My Comment at Scott Hanselman’s Blog

Response to Scott Hanselman’s blog dialog on “Hacking Insulin Pumps”

http://www.hanselman.com/blog/CommentView.aspx?guid=6B15975A-3C9C-4316-9E97-2E8DED0513C2#1da6be5e-5017-4f97-b5f0-6fda7af483bb

Jerome,

Here is a reality check. No one who understands wireless in insulin pump operation would agree that you have “hacked” that pump. Here is my basis/definition: You are operating the device in ways specifically covered by the instructions for use.

By allowing this Black Hat presentation to get twisted out of control like a game of “telephone”, your work may not yield the benefit you had hoped. Unless you can assert some control over the conversation, you put Medtronic and other vendors on the defensive of crisis management — against a non-vulnerability — so you can’t as easily get the a dialog that starts between yourself and any of the vendors to learn more about how medical devices are designed.

This is the real loss. You would be pleasantly surprised (I say “surprised” based on your amateurish comments on designing around basic risks) that wireless penetration of these devices is considered in dozens of ways you have not pondered. The design procedures (and many of the people) come from aerospace backgrounds; but medical device design is a discipline of itself. The pump design teams that I have worked on are very aware that administering a deadly hormone for daily therapy is a very serious undertaking requiring painstaking risk analysis and mitigation.

I have not been directly involved with any of these companies in 3+ years but if this makes sense to you — if you see some benefit to a richer dialog — I would be happy to try to make/suggest some contacts.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s