In 2001, a doctor in New York completed what may seem like a routine surgery to remove a patient’s gallbladder. But in fact that procedure wasn’t routine at all, because the patient was in France. That was the first successful long-distance robotic surgery, or telesurgery, ever performed, and since then the field has taken off. Though robotic surgery is not yet the industry standard, sales of medical robots are increasing by 20 percent each year, and by 2025 the Department of Defense wants to have deployable Trauma Pods ( https://www.youtube.com/watch?v=C4wjAlprgBc ) that could allow surgeons to operate on soldiers from hundreds or thousands of miles away.
Though proponents of telesurgery have thoroughly discussed its benefits (there's no delay due to travel time, for example, and surgery could be possible in remote locations like deep underwater or in outer space) there hasn’t been much exploration of its weaknesses. Researchers from the University of Washington decided to put the telesurgery technology to the test to see if they are susceptible to cyber attacks. According their study, the security of surgical robots leaves much to be desired. ( http://arxiv.org/abs/1504.04339 )
http://www.popsci.com/robots-used-surgery-can-be-easily-hacked
(Score: 2) by sigma on Wednesday April 29 2015, @05:54AM
We like to think that surgical procedures are close to a pinnacle of modern marvels, but really it's still quite brutal and often extremely damaging to the patient. There's no doubt that surgery is essential for some people, but our goal should be to outgrow the need for it.
Even these and more advanced autonomous robots should be seen as an interim stepping stone to a better way.
(Score: 2, Interesting) by anubi on Wednesday April 29 2015, @08:35AM
Dr Branesergen is in the operating room doing surgery on a nondescript medicare patient.
A call comes into the hospital.
Senator Gustawind (N.H.) has just been injured in a ski accident. He is waiting in DaVinci ward 3 at Podunk, Colorado awaiting connection to your DaVinci station.
Ummm... what happens next?
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 0) by Anonymous Coward on Wednesday April 29 2015, @01:36PM
This is pretty much the plot to Urasawa Naoki's excellent Monster [wikipedia.org] comic and animated series.
Also the "nondescript medicare patient" is a child who may actually be the antichrist. "What happens next?" indeed.
(Score: 0) by Anonymous Coward on Wednesday April 29 2015, @08:33PM
Good for business, bad for people. Soon enough someone will rent these out with payments required for each period, or the machine would lock up. This will also reduce the number of surgeons needed. And surgeons are expensive (for good reasons).
Then later these will (of course) need to be controlled by a central controller, which will conveniently botch surgeries for "some" people. Of course, there will be network intrusions, but for the first hundreds/thousands of surgeries nothing bad will happen. Then when people have become comfortable with the technology and have started depending on it, the vile group in control will rear its ugly head.
(Score: 5, Insightful) by lentilla on Wednesday April 29 2015, @09:17AM
I'd like to think that security and robot operations were separate systems. We don't expect a security expert to be any good at producing a medical robot - why should we expect the inverse? In practical terms: medical robots need to be on their own network - then it doesn't matter how "insecure" they are. It also prevents the inevitable exploits leading from flawed "reinventions" of the security wheel.
(Score: 0) by Anonymous Coward on Thursday April 30 2015, @11:23AM
Missed the part of the summary that says "thousands of miles away" did you? You're going to run a cable thousands of miles long, are you? On their own network, you say. You're a fucking moron.
(Score: 4, Interesting) by anubi on Wednesday April 29 2015, @10:04AM
There seems to be one helluva tradeoff between security and robustness.
I play around a lot with Arduinos. The ones I have so far worked with are extremely robust. Once programmed with what they are to do, that is what they *will* do, until I explicitly program them to do something else. I know of no way to slip in on the communication channel and brick it. Its about as robust as a hand calculator. I haven't seen anyone brick a hand calculator by fidgeting with the keyboard. Lock it up, maybe, but a quick power cycle and you are again good to go.
However, having stray commands come into a telesurgery robot with spoofed packets? Its going to execute what its told to execute. Short of having an extremely secure encrypted end-to-end link, one is going to be vulnerable to spoofed packet insertions. No different than a lot of us being vulnerable to a properly prepared phish.
Anything one can build, another can tear down. Or, as I have said before, setting someone's outhouse on fire.
I believe the trick is mostly coming up with ways of keeping the communication path between doctor and patient out of public access, which most likely means tunneling protocols. If someone is determined to screw it up - I do not think you are going to stop them, however you should be able to identify them and change ports/keys in a flash so that the intruder has a bit of work to do to make up the new spoofing packets that will pass the routers. Sometimes, I would believe a dedicated line would be called for.
I believe security like this is just about as futile as DRM. DRM is very likely to deny the legit user access due to some minor technicality. That is the last thing one needs during surgery is to try to verify why the digital locks won't open. All of us have experienced the frustrations of encryption being used as a solution instead of simply not having a path there at all. Just having a locked door invites the possibility of lock pickers and key copyists. If the door was not there at all, that problem would not exist. Which is why I am so vehemently opposed to backdoors in operating systems.
AFAIK, I would use a continuous encrypted streaming protocol "on the wire" so as to make packet injection difficult. Packets with unexpected content not in sync with the transmitting end would be discarded, but that still does not rule out DOS attacks. But even then, cleverly monkeyed packets could confuse the system so much real-time use is impossible.
Honestly, I do not know how to make something someone else can't take apart.
Back in the old days, it was line noise which was my nemesis. These days, its extremely intelligent beings making streams of ones and zeroes that would never happen naturally in a billion years.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 0) by Anonymous Coward on Wednesday April 29 2015, @12:59PM
cool stuff, until the hackers break the link between the 5 star michelling chef cooking in my kitchen via telerobotic link ; )
(Score: 2) by kaszz on Wednesday April 29 2015, @09:46PM
These insecure facilities and equipment designers are begging for a flood of serious lawsuits for negligence and incompetence. This is not a office production reduction but life altering impact. If courts are gamed then there's always the hard traditions from the old days to ensure a negative feedback loop.
I hope someone lists the insecure and secure machines. And which hospitals use them. Such that one may weed out the obviously rotten eggs outside of the system.
(Score: 0) by Anonymous Coward on Sunday May 03 2015, @03:53PM
Teledildonics!