Sheng Xu,Yongxiang Xia,Hui-Liang Shen

DOI: https://doi.org/10.1109/jsyst.2022.3150576

IF: 4.802

2022-01-01

IEEE Systems Journal

Abstract:In this article, we study how to resist malware attacks in cyber-physical power systems (CPPSs) through cyber protection. A model that incorporates the power flow analysis, the cyber monitoring and control, and the factor of cyber protection is proposed to simulate malware attacks in CPPSs. Meanwhile, an evaluation method is also developed to estimate the effectiveness of different cyber protection strategies. Through simulations, we conduct case studies in a test CPPS generated by coupling the IEEE 118 Bus System with a scale-free communication network. The protection effects of three heuristic cyber protection strategies, namely, target protection, random protection, and acquaintance protection are compared and analyzed. Simulation results reveal that compared with the other two strategies, target protection can suppress malware propagation and resist malware attacks more effectively. Moreover, we also investigate the optimal cyber protection problem in CPPSs and formulate it as a zero-one integer programming problem. We solve the problem by genetic algorithm and find that some low-degree cyber nodes also play a significant role in resisting malware attacks in CPPSs, especially when the protection budget is tight.

Josephine Lamp,Carlos E. Rubio-Medrano,Ziming Zhao,Gail-Joon Ahn

DOI: https://doi.org/10.1145/3278576.3278602

2018-01-01

Abstract:The proliferation of networked medical devices has resulted in the development of innovative Medical Cyber-Physical Systems (MCPS) that promise more coordinated and high quality of care for patients. Unsurprisingly, the cybersecurity of MCPS is of high concern, as they are life-critical systems that, if compromised, may result in dire consequences to the patient. A variety of security requirements have been developed over the past 10 years as a result of governmental acts such as HITECH in order to better secure and protect healthcare environments. However, it is unclear how applicable these requirements may be to MCPS infrastructures. As a result, this case study analyzes current healthcare security requirements and their applicability to MCPS using an approach that leverages ontological representations and automated requirement traversal techniques. Using such a methodology, we find that 70% of applicable requirements/risks for MCPS components are missing from the security documentation, including serious items such as Authentication, Data Encryption, DoS attacks, and Legacy Vulnerabilities. We also validate our results within real-world instances and find that almost half of the relevant requirements are not implemented within existing MCPS architectures.

Zhangtan Li,Liang Cheng,Yang Zhang

DOI: https://doi.org/10.1145/3357495.3357497

2019-01-01

ACM SIGBED Review

Abstract:Integrated Clinical Environment (ICE) is a standardized framework for achieving medical device interoperability. It utilizes high-level supervisory and medical apps and low-level communication middle-ware to coordinate medical devices to accomplish a shared clinical mission. With the potential to significantly improve healthcare productivity and reduce medical errors, the interoperability of medical devices also subjects ICE systems to unprecedented security threats. In this paper, we present a set of security attacks, namely interception, tampering, and replay attack, to the network level of ICE systems, which we identify through a threat modeling analysis on OpenICE, the best-known instantiation of ICE system. For these security attacks, we devise corresponding defense mechanisms on top of OpenICE. Our experiments demonstrate that these defense mechanisms can effectively protect OpenICE from the identified attacks with acceptable computational overhead.

Zhiqiang Wang,Pingchuan Ma,Xiaoxiang Zou,Jianyi Zhang,Tao Yang

DOI: https://doi.org/10.1109/infocomwkshps50562.2020.9162769

2020-07-01

Abstract:Recent years have witnessed a boom of connected medical devices, which brings security issues in the meantime. Medical imaging devices, an essential part of medical cyber-physical systems, play a vital role in modern hospitals and are often life-critical. However, security and privacy issues in these medical cyber-physical systems are sometimes ignored. We perform an empirical study on imaging devices to analyse the security of medical cyber-physical systems. To be precise, we design a threat model and propose prospective attack techniques for medical imaging devices. To tackle potential cyber threats, we introduce protection mechanisms, evaluate the effectiveness and efficiency of protection mechanisms as well as its interplay with attack techniques. To scoring security, we design a hierarchical system that provides actionable suggestions for imaging devices in different scenarios. We investigate 15 devices from 9 manufacturers to demonstrate empirical comprehension and real-world security issues.

Ovunc Kocabas,Tolga Soyata,Mehmet K Aktas

DOI: https://doi.org/10.1109/TCBB.2016.2520933

Abstract:The following decade will witness a surge in remote health-monitoring systems that are based on body-worn monitoring devices. These Medical Cyber Physical Systems (MCPS) will be capable of transmitting the acquired data to a private or public cloud for storage and processing. Machine learning algorithms running in the cloud and processing this data can provide decision support to healthcare professionals. There is no doubt that the security and privacy of the medical data is one of the most important concerns in designing an MCPS. In this paper, we depict the general architecture of an MCPS consisting of four layers: data acquisition, data aggregation, cloud processing, and action. Due to the differences in hardware and communication capabilities of each layer, different encryption schemes must be used to guarantee data privacy within that layer. We survey conventional and emerging encryption schemes based on their ability to provide secure storage, data sharing, and secure computation. Our detailed experimental evaluation of each scheme shows that while the emerging encryption schemes enable exciting new features such as secure sharing and secure computation, they introduce several orders-of-magnitude computational and storage overhead. We conclude our paper by outlining future research directions to improve the usability of the emerging encryption schemes in an MCPS.

Nilanjan Dey,Amira S. Ashour,Fuqian Shi,Simon James Fong,João Manuel R. S. Tavares

DOI: https://doi.org/10.1007/s10916-018-0921-x

IF: 4.92

2018-03-10

Journal of Medical Systems

Abstract:Medical cyber-physical systems (MCPS) are healthcare critical integration of a network of medical devices. These systems are progressively used in hospitals to achieve a continuous high-quality healthcare. The MCPS design faces numerous challenges, including inoperability, security/privacy, and high assurance in the system software. In the current work, the infrastructure of the cyber-physical systems (CPS) are reviewed and discussed. This article enriched the researches of the networked Medical Device (MD) systems to increase the efficiency and safety of the healthcare. It also can assist the specialists of medical device to overcome crucial issues related to medical devices, and the challenges facing the design of the medical device’s network. The concept of the social networking and its security along with the concept of the wireless sensor networks (WSNs) are addressed. Afterward, the CPS systems and platforms have been established, where more focus was directed toward CPS-based healthcare. The big data framework of CPSs is also included.

health care sciences & services,medical informatics

Ahmad Alzahrani,Mohammed Alshehri,Rayed AlGhamdi,Sunil Kumar Sharma

DOI: https://doi.org/10.3390/healthcare11030384

2023-01-29

Abstract:Medical cyber-physical systems (MCPS) represent a platform through which patient health data are acquired by emergent Internet of Things (IoT) sensors, preprocessed locally, and managed through improved machine intelligence algorithms. Wireless medical cyber-physical systems are extensively adopted in the daily practices of medicine, where vast amounts of data are sampled using wireless medical devices and sensors and passed to decision support systems (DSSs). With the development of physical systems incorporating cyber frameworks, cyber threats have far more acute effects, as they are reproduced in the physical environment. Patients' personal information must be shielded against intrusions to preserve their privacy and confidentiality. Therefore, every bit of information stored in the database needs to be kept safe from intrusion attempts. The IWMCPS proposed in this work takes into account all relevant security concerns. This paper summarizes three years of fieldwork by presenting an IWMCPS framework consisting of several components and subsystems. The IWMCPS architecture is developed, as evidenced by a scenario including applications in the medical sector. Cyber-physical systems are essential to the healthcare sector, and life-critical and context-aware health data are vulnerable to information theft and cyber-okayattacks. Reliability, confidence, security, and transparency are some of the issues that must be addressed in the growing field of MCPS research. To overcome the abovementioned problems, we present an improved wireless medical cyber-physical system (IWMCPS) based on machine learning techniques. The heterogeneity of devices included in these systems (such as mobile devices and body sensor nodes) makes them prone to many attacks. This necessitates effective security solutions for these environments based on deep neural networks for attack detection and classification. The three core elements in the proposed IWMCPS are the communication and monitoring core, the computational and safety core, and the real-time planning and administration of resources. In this study, we evaluated our design with actual patient data against various security attacks, including data modification, denial of service (DoS), and data injection. The IWMCPS method is based on a patient-centric architecture that preserves the end-user's smartphone device to control data exchange accessibility. The patient health data used in WMCPSs must be well protected and secure in order to overcome cyber-physical threats. Our experimental findings showed that our model attained a high detection accuracy of 92% and a lower computational time of 13 sec with fewer error analyses.

peng zhang,peng ju he,ming chen

DOI: https://doi.org/10.4028/www.scientific.net/AMR.433-440.884

2012-01-01

Abstract:Medical Cyber-Physical System (CPS) is integrations of computation and medical processes. Embedded computers and networks monitor and control the medical processes, usually with feedback loops where medical processes affect computations and vice versa. The medical CPS has many unique features, such as high-confidence, hard real-time, highly-cooperative, highly-interoperative, etc. In this paper, a prototype architecture of medical CPS based on grid computing is proposed. It is argued that this architecture captures the essential attributes of a medical CPS and lead to identification of many research challenges.

George Grispos,William Bradley Glisson,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.48550/arXiv.1708.05374

2017-08-17

Cryptography and Security

Abstract:The synthesis of technology and the medical industry has partly contributed to the increasing interest in Medical Cyber-Physical Systems (MCPS). While these systems provide benefits to patients and professionals, they also introduce new attack vectors for malicious actors (e.g. financially-and/or criminally-motivated actors). A successful breach involving a MCPS can impact patient data and system availability. The complexity and operating requirements of a MCPS complicates digital investigations. Coupling this information with the potentially vast amounts of information that a MCPS produces and/or has access to is generating discussions on, not only, how to compromise these systems but, more importantly, how to investigate these systems. The paper proposes the integration of forensics principles and concepts into the design and development of a MCPS to strengthen an organization's investigative posture. The framework sets the foundation for future research in the refinement of specific solutions for MCPS investigations.

Andrew Y. -Z. Ou,Maryam Rahmaniheris,Yu Jiang,Po-Liang Wu,Lui Sha

DOI: https://doi.org/10.1109/iccad.2017.8203884

2017-01-01

Abstract:Using wireless networks in medical Cyber-Physical Systems could be challenging. Because the medical system not only assists the medical personnel to deliver medical services to the patient but also needs to deal with accidental situations such as communication failures without compromising the patient's safety. Previous research work tackled the communication failure problems in medical CPS from architecture perspectives. However, as medical devices configurations become more complex when a medical CPS is composed of many medical devices, we need to know that whether the certain configuration and a combination of the devices will not compromise the patient's safety. We present an algorithm to tackle the problem that whether a given system configuration exists a possible series of system transitions that allows the physicians to perform medical operations; in the mean time, the system transitions ensure the patient's safety while communication failures may happen during the transitions.

Ying He,Ruben Suxo Camacho,Hasan Soygazi,Cunjin Luo

DOI: https://doi.org/10.1016/j.ijmedinf.2021.104415

IF: 4.73

2021-01-01

International Journal of Medical Informatics

Abstract:Background: The Intelligent Medical Diagnosis System (IMDS) has been targeted by the cyber attackers, who aim to damage the Healthcare Critical National Infrastructure (CNI). This research is motivated by the recent cyber attacks happened worldwide that have resulted in the compromise of medical diagnosis records. This study was conducted to demonstrate how the IMDS could be attacked and diagnosis records compromised (i.e. heart disease) and suggest a list of security defence strategies to prevent against such attacks. Methods: This research developed an IMDS simulation platform by implementing the OpenEMR system. A Cardiac Diagnosis Component is then added to the IMDS. The IMDS is fed with the ECG data (retrieved from the PhysioNet/Computing in Cardiology Challenge 2017). This research then launched systematic ethical hacking, which was tailored to target IMDS diagnosis records. The systematic hacking was based on the NIST ethical hacking method and followed an attack pathway, starting from identifying the entry points of the medical websites, then propagating to gain access to the server, with the ultimate aim of modifying the heart disease diagnosis records. Results: The hacking was successful. Four major vulnerabilities (i.e. broken authentication, broken access control, security misconfiguration and using components with known vulnerabilities) were identified in the simulated IMDS and the cardiac diagnosis records were compromised. This research then proposed a list of security defence strategies to prevent such attacks at each possible attacking points along the attacking pathway. Conclusions: This research demonstrated a systematic ethical hacking to the IMDS, identified four major vulnerabilities and proposed the security defence pathways. It provided novel insights into the protection of IMDS and will benefit researchers in the community to conduct further research in security defence of IMDS.

Ying He,Ruben Suxo Camacho,Cunjin Luo,Henggui Zhang

DOI: https://doi.org/10.23919/cinc49843.2019.9005775

2019-01-01

Abstract:The medical systems have been targeted by the cyber attackers. This paper is motivated by the recent attacks that have resulted in the compromise of diagnosis results. This study was undertaken to show how the Cardiac Medical Diagnosis Systems (CMDS) can be hacked and propose security recommendations to prevent such attacks. We build a simulation platform by implementing an open source medical system. We feed the ECGs data from the PhysioNet/Computing in Cardiology (CinC) Challenge 2017 to the open source medical system. We then follow the OWASP pen-testing methodology to perform the ethical hacking. The hacking was successful and we have identified a major vulnerability of the system related to authentication. Finally, we are able to gain access to the sensitive ECG data. We then proposed cyber recommendations to prevent such attacks. Future work will consider using a mature CMDS, such as the arrhythmia detection and classification in ambulatory ECGs to investigate how the core of the algorithms can be attacked and protected.

Han Qiu,Meikang Qiu,Meiqin Liu,Gerard Memmi

DOI: https://doi.org/10.48550/arXiv.1904.08270

2019-04-17

Cryptography and Security

Abstract:The recent spades of cyber security attacks have compromised end users' data safety and privacy in Medical Cyber-Physical Systems (MCPS). Traditional standard encryption algorithms for data protection are designed based on a viewpoint of system architecture rather than a viewpoint of end users. As such encryption algorithms are transferring the protection on the data to the protection on the keys, data safety and privacy will be compromised once the key is exposed. In this paper, we propose a secure data storage and sharing method consisted by a selective encryption algorithm combined with fragmentation and dispersion to protect the data safety and privacy even when both transmission media (e.g. cloud servers) and keys are compromised. This method is based on a user-centric design that protects the data on a trusted device such as end user's smartphone and lets the end user to control the access for data sharing. We also evaluate the performance of the algorithm on a smartphone platform to prove the efficiency.

Tawseef Ayoub Shaikh,Tabasum Rasool,Prabal Verma

DOI: https://doi.org/10.1016/j.artmed.2023.102692

Abstract:Hospitals use medical cyber-physical systems (MCPS) more often to give patients quality continuous care. MCPS isa life-critical, context-aware, networked system of medical equipment. It has been challenging to achieve high assurance in system software, interoperability, context-aware intelligence, autonomy, security and privacy, and device certifiability due to the necessity to create complicated MCPS that are safe and efficient. The MCPS system is shown in the paper as a newly developed application case study of artificial intelligence in healthcare. Applications for various CPS-based healthcare systems are discussed, such as telehealthcare systems for managing chronic diseases (cardiovascular diseases, epilepsy, hearing loss, and respiratory diseases), supporting medication intake management, and tele-homecare systems. The goal of this study is to provide a thorough overview of the essential components of the MCPS from several angles, including design, methodology, and important enabling technologies, including sensor networks, the Internet of Things (IoT), cloud computing, and multi-agent systems. Additionally, some significant applications are investigated, such as smart cities, which are regarded as one of the key applications that will offer new services for industrial systems, transportation networks, energy distribution, monitoring of environmental changes, business and commerce applications, emergency response, and other social and recreational activities.The four levels of an MCPS's general architecture-data collecting, data aggregation, cloud processing, and action-are shown in this study. Different encryption techniques must be employed to ensure data privacy inside each layer due to the variations in hardware and communication capabilities of each layer. We compare established and new encryption techniques based on how well they support safe data exchange, secure computing, and secure storage. Our thorough experimental study of each method reveals that, although enabling innovative new features like secure sharing and safe computing, developing encryption approaches significantly increases computational and storage overhead. To increase the usability of newly developed encryption schemes in an MCPS and to provide a comprehensive list of tools and databases to assist other researchers, we provide a list of opportunities and challenges for incorporating machine intelligence-based MCPS in healthcare applications in our paper's conclusion.

Han Qiu,Meikang Qiu,Meiqin Liu,Gerard Memmi

DOI: https://doi.org/10.1109/jbhi.2020.2973467

IF: 7.7

2020-01-01

IEEE Journal of Biomedical and Health Informatics

Abstract:The recent spades of cyber attacks have compromised end-users' data security and privacy in Medical Cyber-Physical Systems (MCPS) in the era of Health 4.0. Traditional standard encryption algorithms for data protection are designed based on a viewpoint of system architecture rather than a viewpoint of end-users. As such encryption algorithms are transferring the protection on the data to the protection on the keys, data safety, and privacy will be compromised once the key is exposed. In this paper, we propose a secure data storage and sharing method consisted of a selective encryption algorithm combined with fragmentation and dispersion to protect the data safety and privacy even when both transmission media (e.g. cloud servers) and keys are compromised. This method is based on a user-centric design that protects the data on a trusted device such as the end-users' smartphone and lets the end-user control the access for data sharing. We also evaluate the performance of the algorithm on a smartphone platform to prove efficiency.

Mohammed Elnawawy,Mohammadreza Hallajiyan,Gargi Mitra,Shahrear Iqbal,Karthik Pattabiraman

2024-04-12

Abstract:The adoption of machine-learning-enabled systems in the healthcare domain is on the rise. While the use of ML in healthcare has several benefits, it also expands the threat surface of medical systems. We show that the use of ML in medical systems, particularly connected systems that involve interfacing the ML engine with multiple peripheral devices, has security risks that might cause life-threatening damage to a patient's health in case of adversarial interventions. These new risks arise due to security vulnerabilities in the peripheral devices and communication channels. We present a case study where we demonstrate an attack on an ML-enabled blood glucose monitoring system by introducing adversarial data points during inference. We show that an adversary can achieve this by exploiting a known vulnerability in the Bluetooth communication channel connecting the glucose meter with the ML-enabled app. We further show that state-of-the-art risk assessment techniques are not adequate for identifying and assessing these new risks. Our study highlights the need for novel risk analysis methods for analyzing the security of AI-enabled connected health devices.

Cryptography and Security,Computers and Society,Machine Learning

Ying He,Cunjin Luo,Ruben Suxo Camacho,Kuanquan Wang,Henggui Zhang

DOI: https://doi.org/10.22489/cinc.2020.439

2020-01-01

Abstract:The Cardiac Medical Diagnosis Systems (CMDS) are targeted by the cyber attackers. This paper is motivated by the recent cyber-attacks happened during the COVID 19 that have resulted in the compromise of medical data. This study was carried out to demonstrate how the CMDS can be breached into using an AI-based ethical attack pathway and propose security solutions to prevent such beaches. This study is based on an established simulation platform with an open source medical system, the OpenEMR. The system was fed with the ECGs data from the PhysioNet/Computing in Cardiology (CinC) Challenge 2017. This paper proposed the AI based hacking pathway following the NIST pen-testing methodology based on our previous identified vulnerability related to authentication. We then presented cyber security recommendations to prevent such AI-based attacks. Future work will consider a realistic CMDS, such as the arrhythmia detection and classification in ambulatory ECGs to find out how the algorithms core can be hacked and protected.

Maha Ali Allouzi,Javed I. Khan

DOI: https://doi.org/10.48550/arXiv.2104.11580

2021-04-23

Cryptography and Security

Abstract:In this work, we defined an attack vector for networks utilizing the Internet of Medical Things (IoMT) devices and compute the probability distribution of IoMT security threats based on Markov chain and Common Vulnerability Scoring System (CVSS). IoMT is an emerging technology that improves patients' quality of life by permitting personalized e-health services without restrictions on time and site. The IoMT consists of embedded objects, sensors, and actuators that transmit and receive medical data. These Medical devices are vulnerable to different types of security threats, and thus, they pose a significant risk to patient's privacy and safety. Because security is a critical factor for successfully merging IoMT into pervasive healthcare systems, there is an urgent need for new security mechanisms to prevent threats on the IoMT edge network. Toward this direction, the first step is defining an attack vector that an attacker or unauthorized user can take advantage of to penetrate and tamper with medical data. In this article, we specify a threat model for the IoMT edge network. We identify any vulnerabilities or weaknesses within the IoMT network that allow unauthorized privileges and threats that can utilize these weaknesses to compromise the IoMT edge network. Finally, we compute the probability distribution of IoMT threats based on the Markov transition probability matrix.

Riham Altawy,Amr M. Youssef

DOI: https://doi.org/10.1109/access.2016.2521727

IF: 3.9

2016-01-01

IEEE Access

Abstract:The new culture of networked systems that offer everywhere accessible services has given rise to various types of security tradeoffs. In fact, with the evolution of physical systems that keep getting integrated with cyber frameworks, cyber threats have far more critical effects as they get reflected on the physical environment. As a result, the issue of security of cyber physical systems requires a special holistic treatment. In this paper, we study the tradeoff between security, safety, and availability in such systems and demonstrate these concepts on implantable medical devices as a case study. We discuss the challenges and constraints associated with securing such systems and focus on the tradeoff between security measures required for blocking unauthorized access to the device and the safety of the patient in emergency situations where such measures must be dropped to allow access. We analyze the up to date proposed solutions and discuss their strengths and limitations.

computer science, information systems,telecommunications,engineering, electrical & electronic

Panagiotis Radoglou-Grammatikis,Konstantinos Rompolos,Panagiotis Sarigiannidis,Vasileios Argyriou,Thomas Lagkas,Antonios Sarigiannidis,Sotirios Goudos,Shaohua Wan

DOI: https://doi.org/10.1109/tii.2021.3093905

IF: 12.3

2022-01-01

IEEE Transactions on Industrial Informatics

Abstract:The rise of the Internet of Medical Things introduces the healthcare ecosystem in a new digital era with multiple benefits, such as remote medical assistance, real-time monitoring, and pervasive control. However, despite the valuable healthcare services, this progression raises significant cybersecurity and privacy concerns. In this article, we focus our attention on the IEC 60 870-5-104 protocol, which is widely adopted in industrial healthcare systems. First, we investigate and assess the severity of the IEC 60 870-5-104 cyberattacks by providing a quantitative threat model, which relies on Attack Defence Trees and Common Vulnerability Scoring System v3.1. Next, we introduce an intrusion detection and prevention system (IDPS), which is capable of discriminating and mitigating automatically the IEC 60 870-5-104 cyberattacks. The proposed IDPS takes full advantage of the machine learning (ML) and software defined networking (SDN) technologies. ML is used to detect the IEC 60 870-5-104 cyberattacks, utilizing 1) Transmission Control Protocol/Internet Protocol network flow statistics and 2) IEC 60 870-5-104 payload flow statistics. On the other side, the automated mitigation is transformed into a multiarmed bandit problem, which is solved through a reinforcement learning method called Thomson sampling and SDN. The evaluation analysis demonstrates the efficiency of the proposed IDPS in terms of intrusion detection accuracy and automated mitigation performance. The detection accuracy and the F1 score of the proposed IDPS reach 0.831 and 0.8258, respectively, while the mitigation accuracy is calculated at 0.923.