Vulnerabilities of the Artificial Pancreas System and Proposed Cryptographic Solutions
Additional Funding Sources
This research was supported by National Science Foundation Research Experience for Undergraduates Site Grant DMS-169872 and Boise State University College of Innovation and Design.
Abstract
We live in a world of cyber-enabled, wireless devices that enhance many aspects of life, including the treatment of diabetes. Type I Diabetes is a chronic autoimmune disorder characterized by destruction of pancreatic β-cells and subsequent deficiency of insulin - a crucial hormone in regulating blood glucose levels. Current treatment includes lifelong monitoring of blood glucose levels and injection of insulin. The development of an Artificial Pancreas System is automating the maintenance of this disease by integrating wireless devices to continuously monitor glucose levels and deliver insulin without patient interaction. Artificial Pancreas Systems and other Implantable Medical Devices (IMD) are shrinking in physical size which limits their storage, power, and processing capacity making them unsuitable for modern encryption. The lack of security features in lightweight devices results in the unsecure transmission of data between their components. The National Institute of Standards and Technology (NIST) has called for encryption algorithms to be considered as the lightweight cryptographic standard. Our team demonstrates how an adversary can exploit the vulnerabilities of the Artificial Pancreas System to cause irreversible damage to a patient. We implement ForkAE, a candidate for the lightweight encryption standard, to combat the vulnerabilities using our simulation of the Artificial Pancreas System.
Vulnerabilities of the Artificial Pancreas System and Proposed Cryptographic Solutions
We live in a world of cyber-enabled, wireless devices that enhance many aspects of life, including the treatment of diabetes. Type I Diabetes is a chronic autoimmune disorder characterized by destruction of pancreatic β-cells and subsequent deficiency of insulin - a crucial hormone in regulating blood glucose levels. Current treatment includes lifelong monitoring of blood glucose levels and injection of insulin. The development of an Artificial Pancreas System is automating the maintenance of this disease by integrating wireless devices to continuously monitor glucose levels and deliver insulin without patient interaction. Artificial Pancreas Systems and other Implantable Medical Devices (IMD) are shrinking in physical size which limits their storage, power, and processing capacity making them unsuitable for modern encryption. The lack of security features in lightweight devices results in the unsecure transmission of data between their components. The National Institute of Standards and Technology (NIST) has called for encryption algorithms to be considered as the lightweight cryptographic standard. Our team demonstrates how an adversary can exploit the vulnerabilities of the Artificial Pancreas System to cause irreversible damage to a patient. We implement ForkAE, a candidate for the lightweight encryption standard, to combat the vulnerabilities using our simulation of the Artificial Pancreas System.