How Security ICs Address New Medical Device Regulations
April 26, 2018
|By: Thomas Le Roux and Christophe Tremlet
Micros, Security & Software Business Unit, Maxim Integrated
In the European Union (EU), new rules that strengthen data protection and individual privacy are about to become enforceable. The General Data Protection Regulation (GDPR) (EU) 2016/679 addresses the export of personal data outside the EU, with the intent of providing citizens and residents control over their personal data. Adopted in April 2016, GDPR will be enforced starting May 25.
If you're designing applications such as medical devices, where the new rules would be applicable, know that you can meet the requirements with security ICs. First, let's take a closer look at the new regulation requirements and what they mean in terms of security. Table 1 outlines what you need to know.
|Regulation Requirement||What it Means for Security|
|The ability of a network or an information system to resist, at a given level of confidence, accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted personal data.||
Prevent accidental or malicious compromise of patient data
|In order to maintain security and to prevent processing in infringement of this Regulation, the controller or processor should evaluate the risks inherent in the processing and implement measures to mitigate those risks, such as encryption.||
Anticipate security threats by implementing strong data protection solutions
In order to enhance transparency and compliance with this Regulation, the establishment of certification mechanisms and data protection seals and marks should be encouraged, allowing data subjects to quickly assess the level of data protection of relevant products and services.
Make the level of security readable to end users
|This could, for example, include preventing unauthorized access to electronic communications networks and malicious code distribution and stopping ‘denial of service' attacks and damage to computer and electronic communication systems.||
Prevent unauthorized access to communications networks; execute only trusted firmware; guarantee device availability
The controller and the processor shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:
|Pseudonymization to ensure authenticity, confidentiality and availability; provide trusted devices and services|
Hardware security can help address these security requirements, providing:
- Robust true random number generation
- Onboard secure key storage
- Features to prevent side-channel attacks
- Secure boot to enable only trusted firmware
Maxim's MAXQ1061 DeepCover® cryptographic controller is an example of a turnkey solution that provides capabilities for secure storage, digital signature, encryption, secure boot, and TLS/SSL communication protocol. Designers don’t need to write firmware to run on the MAXQ1061, which reduces time to market (firmware development is needed for the main processor to integrate MAXQ1061 into the system). Design the MAXQ1061 coprocessor in from the start, or integrate it into an existing design to guarantee confidentiality, authenticity, and integrity of the device. Its cryptographic toolbox delivers key generation and storage up to full SSL/TLS/DTLS support via a high level of abstraction including TLS/DTLS key negotiation, ECSDA-based TLS/DTLS authentication, digital signature generation and verification, SSL/TLS/DTLS packet encryption, and MAC algorithms. You can also use the device to enable secure boot for an external generic microcontroller.
Secure authenticators can also protect medical devices, providing traceability, secure monitoring, usage monitoring, and a defense against counterfeiting. Maxim’s newest secure authenticator, the DS28E38, features ChipDNA™ physically unclonable function (PUF) technology to provide a high level of embedded security. Using the random electrical properties of IC devices, PUF circuitry produces a unique and repeatable root cryptographic key for each IC. The key is generated only when needed and is never stored anywhere on the chip. Attempted attacks would change the electrical characteristics of the PUF circuit, further impeding the attack. Given that security solutions themselves also come under attack, it’s nice to know that since the key isn’t really there, there's nothing to steal.
Like many other everyday things, medical devices are also becoming increasingly intelligent and connected. With this connectivity comes vulnerability—Wired has called medical devices the next security nightmare. Already, implantable cardiac defibrillators and pacemakers have been recalled due to security vulnerabilities. Counterfeiting is a possibility and so is reuse of limited-life medical endpoint peripherals beyond their targeted lifecycle. Security ICs provide a relatively simple, cost-effective means to strongly protect medical devices and address new data protection regulations.
Implantable pacemakers are among the medical devices that have faced recalls due to security vulnerabilities.