ERI: Towards Intelligent, Cost-Efficient, and Adaptive Techniques to Enable Biomedical Hardware-Assisted Cybersecurity

This award is funded in whole or in part under the American Rescue Plan Act of 2021 (Public Law 117-2).

For decades, cybersecurity has been at the forefront of global attention as a serious threat to society, particularly the nation's information technology infrastructure. Medical electronic devices cover a spectrum of equipment implementations, ranging from large diagnostic imaging machines to small mobile devices that patients carry with them. The digitized nature of modern computing platforms used in healthcare systems and their increased connectivity to computer networks have led into the growth of cybersecurity vulnerabilities making such systems a unique target for sophisticated cyber-attacks.

The proposed project aims at developing effective and adaptive solutions for emerging healthcare cybersecurity challenges for securing biomedical computing platforms against potential malicious cyber-attacks. In addition, it will result in integrated engineering research projects and educational materials to mentor and train undergraduate and graduate students in the field of Artificial Intelligence (AI) and Machine Learning (ML) for security analysis and biomedical hardware-assisted cybersecurity.

The proposed engineering research and educational activities are planned to provide students from varied engineering backgrounds such as computer engineering, computer science, and biomedical engineering majors with the necessary knowledge and skills to be competitive in the demanding job market where highly specialized hardware designers, AI/ML engineers, data scientists, and cybersecurity specialist are needed to develop new efficient methods for securing modern computing systems.

Traditionally, integrity of data being processed in computing systems has been safeguarded at the software level with the assumption that the underlying hardware is secure against potential attacks. However, biomedical devices have some unique features such as specific security requirements, implementation cost and design trade-offs characteristics, and limited resources and computational power that undermine their security protocols.

In addition, strict regulations make it difficult to conduct basic software updates on medical computers and adopting off-the-shelf Anti-Virus (AV) protection is also insufficient for preventing emerging cyber-attacks such as malware. To overcome the performance overhead and inefficiency of conventional software-based solutions, the security in modern biomedical devices should be delegated to the underlying hardware, building a bottom-up solution for securing computing devices rather than treating it as an afterthought.

In this project, we will leverage effective AI/ML techniques to develop accurate, low-cost, and adaptive techniques and build a multi-tiered intelligent framework for hardware-assisted cybersecurity in emerging biomedical devices. We will utilize the patterns of low-level hardware features captured by microprocessors’ hardware components in biomedical devices to build novel intelligent techniques for recognizing and classifying emerging cyber-attacks (e.g., malware, side-channel attacks, stealthy attacks, zero-day attacks, etc.) with high accuracy and low computational overheads.

The proposed research project targets five major objectives: 1) Comprehensive data collection, benchmarking, and feature analysis of emerging hardware-driven cyber-attacks in biomedical devices’ processors, 2) Developing various standard and advanced machine learning techniques for intelligent hardware-assisted cybersecurity countermeasures using the hardware-related features, 3) Exploring hardware implementation results and on-device trade-off analysis of the intelligent hardware-assisted countermeasures, 4) Developing a reinforcement learning-based decision-maker for adaptive selection of the accurate and cost-efficient detector to facilitate online detection of the cyber-attacks, and 5) Developing a system-level ontology-based cybersecurity analysis framework for an effective automated knowledge reasoning in IoMT devices.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.