Digital Investigation of Security Attacks on Cardiac Implantable Medical Devices
This addresses a critical safety issue for patients with implanted medical devices, though it is incremental as it builds on existing forensic and formal methods.
The paper tackles the problem of investigating lethal security attacks on cardiac implantable medical devices by proposing a system for postmortem analysis that integrates technical and medical evidence, achieving automated inference of potential attack scenarios and correlation to determine the cause of death.
A Cardiac Implantable Medical device (IMD) is a device, which is surgically implanted into a patient's body, and wirelessly configured using an external programmer by prescribing physicians and doctors. A set of lethal attacks targeting these devices can be conducted due to the use of vulnerable wireless communication and security protocols, and the lack of security protection mechanisms deployed on IMDs. In this paper, we propose a system for postmortem analysis of lethal attack scenarios targeting cardiac IMDs. Such a system reconciles in the same framework conclusions derived by technical investigators and deductions generated by pathologists. An inference system integrating a library of medical rules is used to automatically infer potential medical scenarios that could have led to the death of a patient. A Model Checking based formal technique allowing the reconstruction of potential technical attack scenarios on the IMD, starting from the collected evidence, is also proposed. A correlation between the results obtained by the two techniques allows to prove whether a potential attack scenario is the source of the patient's death.