cps:%beyond%usability · cps:%beyond%usability:% applying%value%sensi8ve%design%based%methods%to%...
TRANSCRIPT
![Page 1: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/1.jpg)
CPS: Beyond Usability: Applying Value Sensi8ve Design Based Methods to Inves8gate Domain Characteris8cs for Security for
Implantable Cardiac Devices
Tamara Denning1, Batya Friedman2, Brian Gill3, Daniel B. Kramer4, MaLhew R. Reynolds5, Tadayoshi Kohno2
1University of Utah
2University of Washington 3SeaLle Pacific University
4Beth Israel Deaconess Medical Center 5Harvard Clinical Research Ins8tute
1
![Page 2: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/2.jpg)
Implantable Cardiac Devices
• Pacemakers – Correct for slow heart rhythms – Correct for no heart rhythm
• Implantable Cardioverter-‐Defibrillators – “Reset” poten8ally fatal heart rhythms
2
![Page 3: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/3.jpg)
Wireless ICD Security & Impacts
3
• Private informa8on – Obtain serial number, pa8ent name, diagnosis
• Health impacts – Turn off therapies (defibrilla8on)
– Induce cardiac fibrilla8on
[Halperin 2008] [Gollakota 2011]
![Page 4: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/4.jpg)
Wireless ICD Security
4
• Need more security 1. No individualized security 2. Demonstrated security vulnerabili:es
![Page 5: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/5.jpg)
Securing Implantable Cardiac Devices
More security is needed
5
![Page 6: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/6.jpg)
Securing Implantable Cardiac Devices
More security is needed
• Proposal: Password on file
6
![Page 7: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/7.jpg)
Securing Implantable Cardiac Devices
More security is needed
• Proposal: Password on file
7
Cost: Inaccessibility – In emergencies – Travel – Switching providers
![Page 8: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/8.jpg)
Cost: Inaccessibility – In emergencies – Travel – Switching providers
Securing Implantable Cardiac Devices
More security is needed
• Proposal: Password on file
8
![Page 9: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/9.jpg)
Security: The Science and Art of Tradeoffs
9
![Page 10: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/10.jpg)
Security: The Science and Art of Tradeoffs
10
Security Solu:on “Costs”
Value of Human “Assets”
![Page 11: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/11.jpg)
Security: The Science and Art of Tradeoffs
11
Security Solu:on “Costs”
Value of Human “Assets”
![Page 12: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/12.jpg)
Implantable Cardiac Devices: Broader Context
• Defense designs require interac8on with domain experts
• Exploratory studies surface issues
12
![Page 13: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/13.jpg)
Quan8ta8ve Research
How much?
13
![Page 14: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/14.jpg)
Qualita8ve Research
How much of what?
14
![Page 15: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/15.jpg)
Qualita8ve Research
How much of what?
Why?
15
![Page 16: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/16.jpg)
Human-‐Centric Inves8ga8on: Implantable Cardiac Devices
• Ques:on: What are relevant costs (to avoid) with respect to security systems for implantable cardiac devices?
16
? Security Costs
![Page 17: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/17.jpg)
Pa8ent Study
• Semi-‐structured interviews with pa8ents with IMDs
• Inves8gated pa8ent values and concerns
• Elicited reac8ons to security system concepts
17
!
!
!
!
!
[Denning 2010]
![Page 18: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/18.jpg)
The Medical Ecosystem: Many Roles, Complex Interac8ons
18
Medical Technicians
Primary Care Physician
Cardiologist
Electrophysiologist
Implan8ng Surgeon Anesthesiologist
Device Manufacturer Representa8ve
Nurse Nurse Prac88oner
Emergency Room Staff
Hospital Billing FDA
Insurance Companies
![Page 19: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/19.jpg)
Informing Security Research via Studying the Applica8on Domain
• Richness of underlying issues
19
![Page 20: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/20.jpg)
Informing Security Research via Studying the Applica8on Domain
• Richness of underlying issues – Stakeholder priori8es
20
![Page 21: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/21.jpg)
Informing Security Research via Studying the Applica8on Domain
• Richness of underlying issues – Stakeholder priori8es – Terminology
21
![Page 22: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/22.jpg)
Informing Security Research via Studying the Applica8on Domain
• Richness of underlying issues – Stakeholder priori8es – Terminology – Concerns
22
![Page 23: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/23.jpg)
Informing Security Research via Studying the Applica8on Domain
• Richness of underlying issues – Stakeholder priori8es – Terminology – Concerns – Constraints
23
![Page 24: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/24.jpg)
Informing Security Research via Studying the Applica8on Domain
• Richness of underlying issues – Stakeholder priori8es – Terminology – Concerns – Constraints – Security system proper8es
24
![Page 25: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/25.jpg)
Informing Security Research via Studying the Applica8on Domain
• Richness of underlying issues – Stakeholder priori8es – Terminology – Concerns – Constraints – Security system proper8es – Pa8ent insights
25
![Page 26: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/26.jpg)
Informing Security Research via Studying the Applica8on Domain
• Richness of underlying issues – Stakeholder priori8es – Terminology – Concerns – Constraints – Security system proper8es – Pa8ent insights
26
Design beLer security solu8ons
![Page 27: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/27.jpg)
Framework: Value Sensi8ve Design
27
[Friedman 2006]
Account for people’s values
![Page 28: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/28.jpg)
Framework: Value Sensi8ve Design
28
[Friedman 2006]
Account for people’s values
Account for direct and indirect stakeholders
![Page 29: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/29.jpg)
Framework: Value Sensi8ve Design
29
[Friedman 2006]
Technical Inves8ga8ons
Empirical Inves8ga8ons
Conceptual Inves8ga8ons
![Page 30: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/30.jpg)
Qualita8ve Study Design
• 3 Workshops: – 24 providers – Cardiologists, nurses, anesthesiologists, etc.
• Workshop format facilitates: – Interac8ve discourse – Surfacing consensus, tensions
• Group Ac8vi8es & Paper Instruments
30
![Page 31: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/31.jpg)
Workshop Format
• Stakeholder Perspec8ves • Metaphor Genera8on • Cri8ques and Concerns • Evalua8on of Security System Concepts • Open-‐ended Discussion
31
[Kensing 1991] [Yoo 2013]
![Page 32: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/32.jpg)
Workshop Format
• Stakeholder Perspec:ves • Metaphor Genera8on • Cri8ques and Concerns • Evalua8on of Security System Concepts • Open-‐ended Discussion
32
[Kensing 1991] [Yoo 2013]
![Page 33: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/33.jpg)
Stakeholder Perspec8ve Data Analysis
• Open-‐ended answers used to develop topic categories
• Independent researcher used categories to code par8cipant responses
• Kappa = 0.745 – >0.75 is excellent agreement – 0.40-‐0.75 is intermediate to good [Fleiss 2003] – 0.61-‐0.80 is substan8al agreement [Landis 1977]
33
![Page 34: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/34.jpg)
Stakeholder Perspec8ve Results Inform Security Design
• Access & Sharing • Compa:bility • Correct Usage • Device BaYery Life • Device Compactness / Inertness
• Device Ecosystem
• Device Func8onality • Pa8ent / Pa8ent Health • Programming • Quality of Data • Remote Monitoring • Security & Privacy • Surgery & Healing
34
![Page 35: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/35.jpg)
Stakeholder Perspec8ve Results Inform Security Design
• Access & Sharing • Compa:bility • Correct Usage • Device BaYery Life • Device Compactness / Inertness
• Device Ecosystem
• Device Func8onality • Pa8ent / Pa8ent Health • Programming • Quality of Data • Remote Monitoring • Security & Privacy • Surgery & Healing
35
1. Assets we want to protect from aLacks
2. Costs we want to avoid
? Human Assets
? Security Costs
![Page 36: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/36.jpg)
Workshop Format
• Stakeholder Perspec8ves • Metaphor Genera8on • Cri8ques and Concerns • Evalua:on of Security System Concepts • Open-‐ended Discussion
36
[Kensing 1991] [Yoo 2013]
![Page 37: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/37.jpg)
Security System Concepts
• Surveyed literature for proposed security solu8ons
• Chose representa8ve concepts with varied proper8es
• Par8cipants: – Provided overall evalua8ons – Commented on proper8es
37
!
!
!
!!
!
![Page 38: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/38.jpg)
Disliked System Concepts: Uncovering Security System Costs Medical Alert Bracelet
with Password
38
!
? Security Costs
![Page 39: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/39.jpg)
Medical Alert Bracelet with Password
39
! !
UV-‐Visible TaLoo
Disliked System Concepts: Uncovering Security System Costs
? Security Costs
[Denning 2010] [Schechter 2010]
![Page 40: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/40.jpg)
Medical Alert Bracelet with Password
40
! ! !
Cri8cality-‐Aware IMD UV-‐Visible TaLoo
Disliked System Concepts: Uncovering Security System Costs
? Security Costs
[Denning 2010] [Schechter 2010]
[Gupta 2006]
![Page 41: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/41.jpg)
41
!
↑ Facilitates emergency access ↑ Reassures pa8ent ↑ Not visible
↑ Cheap ↑ No pa8ent effort ↑ Always present
! !
Posi:ve Proper:es (of Disliked Systems)
Disliked System Concepts: Uncovering Security System Costs
? Security Costs
![Page 42: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/42.jpg)
42
!
Nega:ve Proper:es ↓ Access is not guaranteed ↓ Cultural, social, or personal objec8ons ↓ Broadcasts pa8ent condi8on to others ↓ Poten8al impact on baLery life
! !
Disliked System Concepts: Uncovering Security System Costs
? Security Costs
![Page 43: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/43.jpg)
!
Fail-‐Open Wristband with Safety Features
43
Liked System Concept: Uncovering Security System Costs
[Denning 2008] [Gollakota 2011]
[Xu 2011]
• Presence blocks unauthorized access
• In its absence, system fails into an open state—accepts all communica8ons
![Page 44: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/44.jpg)
!
Fail-‐Open Wristband with Safety Features
44
↓ Security ↓ Maintenance ↓ 911 false posi8ves ↓ Visual indicator ↓ Training ↓ Expense
↑ Fail-‐open ↑ Safety features ↑ Security ↑ Empowers pa8ent ↑ Visual cue
Liked System Concept: Uncovering Security System Costs
[Denning 2008] [Gollakota 2011]
[Xu 2011]
![Page 45: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/45.jpg)
Human-‐Centric Inves8ga8on Indicates Security Costs to Avoid
45
Security Solu:on Costs
Inaccessibility
Money (à denied claims) Pa8ent privacy
Implant size Incompa8bility
Infec8on Pa8ent comfort + mental health
BaLery life
![Page 46: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/46.jpg)
Human-‐Centric Inves8ga8on: Implantable Cardiac Devices
• Study indicates security costs to avoid when designing security solu8ons
• Addi8onal features (e.g., safety) may en8ce buy-‐in
• Tensions exist (e.g., visual indicators)
46
!
!
![Page 47: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/47.jpg)
Beyond Implantable Cardiac Devices
47
Sensors
Connec:vity
Actuators
Usage Scenario
![Page 48: CPS:%Beyond%Usability · CPS:%Beyond%Usability:% Applying%Value%Sensi8ve%Design%Based%Methods%to% Inves8gate%Domain%Characteris8cs%for%Security%for% Implantable%Cardiac%Devices%](https://reader034.vdocuments.us/reader034/viewer/2022050418/5f8e23af3f51c3451d0a459d/html5/thumbnails/48.jpg)
Human-‐Centric Inves8ga8on: Implantable Cardiac Devices
• Study indicates security costs to avoid when designing security solu8ons
• Addi8onal features (e.g., safety) may en8ce buy-‐in
• Tensions exist (e.g., visual indicators)
• Defense designs require interac:on with domain experts
• Exploratory studies surface issues
48
!
!