Fw: Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses
Sarad AV
jtrjtrjtr2001 at yahoo.com
Thu Oct 30 04:04:54 PDT 2008
http://packetstormsecurity.org/papers/attack/icd-study.pdf
Abstractb�Our study analyzes the security and privacy properties
of an implantable cardioverter defibrillator (ICD). Introduced
to the U.S. market in 2003, this model of ICD includes
pacemaker technology and is designed to communicate wirelessly
with a nearby external programmer in the 175 kHz frequency
range. After partially reverse-engineering the ICDb�s communications
protocol with an oscilloscope and a software radio, we
implemented several software radio-based attacks that could
compromise patient safety and patient privacy. Motivated by
our desire to improve patient safety, and mindful of conventional
trade-offs between security and power consumption for resourceconstrained
devices, we introduce three new zero-power defenses
based on RF power harvesting. Two of these defenses are humancentric,
bringing patients into the loop with respect to the security
and privacy of their implantable medical devices (IMDs). Our
contributions provide a scientific baseline for understanding the
potential security and privacy risks of current and future IMDs,
and introduce human-perceptible and zero-power mitigation
techniques that address those risks. To the best of our knowledge,
this paper is the first in our community to use general-purpose
software radios to analyze and attack previously unknown radio
communications protocols.
More information about the cypherpunks-legacy
mailing list