Presentation is loading. Please wait.

Presentation is loading. Please wait.

BEEER: Distributed Record and Replay for Medical Devices in Hospital Operating Rooms. Avesta Hojjati, Yunhui Long, Soteris Demetriou, Carl A. Gunter #HotSoS.

PublishBenny Kurnia Modified over 5 years ago

Similar presentations

Presentation on theme: "BEEER: Distributed Record and Replay for Medical Devices in Hospital Operating Rooms. Avesta Hojjati, Yunhui Long, Soteris Demetriou, Carl A. Gunter #HotSoS."— Presentation transcript:

1 BEEER: Distributed Record and Replay for Medical Devices in Hospital Operating Rooms. Avesta Hojjati, Yunhui Long, Soteris Demetriou, Carl A. Gunter #HotSoS 2019

2 BEFORE THE OPERATING ROOM: MAGICIANS, PRIESTS, AND PHYSICIANS
operating rooms have progressed greatly throughout the years. In ancient times, medical examinations were carried out by magicians and priests In world war I, medical surgeries were performed in battlefield tents - In recent years, the evolution of operating room has speed up. Now, operating rooms are full of connected medical devices, and it is more similar to a data center than anything else before

3 The future of Operating Rooms
System integration and technical standards Telecollaboration Surgical Robotics Intraoperative Diagnosis, Monitoring, and Imagining Connection is also the future of operating rooms. With the development of medical devices, modern operating rooms rely more and more on communication between devices.

4

5 A Target market for attackers:
On average each US hospital has connected devices per bed. 53% percent of healthcare facilities and 43% of manufacturers do not carry out any tests on these devices. Only 51% of device makers abide by the FDA guidelines. An LA hospital paid out $17,000 when hackers took control of their computer Large attack surface Little or no defenses against potential attacks Severe consequences of these attacks bring huge profits for attackers

6 Talk about attacks on attacks on IP

7 Talk about the libraries that the infusion pump needs and how they can be provided by the main server

8 Deploying Intrusion Detection Systems (IDS) such as active monitoring
Possible Solutions: Deploying Intrusion Detection Systems (IDS) such as active monitoring Deploying Intrusion Prevention Systems (IPS) such as firewalls Talk about single device record and replay

9 Deploying Intrusion Detection Systems (IDS) such as active monitoring
Possible Solutions: Deploying Intrusion Detection Systems (IDS) such as active monitoring Deploying Intrusion Prevention Systems (IPS) such as firewalls Recoding and auditing the device logs Talk about single device record and replay

10 In modern operating rooms, the output of one device will be the input of another device.
discuss how this devices are being use in a hospital

11 Which device was actually compromised?
discuss how this devices are being use in a hospital

12 Proposed Solution: BEEER’s Architecture
Distributed Record and Replay (DRNR) with ability to record each device individually with a universal time and capability of replaying an incident from each device in parallel Talk about BEEER high level

13 BEEER Overview Record We modified Arnold (a record and reply system for single devices) Two approaches for recording Device Synchronization with NTP Projection Protocol Replay Log Merging Token Distribution

14 Goal of Distributed Recording
Traditional Distributed System: Local Causality: Preserve event ordering on the same device Message Causality: Receiving a message m is ordered after sending m Cyber Physical System (CPS): CPS Causality To preserve the causal ordering of events

15 Onset Onset: The time it takes for a medication to have physiological effect on a patient. Onset of Insulin: minutes

16 CPS Assumption CPS (Cyber Physical System) Assumption: Onset time > Network Latency CPS Causality: Preserve ordering of events with intervals greater than tcps CPS Causality

17 Projection Protocol: Example

18 Projection Protocol

19 Projection Protocol: Batching

20 Replay: Token Distribution
Before replaying, request for token Delete token in active token queue, after finishes Further token requests need to wait until there is no active token in the queue Batch consecutive tokens from the same executor

21 Evaluation: Replay

22 Medical equipment are one of the most vulnerable embedded devices
Summary Medical equipment are one of the most vulnerable embedded devices We designed, deployed, and evaluated a Distributed Record and Replay (DRnR) solution that records every equipment in an Operating Room Our solution is available for other embedded devices as long as they support a form of Linux as their operating system Talk about single device record and replay

23

Download ppt "BEEER: Distributed Record and Replay for Medical Devices in Hospital Operating Rooms. Avesta Hojjati, Yunhui Long, Soteris Demetriou, Carl A. Gunter #HotSoS."

Similar presentations

Message Queues COMP3017 Advanced Databases Dr Nicholas Gibbins – 2012-2013.

Message Queues COMP3017 Advanced Databases Dr Nicholas Gibbins –
SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks 0 Fall 2014 Presenter: Kun Sun, Ph.D. Michael Rushanan*, Denis Foo Kune,

SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks 0 Fall 2014 Presenter: Kun Sun, Ph.D. Michael Rushanan*, Denis Foo Kune,
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Extensible Networking Platform 1 1 - IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood

Extensible Networking Platform IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood
Agent Caching in APHIDS CPSC 527 Computer Communication Protocols Project Presentation Presented By: Jake Wires and Abhishek Gupta.

Agent Caching in APHIDS CPSC 527 Computer Communication Protocols Project Presentation Presented By: Jake Wires and Abhishek Gupta.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.

Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.

Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Department Of Computer Engineering

Department Of Computer Engineering
A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.

A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.
Securing Information Systems

Securing Information Systems
Cyber Security of SCADA Systems Testbed Testbed Development Group Members: Justin Fitzpatrick Rafi Adnan Michael Higdon Ben Kregel Adviser: Dr. Manimaran.

Cyber Security of SCADA Systems Testbed Testbed Development Group Members: Justin Fitzpatrick Rafi Adnan Michael Higdon Ben Kregel Adviser: Dr. Manimaran.
WORKFLOW IN MOBILE ENVIRONMENT. WHAT IS WORKFLOW ?  WORKFLOW IS A COLLECTION OF TASKS ORGANIZED TO ACCOMPLISH SOME BUSINESS PROCESS.  EXAMPLE: Patient.

WORKFLOW IN MOBILE ENVIRONMENT. WHAT IS WORKFLOW ?  WORKFLOW IS A COLLECTION OF TASKS ORGANIZED TO ACCOMPLISH SOME BUSINESS PROCESS.  EXAMPLE: Patient.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Intrusion Prevention System. Module Objectives By the end of this module, participants will be able to: Use the FortiGate Intrusion Prevention System.

Intrusion Prevention System. Module Objectives By the end of this module, participants will be able to: Use the FortiGate Intrusion Prevention System.

Similar presentations

Ads by Google