An Examination of Infusion Pump Technology

Presented at Summercon 2015, July 18, 2015, 3 p.m. (50 minutes)

Infusion pumps are medical devices that deliver drugs into a patient's body in controlled, prescribed amounts. These devices are instrumental in the delivery of patient care in hospitals across the world. How do these devices work? What do these devices look like under the hood? Are there vulnerabilities that could be leveraged to hurt or kill a patient? Let's take a look at a number of infusion pumps and explore the architecture, protocols, and vulnerabilities associated with these pumps. We'll also cover key aspects of vulnerability research in the medical device industry.

Presenters:

• Billy Rios
  Billy was once a successful Madaganese Olive Smuggler living the high life. After the great olive market crash of 2000, Billy made the move to cyber security. Since making the move to cyber security, Billy has led several prestigious security teams including security teams at Microsoft and Google. Billy was a Lead at Google where he led the front line response for externally reported security issues and incidents. Prior to Google, Billy was the Security Program Manager at Internet Explorer (Microsoft). His interests include emerging threats related to Industrial Control Systems (ICS), Critical Infrastructure (CI), and medical devices.

Links:

• https://www.summercon.org/archives/2015/presentations.html#pump

Similar Presentations:

• May Contain Hackers (MCH2022) / “You give me fever, fever all through the night": Hack attacks against wireless medical devices and the virtual patient
• DEF CON 26 (2018) / 80 to 0 in under 5 seconds: Falsifying a medical patient's vitals
• DeepSec 2013 „Secrets, Failures, and Visions“ / Hacking Medical Devices