Authors: Fatih Kuloglu (R&D Engineer, SW) and Batuhan Kenger (R&D Engineer, HW), Kardinero
As Use Case providers in the ENTRUST project, Fatih Kuloglu and Batuhan Kenger from Kardinero share their insights on portable medical monitoring devices and their role in the ENTRUST project.
The healthcare industry is witnessing rapid change in recent years. Network architectures are becoming more complex while the complexity and number of medical devices in the systems
increase. At Kardinero Medical Systems Inc., with more than 30 years of experience, we focus on the research and development of diagnostic cardiology equipment.
Our latest product, the KardinBlu ECG device, aims to address several key problems and improve current practices. This product records and monitors patients’ vital parameters, including:
ECG signals
Oxygen saturation
Cuffless blood pressure
Body temperature
Acceleration
Furthermore, KardinBlu allows for the deployment of modern algorithms and components, such as machine learning and cybersecurity tools, enabling us to use it in networks for diagnostic purposes. This developed Bluetooth BLE (Bluetooth Low Energy) wireless device requires additional and modern security measures to be utilised in a professional environment.
Application Case Examples
One of the main use cases of ENTRUST is remote patient monitoring. In this case, the ECG data of a patient will be transmitted to an online environment via a mobile device, such as a mobile phone, tablet, or carriable gateway device, where a healthcare provider will have instant access to this data. Regular monitoring of patients in this manner will enable faster diagnoses and facilitate extended observation periods. Additionally, patients' quality of life will improve as they can continue their daily routines, and the overall efficiency of hospitals will increase.
Another potential application lies in enhancing hospital efficiency. In multi-patient environments, the system facilitates streamlined patient monitoring by healthcare professionals. This streamlined
monitoring process paves the way for timely intervention, which can significantly impact patient health outcomes. Additionally, the integration of these devices into the hospital network is easy to
set up and integrate into the network, further boosting efficiency.
Need for Cybersecurity
The rapid advancements in medical technology and the increased number of medical devices in
public and private networks have introduced a new generation of medical devices that also bring
along a multitude of potential security vulnerabilities. For diagnostic tools such as ECG devices, which play a crucial role in diagnosis, ensuring security is not a choice but a necessity. In these complex systems, the presence of a security flaw, the disruption of proper functioning, or the manipulation of data can have grave consequences, potentially endangering the patient's life. Additionally, the threat of theft of highly sensitive information can jeopardize an individual's private medical records.
Cybersecurity threats can emerge at multiple points in developed systems, necessitating the
identification and proactive mitigation of these potential risks. The presence of numerous diverse
components within the KardinBlu ECG system further accentuates this systematic cybersecurity
need.
Bluetooth is a well-known short-range wireless communication technique, but the protocol still has some weaknesses which make it vulnerable to several threats related to the confidentiality and integrity of the exchanged data, and its bidirectional features increase the risks. Additionally,
ensuring secure communication within the local network or with online resources to which the
device is connected opens the door to various security risks.
Ensuring a trustworthy state in medical devices includes:
Maintaining data integrity
Making necessary data available to professionals in a reasonable time
Ensuring the accuracy of this data.
To ensure these systems are secure, every component of the system should be trusted and access to the medical devices should be restricted to professionals only, meaning roles must be clearly defined within a specific framework. All these described security requirements should be identifiable and correctable to the highest possible level.
As a partner in the ENTRUST project, we are proud to be taking a step towards the creation of
trustworthy medical devices and to be part of one of the most pioneering projects in this field with
our subcontractor Ankara University. Kardinero believes in the contributions that the ENTRUST
project will provide and understands the importance of being a part of it.