Researchers uncover security flaw in miniature medical labs

0
121
Researchers uncover security flaw in miniature medical labs


Material-level threat model for FMBs: The process begins with a customer placing an order for an FMB, which is received by the FMB company (route 1). Customers may include research institutions, forensic laboratories, pharmaceutical and biotechnology companies, clinical diagnostic laboratories, hospitals, healthcare providers, and retailers. The order is then relayed to the design unit (route 2), which subsequently sends the design files to the manufacturing unit, either in-house or third-party (route 3). At this stage, an attacker present in the manufacturing unit, who has full access to materials and the fabrication process, can carry out a material-level attack via chemical tampering, compromising the FMB. The compromised FMB proceeds to the quality control unit (route 4), where it evades detection due to the short duration testing and is ultimately delivered to the customer (route 5). Credit: Scientific Reports (2024). DOI: 10.1038/s41598-024-70703-0

NYU researchers have identified a new material-level security risk in an emerging medical technology known as labs-on-chips, miniature devices that perform multiple laboratory tests on tiny fluid samples like blood droplets.

A team led by NYU Abu Dhabi and the NYU Center for Cybersecurity (CCS) found that in one type of these devices, called flow-based microfluidic biochips (FMBs), the crucial microscopic valves responsible for controlling the fluid flow could be subtly altered at the material level by doping reactive chemicals or stealthily altering the during manufacturing. These microvalves are critical for the integrated microfluidic circuitry, as they precisely manipulate fluids for a bio-protocol via deforming under pneumatic pressure.

The researchers found that stealthy tampering can be achieved by introducing harmful chemicals or by altering the associated chemical composition, which significantly changes the energetics of the microvalve deformation. The tampered valves look normal under a microscope but can be triggered to rupture when exposed to deliberate low-frequency pneumatic actuations.

In a study published in Scientific Reports, the researchers named these bad valves “BioTrojans.”

“Material-level cyber-physical attacks on biochips remain understudied, posing significant future security risks,” said Navajit Singh Baban, a CCS postdoctoral associate and the study’s lead author. “In this study, we’ve shown that by simply changing the ratio of ingredients used to make certain valves, we can create a ticking time bomb within the device. These BioTrojans look identical to normal valves but behave very differently under stress.”

The researchers demonstrated that valves made with altered ratios of a common polymer called polydimethylsiloxane (PDMS) could rupture within seconds when subjected to pneumatic actuations. In contrast, properly manufactured valves withstood the same conditions for days without failure.

The implications of such vulnerabilities are significant. Microfluidic biochips are increasingly used in critical applications such as disease diagnosis, DNA analysis, , and . A compromised valve could lead to contamination, inaccurate test results, or complete device failure, potentially endangering patients or derailing important research.

“This isn’t just about a malfunctioning medical ,” said Ramesh Karri, the senior author of the study. Karri is a professor and chair of NYU Tandon School of Engineering’s Electrical and Computer Engineering Department and a member of CCS, which he co-founded in 2009. “It’s about the potential for malicious actors to intentionally sabotage these critical tools in ways that are very difficult to detect.”

The research team’s proposed solutions include design modifications to make valves more resilient and a novel authentication method using fluorescent dyes to detect tampered components.

“We’re entering an age where the line between the digital and biological worlds is blurring,” Baban said. “As these miniaturized labs become more prevalent in health care settings, ensuring their security will be crucial to maintaining trust in these potentially life-saving technologies. We hope this work will spur further investigation into the cybersecurity aspects of biomedical devices and lead to more robust safeguards in their design and manufacture.”

More information:
Navajit Singh Baban et al, BioTrojans: viscoelastic microvalve-based attacks in flow-based microfluidic biochips and their countermeasures, Scientific Reports (2024). DOI: 10.1038/s41598-024-70703-0

Citation:
Researchers uncover security flaw in miniature medical labs (2024, October 24)
retrieved 4 November 2024
from https://techxplore.com/news/2024-10-uncover-flaw-miniature-medical-labs.html

This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
part may be reproduced without the written permission. The content is provided for information purposes only.





Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here