Workshop brings together industry and researchers on medical device security challenges

Medical device security is a growing problem that has received increasing attention recently. From the computers that run diagnostic and procedural equipment, to bedside monitors, to implantable medical devices, a range of security issues have now been identified that could potentially impact patient care and well-being. There now exists a search to meaningfully define these challenges such that they become technically solvable, scientifically measurable, humanly acceptable, and economically feasible.

On May 9 and 10, over 60 professionals from medical device manufacturers and level-I trauma centers and security researchers attended the two-day Archimedes Workshop run by Prof. Kevin Fu through his Archimedes Research Center for Medical Device Security at the University of Michigan on these issues. Participants included medical device engineers from as far away as Australia, Japan, Korea, Switzerland, and Germany, who visited Ann Arbor to learn effective ways to improve security and privacy in product manufacturing.

The invitation-only workshop brought together expertise in system engineering, regulatory affairs, and/or patient safety to:

• introduce experts to each other to solve common problems
• provide engineers with knowledge and anecdotes that show the ROI of improved medical device security
• learn how to explain security engineering needs to executive management

The agenda consisted of presentations by invited speakers as well as small break-out groups on focused topics to define problem spaces and find common ground. The workshop included a tour of the Lurie Nanofabrication Facility, a Class 1000/100/10 research laboratory with approximately 6,000 square feet of work area.

Archimedes Research Center

The Archimedes Research Center for Medical Device Security, led by Prof. Kevin Fu, is a trusted, impartial resource that explores improvements in medical device security while keeping in mind the big picture of helping patients to lead more normal and healthy lives. Institutional membership in the center includes a complimentary registration for the annual Archimedes Workshop that provides important training and research highlights to help members learn how to more effectively use and evaluate security technology to improve the return on investment. Center members receive priority treatment for requests of private, onsite or off-site training sessions and derive value from engineering relationships with other Archimedes members.

Prof. Fu’s research is in the area of trustworthy computing and low-power embedded devices. In addition to systems security, RFID-scale computation, and energy-aware architectures, Prof. Fu’s interests include medical devices and health IT. His Security and Privacy Research (SPQR) Lab focuses on two rapidly evolving classes of computing devices: computational RFIDs and implantable medical devices. He maintains a blog on medical device security and safety.