Medical equipment such as electro-surgical systems, glucose monitors, pharmaceutical injectors, ultrasound imagers, and pulse oximeters use various plug-in tools, probes, sensors, and consumables that are crucial in determining the correct diagnoses or applying the correct therapy. If these tools and consumables are applied incorrectly, or if they are sourced from non-genuine channels, they could result in severe health consequences for the patient and severe economic and reputational consequences for the practice. Employing electronic authentication within medical products can insure that the products are used per the operating instructions.
One of the challenges in the medical industry is that products must be protected against counterfeiting throughout the whole supply chain and traceability is a key requirement in this area. Appropriate calibration of medical sensors or probes is also a key factor for accurate diagnostic, calibration parameters thus become sensitive data. Another requirement is usage control: consumables have by definition a limited number of usages. Again, if they are used over the number of times they have been designed for, this may have negative consequences for patient health and equipment manufacturer reputation.
Authentication circuitry can be embedded within a product to provide a solution for all of the above challenges.
Strong Authentication is Required
Because medical products can be expensive and in some cases produced in large quantities, there is a strong profit motive for counterfeiters to offer replacement or remanufactured products that can be lower in price and quality.
Counterfeiters have the technology to reverse engineer simple authentication techniques like serial number IDs or simple password solutions. Therefore, the electronic authentication solution chosen for use with medical products must offer strong authentication features in order to eliminate the possibility of non-genuine alternatives from being used. A crypto-strong method based on challenge-and-response authentication provides a solution that is backed by industry standards and practice.
An EEPROM can store sensitive data such as traceability information or calibration parameters as long as it is tamper proof and has authenticated write access. The tamper proof EEPROM technology of the DeepCover™ authentication ICs associated to authenticated read and write enable to manage usage control and expiration date of accessories or consumable. Only authorized entries are allowed to program the expiration date or usage counter in the EEPROM memory making impossible for an attacker to reset the number of usages or set the expiration date beyond the intended one. The content of the EEPROM can be authenticated using the SHA-256 or ECDSA algorithms and then the contents can be trusted.
Maxim's DeepCover® Secure Authenticators meet and exceed these requirements with features including Crypto based on symmetric-key SHA-256 (secure hash algorithm) or asymmetric-key ECDSA (elliptic-curve digital signature algorithm).
Medical Application: Traceability
The above diagram shows an application that provides authenticated results data to be transferred from a blood glucose meter into a smart phone for subsequent transfer to a patient's record. Authentication verifies the data came from a specific device.
| Back to Top |
Medical Application: Secure Monitoring
The above diagram shows an application that authenticates the consumable and also provides authenticated usage information back to a central processing site for transfer to a patient's record.
| Back to Top |
Medical Application: Enforcing One-Time Use of Surgical Tool
In the diagram above, a secure memory keeps a count of the number of times a surgical tool has been used while also ensuring that the tool is authentic.
| Back to Top |
Authentication Process Flow
Implementing strong authentication within a product requires a few extra steps during manufacturing and in field usage. These flow diagrams outline the procedures.
- Symmetric-Key-Based Bidirectional Secure Authentication Model Based on SHA-256
- Strong Authentication with a High-Bit-Count User-Programmable Secret and Input Challenge
- 512 Bits of User EEPROM Partitioned Into Two Pages of 256 Bits
- SHA-256 Engine to Operate a Symmetric-Key-Based Bidirectional Secure Authentication Model
- Two 32-Byte Pages of User EEPROM with Multiple Programmable Protection Options
- 1-Wire Master Port with Selectable Active or Passive 1-Wire Pullup
|Application Note||5779||Introduction to SHA-256 Master/Slave Authentication|
|Tutorial||5716||Hardware Security ICs Offer Large Security Returns at a Low Cost|
|Application Note||4623||Smart Cable Aids Quality Control and Authentication|
|Application Note||3675||Protect Your R&D Investment with Secure Authentication|