Many medical implants, such as insulin pumps and pacemakers, are equipped with wireless radios that let doctors download data about the patient’s condition and adjust the behavior of the implant. But these devices are vulnerable to hackers who can eavesdrop on stored data or even reprogram the implant, causing, for example, a pacemaker to shock a heart unnecessarily. While it may be possible to engineer new, more secure implants, millions of people are walking around with vulnerable devices that can’t be replaced without surgery. An anti-hacking device presented this week at the annual SIGCOMM communications conference in Toronto may offer them a solution.
Created by researchers from MIT and the University of Massachusetts, Amherst, the laptop-sized device, called “the shield,” emits a jamming signal whenever it detects an unauthorized wireless link being established between an implant and a remote terminal (which can be out of sight and tens of meters away). Although no attack of this kind is known to have occurred , “it’s important to solve these kinds of problems before the risk becomes a tenable threat,” says Kevin Fu, an associate professor of computer science at UMass and one of the developers of the shield. Fu was Technology Review’s Young Innovator of the Year in 2009 for his work in uncovering the previously unsuspected danger that hackers pose to implant wearers.
The key innovation is the new radio design that the shield uses for jamming. “If you just do simple jamming [broadcasting radio noise on a given frequency], then the attacker doesn’t get the information, but the doctor doesn’t either,” says Dina Katabi, another developer of the shield and an associate professor of electrical engineering and computer science at MIT. Instead, the shield allows a jamming signal to be broadcast while it simultaneously receives data signals from the implant and relays them over a secure link. So doctors can still download data and confirm adjustments even while the shield is jamming an attacker.
Normally, trying to get a radio to detect data while it’s broadcasting on the same frequency is like attaching a hearing aid to a megaphone on full blast and expecting the hearing aid to pick up a nearby conversation. Earlier attempts to make radios capable of simultaneously transmitting and receiving on the same frequency relied on a carefully spaced trio of antennas. But at the frequencies used in medical devices (about 400 megahertz), this spacing would result in a jamming device far too big for a person to carry. Instead, the researchers worked out how to use two closely spaced antennas: one for receiving and the other for broadcasting the jamming signal. The trick is to feed an “antidote” signal to the jamming signal into the receiving antenna, canceling out the jamming noise.
When designing an embedded system choosing which tools to use often comes down to building a custom solution or buying off-the-shelf tools.