System-level Security for IoT-enabled e-Health Systems

The evolution of e-Health systems with increased connectivity through the advancement of the Internet of Things (IoT) has exposed them to a new frontier of cybersecurity vulnerabilities from which they were previously shielded. Healthcare providers today depend on nearly 100 million connected medical devices to deliver cost-effective and lifesaving treatment to patients, and the number of these connected devices is expected to double in the next 2-3 years. Unfortunately, the incidence of actual cyberattacks targeting healthcare providers is also increasing. According to Healthcare IT News (Healthcare IT News 2017), 44% of registered cybersecurity breaches in 2013 were in the healthcare industry, and this increased by 60% in 2014. According to the Ponemon Institute (Ponemon 2017), more than 90% of healthcare providers suffered at least one data breach in the last two years. Medical devices are already a target, as seen in attacks such as MEDJACK that started in 2015 and continues today. Additionally, the US Food and Drug Administration (FDA) has identified over 300 medical devices including drug infusion pumps, insulin pumps, heart pacemakers, and anesthesia devices that are at risk to cyberattacks. It is necessary to develop a comprehensive system-level security platform, capable of guaranteeing acceptable levels of security, privacy, and trust in a heterogeneous IoT-enabled e-health system. It is important to develop a system-level security management platform that can help to identify vulnerabilities in a heterogeneous e-health system and accordingly be used to develop suitable security mechanisms and protocols.