- BlogInfoSec.com - https://www.bloginfosec.com -

Safety & Security of Bionic Devices

There are so many articles these days about innovation and exciting new ideas. Such an article, by Daniel H. Wilson, with the title “Bionic Brains and Beyond,” appeared in the June 2-3, 2012 Wall Street Journal on the front page of the Review section. Dr. Wilson has just published a novel, “Amped,” which is about the use of bionics to enhance brain and physical functions. The novel considers the creation of a class of “superabled” people and the consequences.

While Wilson is rightfully worried about the potential social impact of these incredible technological advances, I am particularly concerned about the security and safety of such systems, having been immersed in this topic for more than a year. In the WSJ article, it is mentioned that “… communication with the [brain implant] device can take place wirelessly.” An example is given of patient who has a “chip implanted on the surface of his brain that allows him to move a mechanical arm.” I haven’t read the “Amped” novel yet, but intend to do so. Therefore I’m not sure whether Wilson addresses the issue of so-called EIDs (electrically initiated devices) and the potential impact of stray signals, natural events or intentional compromises on the operation of such bionic devices. The malfunctioning or failure of such devices could have devastating consequences were the systems not designed to fail safe and to protect themselves from evildoers and incompetents.

You can imagine situations in which millions of people become dependent on such bionic devices. What if there is an EMP (electromagnetic pulse), released by sunspot activity or a nuclear explosion, which wipes out the chips? What would happen then? While these events are improbable, there are other situations, which are far more likely, where one might be subjected to electromagnetic waves that alter or destroy such circuitry.
The military addresses the EID problem because of concern about electronic activation of explosives and interference with communications, and so on. But I haven’t read or seen anything about the need to test and/or shield bionic devices and to protect them from the consequences of accidental or intentional security and safety incidents. Perhaps some work is being done in this area—I certainly hope so.

Not that security and safety software engineers don’t have enough to worry about without piling more issues on them. But here is a field that is just gaining traction, and so it is the right time to introduce security and safety standards for bionics. So how about it?