Security risk of medical devices in IT networks - the case of an infusion and infusion syringe pump

Nowadays, wearable and implantable medical devices are being increasingly deployed to improve diagnosis, monitoring, and therapy for various medical conditions. Compared to other types of electronics and computing systems, security attacks on these medical devices have extreme consequences and must be carefully analyzed and prevented with strongest efforts. Often, the security vulnerabilities of such systems are not well understood or underestimated. The aim of this paper is to demonstrate security attacks that can easily be done in the laboratory on a popular infusion pump on the market, and also propose defenses against such attacks.