top | item 27704042

(no title)

ianhowson | 4 years ago

Further, it's not that the magnet 'hurts' the pacemaker or device in any way. The presence of a magnetic field is used as a control signal to change the operating parameters of the device.

This is critically important for a device that may not have any remote control functionality or easy way to reprogram it other than 'cut up the patient'.

(Keep in mind that these things were designed decades ago, and 'RF remote control of pacemaker' probably introduces more problems than it solves, even today.)

discuss

smnrchrds|4 years ago

Has much changed in the pacemaker world since this article was published, warning of the potential for hackers controlling pacemakers remotely?

https://www.cbc.ca/news/world/cybersecurity-heart-devices-im...

ianhowson|4 years ago

There's now FDA guidance on cybersecurity risks, but in a nutshell, it says "you must consider cybersecurity risks in your risk management plan." Manufacturers were (usually) doing this anyway but the probability and impact have been reassessed since the various lawsuits.

I don't work on pacemakers, specifically, but I'm confident you can no longer say "it has RF remote and nobody can buy the programming interface, therefore it's secure", because that's what went wrong before.

Instead, the risk management plan will look something like:

1. "magnet only with big disclaimers" (because you need the emergency cut-out switch; 'patient died because malfunction' is a worse outcome than 'maybe someone put a big-ass magnet on someone's chest and they got mostly non-life-threatening symptoms')

2. optionally, some form of 'secured' RF interface. Don't presume SSL. This is risk management, remember, so it's probably enough to say "hold a magnet on and then we enable unencrypted unauthenticated comms". Or maybe they do use SSL and just put way bigger micros in there. I don't know.

(edit: someone below who knows more than I do says "use Bluetooth", possibly triggered by magnet taps. Makes sense to me.)