How to Prevent a Surgical Robot Hack

Monday, May 11, 2015 @ 02:05 PM gHale


Remote surgery via robot is a potential medical wave of the future, but the security of the entire operation remains up in the air.

That is where an engineering team at the University of Washington comes into play as they hacked a next generation teleoperated surgical robot to test how easily a malicious attack could hijack remotely-controlled operations in the future and to make those systems more secure.

RELATED STORIES
Working to Secure FPGAs
Self-Control a Key Security Factor
Cloud Security in Disguise
Nano Sandwich Improves Battery Life

Real-world teleoperated robots, controlled by a human who may be in another physical location, will become more commonplace as the technology evolves. They’re ideal for situations that are dangerous for people, like fighting fires in chemical plants, diffusing explosive devices or extricating earthquake victims from collapsed buildings.

Outside of a handful of experimental surgeries conducted remotely, doctors typically use surgical robots today to operate on a patient in the same room using a secure, hardwired connection. But telerobots may one day routinely provide medical treatment in underdeveloped rural areas, battlefield scenarios, Ebola wards or catastrophic disasters happening half a world away.

In two papers, UW BioRobotics Lab researchers demonstrated next generation teleoperated robots using nonprivate networks — which may be the only option in disasters or in remote locations — can easily end up disrupted or derailed by common forms of cyber attacks. Incorporating security measures to foil those attacks will be critical to their safe adoption and use, the authors said.

“We want to make the next generation of telerobots resilient to some of the threats we’ve detected without putting an operator or patient or any other person in the physical world in danger,” said lead author Tamara Bonaci, a UW doctoral candidate in electrical engineering.

To expose vulnerabilities, the UW team mounted common types of cyber attacks as study participants used a teleoperated surgical robot developed at the UW for research purposes to move rubber blocks between pegs on a pegboard.

By mounting “man in the middle” attacks, which alter the commands flowing between the operator and robot, the team was able to maliciously disrupt a wide range of the robot’s functions — making it hard to grasp objects with the robot’s arms — and even to completely override command inputs. During denial-of-service attacks, in which the attacking machine flooded the system with useless data, the robots became jerky and harder to use.

In some cases, the human operators were eventually able to compensate for those disruptions, given the relatively simple task of moving blocks. In situations where precise movements can mean the difference between life and death — such as surgery or a search and rescue extrication — these types of cyber attacks could have more serious consequences, the researchers said.

With a single packet of bad data, the team was able to trigger the robot’s emergency stop mechanism, rendering it useless.

Tests conducted with the Raven II, an open source teleoperated robotic system developed by UW electrical engineering professor Blake Hannaford and former UW professor Jacob Rosen, along with their students. Raven II, currently manufactured and sold by Seattle-based Applied Dexterity Inc., a UW spin-out, is a next generation teleoperated robotic system designed to support research in advanced techniques of robotic-assisted surgery. The system is not currently in clinical use and does not have FDA approval.

The surgical robots that have FDA approval for clinical use today typically allow a surgeon to remove tumors, repair heart valves or perform other procedures in a less invasive way, use a different communication channel and typically do not rely on publicly available networks, which would make the cyber attacks the UW team tested much harder to mount.

Along the lines heard in manufacturing all the time: Design in security first. So, if teleoperated robots end up used in locations where there’s no secure alternative to networks or other communication channels that are easy to hack, it’s important to begin designing and incorporating additional security features now, the researchers said.

“If there’s been a disaster, the network has probably been damaged too. So you might have to fly a drone and put a router on it and send signals up to it,” said Howard Chizeck, UW professor of electrical engineering and co-director of the UW BioRobotics Lab.

“In an ideal world, you’d always have a private network and everything could be controlled, but that’s not always going to be the case. We need to design for and test additional security measures now, before the next generation of telerobots are deployed.”

Encrypting data packets that flow between the robot and human operator would help prevent certain types of cyber attacks. But it isn’t effective against denial-of-service attacks that bog down the system with extraneous data. With video, encryption also runs the risk of causing unacceptable delays in delicate operations.

The UW team is also developing the concept of “operator signatures,” which leverage the ways in which a particular surgeon or other teleoperator interacts with a robot to create a unique biometric signature.

By tracking the forces and torques that a particular operator applies to the console instruments and his or her interactions with the robot’s tools, the researchers created a way to validate that person’s identity and authenticate the operator is the person he or she claims to be.

Moreover, monitoring those actions and reactions during a telerobotic procedure could give early warning that someone else has hijacked that process.

“Just as everyone signs something a little bit differently and you can identify people from the way they write different letters, different surgeons move the robotic system differently,” Chizeck said. “This would allow us to detect and raise the alarm if all of a sudden someone who doesn’t seem to be operator A is maliciously controlling or interfering with the procedure.”



Leave a Reply

You must be logged in to post a comment.