SoylentNews is people
SoylentNews
In 2001, a doctor in New York completed what may seem like a routine surgery to remove a patient’s gallbladder. But in fact that procedure wasn’t routine at all, because the patient was in France. That was the first successful long-distance robotic surgery, or telesurgery, ever performed, and since then the field has taken off. Though robotic surgery is not yet the industry standard, sales of medical robots are increasing by 20 percent each year, and by 2025 the Department of Defense wants to have deployable Trauma Pods ( https://www.youtube.com/watch?v=C4wjAlprgBc ) that could allow surgeons to operate on soldiers from hundreds or thousands of miles away.
Though proponents of telesurgery have thoroughly discussed its benefits (there's no delay due to travel time, for example, and surgery could be possible in remote locations like deep underwater or in outer space) there hasn’t been much exploration of its weaknesses. Researchers from the University of Washington decided to put the telesurgery technology to the test to see if they are susceptible to cyber attacks. According their study, the security of surgical robots leaves much to be desired. ( http://arxiv.org/abs/1504.04339 )
http://www.popsci.com/robots-used-surgery-can-be-easily-hacked
(Score: 4, Interesting) by anubi on Wednesday April 29 2015, @10:04AM
There seems to be one helluva tradeoff between security and robustness.
I play around a lot with Arduinos. The ones I have so far worked with are extremely robust. Once programmed with what they are to do, that is what they *will* do, until I explicitly program them to do something else. I know of no way to slip in on the communication channel and brick it. Its about as robust as a hand calculator. I haven't seen anyone brick a hand calculator by fidgeting with the keyboard. Lock it up, maybe, but a quick power cycle and you are again good to go.
However, having stray commands come into a telesurgery robot with spoofed packets? Its going to execute what its told to execute. Short of having an extremely secure encrypted end-to-end link, one is going to be vulnerable to spoofed packet insertions. No different than a lot of us being vulnerable to a properly prepared phish.
Anything one can build, another can tear down. Or, as I have said before, setting someone's outhouse on fire.
I believe the trick is mostly coming up with ways of keeping the communication path between doctor and patient out of public access, which most likely means tunneling protocols. If someone is determined to screw it up - I do not think you are going to stop them, however you should be able to identify them and change ports/keys in a flash so that the intruder has a bit of work to do to make up the new spoofing packets that will pass the routers. Sometimes, I would believe a dedicated line would be called for.
I believe security like this is just about as futile as DRM. DRM is very likely to deny the legit user access due to some minor technicality. That is the last thing one needs during surgery is to try to verify why the digital locks won't open. All of us have experienced the frustrations of encryption being used as a solution instead of simply not having a path there at all. Just having a locked door invites the possibility of lock pickers and key copyists. If the door was not there at all, that problem would not exist. Which is why I am so vehemently opposed to backdoors in operating systems.
AFAIK, I would use a continuous encrypted streaming protocol "on the wire" so as to make packet injection difficult. Packets with unexpected content not in sync with the transmitting end would be discarded, but that still does not rule out DOS attacks. But even then, cleverly monkeyed packets could confuse the system so much real-time use is impossible.
Honestly, I do not know how to make something someone else can't take apart.
Back in the old days, it was line noise which was my nemesis. These days, its extremely intelligent beings making streams of ones and zeroes that would never happen naturally in a billion years.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]