Page 41


compromises must be made. A new processor and more system memory may be needed, since encryption adds significantly more code that must run concurrently with the host application. Finally, the application must be rewritten, debugged, tested and released.

Using Communications Protocols for Internet Connectivity

Historically, most remote medical monitoring and diagnostics applications have employed dial-up modem lines for remote M2M communication. During the past several years, however, IP-based cellular networks such as CDMA2000 and General Packet Radio Service (GPRS) have become very popular for telemedicine applications because of faster transmission time and less costly communication and infrastructure. Cellular connections and transmissions take just two to three seconds, compared to the 15 or more seconds required for a dial-up transaction. Internet Protocol (IP)-based networks also eliminate the need for costly modem banks and phone lines. The TCP protocol, operating over the IP protocol, is ideal for use by medical devices. Organized as a stream of bytes, it keeps track of a message’s packet sequence and puts the data back in the right order. TCP assures reliable data delivery by adding sequence numbers to coordinate transmitted data with received data. It retransmits when data has been lost. It also provides flow control, manages data buffers, and coordinates traffic so that its buffers will not overflow. Alongside the TCP protocol is the UDP protocol, which is especially suited to latency-sensitive file transfer, such as large medical images or videos. Unfortunately, packets may get lost before reaching their destination when using UDP, because this protocol does not divide a message into packets, sequence and reassemble it at the other end. Above the TCP and UDP layers are the upper-layer protocols, such as HTTP, SMTP, POP3, MIME, FTP and Telnet (Figure 1). Each protocol is appropriate

Figure 2

Connect One’s iChipSec CO2128 communication controller offloads IP networking and security protocols from the main CPU. Such coprocessors are commonly used for secure connectivity in applications such as pointof-sale terminals, ATM machines, medical devices and fleet trucking.

for certain applications, but expertise is required to efficiently integrate them into the application. Since the Internet is a dynamic environment, protocols must constantly be maintained.

Securing Data Input/Output and Internet Communication

Since medical privacy laws require that patient records must be kept confidential, medical data and files must be encrypted when transmitted. To secure data input, designers must start with the processor’s boot loader. The unit should have a secure boot loader and a true random number generator for generating private keys, which are used for encryption. The private keys must be stored in a secure memory area and must be erasable immediately upon tampering. The unit must have a secure cryptographic library, which typically will include the following encryption cipher suites: RSA 1024- and 2048-bit private key encryption, 3DES, AES-128/192/256,

ARC4, MD5 and SHA-1. Ideally, encryption should be done in hardware, which can be more than 10 times faster than software-based encryption. Medical device manufacturers are also obligated to embed security protocols into their IP-enabled devices. The Secure Socket Layer v.3/Transport Layer Socket v.1 (SSL3/TLS1) protocol provides secure TCP socket communication. FTPS is a secure version of the File Transfer Protocol. HTTPS provides secure HTTP client or server communication. To send secure emails, the secure SMTPS protocol is used for text messaging or S/MIME is used to send secure email attachments. POP3S is used to download secure e-mails. To open a secure socket, the client terminal must first open a standard TCP/IP socket to an SSL3 server. The terminal’s security application initiates an SSL3 handshake over the open socket and the client application establishes and negotiates the SSL3 session based on several SSL3-related parameters. A lot of proMarch 2007


The magazine of record for the embedded computing  

Imagine the possibilities, now that Radstone is part of GE Fanuc Embedded Systems. 0 Digital Motion Controllers Provide Precise Motion i...

The magazine of record for the embedded computing  

Imagine the possibilities, now that Radstone is part of GE Fanuc Embedded Systems. 0 Digital Motion Controllers Provide Precise Motion i...