How Much Security Do You Expect From Your Pacemaker? UMass Amherst Expert Works to Provide Cyber Trust

AMHERST, Mass. – A University of Massachusetts Amherst researcher who earlier this year showed that an implantable heart defibrillator is vulnerable to hacking has received a three-year, $449,000 National Science Foundation grant to improve future security in implanted cardiac devices without compromising safety and effectiveness.

Kevin E. Fu, assistant professor of computer science, is designing and testing zero-power technology and low-power cryptographic protocols for implantable medical devices for the two-part study. Zero-power means the tiny chips will run without draining the device’s batteries. Specifically, his research aims to assure deployment of stronger designs to meet two challenges soon to enter the scene — sharing data over the Internet and use of wirelessly programmable implants.

The UMass Amherst study will also include interviews with patients receiving new implanted cardiac rhythm management devices such as pacemakers at the Electrophysiology Laboratory at Beth Israel Deaconess Medical Center in Boston. Patients will be asked about their expectations for security, privacy of their medical information, and how much trust they feel can be placed in their implants.

Fu says this work comes at a critical time to make a difference because extremely few, if any, implanted devices now share patient data outside secure settings like clinics, and none are re-programmable from remote locations. But the situation will soon change, he predicts, as the next generation of products comes on the market. Fu says, “We’re getting in early enough to influence the design and provide cyber trust.”

The newest devices are expected to be amazingly convenient for patients. It could soon be possible for a person with an implanted cardiac device to go on vacation to Hawaii, for example, and for the device to report to her physician over the Internet. In this way, the doctor could modify the electrical therapies as easily as adjusting medication. Tempering such technical advances for Fu is the knowledge that it’s extremely difficult, if not impossible, to guarantee security and privacy when using the Internet. People with malicious intent are able to hack even secure Web sites, he points out, and they do it just to be reckless. “With medical devices, we don’t have the luxury to fix security after the fact. This is where our research comes in.”

Millions of Americans now enjoy greatly enhanced quality of life because of implanted devices of many kinds. There are now more than 600,000 defibrillators and overall an estimated 2.5 million devices of various types (neurostimulators, insulin pumps, vagus nerve stimulators) in patients in the U.S. But Fu and colleagues at the University of Washington and the Beth Israel Deaconess Medical Center know that some devices can be compromised, either by accident or deliberately, because they started this line of research by “reverse engineering” an implanted cardiac device to prompt malfunctions.

They showed, for example, that a defibrillator could be reset by a hacker to deliver a shock that might prove fatal. Such deliberate maliciousness has never occurred and is extremely unlikely today because physical security is intact, Fu says. That is, patients and their doctors interact in a secure setting. But introducing the Internet into the doctor-patient relationship or allowing wireless re-programming introduces a new level of concern. Fu and his colleagues want to prevent problems, hear whether patients understand the risk and learn what patients have come to expect from devices they are literally attached to.

#75-09