A dual-layer architecture for the protection of medical devices from anomalous instructions

Tom Mahler, Erez Shalom, Yuval Elovici, Yuval Shahar

International Conference on Artificial Intelligence in Medicine, 273-286, 2020

Complex medical devices are controlled by instructions sent from a host PC. Anomalous instructions introduce many potentially harmful threats to patients (e.g., radiation overexposure), to physical components (e.g., manipulation of device motors) devices, or to functionality (e.g., manipulation of medical images). Threats can occur due to cyber-attacks, human errors (e.g., a technician’s configuration mistake), or host PC software bugs. To protect medical devices, we propose to analyze the instructions sent from the host PC to the physical components using a new architecture for the detection of anomalous instructions. Our architecture includes two detection layers: (1) an unsupervised context-free (CF) layer that detects anomalies based solely on the instructions’ content and inter-correlations; and (2) a supervised context-sensitive (CS) layer that detects anomalies with respect to the classifier’s output …