Surgical Robots The Latest To Fall To Whitehats

Researchers from the University of California, Santa Cruz, pose with Raven II surgical robots in a photo from 2012. Subsequent work by the researchers uncovered ways the robots could be hacked. (Photo by Carolyn Lagattuta)
Researchers from the University of California, Santa Cruz, pose with Raven II surgical robots in a photo from 2012. Subsequent work by the researchers uncovered ways the robots could be hacked. (Photo by Carolyn Lagattuta)

In-brief: Researchers from the University of Washington demonstrated attacks against “a slew” of exploitable vulnerabilities in a surgical robot they helped develop. They included attacks that could cause “jerky motion of robot’s arms” or render the surgical robot “motionless” and “almost unusable.”

Telesurgery conducted by remotely controlled surgical robots have huge promise — allowing patients in remote locations to benefit from the same surgical expertise as those in medical meccas such as Boston. But new research from the University of Washington suggests that surgical robots are dangerously vulnerable to tampering.

Researchers from the University of Washington conducted tests on the Raven II surgical robot, developed by the Universities of Washington and Santa Cruz and found that the device was highly susceptible to hacking, including attacks that could cause “jerky motion of robot’s arms” or render the surgical robot “motionless” and “almost unusable.”  The paper underscores the growing threat of software based attacks on surgical devices used in high risk scenarios.

The research was conducted with a grant from the National Science Foundation. According to the final report from the UW researchers, the goal of the research was to raise awareness and understanding of emerging threats to telerobotic and other teleoperated robotic and co-robotic systems.

Launched in 2012, the Raven II features a surgical robot with two robotic arms, a camera for viewing the operational field, and a surgeon-interface system for remote operation of the robot.The Raven II was unique in that its creators pursued an open source model, turning over the fruits of their research to other robotics labs in the U.S. to advance, Jacob Rosen, associate professor of computer engineering in the Baskin School of Engineering at UCSC, said at the time. Researchers at Harvard, the University of Nebraska, Johns Hopkins, UC Berkeley and UCLA received Raven IIs to work with.

A diagram showing the researchers setup for attacking the Raven II.
A diagram showing the researchers setup for attacking the Raven II.

The system is powerful and precise enough to support research on advanced robotic surgery techniques, including online telesurgery, with applications in battlefield medicine as well as for routine procedures such as prostate surgery, the researchers said.

And researchers are interested in using the Raven II in challenging environments, including surgeries conducted using public Internet connections or “lossy” satellite based Internet links.

But those kind of deployments also dramatically increase the risks of attacks and tampering by malicious actors. Unfortunately, the Raven II’s designers didn’t take those risks into account when designing the device. The UW researchers said they identified “a slew of possible cyber security threats,” and demonstrated the ability to “maliciously control a wide range of robots functions, and even to completely ignore or override command inputs from the surgeon.”

Specifically, they identified two main attack types that would be effective against the Raven II. The first involved compromise of the endpoint used to control the robot. This might be the surgeon’s control console. The second vector was network and communication-based “man in the middle” attacks where malicious actors intercept network traffic to the Raven II and injected malicious traffic. While it might be possible to prevent endpoint based attacks, the researchers concluded, network-based hacks present real challenges. “The most likely point of attack appears to be between the network uplink and a surgical robot,” the researchers wrote. “Mitigating these attacks is likely to be intellectually challenging, making this the most difficult part of the system to protect.”

[Read more Security Ledger coverage of healthcare.]

And – given the sensitivity of the robot’s operation – even minor disturbances in the robot’s movements caused by a cyber attack could prove harmful, if not fatal to a patient. To address the security risks, the researchers recommended a number of fixes that sound pretty similar to what you hear recommended for other kinds of systems.

First, the Raven II needs to better protect communications to and from the device to prevent the kind of man in the middle and injection attacks that the researchers used. “The injection attacks we demonstrated were successful due to the fact that valid packets were accepted by the robot
from any source.”

The authors recommended encrypting data to and from the Raven II to prevent packet spoofing attacks. Encryption would only modestly increase the computing overhead of the Raven II and “has low-cost and high benefits to telerobotic surgery, mitigating many analyzed attacks,” the researchers concluded.

The security of medical equipment is coming under scrutiny as more medical device vendors migrate from proprietary hardware and software platforms to open source software stacks and commercial off the shelf hardware that track closely to other industries. That has created a land bridge that security researchers have crossed – to the dismay of the medical device industry.

In one recent example, the Department of Homeland Security warned about serious and exploitable vulnerabilities in drug infusion pumps sold by the firm Hospira, following warnings by the security researcher Billy Rios.

3 Comments

  1. Forget flunking security. To rely on a non-deterministic network in the device operation FLUNKS A SAFETY REVIEW.

    We need to stop approaching the Internet of Things like its just the Internet and only worry about data security. Its data AND CONTROL. And it’s cyber physical, so we have to start with Saftey and Reliability with Security as a dependency.

  2. Can’t you even just DoS this? Why is this a good idea??