If you have an implantedmedical device, have been hooked up to a machine in a hospital, or have accessed yourelectronic medical records, you might assume the infrastructure and data are secure and protected againsthackers. That isn’t necessarily the case, though. Connectedmedical devicesand systems are vulnerable tocyberattacks, which could reveal sensitive data, delaycritical care, and physically harm patients.
TheU.S. Food and Drug Administration, which oversees the safety and effectiveness of medical equipment sold in the country, has recalled medical devices in the past few years due tocybersecurityconcerns. They includepacemakers,DNA sequencing instruments, andinsulin pumps.
In addition, hundreds of medical facilities have experiencedransomware attacks, in which malicious people encrypt a hospital’scomputer systemsand data and then demand a hefty ransom to restore access.Tedros Adhanom Ghebreyesus, theWorld Health Organization’s director-general,warnedtheU.N. Security Councilin November about the “devastating effects ofransomwareand cyberattacks on health infrastructure.”
To help better secure medical devices, equipment, and systems against cyberattacks, IEEE has partnered withUnderwriters Laboratories, which tests and certifies products, to developIEEE/UL 2933, Standard for Clinical Internet of Things (IoT) Data and Device Interoperability with TIPPSS (Trust, Identity, Privacy, Protection, Safety, and Security).
“Because most connected systems use common off-the-shelf components, everything is now hackable, including medical devices and their networks,” saysFlorence Hudson, chair of theIEEE 2933 Working Group. “That’s the problem this standard is solving.”
Hudson, an IEEE senior member, is executive director of theNortheast Big Data Innovation Hubat Columbia. She is also founder and CEO of cybersecurity consulting firmFDHint, also in New York.
Released in September, IEEE 2933 covers ways to secureelectronic health records, electronicmedical records, and in-hospital andwearable devicesthat communicate with each other and with otherhealth caresystems. TIPPSS is a framework that addresses the different security aspects of the devices and systems.
“If you hack an implantedmedical device, you can immediately kill a human. Some implanted devices, for example, can be hacked within 15 meters of the user,” Hudson says. “From discussions with various health care providers over the years, this standard is long overdue.”
More than 300 people from 32 countries helped develop the IEEE 2933 standard. The working group included representatives from health care–related organizations includingDraeger Medical Systems,Indiana University Health,Medtronic, andThermo Fisher Scientific. TheFDAand other regulatory agencies participated as well. In addition, there were representatives from research institutes includingColumbia,European University Cyprus, theJožef Stefan Institute, andKingston University London.
“Because most connected systems use common off-the-shelf components, everything is now hackable, including medical devices and their networks.”
The working group received anIEEE Standards Association Emerging Technology Awardlast year for its efforts.
IEEE 2933 was sponsored by theIEEE Engineering in Medicine and Biology Societybecause, Hudson says, “it’s the engineers who have to worry about ways to protect the equipment.”
She says the standard is intended for the entire health care industry, including medical device manufacturers; hardware, software, andfirmwaredevelopers; patients; care providers; and regulatory agencies.
Hudson says that security in the design of hardware, firmware, and software needs to be the first step in the development process. That’s where TIPPSS comes in.
“It provides a framework that includes technical recommendations and best practices forconnected healthcare data, devices, and humans,” she says.
TIPPSS focuses on the following six areas to secure the devices and systems covered in the standard.
Trust.Establish reliable and trustworthy connections among devices. Allow only designated devices, people, and services to have access.
Identity.Ensure that devices and users are correctly identified and authenticated. Validate the identity of people, services, and things.
Privacy.Protect sensitive patient data from unauthorized access.
Protection.Implement measures to safeguard devices from cyberthreats and protect them and their users from physical, digital, financial, and reputational harm.
Safety.Ensure that devices operate safely and do not pose risks to patients.
Security.Maintain the overall security of the device, data, and patients.
TIPPSS includes technical recommendations such as multifactorauthentication;encryptionat the hardware, software, and firmware levels; and encryption of data when at rest or in motion, Hudson says.
In aninsulinpump, for example, data at rest is when the pump is gathering information about a patient’sglucoselevel. Data in motion travels to the actuator, which controls how much insulin to give and when it continues to the physician’s system and, ultimately, is entered into the patient’s electronic records.
“The framework includes all these different pieces and processes to keep the data, devices, and humans safer,” Hudson says.
Included in the standard are four scenarios that outline the steps users of the standard would take to ensure that the medical equipment they interact with is trustworthy in multiple environments. The use cases include acontinuous glucose monitor(CGM), an automated insulin delivery (AID) system, and hospital-at-home and home-to-hospital scenarios. They include devices that travel with the patient, such as CGM and AID systems, as well as devices a patient uses at home, as well aspacemakers, oxygen sensors, cardiac monitors, and other tools that must connect to an in-hospital environment.
The standard is available for purchase fromIEEEandUL(UL2933:2024).
IEEE has held a series of TIPPSS framework workshops, now available on demand. They includeIEEE Cybersecurity TIPPSS for IndustryandSecuring IoTs for Remote Subject Monitoring in Clinical Trials. There are also on-demand videos about protecting health care systems, including theGlobal Connected Healthcare Cybersecurity Workshop Series,Data and Device Identity, Validation, and Interoperability in Connected Healthcare, andPrivacy, Ethics, and Trust in Connected Healthcare.
IEEE SAoffers a conformity assessment tool, theIEEE Medical Device Cybersecurity Certification Program. The straightforward evaluation process has a clear definition of scope and test requirements specific to medical devices for assessment against theIEEE 2621test plan, which helps manage cybersecurity vulnerabilities in medical devices.
FROM YOUR SITE ARTICLES
