Assistant Professor
Department of Computer Science
University of Massachusetts Amherst, MA, USA

Webpage

Trustworthy Medical Device Software

Today it would be difficult to find a medical device that does not critically rely on computer software in its function, manufacture, or use in clinical decision making. Despite the lessons learned by the radiation accidents of the Therac-25 twenty years ago, medical devices that rely on software (e.g., drug infusion pumps, linear accelerators for radiation) continue to injure or kill patients in preventable ways. Why is it so hard to create trustworthy software for medical devices? Devices are not isolated devices. They are systems of systems. And software plays a significant role for control of these critical systems that can significantly affect patient safety, either positively or negatively, depending on its trustworthiness. Failure to meaningfully specify requirements, complacency, and lack of care for human factors further erode trustworthiness. The lack of trustworthy medical device software leads to shortfalls in properties such as safety, effectiveness, dependabili!  ty, reliability, security, and privacy. Good systems engineering and the adoption of modern software engineering techniques can address many of the risks of medical device software---leading to devices that help patients lead more normal, healthy lives.

About the speaker:
Kevin Fu is an assistant professor in the Department of Computer Science at the University of Massachusetts Amherst.  His research focuses on trustworthy computing for energy-constrained, RFID-scale devices.  His contributions include the security and threat model analysis of several systems ranging from contactless "no swipe" credit cards and wireless medical devices to access-controlled Web sites and automated software updates.  Kevin's research has led to improvements in security and privacy of pervasive devices, promoting the vision of safer and more effective technology for consumers.  Kevin received his Ph.D. in Electrical Engineering and Computer Science at the Massachusetts Institute of Technology.  He has served on numerous program committees of leading conferences in computer security, and has given dozens of invited talks world-wide to industry, government, and academia on the topic of security and privacy.  His research appears in computer science conferences, medical journals, and has been featured in media such as The New York Times, The Wall Street Journal, and NPR.  Affiliations include the RFID Consortium on Security and Privacy (RFID-CUSP.org), the HHS SHARP Security project (sharps.org), and the Medical Device Security Center (secure-medicine.org).  Kevin is an Alfred P. Sloan Research Fellow, ACM Senior Member, NSF CAREER Award recipient, and MIT Technology Review TR35 Innovator of the Year.  He also holds a certificate of achievement in artisanal bread making from the French Culinary Institute.