M. Siddiqi, R. M. Seepers, Mohammad Hamad, V. Prevelakis, C. Strydis
{"title":"Attack-tree-based Threat Modeling of Medical Implants","authors":"M. Siddiqi, R. M. Seepers, Mohammad Hamad, V. Prevelakis, C. Strydis","doi":"10.29007/8gxh","DOIUrl":null,"url":null,"abstract":"Modern Implantable Medical Devices (IMDs) are low-power embedded systems with life-critical functionalities. Almost all of these devices are equipped with wirelesscommunication capabilities in order to aid in diagnosis, in updating the functional settings and firmware and so on, without any surgical procedure to perform these tasks manually. There is, thus, a rising trend towards increased connectivity of these devices. The downside of this trend is, however, a proportional increase in the attack surface that can be exploited by a malicious entity. In effect, threat modeling of IMDs becomes ever more important. This is reflected by an increase in the number of vulnerabilities being found consistently in the IMDs available in market. This paper proposes a threat-modeling analysis based on attack trees to evaluate the security of these devices. As an example, three recent lightweight IMD security protocols from literature are analyzed using this approach to demonstrate its effectiveness in suggesting security improvements.","PeriodicalId":398629,"journal":{"name":"International Workshop on Security Proofs for Embedded Systems","volume":"28 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Workshop on Security Proofs for Embedded Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.29007/8gxh","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 18
Abstract
Modern Implantable Medical Devices (IMDs) are low-power embedded systems with life-critical functionalities. Almost all of these devices are equipped with wirelesscommunication capabilities in order to aid in diagnosis, in updating the functional settings and firmware and so on, without any surgical procedure to perform these tasks manually. There is, thus, a rising trend towards increased connectivity of these devices. The downside of this trend is, however, a proportional increase in the attack surface that can be exploited by a malicious entity. In effect, threat modeling of IMDs becomes ever more important. This is reflected by an increase in the number of vulnerabilities being found consistently in the IMDs available in market. This paper proposes a threat-modeling analysis based on attack trees to evaluate the security of these devices. As an example, three recent lightweight IMD security protocols from literature are analyzed using this approach to demonstrate its effectiveness in suggesting security improvements.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
