CAREER: Safe and Secure Network Control for Smart and Connected Hospitals

NSF CNS-1553273

Wireless network designs are usually isolated from medical applications in existing systems. Researchers have been making significant efforts to create network standards for medical systems and applications in various settings, such as the ISO/IEEE 11073 for medical device communication [63] and IEEE 802.15.6 for human body area implantable and wearable devices. These standards only define the very basic networking requirements and many research questions still remain. Our approach to the above challenge is to integrate contextual information into networked system designs. The context information includes: devices information (e.g. wireless interfaces, operating safety constraints on wireless frequency and strength, procedures that require coordination among devices), patient information (e.g. patient state, drug sensitivity, activities, circadian rhythm, patient specific networking requirements imposed by medical care applications like real-time requirements, mobility, identity etc.), and other hospital information (e.g. medical workflow, caregiver schedules, and medical system interoperable services for emergency). Then we shall utilize context information to control network and security functionalities of the systems. Our design architecture has the corresponding control models as shown in Figure 3. The term ”network control” has been used in many different contexts, in this proposal, our network control approach covers closed-loop control designs through a communication network, including heterogeneous network coordination and energy management.

On the other hand, data transferred over wireless networks in hospital includes patients personal information, medical device measurements, caregivers notes, device and system management information etc. Most of this data is protected by HIPPA [101]. However, there is very limited security designs to prevent malicious users from access medical devices, a number of incidents that medical devices were hacked over networks have been reported recently [79]. Security vulnerabilities in networked medical systems may lead to serious safety problems. For example, wireless attacks on infusion pumps and pacemakers can jeopardize patients lives. Therefore, it is essential to design secure access control for networked medical systems. Data in these systems is usually associated with its medical context: 1) medical data is personal, but sharing the right subset of personal data with physicians is necessary and sufficient for diagnosis and treatment; 2) different types of medical measurements from the same patient have their unique correlations, these hidden correlations may reveal patient’s private information; 3) device control information and its patterns in medical systems may suggest patient states and treatments. These contextual features are used in our security protocol designs.

the intellectual contributions of this proposed work are:

  1. The pervasive deployment of wireless networks facilitates seamless connections among medical devices, sensors, electronic health record, and clinical decision support systems. These systems provide real-time and rich contextual information about the patients and the medical procedures. We investigate the relation between the medical context and the medical systems’ network and security functionalities, and create context based network and security control models.

  2. Under the reliability and safety requirements of medical applications, we design and develop a set of technologies to coordinate data collection across heterogeneous wireless networks, control electromagnetic interference, configure and optimize operations of medical devices.

  3. Since trustworthy authentication to medical devices, networks, and electronic health record is vital to protect patient’s safety and privacy, we design access control algorithms based on patient specific patterns under medical context of users.

  4. To integrate different control solutions into a consistent system in various contexts, we design control analysis algorithms and tools to identify hidden policy conflicts statically and dynamically.

  5. A reference testbed implementation for wireless connected medical devices and sensors is created, and it is deployed into real scenarios to evaluate the proposed designs under a variety of contexts.