On the (in)security of the latest generation implantable cardiac defibrillators and how to secure them

Eduard Marin, Dave Singelée, Flavio D. Garcia, Tom Chothia, Rik Willems, Bart Preneel

Research output: Chapter in Book/Report/Conference proceedingConference contribution

28 Citations (Scopus)

Abstract

Implantable Medical Devices (IMDs) typically use proprietary protocols with no or limited security to wirelessly communicate with a device programmer. These protocols enable doctors to carry out critical functions, such as changing the IMD's therapy or collecting telemetry data, without having to perform surgery on the patient. In this paper, we fully reverse-engineer the proprietary communication protocol between a device programmer and the latest generation of a widely used Implantable Cardioverter Defibrillator (ICD) which communicate over a long-range RF channel (from two to five meters). For this we follow a black-box reverse-engineering approach and use inexpensive Commercial Off-The-Shelf (COTS) equipment. We demonstrate that reverse-engineering is feasible by a weak adversary who has limited resources and capabilities without physical access to the devices. Our analysis of the proprietary protocol results in the identification of several protocol and implementation weaknesses. Unlike previous studies, which found no security measures, this article discovers the first known attempt to obfuscate the data that is transmitted over the air. Furthermore, we conduct privacy and Denial-of-Service (DoS) attacks and give evidence of other attacks that can compromise the patient's safety. All these attacks can be performed without needing to be in close proximity to the patient. We validate that our findings apply to (at least) 10 types of ICDs that are currently on the market. Finally, we propose several practical short- and long-term countermeasures to mitigate or prevent existing vulnerabilities.
Original languageEnglish
Title of host publicationACSAC '16
Subtitle of host publicationProceedings of the 32nd Annual Conference on Computer Security Applications
PublisherAssociation for Computing Machinery
Pages226-236
ISBN (Print)9781450347716
DOIs
Publication statusPublished - 5 Dec 2016
Event32nd Annual Computer Security Applications Conference (ACSAC 2016) - Los Angeles, CA, United States
Duration: 5 Dec 20169 Dec 2016

Conference

Conference32nd Annual Computer Security Applications Conference (ACSAC 2016)
Country/TerritoryUnited States
CityLos Angeles, CA
Period5/12/169/12/16

Fingerprint

Dive into the research topics of 'On the (in)security of the latest generation implantable cardiac defibrillators and how to secure them'. Together they form a unique fingerprint.

Cite this