Penetration Testing and Security Assessment Methodology for Biomedical Devices

Penetration Testing and Security Assessment Methodology for Biomedical Devices

연구 분야: Strategies

학회: Asian Conference on Intelligent Information and Database Systems

The purpose of the paper is to analyze the possibility of attacking biomedical devices and systems. Biomedical devices include artificial pacemakers (cardiostimulators), which are electrical devices implanted in the body of a patient due to individual cardiac muscle dysfunction. All electronic devices are more or less susceptible to hacking attacks due to software bugs, malware, or poorly implemented architecture. The practical part of the research included a penetration test and a security assessment framework for several critical aspects of an existing medical system. The implementation of outbound and inbound traffic on a traditionally closed device was examined. Finally, a model was presented that takes into account previous lessons learned and practices perceived by experts as good. Several areas where those involved in the design, development, and maintenance of medical devices should focus the most were shown.