Access Control for Implantable Medical Devices

The telemetry incorporate in the new generation of Implantable Medical Devices (IMDs) allows remote access and re-programming without interfering with the daily routine of their holders. Despite the benefits of this new feature, such remote access raises new threats related to the access of unauthorized entities to IMDs. Cardiac implants represent the most deployed types of IMD nowadays. Current solutions, to control their remote access, usually use a single feature for authentication. However, this feature is easily replicable, making these authentication schemes vulnerable to attacks. To overcome this limitation, we propose in this article a distance bounding protocol to manage access control of IMDs: ACIMD. ACIMD combines two security mechanisms, namely, identity verification (authentication) and proximity verification (distance checking). The authentication mechanism, formally and informally verified, conforms to the ISO/IEC 9798-2 standard. The distance checking is performed using the whole Electrocardiogram (ECG) signal and relies on the correlation coefficient (comparing an external versus an internal ECG signal) in the Hadamard domain. We evaluate the accuracy and security of ACIMD access control using ECG signals of 199 individuals recorded over 24 hours while considering three adversary strategies. Our results show that ACIMD is 92.92 percent accurate.

Automated summary

The new generation of IMDs with telemetry technology allows remote access and re-programming, but also brings new threats of unauthorized access. To address this issue, a distance bounding protocol ACIMD is proposed in this article, combining identity verification and proximity verification using ECG signals for access control management.