NEMECYS Use Case 2
This case study is built around PD Neurotechnology’s wearable medical device for continuous monitoring of movement disorders, such as Parkinson’s disease.
The PDMonitor device aims at improving the treatment of patients suffering from Parkinson’s disease by tracing, recording and processing a variety of symptoms (such as postural instability, gait disturbances, ON/OFF conditions, etc.).
The solution complements this data with other information on lifestyle and drug adherence which is collected via a mobile app on the patient’s phone. This gives to the physician a comprehensive view of the patient’s disease progression and enables her to modify and customize the therapy accordingly.
The architecture of the solution is a common setup for IoT devices, with associated cybersecurity risks. In particular, the use of Linux or Windows based embedded Operating Systems, can lead to unwanted exposure to attacks, because they often come with more interfaces than required, and might not be hardened properly.
In addition, exploits targeting them are often an “available target” in security tools, making them easy to attack with very little skill. These issues only grow with time if the system is not updated. Another common problem found in such IoT system is the physical security of the different devices deployed “in the wild”.
Attackers might want to leverage a compromised device (such as the PDSmartbox) to attack the whole ecosystem, and it is a real challenge for manufacturers to establish the right level of security.