Security and Privacy in Implantable Medical Devices

1 April 2011, EPFL ELA 2, Lausanne, Switzerland

Wayne Burleson, University of Massachusetts Amherst,  MA, USA,  Visiting EPFL 2010-2011
Sandro Carrara, EPFL, Lausanne, Switzerland
Contact:  Wayne Burleson,

Implantable Medical Devices are increasingly being used to solve a wide variety of medical and research challenges. However, they introduce potential vulnerabilities to adversaries that can result in life-threatening situations as well as compromises of privacy. This workshop brings together researchers and advocates from a range of perspectives to present recent research and experiences in this domain.

Implantable Medical Devices (IMDs) allow an unprecedented view into the human body as well as the ability to deliver life-saving therapies.  However, the fact that they operate remotely from the direct care of a physician presents unique concerns as well as capabilities.  Examples of IMDs range from pacemakers and defibrillators, to artificial organs and joints, to brain implants, to drug delivery systems and many types of bio-sensors.  Many implanted medical devices now include microelectronics, sensors and wireless interfaces to the outside world.  Some devices can even be re-programmed by over the Internet.

The audience for this workshop is a diverse combination of researchers and practitioners in the areas of Computer Science, Electrical and Computer Engineering, Bio-Engeering, Medical and Health Sciences as well as Legal and Ethical scholars. 

•    Srdjan Capkun, ETHZ, Zurich, Switzerland
•    Sandro Carrara, EPFL, Lausanne, Switzerland
•    Kevin Fu, University of Massachusetts Amherst, USA
•    Ian Brown, Oxford University, Great Britain
•    Jos Huisken, IMEC, Netherlands
•    Francesco Valgimigli , Menarini Diagnostics, Italy
•    Anthony Guiseppi-Elie,  Clemson University, SC, USA
•    Ahmad-Reza Sadeghi, TU Darmstadt and Fraunhofer, Germany
•    Saied Hosseini-Khayat, FUM, Iran
•    Qiang Tan, Shanghai Chest Hospital, China

Panel Discussion:
Moderator:  Wayne Burleson, EPFL and University of Massachusetts Amherst, USA

How realistic are the security and privacy threats of IMDs?  How urgent are these concerns?  One could argue that the technologies are still very young and an overemphasis on security/privacy issues is premature.  However,  this can be countered by numerous examples of systems that were deployed without adequate security/privacy analysis and are now suffering.  In particular, the life-critical aspects of IMDs and the highly sensitive nature of medical privacy requires us to think about these problems differently than similar electronic systems for e-voting (Diebold), personal finance (Paypal), transportation payments (Myfare ), social networks (Facebook) or digital entertainment media (DMCA).

This workshop is sponsored by