There is an interesting
article over at TechnologyReview.com about cybersecurity and medical
devices. A lot of it is a rehash of things we’ve been hearing out of the black
hat community for a couple of years now and is reflected in the recent FDA
draft guidance on cybersecurity. There are two interesting new items that I
hadn’t seen discussed before; a new method of detecting medical malware and a
discussion about the use of anti-virus software on medical devices.
Power Detection of
Malware
The article contains a link to a journal
article (in the Proceedings of USENIX Workshop on Health Information
Technologies, 2013) about a power monitoring system (WattsUpDoc) that can be
used to detect the unusual power consumption associated with a malware attack
on a medical device. The authors noted that if one has an accurate history of a
devices normal power consumption patterns that changes in those patterns could
be used to detect when a device has been compromised by a cyber-attack. Their
paper also claims to have validated the technique in an industrial scale SCADA
system.
I’ll leave the technical evaluation of the technique to
people with the appropriate expertise, but it would seem to me that this
technique might be particularly valuable in safety systems because of the vary
constrained outputs of those systems.
Medical Anti-Virus
Problems
Sorry, I couldn’t
resist that heading.
The article explains that many medical devices cannot use
commercial anti-virus software because they are running on proprietary
operating systems. The ones that are using variations of a Microsoft OS might
be able to use off-the-shelf AV software, but device manufacturers do not allow
(or support) the use of third party software (or I suspect even the update of
the MS-OS) because of the very real potential for unexpected conflicts with the
device software.
This is not an unknown problem for many control systems, but
a software lockup on ones’ pacemaker could be even more troublesome than the
shutting down of a production line. But with the rise of hackers actively looking
at medical device control systems, it seems to me that there is a significant
need to come up with a workable solution to the AV problem.
Posts
No comments:
Post a Comment