Reducing computer viruses in health networks

Aug 19, 2013
Reducing computer viruses in health networks

The hospital IT networks and medical devices that doctors rely on to treat patients are susceptible to their own maladies—computer viruses and other malware.

Whether a bug accidentally finds its way into a system, or an attacker intentionally injects one, researchers believe such breaches are happening more often with the growth of technology such as cloud computing.

Two engineering researchers from the University of Michigan are part of a national team that will work to improve the of the nation's health systems.

Associate Professor Kevin Fu and Research Associate Professor Michael Bailey, both in the Department of Electrical Engineering and Computer Science, are involved in the five-year Trustworthy Health and Wellness project that has received $10 million from the National Science Foundation. The project is one of three major cybersecurity awards totaling nearly $20 million announced by NSF.

Fu and Bailey will establish methods to scientifically study the extent of malware in hospital networks. While anecdotal evidence suggests the breadth of the problem, there's a need for high quality, reproducible measurements, the researchers say.

"Malicious software, or malware, can interrupt the function of , affecting the quality of patient care. By increasing the quality of the science, we seek to create more meaningful discussions about risks and benefits of adapting hospital networks to the threat of malware," said Fu, who directs the Archimedes Research Center for Medical Device Security.

Malware can slow down medical devices and interfere with the integrity of their sensors, but current solutions have drawbacks. A deluge of passwords would interrupt clinical workflow and could increase the chance of , for example.

"A challenge is to find approaches that improve the safety and effectiveness of medical devices," Bailey said.

A Dartmouth College professor leads the project, which aims to improve the trustworthiness of health and wellness information systems as they're increasingly pushed into mobile devices and cloud-based services, according to the NSF news release.

"Our research is motivated by the rapid deployment of mobile and cloud information technologies in healthcare, both in clinical settings and at home," said lead investigator David Kotz, the Champion International Professor of Computer Science at Dartmouth. "We aim to help these technologies reach their full potential by ensuring they can protect the integrity of medical data and the privacy of patient information."

The team will work to establish better authentication and privacy tools, trustworthy control of medical devices and effective methods to detect malware, compute trust metrics and audit medical information systems and networks. In the long term, this project will help create health systems that patients can trust to protect their privacy, and that health professionals can rely on to ensure data security, the NSF news release states.

The interdisciplinary team involves experts with backgrounds in , business, behavioral health, health policy and care information technology. In addition to Dartmouth and U-M, researchers from the University of Illinois and Johns Hopkins University are also participating.

The project is one of three grants NSF announced on Aug. 15 through its Secure and Trustworthy Cyberspace program, supporting collaborative, multi-university research and educational activities that will help protect the nation's vast critical infrastructure and enable a more secure information society.

Explore further: Singapore moves to regulate taxi booking apps

add to favorites email to friend print save as pdf

Related Stories

Security experts sound medical device malware alarm

Oct 19, 2012

(Phys.org)—Speakers at a government gathering revealed more reasons for nervous patients to get out their worry beads over future hospital stays. Besides staph infections, wrong-side surgeries and inaccurate ...

NIST provides draft guidelines to secure mobile devices

Nov 01, 2012

The National Institute of Standards and Technology (NIST) has published draft guidelines that outline the baseline security technologies mobile devices should include to protect the information they handle. Smart phones, ...

Recommended for you

Singapore moves to regulate taxi booking apps

Nov 21, 2014

Singapore on Friday announced new rules for mobile taxi booking apps, including US-based Uber, in the latest move by governments around the world to regulate the increasingly popular services.

Protecting personal data in the cloud

Nov 20, 2014

IBM today announced it has patented the design for a data privacy engine that can more efficiently and affordably help businesses protect personal data as it is transferred between countries, including across private clouds.

Gift Guide: Dragons, aliens, heroes for the gamer

Nov 19, 2014

Sony's PlayStation 4 video-game console has built an impressive lead over its competitors. That's good news for holiday shoppers because it has driven Microsoft and Nintendo to offer more budget-friendly ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.