{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T15:51:50Z","timestamp":1743004310930,"version":"3.40.3"},"publisher-location":"Cham","reference-count":30,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031388538"},{"type":"electronic","value":"9783031388545"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-38854-5_5","type":"book-chapter","created":{"date-parts":[[2023,7,22]],"date-time":"2023-07-22T21:01:44Z","timestamp":1690059704000},"page":"73-96","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Security Analysis of\u00a0the\u00a0Internet of\u00a0Medical Things (IoMT): Case Study of\u00a0the\u00a0Pacemaker Ecosystem"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4456-6279","authenticated-orcid":false,"given":"Guillaume","family":"Bour","sequence":"first","affiliation":[]},{"given":"Anniken Wium","family":"Lie","sequence":"additional","affiliation":[]},{"given":"Jakob Stenersen","family":"Kok","sequence":"additional","affiliation":[]},{"given":"Bendik","family":"Markussen","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1786-1133","authenticated-orcid":false,"given":"Marie Elisabeth Gaup","family":"Moe","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2874-3650","authenticated-orcid":false,"given":"Ravishankar","family":"Borgaonkar","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,7,23]]},"reference":[{"key":"5_CR1","unstructured":"OWASP firmware security testing methodology. https:\/\/scriptingxss.gitbook.io\/firmware-security-testing-methodology\/"},{"key":"5_CR2","unstructured":"Block, C.C.: Muddy waters report - St. Jude Medical, Inc. Technical report, Muddy Waters Capital LLC (2016). http:\/\/www.muddywatersresearch.com\/research\/stj\/mw-is-short-stj\/"},{"key":"5_CR3","doi-asserted-by":"publisher","unstructured":"Bour, G., Moe, M.E.G., Borgaonkar, R.: Experimental security analysis of connected pacemakers. In: Roque, A.C.A., Fred, A.L.N., Gamboa, H. (eds.) Proceedings of the 15th International Joint Conference on Biomedical Engineering Systems and Technologies, BIOSTEC 2022, Volume 1: BIODEVICES, Online Streaming, 9\u201311 February 2022, pp. 35\u201345. SCITEPRESS (2022). https:\/\/doi.org\/10.5220\/0010816900003123","DOI":"10.5220\/0010816900003123"},{"key":"5_CR4","unstructured":"Bour, G.N.: Security analysis of the pacemaker home monitoring unit: a blackbox approach. Master\u2019s thesis, NTNU (2019)"},{"key":"5_CR5","doi-asserted-by":"publisher","first-page":"272","DOI":"10.1016\/j.jbi.2015.04.007","volume":"55","author":"C Camara","year":"2015","unstructured":"Camara, C., Peris-Lopez, P., Tapiador, J.E.: Security and privacy issues in implantable medical devices: a comprehensive survey. J. Biomed. Inform. 55, 272\u2013289 (2015)","journal-title":"J. Biomed. Inform."},{"key":"5_CR6","unstructured":"CISA: ICS Medical Advisory (ICSMA-20-170-05) (2020). https:\/\/us-cert.cisa.gov\/ics\/advisories\/icsma-20-170-05. Accessed 30 Sept 2021"},{"key":"5_CR7","unstructured":"Denning, T., Fu, K., Kohno, T.: Absence makes the heart grow fonder: new directions for implantable medical device security. In: HotSec (2008)"},{"key":"5_CR8","unstructured":"Digital, N.: A clear and present danger (2022). https:\/\/digital.nhs.uk\/features\/a-real-and-present-danger"},{"key":"5_CR9","unstructured":"Europol: Covid-19 sparks upward trend in cybercrime (2022). https:\/\/www.europol.europa.eu\/media-press\/newsroom\/news\/covid-19-sparks-upward-trend-in-cybercrime"},{"key":"5_CR10","unstructured":"F\u00e6restrand, S.: Telekardiologi for jernmonitorering av pacemaker og icd (2010). https:\/\/www.legeforeningen.no\/contentassets\/4896657d08894a6886de725113d89de4\/hjerteforum3-2010web08telemedisin.pdf"},{"key":"5_CR11","unstructured":"Golde, N., Feldmann, A.: SMS vulnerability analysis on feature phones. Master\u2019s thesis (2011)"},{"key":"5_CR12","doi-asserted-by":"crossref","unstructured":"Halperin, D., et al.: Pacemakers and implantable cardiac defibrillators: software radio attacks and zero-power defenses. In: 2008 IEEE Symposium on Security and Privacy (SP 2008), pp. 129\u2013142. IEEE (2008)","DOI":"10.1109\/SP.2008.31"},{"key":"5_CR13","unstructured":"Secure design best practice guide (2020). https:\/\/www.iotsecurityfoundation.org\/wp-content\/uploads\/2019\/03\/Best-Practice-Guides-Release-1.2.1.pdf"},{"key":"5_CR14","unstructured":"ISECOM: OSSTMM. https:\/\/www.isecom.org\/OSSTMM.3.pdf"},{"key":"5_CR15","unstructured":"Justis- og beredskapsdepartementet, Helse- og omsorgsdepartementet: Forskrift om medisinsk utstyr (2005). https:\/\/lovdata.no\/dokument\/SF\/forskrift\/2005-12-15-1690\/%2FT1%2Ftextsection1-5#\/T1\/textsection1-5"},{"key":"5_CR16","unstructured":"Kok, J.S., Markussen, B.A.: Fuzzing the pacemaker home monitoring unit. Master\u2019s thesis, NTNU (2020)"},{"issue":"3","key":"5_CR17","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1109\/LES.2013.2276434","volume":"5","author":"C Li","year":"2013","unstructured":"Li, C., Raghunathan, A., Jha, N.K.: Improving the trustworthiness of medical device software with formal verification methods. IEEE Embed. Syst. Lett. 5(3), 50\u201353 (2013)","journal-title":"IEEE Embed. Syst. Lett."},{"key":"5_CR18","unstructured":"Lie, A.W.: Security analysis of wireless home monitoring units in the pacemaker ecosystem. Master\u2019s thesis, NTNU (2019)"},{"key":"5_CR19","doi-asserted-by":"crossref","unstructured":"Marin, E., Singel\u00e9e, D., Garcia, F.D., Chothia, T., Willems, R., Preneel, B.: On the (in) security of the latest generation implantable cardiac defibrillators and how to secure them. In: Proceedings of the 32nd Annual Conference on Computer Security Applications, pp. 226\u2013236 (2016)","DOI":"10.1145\/2991079.2991094"},{"key":"5_CR20","unstructured":"Mulliner, C., Golde, N., Seifert, J.P.: SMS of death: from analyzing to attacking mobile phones on a large scale (2011). https:\/\/www.usenix.org\/conference\/usenix-security-11\/sms-death-analyzing-attacking-mobile-phones-large-scale"},{"key":"5_CR21","unstructured":"OWASP embedded application security (2020). https:\/\/owasp.org\/www-project-embedded-application-security\/"},{"key":"5_CR22","doi-asserted-by":"crossref","unstructured":"Rasmussen, K.B., Castelluccia, C., Heydt-Benjamin, T.S., Capkun, S.: Proximity-based access control for implantable medical devices. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 410\u2013419 (2009)","DOI":"10.1145\/1653662.1653712"},{"key":"5_CR23","unstructured":"Rios, B., Butts, J.: Security evaluation of the implantable cardiac device ecosystem architecture and implementation interdependencies (2017)"},{"key":"5_CR24","doi-asserted-by":"crossref","unstructured":"Rostami, M., Juels, A., Koushanfar, F.: Heart-to-heart (H2H) authentication for implanted medical devices. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 1099\u20131112 (2013)","DOI":"10.1145\/2508859.2516658"},{"key":"5_CR25","doi-asserted-by":"crossref","unstructured":"Savci, H.S., Sula, A., Wang, Z., Dogan, N.S., Arvas, E.: Mics transceivers: regulatory standards and applications [medical implant communications service]. In: Proceedings of the IEEE SoutheastCon, pp. 179\u2013182. IEEE (2005)","DOI":"10.1109\/SECON.2005.1423241"},{"key":"5_CR26","unstructured":"Schechter, S.: Security that is meant to be skin deep using ultraviolet micropigmentation to store emergency-access keys for implantable medical devices (2010)"},{"key":"5_CR27","unstructured":"Weinmann, R.P.: Baseband attacks: remote exploitation of memory corruptions in cellular protocol stacks. In: WOOT, pp. 12\u201321 (2012)"},{"issue":"3","key":"5_CR28","doi-asserted-by":"publisher","first-page":"562","DOI":"10.1109\/JSEN.2016.2633973","volume":"17","author":"G Zheng","year":"2016","unstructured":"Zheng, G., Shankaran, R., Orgun, M.A., Qiao, L., Saleem, K.: Ideas and challenges for securing wireless implantable medical devices: a review. IEEE Sens. J. 17(3), 562\u2013576 (2016)","journal-title":"IEEE Sens. J."},{"issue":"4","key":"5_CR29","doi-asserted-by":"publisher","first-page":"1546","DOI":"10.1109\/JBHI.2018.2864796","volume":"23","author":"G Zheng","year":"2018","unstructured":"Zheng, G., et al.: Finger-to-heart (F2H): authentication for wireless implantable medical devices. IEEE J. Biomed. Health Inform. 23(4), 1546\u20131557 (2018)","journal-title":"IEEE J. Biomed. Health Inform."},{"key":"5_CR30","doi-asserted-by":"crossref","unstructured":"Zheng, G., Zhang, G., Yang, W., Valli, C., Shankaran, R., Orgun, M.A.: From WannaCry to WannaDie: security trade-offs and design for implantable medical devices. In: 2017 17th International Symposium on Communications and Information Technologies (ISCIT), pp. 1\u20135. IEEE (2017)","DOI":"10.1109\/ISCIT.2017.8261228"}],"container-title":["Communications in Computer and Information Science","Biomedical Engineering Systems and Technologies"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-38854-5_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,10,24]],"date-time":"2024-10-24T21:02:50Z","timestamp":1729803770000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-38854-5_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031388538","9783031388545"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-38854-5_5","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"23 July 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"BIOSTEC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Joint Conference on Biomedical Engineering Systems and Technologies","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 February 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 February 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"biostec2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/biostec.scitevents.org\/?y=2022","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"PRIMORIS","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"262","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"21","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"8% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}