TEST & MEASUREMENT HANDBOOK
FIPS 140-2 security testing for wireless medical devices JAY WHITE | LAIRD CONNECTIVITY
Design engineers should be aware of several testing issues surrounding encryption standards designed to protect data from bad actors.
THE BAD GUYS DON’T CARE about your social security number and credit card numbers as much as you might think. Stolen security numbers are almost literally a dime a dozen on the dark web: You can buy them for less than a dollar apiece. And credit card numbers aren’t much more valuable: They often just fetch $5 a card. If you sold both to a hacker, you would barely have enough to pay for a latte and leave a decent tip for the barista. These price tags might seem surprising, given how much effort people and companies put into trying to keep SS#s and CC#s secret. But clearly that’s not what online criminals are shelling out their ill-begotten dollars and rubles for. But hackers and fraudsters are willing to pay for medical health records. Those are where the action is at on the dark web. Becker’s, the influential healthcare publication, reports those fetch $1,000 on the dark web. It’s no wonder, then, that hackers have their eyes on the IT systems of hospitals, clinics and other healthcare organizations. That includes wirelessly-connected medical devices, which may be viewed as a way to gain access to IT systems and to gain visibility into confidential patient information. To counter this threat, regulators and the healthcare industry have focused on the security of these devices, and FIPS 140-2 is critical to the next wave of security measures. FIPS 140-2 didn’t originate in healthcare. It is a security standard the U.S. government uses for protecting sensitive but unclassified information in IT devices and systems. FIPS stands for Federal Information Processing Standard, and encryption is at the heart of how it protects data both in motion and at rest. Encryption for information that is in transit has been a common element of security protocols for quite some time. Before data is sent from point A to point B, it is encrypted at the beginning of the journey and then decrypted at the other side. This type of encryption even pre-dates the computer age. The Romans used a version of this technique to deliver secret messages to military commanders. The same principles are behind the encryption of data in transit today, but with 256bit encryption rather than an alphabet cipher that Julius Caesar used. The other key kind of encryption is for data at rest, which is about protecting it anywhere it is stored. This is particularly important for wirelesslyconnected devices, used to hold confidential information. Those two types of protection are both vitally important for healthcare, where electronic health records and confidential patient data
22
DESIGN WORLD — EE NETWORK
6 • 2020
is not only being sent back and forth between devices and healthcare IT systems, but also residing on medical devices. FIPS 140-2 may not have been designed with healthcare in mind, but it’s become the gold standard for securing patient information and is being rapidly adopted by healthcare companies and device manufacturers. For those wanting a deeper dive into how FIPS 140-2 protects healthcare data, my colleagues recently published a white paper, “Understanding Data Encryption and FIPS 140-2 Within the Healthcare Environment,” that is an excellent resource. It explains how this data encryption is useful for healthcare and provides practical guidance about how it fits into a broader security strategy for healthcare companies. The industry is moving toward broad adoption of this security standard in a way that will make FIPS 140-2 compliance and certification a critical requirement for engineering teams bringing wirelesslyconnected medical devices to market. There are a number of key takeaways from my own team’s experience that can be instructive. We hope this serves as a practical checklist that will help your FIPS 140-2 compliance and certification processes be successful. •
FIPS-Compliant is no longer enough – FIPS certification is complex, so most companies in the industry made the practical choice to have “FIPS-compliant” status as their target. Encryption was implemented through FIPS-validated software such as Open SSL, and that was seen as meeting the necessary threshold for compliance. As the healthcare industry has put a stronger focus on preventing breaches, their expectations about FIPS adoption has shifted as well. Increasingly, the healthcare buyers of medical devices are requiring official FIPS certification. Devices that are only FIPS-compliant are increasingly a deal breaker, which puts the responsibility on design engineers to make device-level certification a mandatory element of their project plans.
•
CMVP is the gatekeeper for being FIPS-certified – To achieve devicelevel FIPS certification, you must successfully navigate CMVP, the Cryptographic Module Validation Program. This is the certification program created jointly by the U.S. and Canadian governments to provide a uniform certification process for manufacturers in both countries. This might be a new acronym for design engineers familiar with agencies regulating wireless products and medical devices, but it’s a critical one. CMVP has accredited independent labs in both countries that specialize in cryptographic and security testing to ensure products meet the standards and can get the FIPS-Certified seal of approval. eeworldonline.com
|
designworldonline.com
