ECE’s Wayne Burleson Serves as Co-PI on NSF Award to Counteract “Brain-jacking” and Other Security Threats in Neural Implants

Content

According to the cybersecurity news publication CISO MAG, “Brain-jacking is a kind of cyberattack in which a hacker obtains unauthorized access to neural implants in a human body…[that] could allow an attacker to control the patient’s cognition and functions.” Now, in answer to this quintessential issue for our times, Professor Wayne Burleson of the UMass Amherst Electrical and Computer Engineering (ECE) Department is a co-principal investigator (co-PI) on a five-year, $3,500,000 award from the National Science Foundation (NSF) to support a trailblazing, five-institution project that promises to resolve the brain-jacking issue and numerous other security challenges in neural implants. The project is entitled: “From Technology to Humans: Protecting Users of Neural and Medical Implant Technologies Through Resilience and Safety Engineering.” More details about the NSF grant can be found here. 

Northeastern University in Boston is the lead institution in the NSF project, led by PI Kevin Fu. Besides Burleson, other co-PIs in the NSF research are Julian Goldman MD of the Massachusetts General Hospital, Jennifer Amos of the University of Illinois Urbana-Champaign, Xuan Zhang of Northeastern University, and Erika Petersen MD of the University of Arkansas. 

Burleson will lead the UMass Amherst team exploring hardware-security aspects of neuro-sensing and stimulation. As he explains, “This is the culmination of over a decade of research in the security and privacy of implantable medical devices.” 

Burleson will work specifically on detecting anomalies and intrusions in the device electronics and development of techniques for soft degradation of services which balance security concerns while still maintaining patient safety and privacy.

Burleson and his students will coordinate with the other teams at Northeastern, Mass General Hospital, the University of Illinois Urbana-Champaign, and the University of Arkansas that will interact directly with the developers of these devices, as well as the doctors, nurses, and patients who work with them.

As the research team summarizes the NSF project, “This research will advance community priorities in the areas of safety, security, and human health and wellness pertaining to existing and future neural-implant devices.”

The NSF research leverages expertise in computer security, sensing, microelectronic design, and strong affiliations with clinical settings. The team includes computer scientists, electrical engineers, MDs, neuroscientists, neural-implant community groups, and manufacturers. 

The project promises to improve the resilience and security of neural implants by protecting system hardware and AI-in-the-loop control software from such vital threats as malicious-information injection, disruption in operation, and privacy leakage. 

The NSF abstract says that, among other approaches in this project, it will develop “the design of verifiably resilient control systems and simulations and design upgrades that build upon models of neural sensing and stimulation and explainable AI techniques.” 

In addition, the team will utilize additional approaches that include “automated cybersecurity and resilience testbeds that host physical neural-implant devices for fault-injection, side-channel information leakage, and remote-connection security analysis. Beyond that, the team will use “low-resource (i.e., computational time, power, footprint) intrusion detection with on-chip sensing to continuously monitor anomalies and deter adversarial manipulations.” 

The research techniques developed for chip security are also pertinent to other security related chip-based devices. As the researchers say, “This project will advance the scientific and technical security and chip-hardware design by modeling the operations from a secure and dependable control perspective and developing innovative defense mechanisms that can be applied to emerging smart healthcare devices.” (October 2025)