Securing Medtech Devices Now Possible Through Signal Manipulation

one month ago by Sam Holland

If you've ever wondered what it would be like to have your information secured with something uniquely yours, then your own body is as close as it gets. Thanks to new technology, medical data can now be protected from breaches using the human body as the encryption medium.

Why Information Security is Essential in Healthcare

In a 2018 presentation, Blackhat USA uncovered cybersecurity vulnerabilities inherent in medtech systems which hackers can exploit to monitor and operate critical medical devices such as pacemakers and insulin pumps.

The results of the exposition proved that there is a possibility that remote hacks could interfere with medical procedures in a way that is potentially life-threatening to patients. Since medical data and health information are private and sensitive, it must be secured so it doesn’t fall into the wrong hands.


The Tech Community’s Response to Improving Medical Data Security

In Q1 2019, engineers at Purdue University, Indiana demonstrated a means of securing the wireless signals that emanate from medtech devices using body area networks (BAN).

The work was published in Scientific Reports in March of this year by Shreyas Sen, assistant professor of Electrical Engineering, Purdue University, and his team of students. The study uses a wearable device to implement a technology that is known as electro-quasistatic human body communication (EQS-HBC).

The Internet of Body (IoB) is a burgeoning field of bioelectronic medicine which involves interconnected smart devices which transmit and receive signals around body parts such as the hair and upper skin layer, and inside the body using implants.

Body area networks connect low-power, miniaturised devices, and biosensors that obtain data about human biological systems and processes to continuously monitor health conditions.

BAN devices range from wearables—non-invasive surface mount devices—to invasive micro-implants. The devices use the conductive properties of the body to relay signals between the user and the device.

For added security, the signals are kept within the body. BAN devices generally use Bluetooth technology for on-body communications.


Secure BAN Comms with a Wearable Device

Signal localisation is achieved using a prototype watch that makes contact with the wrist. It uses the conductive properties of the body, such as bodily fluid and skin tissue, to transmit signals in the electro-quasistatic range, some of the lowest frequencies on the electromagnetic spectrum.

The wearable EQS device comprises of communication and processing modules, copper-tape electrodes for interfacing with the human body, and a DC power source.

Conventional wireless EM communications propagate in every direction and tend to lose signal strength and density. For this reason, they require more power for transmission. EQS, on the other hand, mitigate signal attenuation by localising radiation and transmitting over low frequencies (carrier-less signals < 1 MHz).


Comparing data privacy between on-body EQS-HBS and WBAN. Photo courtesy of Purdue University.


Results from experiments and theoretical modelling of on-body EQS-HBC systems show a quasi-static leakage detectable up to <0.15m while the results were >5m for on-body electromagnetic wireless communications. Lower QS leakage levels indicate greater difficulty in intercepting the signals. This is the basis for enhanced data privacy in on-body EQS-HBS systems.

Electro-quasistatic signal propagation is quite difficult to intercept and uses 100 times less power than Bluetooth communication systems in traditional BAN devices. The prototype can receive signals from any point of the body with no observable difference due to skin or hair thickness.


Conclusions from the EQS-HBC Technology

EQS-HBC technology localises signals within the body using carrier-less transmission at ultra-low frequencies. The body acts as the encryption medium for secure communications between user and device.

The low QS leakage of the system makes it extremely difficult for critical health data to be intercepted at any point of the network. Other advantages include low power usage and non-invasive operation with no observed radiative health effects in the studied prototype.

The new device from Purdue University demonstrates a huge leap in medtech data security which could propagate into several other aspects of bioelectronic medicine in years to come.

The device creates a secure network around the body which makes it near-impossible for hackers to intercept the signals. It also uses less power than other BAN devices. For the prototype to be adopted on a wider scale, it will need support to fund further research and development.

The medical society may also prescribe safety checks to mitigate possible side-effects of prolonged use in long-term health monitoring. Fortunately, the work is already garnering attention with grants by both the U.S. Air Force Office of Scientific Research and National Science Foundation.