MedSec - Usable Security for Medical Devices
Dr D Oswald
Prof V Kostakos
No more applications being accepted
Competition Funded PhD Project (Students Worldwide)
Modern healthcare relies on a large number of intelligent, interconnected medical devices, for example pacemakers, insulin pumps, blood glucose meters, EEG monitors, etc. While these devices are specifically designed and tested to provide operational safety, the cyber security (against a malicious attacker) has been largely disregarded in the past, leading to exploits that can put a patient’s live in danger (see e.g. ).
In addition, even though there are countermeasures available against such attacks, implementing those is often infeasible in practice since they complicate the use of devices in practice or may affect the safety requirements. For example, in an emergency situation, a doctor needs immediate access to a patient’s pacemaker and does not have time to enter a cryptographic key or password. Similarly, fail-safe mechanisms can open new attack vectors: a device may have to always accept the “emergency off” command, even if a cryptographic check fails.
The goal of the MedSec PhD project is to address the issues in securing medical devices both from a cyber security as well as a safety and usability perspective. The project will consist of three major milestones:
1. Survey and analyse the security of real-world medical devices in order to design and prototype countermeasures against those attacks,
2. Evaluate and improve the safety and usability of the devised countermeasures for the use in real-world medical practice
3. Develop a systematic and open framework with appropriate security mechanisms for different application scenarios, considering security, usability and safety requirements
Dr Oswald has ten years of experience in the security analysis of embedded devices and has discovered many high-impact vulnerabilities. Prof Kostakos leads the Smart Hospital Living Lab (SHLL) and will contribute his extensive experience in human-centred design in particular for medical application. The SHLL provides an ideal environment to test the devised security mechanisms under realistic conditions.
A fully-funded studentship, which includes tax-free Doctoral Stipend of £15,009* per annum, is available for Home/EU and Overseas students on this Joint PhD programme between the University of Birmingham and the University of Melbourne for October 2019 start. For students who are to be hosted by the University of Melbourne, the scholarship rate will be $AUD30,000 p.a. and will include provision for a return trip to Birmingham.
*subject to inflationary variation