In 2015, a hacking convention held in Kentucky found a staggering 68,000 vulnerable MedTech systems in just one healthcare organisation. Subsequently, a senior researcher at security company Kaspersky Lab revealed at 2016’s Security Analyst Summit that he had easily infiltrated an MRI machine and uncovered sensitive information.
The volume of cyberattacks shows that medical information and technology is a valuable resource for those with malicious intent. However, this presents medical original equipment manufacturers (OEMs) with an excellent opportunity to reassess their approach to device security.
At the start of 2016, the US Food and Drug Administration (FDA) drafted guidance for securing medical devices, recommending that “medical device manufacturers address all risks, including cybersecurity risk.” Yet these proposed guidelines only go some way to solving the issue of MedTech security and do not cover hardware security.
Cybersecurity is certainly a big issue for healthcare, but it is not the only aspect of medical security that practitioners must consider. When medical OEMs are designing their devices, it is critical they keep in mind the safety of the physical device itself.
One of the biggest issues facing devices across all industries is that of hardware hacking, which is when a counterfeit or grey market component or peripheral is used in a device and undermines its integrity. This ranges from a USB memory stick in a hospital computer carrying malware or even a counterfeit battery being used in a device, resulting in unexpected and abrupt power failure.
While some of these hardware hacks are the direct result of third parties with malicious intent, many are unintentionally caused by device manufacturers or end users. For example, a health trust or hospital might be under financial constraint and choose to buy a grey market or unbranded battery to power its device rather than buy the part specified by the OEM. While this initially reduces costs, these fake batteries are not certified by the OEM and are most likely of inferior quality, increasing the incompatibility, the risk of sudden device failure or even a safety related incident.
It is for this reason that recent calls to consider security during design stages offer OEMs an opportunity. While the FDA guidelines are currently recommendations and not legally binding, responsible OEMs will abide by them and pay close attention to a device’s security — both cyber and physical — at each stage of the product development life cycle (PDLC).
For example, an OEM might want to consider algorithmic security to ensure that only a battery which has been certified by the OEM can be used in the medical device. This would require consulting with a medical battery manufacturer early in the PDLC.
Algorithmic security is essentially software encryption. The certified battery is programmed with a key which is known only to the battery manufacturer and the medical device OEM. The medical device issues a random challenge to the battery and requires it to respond immediately with an answer based on calculations determined by its internal key. The device performs the same calculations and checks to see if the answers are identical.
If the battery is unable to provide a correct response then the device determines that the battery is suspect and performs whatever action has been predetermined by the OEM, which can vary from shutting down, allowing discharge but not charge or alerting the OEM of the infringement for the purposes of voiding warranty.
Safety of medical devices
Smart medical devices are also increasingly used as monitors for patients’ vital statistics. For example, a wearable patch was recently invented that regularly records patient vitals, such as heart rate, temperature and movements.
This means that doctors do not need to go from bed to bed to take note of the vitals and can instead monitor them from a central location. However, doctors will come to rely on the device as a reliable source for patient information, meaning they will make serious treatment decisions based on them. As a consequence, not only must the security of these devices be considered to avoid hackers obtaining sensitive information, but also the safety and reliability of them, to ensure that these critical devices do not fail.
To mitigate the risks of a critical medical device failing, it is essential that OEMs work with battery manufacturers early in the design process. With new devices, OEMs often have unrealistic expectations for the longevity of the battery, both in terms of stored energy and cycle life and they can fail to provide adequate volume for the battery which is required to meet the runtime requirements of the device.
All too often, OEMs will turn to a battery manufacturer with a pre-determined slot for the battery. However, it is often then difficult for battery integrators to tessellate commercially available cells within the available volume. This means that the energy density and subsequent battery longevity of the medical device is not optimised.
Given a constrained space, it is tempting for some battery integrators, driven by the OEM, to squeeze cells into the available space. Whilst this may work for cylindrical and prismatic cells which are housed in metal cases, the same cannot be said for pouch cells, which have only a thin metallised polyester material to contain and protect the inner electrodes.
Any excess force, bending, or locally applied pressure can result in an internal short circuit which can have serious consequences for safety. Cases for pouch cells should also be designed with excess volume to allow for cell swelling which naturally occurs as the battery is cycled.
With the rise of smart medical devices, OEMs are looking to their batteries to provide smart functionality which can improve safety, reliability and performance. A smart battery plays an active role in device power management, working alongside a smart charger and host device. A smart battery monitors its state of charge and only requests charging when it is required. The appropriate charging voltage and current are broadcast to the smart charger which responds accordingly.
This method means that a single charger can be used to charge many different types of battery without the need for the charger to be pre-programmed to accommodate them. It also allows for chemistry independence where batteries of different types, from different manufacturers and with different charge requirements can be used in a single system.
A smart battery can provide users with highly accurate runtime information. Whereas the fuel gauge accuracy on a mobile phone is less important, in a medical device it is critical that the battery can accurately report this information so medical professionals can make informed decisions about battery charging and replacement. A properly configured smart battery will account for many factors, including the age of the battery, the temperature, previous discharge history and the discharge rate to provide a fuel gauge accuracy of up to one per cent.
In order to maximise stored battery energy, smart batteries have various power modes. They can send themselves to sleep when not communicating with a device and are often shipped in a shutdown mode, maximising shelf life.
As safety is paramount, smart batteries protect themselves from abnormal charging and discharging. Each series cell in a Lithium ion smart battery is protected against over-discharge and over-charge whilst the battery is also protected against over-current, short-circuit and over-temperature. In addition to a primary method of protection (temporarily opening a charge or discharge FET), many smart batteries also include a one-time operated logic fuse which can be blown by the battery if it detects a serious fault condition.
With the wearable medical device market expected to reach $4.6 billion by 2020 and the FDA expected to push for legal guidelines on MedTech security, OEMs must consider battery safety and security as a high priority. Batteries are now being used to power critical medical devices that can make the difference between life and death, so OEMs must treat them with the seriousness they deserve.
If healthcare professionals are relying on these devices for patient information, they must also be able to have confidence in the safety and security of their devices, allowing them to be the safe pair of hands they need to be.
About the author:
Neil Oliver is technical marketing manager at Accutronics – www.accutronics.co.uk