Related papers: Systems-Theoretic and Data-Driven Security Analysis in ML-enabled Medical Devices

Systems-Theoretic and Data-Driven Security Analysis in ML-enabled Medical Devices

URL: http://arxiv.org/abs/2506.15028v1
Date: Wed, 18 Jun 2025 00:05:48 GMT
Title: Systems-Theoretic and Data-Driven Security Analysis in ML-enabled Medical Devices
Authors: Gargi Mitra, Mohammadreza Hallajiyan, Inji Kim, Athish Pranav Dharmalingam, Mohammed Elnawawy, Shahrear Iqbal, Karthik Pattabiraman, Homa Alemzadeh,
Abstract summary: We analyze publicly available data on device recalls and adverse events, and known vulnerabilities, to understand the threat landscape of AI/ML-enabled medical devices.<n>Our work aims to empower manufacturers to embed cybersecurity as a core design principle in AI/ML-enabled medical devices.
Score: 6.197430230611422
License: http://creativecommons.org/licenses/by/4.0/
Abstract: The integration of AI/ML into medical devices is rapidly transforming healthcare by enhancing diagnostic and treatment facilities. However, this advancement also introduces serious cybersecurity risks due to the use of complex and often opaque models, extensive interconnectivity, interoperability with third-party peripheral devices, Internet connectivity, and vulnerabilities in the underlying technologies. These factors contribute to a broad attack surface and make threat prevention, detection, and mitigation challenging. Given the highly safety-critical nature of these devices, a cyberattack on these devices can cause the ML models to mispredict, thereby posing significant safety risks to patients. Therefore, ensuring the security of these devices from the time of design is essential. This paper underscores the urgency of addressing the cybersecurity challenges in ML-enabled medical devices at the pre-market phase. We begin by analyzing publicly available data on device recalls and adverse events, and known vulnerabilities, to understand the threat landscape of AI/ML-enabled medical devices and their repercussions on patient safety. Building on this analysis, we introduce a suite of tools and techniques designed by us to assist security analysts in conducting comprehensive premarket risk assessments. Our work aims to empower manufacturers to embed cybersecurity as a core design principle in AI/ML-enabled medical devices, thereby making them safe for patients.

Related papers

Securing the Internet of Medical Things (IoMT): Real-World Attack Taxonomy and Practical Security Measures [3.99381596255401]
The Internet of Medical Things (IoMT) has the potential to radically improve healthcare by enabling real-time monitoring, remote diagnostics, and AI-driven decision making.<n>However, the connectivity, embedded intelligence, and inclusion of a wide variety of novel sensors expose medical devices to severe cybersecurity threats.<n>We provide a taxonomy of potential attacks targeting IoMT, presenting attack surfaces, vulnerabilities, and mitigation strategies across all layers of the IoMT architecture.
arXiv Detail & Related papers (2025-07-25T18:24:45Z)
Frontier AI's Impact on the Cybersecurity Landscape [42.771086928042315]
This paper presents an in-depth analysis of frontier AI's impact on cybersecurity.<n>We first define and categorize the marginal risks of frontier AI in cybersecurity.<n>We then systemically analyze the current and future impacts of frontier AI in cybersecurity.
arXiv Detail & Related papers (2025-04-07T18:25:18Z)
An Approach to Technical AGI Safety and Security [72.83728459135101]
We develop an approach to address the risk of harms consequential enough to significantly harm humanity.<n>We focus on technical approaches to misuse and misalignment.<n>We briefly outline how these ingredients could be combined to produce safety cases for AGI systems.
arXiv Detail & Related papers (2025-04-02T15:59:31Z)
Cybersecurity and Frequent Cyber Attacks on IoT Devices in Healthcare: Issues and Solutions [0.0]
Internet of Things (IoT) devices in healthcare have revolutionized patient care, offering improved monitoring, diagnostics, and treatment.<n>However, the proliferation of these devices has also introduced significant cybersecurity challenges.<n>This paper reviews the current landscape of cybersecurity threats targeting IoT devices in healthcare, discusses the underlying issues contributing to these vulnerabilities, and explores potential solutions.
arXiv Detail & Related papers (2025-01-20T03:29:07Z)
A Review on the Security Vulnerabilities of the IoMT against Malware Attacks and DDoS [0.0]
The Internet of Medical Things (IoMT) has transformed the healthcare industry by connecting medical devices in monitoring treatment outcomes of patients.<n>This literature review examines the vulnerabilities of IoMT devices, focusing on critical threats and exploring mitigation strategies.
arXiv Detail & Related papers (2025-01-13T21:29:06Z)
Open Problems in Machine Unlearning for AI Safety [61.43515658834902]
Machine unlearning -- the ability to selectively forget or suppress specific types of knowledge -- has shown promise for privacy and data removal tasks.<n>In this paper, we identify key limitations that prevent unlearning from serving as a comprehensive solution for AI safety.
arXiv Detail & Related papers (2025-01-09T03:59:10Z)
SoK: Security and Privacy Risks of Healthcare AI [15.655956766190256]
The integration of artificial intelligence (AI) and machine learning (ML) into healthcare systems holds great promise for enhancing patient care.<n>However, it also exposes sensitive data and system integrity to potential cyberattacks.<n>Current security and privacy (S&P) research on healthcare AI is highly unbalanced in terms of healthcare deployment scenarios and threat models.
arXiv Detail & Related papers (2024-09-11T16:59:58Z)
Systematically Assessing the Security Risks of AI/ML-enabled Connected Healthcare Systems [4.508868068781058]
We show that the use of ML in medical systems has security risks that might cause life-threatening damage to a patient's health in case of adversarial interventions. These new risks arise due to security vulnerabilities in the peripheral devices and communication channels. We show that state-of-the-art risk assessment techniques are not adequate for identifying and assessing these new risks.
arXiv Detail & Related papers (2024-01-30T16:15:55Z)
The Security and Privacy of Mobile Edge Computing: An Artificial Intelligence Perspective [64.36680481458868]
Mobile Edge Computing (MEC) is a new computing paradigm that enables cloud computing and information technology (IT) services to be delivered at the network's edge. This paper provides a survey of security and privacy in MEC from the perspective of Artificial Intelligence (AI) We focus on new security and privacy issues, as well as potential solutions from the viewpoints of AI.
arXiv Detail & Related papers (2024-01-03T07:47:22Z)
Towards Evaluating the Security of Wearable Devices in the Internet of Medical Things [0.0]
The Internet of Medical Things (IoMT) offers a promising solution to improve patient health and reduce human error. Wearable smart infusion pumps that accurately administer medication and integrate with electronic health records are an example of technology that can improve healthcare. However, as the number of connected medical devices increases, the risk of cyber threats also increases.
arXiv Detail & Related papers (2023-12-13T14:12:52Z)
A Framework for Evaluating the Cybersecurity Risk of Real World, Machine Learning Production Systems [41.470634460215564]
We develop an extension to the MulVAL attack graph generation and analysis framework to incorporate cyberattacks on ML production systems. Using the proposed extension, security practitioners can apply attack graph analysis methods in environments that include ML components.
arXiv Detail & Related papers (2021-07-05T05:58:11Z)
Inspect, Understand, Overcome: A Survey of Practical Methods for AI Safety [54.478842696269304]
The use of deep neural networks (DNNs) in safety-critical applications is challenging due to numerous model-inherent shortcomings. In recent years, a zoo of state-of-the-art techniques aiming to address these safety concerns has emerged. Our paper addresses both machine learning experts and safety engineers.
arXiv Detail & Related papers (2021-04-29T09:54:54Z)
Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance. We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
arXiv Detail & Related papers (2020-10-19T13:09:31Z)

This list is automatically generated from the titles and abstracts of the papers in this site.