{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T15:31:08Z","timestamp":1773156668702,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":8,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,11,20]],"date-time":"2023-11-20T00:00:00Z","timestamp":1700438400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,20]]},"DOI":"10.1145\/3689942.3694749","type":"proceedings-article","created":{"date-parts":[[2024,11,22]],"date-time":"2024-11-22T00:21:45Z","timestamp":1732234905000},"page":"1-9","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Position Paper: Computer-Related Health Risks"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0008-1197-8000","authenticated-orcid":false,"given":"Peter G.","family":"Neumann","sequence":"first","affiliation":[{"name":"Chief Scientist SRI Computer Science Laboratory, Menlo Park, CA, USA"}]}],"member":"320","published-online":{"date-parts":[[2024,11,21]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Nancy Leveson has a series of books on human safety each in succession wrapping the readers? arms more closely to the enormous complications that must be dealt with. She is a close colleague and her work is a hugely important resource for the technological aspects of safety. Her most recent books and research papers are enumerated on her website and speak for themselves. http:\/\/sunnyday.mit.edu\/."},{"key":"e_1_3_2_1_2_1","volume-title":"Computer-Related Risks","author":"My","year":"1995","unstructured":"My own book reflects a desire to look at past and recurring problems holistically: Computer-Related Risks, Addison-Wesley and ACM Press, 1995. It considers trustworthiness as an overarching requirement that encompasses security, reliability, safety, survivability, and other -ilities in a total-system integrative way. The tragedy is that almost everything negative described in the book is still happening today, and that most of the desired remediations have basically been ignored by system developers and nations -- they are not paying attention to reality. However, we must remember that technology alone is not the answer -- although today's technology is pitifully inadequate, especially in supporting systems with critical requirements for trustworthiness."},{"key":"e_1_3_2_1_3_1","volume-title":"SRI Computer Science Laboratory","author":"John M.","year":"1989","unstructured":"A 1989 report by my colleagues JohnM. Rushby and R. Alan Whitehurst was prescient: Formal verification of AI software. It considered using formal analysis of AI1q systems to increase their assurance. (See Final report for NASA, SRI Computer Science Laboratory, February 1989: https:\/\/www.csl.sri.com\/papers\/csl-88--7\/.) In retrospect, that report has become extremely relevant today -- in light of the enormous lack of assurance in today's AI feeding frenzy of low-assurance commercial AI systems (e.g., see Bruce Schneier, AI and Trust, 2023: https:\/\/www.belfercenter.org\/publication\/ai-and-trust). Fortunately, intelligent AI researchers have been getting that message more readily than commercial AI providers."},{"key":"e_1_3_2_1_4_1","unstructured":"Our SRI Computer Science Lab has for several decades been exploring the application of formal mathematical logic to the biosciences. I firmly believe that their approach holds enormous progress for the linkages (e.g. integrating the immune and neurological systems) that are needed for a truly holistic approach to healthcare. Carolyn Talcott has been leading that effort with our Division President Patrick Lincoln cheering her on. Sylvan Pinsky is also contributing remotely as a still-active alumnus. In collaboration with biologists this ongoing project develops evidence-based formal models of cellular response to external signals (drugs stress messages from other cells). Formal analysis tools support using these models for in-silico experiments explaining and predicting side-effects of drugs understanding host-pathogen interactions among other things. The project has made available online a database of experimental findings curated from published works that provides supporting evidence for the models: http:\/\/www.datum.csl.sri.com There is also a growing literature of work by others in this direction as well."},{"key":"e_1_3_2_1_5_1","unstructured":"For those readers who need more hope for the future I would suggest visiting our CHERI website in Cambridge UK: https:\/\/www.cl.cam.ac.uk\/research\/security\/ctsrd\/cheri\/ CHERI has the potential to be the most trustworthy hardware-software clean-slate general-purpose system architecture ever and it is beginning to be recognized as a unique breakthrough. CHERI is a joint effort between SRI and the University of Cambridge under development and evaluation since 2010. It has commercial manifestations (e.g. experimental CHERI-Arm-Morello boards whose specifications have been formally proven to satisfy critical security properties) and open-sourced CHERI-RISC-V and CHERI-FreeBSD with two real-time operating systems plus recent support from Codasip. The White House has recently reported that CHERI is the only current system providing extensive memory safety. On the other hand the devil is always in the details and even the most secure hardware does not imply the most secure software."},{"key":"e_1_3_2_1_6_1","unstructured":"This contribution ends with a very personal note. My daughter Helen has a practice of Oriental Medicine and is currently undergoing some intense detox programs attempting to remove several forever chemicals and other immune-system detractors left over from 30-plus years of chronic Lyme Disease. I have come to the conclusion that the missing links today are the holistic ones -- for example between the immune system and the nervous system both of which are together impaired in Helen. For example as a result of functional medicine her glyphosate level was cut dramatically as were her mercury lead palladium malathion Round-Up components and lots more. The list of toxicities before the detox program was considerable. (The Palladium toxicities are still much too high.) However her knowledge discipline and determination -- and commitment to as full a recovery as possible -- have been daunting and are a great source of encouragement. Unfortunately this treatment is well outside of standard-care practices."},{"key":"e_1_3_2_1_7_1","unstructured":"A relevant book Helen shared with me is by Sara Szal Gottfried The Autoimmune Cure: https:\/\/www.saragottfriedmd.com. This is a holistic book (her fifth) -- heavily annotated with an outstanding bibliography. It seems to be close to where I think integrative healthcare needs to go in the future despite the economic arguments for not going outside of an AMA box that does not actually exist. The possibilities of everything related to healthcare still seem to be open-ended with respect to diagnosis treatment and the end-game -- also open-ended relating to new risks from both new and old approaches. Many of them may be related to our immune systems and our overly toxic environments."},{"key":"e_1_3_2_1_8_1","unstructured":"Holistically the possibilities of everything related to healthcare still seem to be open-ended with respect to diagnosis treatment and the end-game -- also open-ended relating to new risks from both new and old approaches. Many of them may be related to our immune systems and our overly toxic environments. In retrospect our holistic approach discovers that many of the pieces are interwoven. Thus we come again to the observation that I noted in the introduction: there never was a box and that trying to enforce it was a gigantic mistake that is hindering efforts to reform the healthcare systems."}],"event":{"name":"CCS '24: ACM SIGSAC Conference on Computer and Communications Security","location":"Salt Lake City UT USA","acronym":"CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2024 Workshop on Cybersecurity in Healthcare"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3689942.3694749","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3689942.3694749","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,23]],"date-time":"2025-08-23T02:29:49Z","timestamp":1755916189000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3689942.3694749"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,20]]},"references-count":8,"alternative-id":["10.1145\/3689942.3694749","10.1145\/3689942"],"URL":"https:\/\/doi.org\/10.1145\/3689942.3694749","relation":{},"subject":[],"published":{"date-parts":[[2023,11,20]]},"assertion":[{"value":"2024-11-21","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}