TY - JOUR
T1 - Process-Aware Attacks on Medication Control of Type-I Diabetics Using Infusion Pumps
AU - Stergiopoulos, George
AU - Kotzanikolaou, Panayiotis
AU - Konstantinou, Charalambos
AU - Tsoukalis, Achilleas
N1 - KAUST Repository Item: Exported on 2023-01-27
Acknowledgements: This work was supported by the European Union and Greek National Funds Through the Operational Program Competitiveness, Entrepreneurship and Innovation, Under the Call and in part by the MELITY project under the call Research—Create—Innovate under Grant T1EDK-01958. The research reported in this article was also supported by the King Abdullah University of Science and Technology (KAUST), Saudi Arabia.
PY - 2023/1/25
Y1 - 2023/1/25
N2 - As medical infusion pumps are known to be vulnerable to cybersecurity threats, industrial reports, guidelines, and state-of-the art research have focused on securing such devices. This includes hardening a pump's network communications, wireless interfaces, and patching software flaws that can allow adversaries to compromise the device's usability and potentially lead to adverse effects on patients. Still, a very small percentage of this work has focused on securing devices against process-aware attacks that target the business logic behind medical treatment processes, even though it is widely known that deviations or disruptions in continuous medication administration may be harmful, even lethal. In this work, we first develop a threat model on an insulin infusion pump used for blood glucose regulation in Type-I diabetics. We then set up a generalized Simulink model of common insulin pumps used for Type-I diabetic treatment and perform a volume control assessment to investigate the probability of process-aware cyber-attacks to cause patient harm through microalterations on continuous medical administration that stay within operational limits but manage to impact a patient's health. We achieve this by manipulating the business process logic behind semiautomatic drug administration on the insulin pump model that uses continuous glucose monitoring systems. We validate attack models capable of causing adverse impact on patients through performance degradation of the drug administration processes.
AB - As medical infusion pumps are known to be vulnerable to cybersecurity threats, industrial reports, guidelines, and state-of-the art research have focused on securing such devices. This includes hardening a pump's network communications, wireless interfaces, and patching software flaws that can allow adversaries to compromise the device's usability and potentially lead to adverse effects on patients. Still, a very small percentage of this work has focused on securing devices against process-aware attacks that target the business logic behind medical treatment processes, even though it is widely known that deviations or disruptions in continuous medication administration may be harmful, even lethal. In this work, we first develop a threat model on an insulin infusion pump used for blood glucose regulation in Type-I diabetics. We then set up a generalized Simulink model of common insulin pumps used for Type-I diabetic treatment and perform a volume control assessment to investigate the probability of process-aware cyber-attacks to cause patient harm through microalterations on continuous medical administration that stay within operational limits but manage to impact a patient's health. We achieve this by manipulating the business process logic behind semiautomatic drug administration on the insulin pump model that uses continuous glucose monitoring systems. We validate attack models capable of causing adverse impact on patients through performance degradation of the drug administration processes.
UR - http://hdl.handle.net/10754/687323
UR - https://ieeexplore.ieee.org/document/10026248/
U2 - 10.1109/jsyst.2023.3236690
DO - 10.1109/jsyst.2023.3236690
M3 - Article
SN - 1932-8184
SP - 1
EP - 12
JO - IEEE Systems Journal
JF - IEEE Systems Journal
ER -