City Research Online

Authentication for Operators of Critical Medical Devices: A Contribution to Analysis of Design Trade-offs

Gadala, M., Strigini, L. ORCID: 0000-0002-4246-2866 & Fujdiak, R. (2022). Authentication for Operators of Critical Medical Devices: A Contribution to Analysis of Design Trade-offs. In: Proceedings of the 17th International Conference on Availability, Reliability and Security. ARES 20222: The 17th International Conference on Availability, Reliability and Security, 23-26 Aug 2022, Vienna, Austria. doi: 10.1145/3538969.3544474

Abstract

Increasingly evident safety risks due to attacks on safety-critical devices are causing new requirements for authentication of these devices’ human operators. These requirements have now extended to medical devices. However, authentication may also introduce new safety risks, reduce usability, cause delays, and/or encourage user behaviors that compromise the very security it should protect. Thus, design of authentication mechanisms needs to take on a holistic approach that considers such interrelationships, and the effects not just of the general method chosen (say, passwords vs. fingerprints), but also of its implementation details. We illustrate this problem on a medical case study. We report early steps in a trade-off analysis that captures interactions between safety, security, usability and performance issues, to assist designers in choosing and tuning viable solutions. A qualitative analysis to narrow down the field of possible solutions is followed by a probabilistic analysis. The analyses highlight non-obvious links between system attributes, especially links due to the complex way humans interact with, and adapt to, such devices. The probabilistic analysis systematically describes risk as a function of the authentication method and its design parameters. We show example results quantifying how some key design parameters produce opposite effects on risk due to accidental and malicious causes, requiring a trade-off: the quantitative model allows the designer to manage this trade-off to achieve an acceptable level of overall risk, taking into account environmental factors like the expected prevalence of certain attack types. Both the qualitative and quantitative approaches aim to help device designers make rational decisions about authentication options and the tuning of their design parameters.

Publication Type: Conference or Workshop Item (Paper)
Additional Information: © 2022 Copyright held by the owner/author(s).
Publisher Keywords: authentication,medical security,trade-offs,access control,medical devices,safety risk,usability,qualitative analysis,probabilistic model,critical device,grace period
Subjects: Q Science > QA Mathematics > QA76 Computer software
R Medicine > RA Public aspects of medicine > RA0421 Public health. Hygiene. Preventive Medicine
T Technology > T Technology (General)
Departments: School of Science & Technology > Computer Science
School of Science & Technology > Computer Science > Software Reliability
[thumbnail of Authentication for Operators of Critical Medical Devices.pdf]
Preview
Text - Published Version
Available under License Creative Commons Attribution.

Download (532kB) | Preview

Export

Add to AnyAdd to TwitterAdd to FacebookAdd to LinkedinAdd to PinterestAdd to Email

Downloads

Downloads per month over past year

Loading...

View more statistics

Actions (login required)

Admin Login Admin Login