Date post: | 23-Jan-2017 |
Category: |
Technology |
Upload: | marie-elisabeth-gaup-moe |
View: | 513 times |
Download: | 3 times |
UnpatchableLivingwithavulnerableimplanteddevice
@MarieGMoe@SINTEF_Infosec
MarieMoe,PhD,ResearchScientistatSINTEF
Pacemaker/ICDProgrammer
Homemonitoringunit
CellularorTelephoneNetwork Webportal
InductivenearfieldcommunicationMICS/
ISM
POTS/SMS
Remotemonitoring
PotentialthreatsDeviceisvulnerable?
Accesspointisvulnerable?
Mobilenetworkiscompromised?
Serveratvendoriscompromised?
Websitethatdoctorlogsintoisvulnerable?
PersonalInfrastructureYourrelianceonaninfrastructureisinverselyproportionaltohowinvisibleitistoyou.
Weallrelyonoxygen,ourlungs,andourhearts,buthowoftentowethinkaboutthem?
Howoftendowedomaintenanceordebugthem?
”We need tobeable toverify the software thatcontrols our lives”
BruceSchneier on“VolkswagenandCheatingSoftware”
Previouswork• KevinFuetal:
– Pacemakersandimplantablecardiacdefibrillators:Softwareradioattacksandzero-powerdefenses (2008)
– MitigatingEMIsignalinjectionattacksagainstanalogsensors(2013)
• BarnabyJack• Hardcodedcredentials• Medicaldevicehoneypots• Druginfusionpumps
20
Researchneeded• Opensourcemedicaldevices• Medicaldevicecryptography• Personalareanetworkmonitoring• Jammingprotection• Forensicsevidencecapture
CreditsÉireann Leverett (@blackswanburst)
TonyNaggs (@xa329)GunnarAlendal (@gradoisageek)
HugoCampos(@HugoOC)ScottErven (@scotterven)
Alexandre Dulaunoy (@adulau)ClausCramonHoumann (@ClausHoumann)
JoshuaCorman (@joshcorman)BeauWoods (@beauwoods)SuzanneSchwartz(USFDA)
Family&Friends