Cardiac Implantable Medical Devices forensics: Postmortem analysis of lethal attacks scenarios

Abstract

Cardiac Implantable Medical devices (IMD) are increasingly being used by patients to benefit from their therapeutic and life-saving functions. These medical devices are surgically implanted into patient's bodies and wirelessly configured by prescribing physicians and healthcare professionals using external programmers. However, these devices are threatened by a set of lethal attacks, due to the use of vulnerable wireless communication and security protocols, and the lack of security protection mechanisms deployed on IMDs.In this paper, we propose a digital investigation system for the postmortem analysis of lethal attack scenarios on cardiac IMDs. After developing a set of techniques allowing the secure storage of digital evidence logs which track the executed sensitive events, we implement an in-depth security solution allowing the protection of cardiac IMDs. An inference system integrating a library of medical rules is proposed to automatically infer potential medical scenarios that caused the patient's death, or that created heart-related emergency situations (through the occurrence of ventricular tachycardia for example). A Model Checking based formal technique to reconstruct potential technical attack scenarios on a cardiac IMD, starting from the collected evidence, is also proposed. The results obtained by the two proposed reasoning techniques (i.e., the inference system and the Model Checking based algorithm) are correlated to prove whether a potential attack scenario is responsible of the occurrence of heart-related emergency situations or the death of a patient. Based on the proposed techniques, we design a decision-support system that reconciles in the same framework the medical and technical investigation aspects.