The hack-able body: Are device makers doing enough to shield patients from hackers?

Laptop image

Karen Sandler was 31 years old, working at a non-profit organization providing free legal help to computer programmers, when she was diagnosed with an enlarged heart and informed that she’d need a machine to help keep her alive.

Her mother accompanied her the day a doctor recommended that Sandler undergo surgery to implant a medical device into her chest. He handed Sandler a pager-sized machine called a cardioverter defibrillator – a miniature, implantable equivalent of having EMTs follow her around all day with defibrillator paddles should her heart stop.

The device was a round, metal compartment housing a tiny computer, an electrical pulse generator and a battery. Connected to her heart with metal wires, the device would monitor her heart rate and deliver an electrical pulse to shock it back to a normal rhythm should a mild burst of activity, such as hurrying across a street or running to catch a bus, over-exert her. Even as a self-professed "technology warrior," the prospect of becoming part machine caught Sandler off guard. Computers crash, run out of power and succumb to hackers. Would becoming a "cyborg" ultimately count as an affliction or an upgrade? And could she really trust a machine with her life?

Sandler grew up around machines and the programs that run them. Her father was a computer programmer; she taught her first basic computer class at summer camp when she was 16. She received a bachelor’s degree in engineering from the Cooper Union before pursuing a law degree from Columbia University, where she co-founded the Columbia Science & Technology Law Review. It was while working for the Software Freedom Law Center, an organization offering legal help to computer programmers working on open-source software projects, that she learned of her condition.

Sandler was scared but skeptical – not of the diagnosis, but of the machine. The diagnosis was serious and heart surgery is a complicated and dangerous procedure, but with the device in her hand and her worried mother sitting nearby, the first words out of Sandler’s mouth were, "What does it run?" While framed as a software question, her concern was much more personal: What exactly was the doctor proposing to weave into her heart? She had the physical device before her, but she was concerned about the imperceptible workings inside the machine to which she was to entrust her life.

Sandler had worked with computers long enough to know that all programs have bugs – that’s why computers need frequent updates and anti-virus software is a must. Undiscovered bugs can cause a machine to behave erratically or leave it open to infiltration by "crackers," the techie term for hackers with malicious intent who penetrate closed systems.

Sandler wasn’t ready to trust her heart to a program she hadn’t seen. Her work with open-source computer software had taught her that the best way to detect bugs and fix them is to tap the wisdom of the crowd through open-source programming. Open-source projects allow the world to view a copy of machine’s source code, the underlying instructions that tell the device what to do. In terms of an implantable defibrillator, that would mean making public a copy of the code that tells the device when to provide a shock and how much shock to provide, as well as how to monitor the heart rate and log unusual events. Modern heart devices can communicate wirelessly, so the software is additionally responsible for prescribing how a machine sends and receives signals and how it determines whether a signal is authorized to access the machine. While an individual person’s device needn’t be open to the world, a circulated copy can gather comments and suggestions that the device manufacturer can choose to adopt or ignore.

While it seems counter-intuitive, open-source software is often more reliable because it has had the benefit of being tested, checked and patched by a larger team of people. The most famous software programs are closed-source, such as Microsoft’s Word and Adobe’s Photoshop, but open-source software projects are silently ubiquitous. The U.S. Defense Dept., massive corporations like Merrill Lynch and the entire London Stock Market rely on an open-source project called Linux.

"It’s not a guarantee that bugs will be found if you make software free and open, but it makes it much more likely over time," Sandler says.

Sandler knew that the software protecting her heart was inevitably fallible, but the stakes were much higher than usual. Software flaws could not only mean errant shocks due to bugs in the code, but coupled with wireless accessibility they might mean someone could crack the code inside her heart. Sandler searched for new sources of information, having gotten nowhere with her doctor or the medical device sales reps he referred her to. The first specialist she talked to told her that she was paranoid – who would bother to crack a medical implant’s programming in the first place? No one had done it before and the implants were designed only to communicate with special computers sold to doctors. Sandler called St. Jude Medical (NYSE:STJ), Medtronic (NYSE:MDT) and Boston Scientific (NYSE:BSX), 3 of the biggest heart device makers, and found herself at a dead end each time. No one would tell her about the source code that would end up inside her body.

Device makers have good reasons for keeping their software a secret, a tactic sometimes referred to as "security through obscurity." Each manufacturer designs its own software to run its own devices, meaning that publishing the inner working of the machine would expose weaknesses. If the programming has vulnerable points, making them public could give competitors a leg up or give crackers the blueprints for bringing down the device.

Another motivating factor may be in the way the FDA reviews the machines and the software inside them. While the agency never directly reviews software unless something has already gone wrong, the FDA treats a patch in programming the same way it would treat a physical change to the product. A medical device with altered software is often considered a new device, which requires a new round of expensive and time-consuming evaluation. Furthermore, patients with the original device wouldn’t be allowed to simply download an updated version of the software – they would have to undergo surgery to implant a new device after the original product had been recalled. The danger in relying on obscurity as a security measure, however, is that weaknesses remain hidden to the community at large, but not to the crafty crackers who sneak their way in.

"Keeping the code closed doesn’t keep sophisticated people from hacking it," Sandler says.

And once the secret is out – once a single person has discovered and leaked a copy of the program – that device is exposed forever.

Read more (Page 2)

RSS From Medical Design & Outsourcing

  • GlobTek presents its latest level VI AC/DC adapter and connverter
    T-43086-WWVV-X.X-Q Model is an addition to GlobTek’s Level VI compliant GT-43086 family and represents GlobTek’s 6 Watt wall plug-in series of AC/DC adapters (power supplies and chargers) with International Interchangeable blades. GlobTek’s changeable input blade system with individual field replaceable input plugs, including: North America and Japan NEMA 1-15P, Australian, UK BS 1363, European CEE […]
  • Sanmina’s familiarity with FDA gets skin treatment product to market fast
    The medical market for cosmetic devices is booming. However, quickly launching new products to meet demand is becoming more challenging because device manufactures face increased regulatory scrutiny. To help meet regulatory requirements, aesthetic and other medical-device OEMs are partnering with electronics manufacturing services (EMS) companies that also offer expertise with the FDA filings necessary to […]
  • Fluid connectors and quick disconnects for IVD equipment from CPC
    Colder Products Company (CPC) offers thousands of tubing connectors, quick disconnects and fittings for smart fluid handling in IVD and analytical equipment. Non-spill connectors speed testing throughput by eliminating drips, preventing air inclusion and increasing operator safety. Panel mount connectors can be added to existing equipment or bottle caps to provide secure, leak-free connections. Puncture […]
  • 310 Watt desktop medical power supply meets efficiency level VI requirements
    Power Partners releases a new 310 Watt medical grade desktop power supply from their PEAMD Series of AC and DC adapters. The 310 Watt unit is packed for ideal performance inside a compact case measuring 7.8 x 4 x 2 in. with a weight of only 3 lbs. The PEAMD310 Series is approved to the latest […]
  • Saelig introduces Multiple Instrument System MIS4 universal test system
    Saelig Company has introduced the ABI Electronics’ Multiple Instrument Station MIS4, an all-in-one testing tool that provides all commonly required test instruments in one compact programmable hardware module, mounted in a compact case or installed in a PC-drive bay. Controlled by ABI’s sophisticated SYSTEM 8 Ultimate PC software with a simple yet programmable operator interface, […]
  • AssurX announces document management software update for small to mid-size companies in FDA regulated industries
    AssurX, an enterprise quality management, risk and regulatory compliance solution provider, announces the release of the latest update to their AssurX document management software. The document management solution provides a cost-effective solution for small to medium sized companies faced with streamlined operations and is fully compliant for FDA regulated industries. Ideal solution for small to […]
  • Saelig presents new Amplicon Impact-R 1100F series computer
    Saelig Company announces the Amplicon Impact-R 1100F series, a fanless system powered by the Intel ATOM D2550 processor. Configured with a high performance 2.5 in. MLC Solid State Drive (SSD), the Impact-R 1100F series is a silent controller system. With options for multiple serial communication ports, the Impact-R 1100F can offer up seven DB9 connections […]
  • Gerresheimer to acquire Centor
    Gerresheimer AG, a partner to the global pharmacy and healthcare industry, will further extend its pharmaceutical packaging business with the acquisition of Centor. Gerresheimer has reached an agreement with Nemera Development S.A. to acquire 100% of the share capital of Centor US Holding. “Centor is the highly profitable market leader for plastic vials and closures in […]
  • Methods Machine Tools presents the new Nakamura-Tome NTRX-300
    Methods Machine Tools, a developer of precision machine tools and automation, has introduced the new Nakamura-Tome NTRX-300, a multitasking turning center featuring complete parts machining in one operation, with a built-in load and unload automation system and advanced operator recognition management software. The NTRX-300 features true opposing twin spindles: an 8 in. A2-6 25 HP or […]
  • MSC Apex Diamond Python and Smart Midsurface speeds modeling to validation
    MSC Software announced a new release of MSC Apex, the company’s award-winning next generation Computer Aided Engineering (CAE) platform. The MSC Apex Diamond Python release introduces: · The fourth release of MSC Apex Modeler is a CAE Specific direct modeling and meshing solution that streamlines CAD clean-up, simplification and meshing workflow. New in this release is […]
  • Quality Metrics: FDA’s plan for a key set of measurements to help ensure manufacturers are producing quality medications
    Editor’s Note: This article is written by Ashley Boam and Mary Malarkey from the “FDA Voice” blog. Boam is an FDA’s acting Director of the Office of Policy for Pharmaceutical Quality, the Office of Pharmaceutical Quality and the Center for Drug Evaluation and Research. Malarkey is an FDA’s Director if the Office of Compliance and Biologics Quality […]

Leave a Reply