Experimental Phantom-Based Security Analysis for Next-Generation Leadless Cardiac Pacemakers

Abstract

[EN] With technological advancement, implanted medical devices can treat a wide range of chronic diseases such as cardiac arrhythmia, deafness, diabetes, etc. Cardiac pacemakers are used to maintain normal heart rhythms. The next generation of these pacemakers is expected to be completely wireless, providing new security threats. Thus, it is critical to secure pacemaker transmissions between legitimate nodes from a third party or an eavesdropper. This work estimates the eavesdropping risk and explores the potential of securing transmissions between leadless capsules inside the heart and the subcutaneous implant under the skin against external eavesdroppers by using physical-layer security methods. In this work, we perform phantom experiments to replicate the dielectric properties of the human heart, blood, and fat for channel modeling between in-body-to-in-body devices and from in-body-to-off-body scenario. These scenarios reflect the channel between legitimate nodes and that between a legitimate node and an eavesdropper. In our case, a legitimate node is a leadless cardiac pacemaker implanted in the right ventricle of a human heart transmitting to a legitimate receiver, which is a subcutaneous implant beneath the collar bone under the skin. In addition, a third party outside the body is trying to eavesdrop the communication. The measurements are performed for ultrawide band (UWB) and industrial, scientific, and medical (ISM) frequency bands. By using these channel models, we analyzed the risk of using the concept of outage probability and determine the eavesdropping range in the case of using UWB and ISM frequency bands. Furthermore, the probability of positive secrecy capacity is also determined, along with outage probability of a secrecy rate, which are the fundamental parameters in depicting the physical-layer security methods. Here, we show that path loss follows a log-normal distribution. In addition, for the ISM frequency band, the probability of successful eavesdropping for a data rate of 600 kbps (Electromyogram (EMG)) is about 97.68% at an eavesdropper distance of 1.3 m and approaches 28.13% at an eavesdropper distance of 4.2 m, whereas for UWB frequency band the eavesdropping risk approaches 0.2847% at an eavesdropper distance of 0.22 m. Furthermore, the probability of positive secrecy capacity is about 44.88% at eavesdropper distance of 0.12 m and approaches approximately 97% at an eavesdropper distance of 0.4 m for ISM frequency band, whereas for UWB, the same statistics are 96.84% at 0.12 m and 100% at 0.4 m. Moreover, the outage probability of secrecy capacity is also determined by using a fixed secrecy rate.