Securing Implanted Medical Devices
Every wireless device is vulnerable to attacks directly because of its wireless connectivity. Using cryptography it is possible to protect computers and routers, but some devices, such as implanted medical devices (IMDs), do not have the computational or power resources for such security. Researchers at Rice University however, have developed a new system to secure the devices with an ever-changing password.
Pacemakers, insulin pumps, and neuron stimulators are examples of IMDs that have wireless communication capabilities, so the patient can be monitored during emergencies. In theory though, someone could connect to these devices and cause them to misbehave. To protect against that the Rice researchers have created a system to generates a password from one's heartbeat. No two hearts beat the same, and the minute details of one's electrocardiogram (EKG) signature are constantly changing. By processing this information, you can effectively turn the heart into a random number generator. To determine the password and access the device requires physically touching the patient, to gather the EKG data, which will be difficult to do surreptitiously.
Two important properties of this security system, named Heart-to-Heart are its low power requirements and ease of implementation. As all wireless IMDs have software, it should be possible to update current devices to use Heart-to-Heart, though creating such updates will require the cooperation of the manufacturers and approval from the FDA.
Source: Rice University