A logging service as a universal subscriber

Sharp, Jayson

January 1900

Master of Science / Department of Computing and Information Sciences / Eugene Vasserman / As medical systems expand to allow for the increase the number of devices, new ways to protect patient safety have be developed. The Integrated Clinical Environment, ICE, standard sets up a set of standards that define what an integrated hospital system is. Within the specification is a direct call for a forensic logger that can be used to review patient and system data. The MDCF is one implementation of the ICE standard, but it lacked a key component the ICE standard requires, a logger. Many loggers exist in industry, with varying rates of success and usefulness. A medically sound logger has to be able to completely retell exactly what happened during an event, including patient, device, and system information, so that the right medical professional can provide the best care. Several loggers have been built for MDCF, but few were practical due to the invasiveness of the service. A universal subscriber, a service that is able to connect to all publishing data streams, logging service was built for the MDCF which has the ability to record all information that passes over the MDCF messaging service. This implementation was then stress tested with varying numbers of devices and amounts of data. A reviewing tool was also built that allows for replay of device data that is similar to the original device UI. Future work will include looking into storing system information such as state changes within MDCF and system health. There is also a push to further integrate the forensic reviewer into the core MDCF UI.

Medical Device Coordination Framework

Universal subscriber

Logger

Computer Science (0984)

A security architecture for medical application platforms

Salazar, Carlos

January 1900

Master of Science / Department of Computing and Information Sciences / Eugene Vasserman / The Medical Device Coordination Framework (MDCF) is an open source Medical Application Platform (MAP) that facilitates interoperability between heterogeneous medical devices. The MDCF is designed to be an open test bed for the conceptual architecture described by the Integrated Clinical Environment (ICE) interoperability standard. In contrast to existing medical device connectivity features that only provide data logging and display capabilities, a MAP such as the MDCF also allows medical devices to be controlled by apps. MAPs are predicted to enable many improvements to health care, however they also create new risks to patient safety and privacy that need to be addressed. As a result, MAPs such as the MDCF and other ICE-like systems require the integration of security features. This thesis lays the groundwork for a comprehensive security architecture within the MDCF. Specifically, we address the need for access control, device certification, communication security, and device authentication. We begin by describing a system for ensuring the trustworthiness of medical devices connecting to the MDCF. To demonstrate trustworthiness of a device, we use a chain of cryptographic certificates which uniquely identify that device and may also serve as non- forgeable proof of regulatory approval, safety testing, or compliance testing. Next, we cover the creation and integration of a pluggable, flexible authentication system into the MDCF, and evaluate the performance of proof-of-concept device authentication providers. We also discuss the design and implementation of a communication security system in the MDCF, which enables the creation and use of communication security providers which can provide data confidentiality, integrity, and authenticity. We conclude this work by presenting the requirements and a high level design for a Role-Based Access Control (RBAC) system within the MDCF.

Medical device coordination

Computer security

Security architecture

Integrated clinical environment

Medical application platform

Computer Science (0984)