To lower costs and improve outcomes in current medical practice we need integrated interoperable medical systems to provide machine-assisted care, interaction detection, and improved alarm accuracy, to name just a few uses. This project is developing both the theory and practice to ensure the safety of next-generation medical devices by allowing secure coordination and composition, in facilities as small as a local doctor's office or as large as a multi-campus hospital. Connected devices are part of a "medical coordination platform," which allows execution of "clinical workflows," such as having a blood pressure cuff automatically take a reading once an infusion pump stops delivering medication, or determining in real time whether prescribed medications are contraindicated by a patient's past health history.
Such manufacturer- and integrator-agnostic communication is difficult to bootstrap and perform securely, but security is required, since networked insecure systems are fundamentally unsafe. Furthermore, medicine is more complex than many other domains: security and quality of service properties must hold even environments where many different people have physical access to devices and communication infrastructure. Without fully trusting individual components, we must provide strong resource isolation, patient privacy protection, and real-time trust reasoning in highly-dynamic, adversarial, and life-critical systems.
We aim for speedy transition to practice by providing reusable security, privacy, and logging components for existing open medical application platforms, supporting varying hardware capabilities, laws, regulations, and facility-local policies, as well as software for pre-deployment and run-time trustworthiness reasoning about the system and individual devices.
