With the brisk of evolving technology around us, the medical and health care field has witnessed a giant leap in reaching out its consumers and providing better service to them. Internet of things (IoT) has played a major role in making the life much easier, but at the same time there are risks hidden behind the IoT security loop holes. A less secured medical health care system can easily put peoples’ lives at stake and hence the security should be never on the back burner.
Many medical devices like defibrillators, glucose monitoring, depression, mood monitoring and many more are part of the medical IoT which ensures immediate medical service even with minimal or no early signs or warnings of the patient’s condition. The data processed by these devices are extremely crucial and confidential. Any devices which are part of IoT are prone to all kinds of cyber-attacks. The hackers can manipulate the medical devices and/or data which can end up in unpredictable and adverse consequences on patients, hospital managements and concerned product companies.
Another threat is counterfeiting of the genuine medical device parts. The medical devices with counterfeited internal parts may not always guarantee the proper functioning and thus become deadly challenge during the critical times. Counterfeiting can cause huge loss of lives and money, at the same time loss of brand reputation. This leads to times where the reliability of the product manufactures is questioned and the end consumers knowingly or unknowingly become part of the forgery.
What are the effective steps that can be taken up against HealthCare IoT security attacks?
A multi-layer end to end security solution is something which can guarantee the smooth functioning of the healthcare IoT devices. Multi-layer security solution focuses not only on the software aspects but also on the hardware components which is capable of ensuring a secure environment. Here comes the significance of hardware root of trust and the chain of trust.
The root of trust is now a common phrase among security experts. The root of trust which is the initial point of the chain of trust, is kick started all along from the hardware to the software which ultimately secure the other connected devices and makes the whole system an uncompromising one. Thus, the hardware should be capable for booting only authenticated code and provide secure access to persistent storage. From the SoC level, with authenticated bootable code, security should span across the external network communications to and from the device, always ensuring the data is well sent and received only among the intended parties.
How Security Suite offer a better security against the threats in Healthcare IoT?
Security Suite is a comprehensive, multi-layered, end-to-end security solution with minimal integration effort to a new platform. Security Suite provides security services in each level starting from the SoC to cloud. Thus, Security Suite acts as a compact package of widely accepted security strategies to ensure a secure and reliable environment for the end customers. Security Suite includes below components:
- Secure Boot:
There have been reported events where diabetic patients had a trend to build their own system by reusing various other devices, probably to cut the cost or to customize the system working. This came to light when a patient ended up in critical condition with his customized medical device. These kinds of cases can be totally stopped with the secure boot feature. Security Suite promises the targeted platform always comes up with authenticated bootable image. Secure boot is an effective weapon against the attacks where a third party can take over the control of the whole system with newly crafted bootable image or malware. The secure boot ensures the SoC level security by using the CAAM Module and its random number generator. The feature makes the SoC to simply reject the rogue and unanticipated code.
- Secure Partition:
Privacy is an important factor and one of the biggest concerns in the medical field where the attacker has a big advantage of data exploitation. The private data such as patients’ records, medical images such as X-rays, CT scans should not be exposed or compromised for any kind of manipulation. On the technical side, the keys and certificates for system’s cryptographic operations should also be highly protected. These components should be well maintained and preserved from any sort of attacks or risk of sharing. The need of secure partition is thus unquestionable. The set of keys used for the encryption of the secure partition are from CAAM module and are highly unpredictable and unique. These traits add up to the security level and the secure storage partition will be in a completely closed state once it is taken out of the system, leaving the attacker helpless. The secure partition APIs which are part of the Security Suite provides the flexibility and ease to the customers to create and maintain highly secured partition for their target platforms.
- Wireless Security:
When we talk about wireless technology in medical field, today the wireless pacemakers are much in demand which sends the patient’s data periodically to external device through Wi-Fi. This helps the doctors to reduce the monitoring tasks. But this kind of external communication of the system can be easily exploited by the attackers. Especially wireless communication has always been an attack vector and other kind of eavesdropping to hackers. Security Suite has adopted ways to ensure secure wireless communication through IEEE 802.11 recommended security standards combined with auto active intrusion detection system (IDS) and firewall services. The secure scan feature blocks any kind of attempt to establish connection to non-secured networks and the classic auto-connection feature is completely disabled to avoid future connections to impostors. Along with the hardware that has tamper detection facility, a securely established wireless communication with unique and vendor specific connection parameters can be used to detect counterfeited parts. Wireless Security features can be easily integrated to any platforms through APIs which are part of the Security Suite
Cloud based medical IoT should be always ahead in terms of efficiency in storing and accessing data for analysis. Medical data is often time critical and confidential, this efficiency demands higher security when data is sent over the network to cloud. The data sent should be encrypted to avoid eavesdropped and hijacked by the attackers. Security Suite is integrated with TLS communication services secured with wolfSSL crypto libraries. This enables secure and safe cloud communication for the target platform. The API’s allow the end customer to avail and integrate the TLS facilities to their application with much ease.
- Error Logging Mechanism:
Error logging mechanism can be considered as “black box” of a system when any unfavorable event occurs. The error logs help to track if something has gone wrong and to check on warnings and alerts of malicious activities against the system. This will help to take timely measures and avoid complete catastrophe. The importance of the error logging is the same reason why the Security Suite come up with error logging as one of its core components.
iWave provides a complete Security Suite solution, where the end customers can rely on, for building their own secure product. The Security Suite solution allows the customers to focus on other aspects to improve time to market without worrying about how the security can be ensured at each stage of the product’s operation from booting to cloud communication.
iWave also offers custom security solutions based on the requirement:
- Enabling security features on various ARM processors
- Porting support for new versions of software and platforms
- Supporting on various cloud platforms like IBM Watson IoT Platform, Amazon AWS, and Microsoft Azure
More detailed information on the Security Suite can be found here .