Trustworthiness of medical devices and body area networks

Meng Zhang, Anand Raghunathan, Niraj K. Jha

Research output: Contribution to journalArticlepeer-review

97 Scopus citations


Implantable and wearable medical devices (IWMDs) are commonly used for diagnosing, monitoring, and treating various medical conditions. A general trend in these medical devices is toward increased functional complexity, software programmability, and connectivity to body area networks (BANs). However, as IWMDs become more 'intelligent,' they also become less trustworthy - less reliable and more prone to attacks. Various shortcomings - hardware failures, software errors, wireless attacks, malware and software exploits, and side-channel attacks - could undermine the trustworthiness of IWMDs and BANs. While these concerns have been recognized for some time, recent demonstrations of security attacks on commercial products, e.g., pacemakers and insulin pumps, have elevated medical device security from the realm of theoretical possibility to an immediate concern. The trustworthiness of IWMDs must be addressed aggressively and proactively due to the potential for catastrophic consequences. Conventional fault tolerance and information security solutions, e.g., redundancy and cryptography, that have been employed in general-purpose and embedded computing systems cannot be applied to many IWMDs due to their extreme size and power constraints and unique usage models. While several recent efforts address defense of IWMDs against specific security attacks, a holistic strategy that considers all concerns and types of threats is required. This paper discusses trustworthiness concerns in IWMDs and BANs through a comprehensive identification and analysis of potential threats and, for each threat, provides a discussion of the merits and inadequacies of current solutions.

Original languageEnglish (US)
Article number6823677
Pages (from-to)1174-1188
Number of pages15
JournalProceedings of the IEEE
Issue number8
StatePublished - Aug 2014

All Science Journal Classification (ASJC) codes

  • Electrical and Electronic Engineering
  • General Computer Science


  • Body area networks (BANs)
  • medical devices
  • personal healthcare systems
  • privacy
  • reliability
  • security


Dive into the research topics of 'Trustworthiness of medical devices and body area networks'. Together they form a unique fingerprint.

Cite this