WIBU-SYSTEMS

Perfection in Protection, Licensing, and Security

Protecting Medical Devices with Software Encryption

Marketing WIBU-SYSTEMS AG on January 12, 2018 at 3:11 PM

Intellectual property theft is rampant around the globe. In a 2016 study, VDMA, the German Mechanical Engineering Industry Association, reported that nine of out ten manufacturers were victims of piracy, and that in 70% of all cases, reverse engineering was the main trigger. Components, industrial designs, and even entire systems are being counterfeited across all sectors of industry.

The medical device manufacturing community is a prime target for counterfeiting. Take for examplethe case of an Irvine, CA engineer who in 2016 was charged with stealing and possessing trade secrets from his two former employers, both of whom manufactured medical devices used to treat cardiac and vascular ailments. During his employment, the engineer was found to have travelled to the People’s Republic of China (PRC) multiple times – sometimes soon after allegedly downloading trade secrets from the employer’s computer and emailing information to his personal email account. According to the FBI, the engineer appeared to be in the process of setting up a company with other individuals in the PRC to manufacture medical devices.

In many cases, counterfeiting of the equipment starts with the theft of the intellectual property contained in the software and embedded in the equipment. That was the case when a leading global manufacturer of gambling slot machines found out that their proprietary gaming software was being used on counterfeit slot machines across Europe and Asia. Once the software was stolen, the perpetrator was able to reverse engineer the machine itself and build a functioning slot machine that closely mimicked the original equipment.

Because the intellectual property of today’s surgery robots, X-ray machines, MRI scanners, dental devices, infusion pumps, patient monitors and most other medical equipment is encapsulated in embedded software, the industry is ripe for attack.

Modern encryption technology, however, is a strong antidote that software developers can use to protect medical device software from theft. Encryption is the process of encoding data in such a way that only authorized parties can access it. Encryption denies the intelligible data to a would-be interceptor. In an encryption scheme, the intended data is encrypted using a special algorithm–a cipher–generating ciphertext that can only be read if decrypted. An encryption scheme usually uses a random encryption key, generated by the algorithm. It is theoretically possible to decrypt the message without possessing the key, but, for a well-designed encryption scheme, considerable computational resources and skills are required. The data can only be decrypted with the key provided by the originator and the key is kept in a secure location.

During the encryption process, the software developer can encrypt the entire executable code, just specific tagged functions, or a combination of both. The encrypted code is then decrypted at runtime with the appropriate key.

Medical device manufacturing companies like Dentsply SironaFritz Stephan GmbH, Agfa HealthCare, and custo med are prime examples of companies who have taken necessary steps to protect their intellectual property with modern embedded software protection mechanisms.

 

If you would like to learn more about encryption mechanisms and IP protection for medical device IP, stop by our booth #976 at MD&M West on February 6 – 8 in Anaheim.

Login or register now and enjoy all the benefits of a community!

To get the whole functionality of IndustryArena Forum you need to login or register. This process is absolutely free.

Password forgotten?
Contact request
Guest Photo
Your message
The controller within the meaning of Art. 4(7) GDPR is: IndustryArena GmbH, Schneiderstr. 6, 40764 Langenfeld, Germany.
You may reach our data protection officer under [email protected].

Purpose of processing
We process your personal data concerning the use of the contact form and the communication with the company of the newsroom as well as the transmission of your data to this company in accordance to Art. 6 (1a) GDPR. This constitutes a legitimate interest for us in accordance to Art. 6 (1f) GDPR.

Recipient of the data
Within our organization, those units gain access to your data, which are necessary to fulfil the above purposes.
Personal data will only be transmitted to third parties if this is necessary for the aforementioned purposes or if another legal basis exists. If necessary, we conclude the corresponding data protection agreements with third parties, in particular pursuant to Art. 28 GDPR.

Data storing
Your data will be transmitted to the company of the newsroom for further processing. The period of storing is the duration of the processing of your request by the respective company.

Select contact person

Newsroom Logo

Design options

  • Title text color:
  • Content background:
  • Content text color:
  • Navigation background:
  • Tab text color:
  • Active tab text color:
  • Link text color:
  • Active link text color:
  • Background image Background color:

    How do you want to position the background-image?

    Please note: Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.

    Set the link for the background image

  • Banner

    How do you like to align the banner?

    Please note: Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.

    Set the link for the banner

  • Skyscraper

    Set the link for the skyscraper

Please note:

Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.