Implantable and wearable medical devices (IWMDs) promise to revolutionize healthcare by enabling advances in the diagnosis, monitoring, and treatment of an ever-increasing range of medical conditions. The capabilities of IWMD hardware platforms have been greatly enhanced by advances in low-power computing and wireless connectivity. These capabilities have in turn enabled the use of more sophisticated algorithms for sensing and control, ubiquitous access to medical data, and the ability for post-deployment tuning and personalization of therapy. However, the confluence of increased complexity, programmability, and wireless connectivity have also led to the emergence of information security as a critical concern in the domain of medical devices. The demonstration of security attacks on commercial medical devices by researchers and security practitioners in recent years has led to an urgent need to address these security concerns. Cryptography and secure communication protocols can address a large swath of the known attacks on IWMDs, and advances in ultra low-power microcontroller platforms have brought state-of-the-art symmetric cryptography within their computational reach. However, the lack of viable secure connection establishment and key exchange mechanisms is a major bottleneck that limits the use of cryptography to protect the wireless communication channels of IWMDs.
This project explores the use of vibration as a secure side-channel between IWMDs and external devices such as smartphones or programmers. Vibration has unique advantages as a communication channel, including distance-bounded transmission, high user perceptibility, very low power consumption, and ubiquitous availability of vibration generators and sensors in smartphones and wearable devices. These attributes make it an ideal supplement to the traditional wireless communication channel. This project will develop the necessary foundations of vibration-based side-channels, and explore their use for wakeup, secure connection establishment, and key exchange in medical devices.
Personal healthcare security has been underserved by the research community and industry alike. The technologies developed in this project can facilitate increased adoption of personal healthcare systems by addressing security concerns. The project will leverage outreach programs at Purdue, including Summer Undergraduate Research Fellowships (SURF), the NCN (Network for Computational Nanotechnology), and the Women and Minority in Engineering programs, to involve undergraduates and minority students in the proposed research and provide broader exposure to the field of medical security.