In Proceedings from SIGCOMM’ 11 (Toronto, Ontario,
Canada, Aug. 15–19, 2011).
14. Halperin, D. et al. Security and privacy for implantable
medical devices. IEEE Pervasive Computing, Special
Issue on Implantable Electronics, (Jan. 2008).
15. Halperin, D. et al. Pacemakers and implantable cardiac