Skip navigation

Highly assured safety and security of e-health applications

Highly assured safety and security of e-health applications

Khan, Muhammad Taimoor ORCID: 0000-0002-5752-6420, Serpanos, Dimitrios and Shrobe, Howard (2018) Highly assured safety and security of e-health applications. In: 2018 14th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob). IEEE, pp. 137-144. ISBN 978-1538668764 ISSN 2160-4886 (doi:https://doi.org/10.1109/WiMOB.2018.8589095)

Full text not available from this repository. (Request a copy)

Abstract

Modern medical devices aim at providing invasive e-health care services to patients with long-term conditions. Typically, these services are implemented as embedded software applications that remotely and automatically control the operations of the devices according to the patient's condition as monitored by the underlying sensors. Such applications are neither safe nor secure mainly because of unreliable sensors, which may provide incorrect input data either due to its malfunctioning or due to some accidental (by privileged user) or intentional (by adversary) interference. Hence, the incorrect sensor data may lead to identification of inaccurate patient condition, which may threaten the patient's life. To ensure safety and security of e-health applications, current approaches employ data analysis techniques to monitor sensor data and alarm when some unusual value is detected and employ access control strategies to ensure that controller decisions are consistent with sensor input data. However, such approaches fail to detect stealthy attacks, e.g. bad data (false data injection) and bad computations because they do not understand what the application or device is trying to do. To this end, we evaluate our existing approach (i.e., ARMET) to assure safety and security of an emerging and critically real-time application domain of e-health. The approach is based on the specification of the application and device, which has a design and a run-time component. Given an application specification, the design component employs logical verification methods to assure that the application design is resilient to some bad data, i.e., there are no sensor input data values with meaningful threshold which are admissible to the specification but are not true. Given the specification, the runtime component monitors application's execution and assures that the execution is consistent with the specification and alarms whenever it detects a violation, i.e., there is a bad computation. We evaluate the methodology through its application to an example medical e-health application that controls and monitors blood glucose through an insulin pump.

Item Type: Conference Proceedings
Title of Proceedings: 2018 14th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob)
Uncontrolled Keywords: monitoring, safety, security, sugar, biomedical monitoring, sensors, insulin
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty / School / Research Centre / Research Group: Faculty of Engineering & Science > Internet of Things and Security Research Centre (ISEC)
Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Faculty of Engineering & Science
Last Modified: 04 Mar 2022 13:06
URI: http://gala.gre.ac.uk/id/eprint/24373

Actions (login required)

View Item View Item