Toward a Safe and Secure Medical Internet of Things
is that ICE medical devices never interact directly with each other; all interaction is coordinated and controlled via the ICE apps. It is crucial that ICE apps exactly correspond to the specified task they were designed for.
The ICE Data Logger is dedicated to logging communication and other important events within the Network Controller and Supervisor. The data logger should also record security-related events.
ICE Equipment Interfaces declare the functional capabilities of the device( e. g., format of its data streams, commands to which it responds) along with non-functional properties of the data such as the rate at which data elements are streamed from the device. It is crucial that ICE Interfaces are designed with considerations for usable security, for both developers and clinical end-users.
2.2 Background on Data Distribution Service: A Communication Platform for ICE
Many communication standards have been proposed for dynamically composable and interoperable medical devices and information systems. Unfortunately, few of them include security mechanisms that are flexible and comprehensive enough to meet current and future safety needs [ 2 ]. In fact, recent work [ 2 ] has shown that there are significant gaps between required security properties for these systems and those that can be addressed even by a combination of currently standardized protocols. Safety considerations in these standardization efforts are effectively incomplete due to a lack of appropriate security analysis. Unfortunately, the promising ICE standard is no different. To address this, we developed a prototype of ICE based on RTI’ s implementation of the Object Management Group( OMG) Data Distribution Service( DDS) [ 3 ] as the ICE Network Controller, with the hopes of identifying & addressing a number of such gaps.
DDS is a communications API and an interoperability standard that provides a data-centric publish-subscribe model for integrating loosely coupled real-time distributed systems. A key feature of DDS is that it is data-centric in the sense that it separates state management and data distribution from application logic and supports discoverable data models. This exposes the data model to the communication middleware, enabling the DDS middleware to reason about and optimize the performance of data movement within the system. In order to customize run-time behavior and achieve a desired performance profile, DDS allows publishing and subscribing entities to express several quality-of-service( QoS) parameters. The offered versus requested QoS requirements of the participating entities are matched before any communication can proceed. The standard DDS QoS parameters include durability, reliability, deadline, resource limits, ownership, liveliness and several others [ 3 ].
DDS is currently being used as an Industrial Internet connectivity platform in many critical applications [ 10 ] within healthcare [ 5 ][ 11 ][ 12 ] [ 13 ][ 14 ][ 15 ][ 16 ][ 17 ][ 24 ][ 25 ], energy [ 21 ], transportation [ 20 ], and defense [ 22 ] sectors.
- 8- June 2016