Systems-Theoretic and Data-Driven Security Analysis in ML-enabled Medical Devices
Gargi Mitra, Mohammadreza Hallajiyan, Inji Kim, Athish Pranav Dharmalingam, Mohammed Elnawawy, Shahrear Iqbal, Karthik Pattabiraman, Homa Alemzadeh
TL;DR
This paper highlights cybersecurity risks in AI/ML-enabled medical devices, analyzing threat data and proposing tools for pre-market risk assessment to enhance safety and security by design.
Contribution
It introduces a set of tools and techniques for security analysts to perform comprehensive premarket risk assessments of AI/ML medical devices.
Findings
Analysis of device recalls and vulnerabilities reveals key threat areas.
Proposed tools assist in early cybersecurity risk identification.
Embedding security in design improves device safety.
Abstract
The integration of AI/ML into medical devices is rapidly transforming healthcare by enhancing diagnostic and treatment facilities. However, this advancement also introduces serious cybersecurity risks due to the use of complex and often opaque models, extensive interconnectivity, interoperability with third-party peripheral devices, Internet connectivity, and vulnerabilities in the underlying technologies. These factors contribute to a broad attack surface and make threat prevention, detection, and mitigation challenging. Given the highly safety-critical nature of these devices, a cyberattack on these devices can cause the ML models to mispredict, thereby posing significant safety risks to patients. Therefore, ensuring the security of these devices from the time of design is essential. This paper underscores the urgency of addressing the cybersecurity challenges in ML-enabled medical…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsEmbedded Systems Design Techniques