Cyber Physical Security Solutions for Pervasive Health Monitoring Systems

Cyber Physical Security Solutions for Pervasive Health Monitoring Systems

Krishna K. Venkatasubramanian, Sidharth Nabar, Sandeep K. S. Gupta, Radha Poovendran
DOI: 10.4018/978-1-4666-2770-3.ch022
(Individual Chapters)
No Current Special Offers


With a rapidly aging population, the healthcare community will soon face severe medical personnel shortage and rising costs. Pervasive Health Monitoring Systems (PHMS) can help alleviate this situation. PHMS provides continuous real-time monitoring of a person’s health using a (usually wireless) network of medical and ambient sensors/devices on the host (patients), called Body Area Networks (BANs). The sensitive nature of health information collected by PHMS mandates that patient’s privacy be protected by securing the medical data from any unauthorized access. The authors’ approach for addressing these issues focuses on a key observation that PHMS are cyber-physical systems (CPS). Cyber-physical systems are networked, computational platforms, deeply embedded in specific physical processes for monitoring and actuation purposes. In this work, they therefore present a novel perspective on securing PHMS, called Cyber Physical Security (CYPSec) solutions. CYPSec solutions are environmentally-coupled security solutions, which operate by combining traditional security primitives along with environmental features. Its use results in not only secure operation of a system but also the emergence of additional “allied” properties which enhance its overall capabilities. The principal focus of this chapter is the development of a new security approach for PHMS called CYPsec that leverages their cyber-physical nature. The authors illustrate the design issues and principals of CYPSec through two specific examples of this generic approach: (a) Physiological Signal based key Agreement (PSKA) is designed to enable automated key agreement between sensors in the BAN based on physiological signals from the body; and (b) Criticality Aware Access Control (CAAC) which has the ability to provide controlled opening of the system for emergency management. Further, they also discuss aspects such as altered threat-model, increased complexity, non-determinism, and mixed critical systems, that must be addressed to make CYPSec a reality.
Chapter Preview


Our society has been facing considerable challenges in recent years. Increasing traffic congestion, energy scarcity, climate change and many other issues have taken a turn for the worse and need urgent attention. One such area is that of providing quality healthcare to people, the primary focus on this chapter. The health-care system in most countries has increasingly come under pressure as the average age of their population increases and the number of elderly people swells. This will most likely lead to dire shortages of health-care personnel, and, if left unattended, could result in a drop in the quality of medical care and a substantial increase in health-care costs (World Population Ageing:1950-2050:), (Stanford, 2002). Technology can play a major role in alleviating these problems through the development of smart-infrastructures in the form of automated pervasive health monitoring technologies. Such systems can monitor a person’s health and alert appropriate health-care personnel in case of emergencies, thereby providing optimal care with minimal supervision.

The crucial technological breakthrough that has made this leap possible are miniaturized sensing, communication and processing platforms which can be embedded as a part of larger systems/processes for providing real-time monitoring and feedback control services (Adelstein, Gupta, Richard, & Schwiebert, 2005). Such systems, with platforms deeply embedded in physical processes, are called cyber-physical systems (CPS) (Tabuada, 2006). We call a system Cyber-Physical, if it has computing capability, a physical element (physical process operating in an environment), and a close coupling between the two. A recent survey found that a typical household has at least 100 microprocessors while a typical new model car has more than 100 of its own (Bass & Christensen, 2002). In fact, most of microprocessors are now embedded in systems which are not computers (Lee, Computing needs Time, 2009). The idea behind Cyber-Physical Systems is to incorporate intelligence in everyday objects/services in order to improve the efficiency of performing certain rudimentary but crucial tasks. Examples of CPS include simple systems such as smart coffee pots that can detect the decrease the temperature of its contents (coffee) and alert the user so that the coffee does not have to be unnecessarily re-heated to complex ones such as data-thermal aware scheduling in data-centers. Cyber-physical systems can play a huge role in alleviating the problems of providing improved healthcare through the realization of pervasive health monitoring systems (PHMS).

Complete Chapter List

Search this Book: