Deep dip teardown of tubeless insulin pump
Sergei Skorobogatov
TL;DR
This paper provides a comprehensive teardown and security analysis of the OmniPod tubeless insulin pump, revealing vulnerabilities and offering insights to improve hardware security in medical devices.
Contribution
It presents a detailed methodology for dissecting and analyzing a medical device, highlighting security weaknesses and suggesting improvements.
Findings
Identification of security weaknesses in the device
Demonstration of firmware extraction and analysis
Insights into hardware vulnerabilities
Abstract
This paper introduces a deep level teardown process of a personal medical device - the OmniPod wireless tubeless insulin pump. This starts with mechanical teardown exposing the engineering solutions used inside the device. Then the electronic part of the device is analysed followed by components identification. Finally, the firmware extraction is performed allowing further analysis of the firmware inside the device as well as real-time debugging. This paper also evaluates the security of the main controller IC of the device. It reveals some weaknesses in the device design process which lead to the possibility of the successful teardown. Should the hardware security of the controller inside the device was well thought through, the teardown process would be far more complicated. This paper demonstrates what the typical teardown process of a personal medical device involves. This knowledge…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsWireless Body Area Networks · Electrostatic Discharge in Electronics · Embedded Systems Design Techniques