DIGIHEALS initiative funds digital health security research
DIGIHEALS awards funding for research to improve cybersecurity and resilience in health care systems.
The ARPA-H Digital Health Security (DIGIHEALS) initiative supports innovative research that aims to protect the U.S. health care system’s electronic infrastructure against hostile threats.
Focusing on cutting-edge security protocols, vulnerability detection, and automatic patching, DIGIHEALS seeks to reduce the ability for bad actors to attack digital health software and hardware, and to enable the prevention of large-scale cyberattacks.
Funding for awardees varies in amount and is contingent upon the recipient meeting aggressive milestones specific to their project.
ARPA-H is pleased to announce the following DIGIHEALS awardees:
BALAM-D: Binary Analysis Lodestar for Assuring Medical Devices
The goal of the Binary Analysis Lodestar for Assuring Medical Devices (BALAM-D) is to harden medical device binaries from cyber-attacks. Specifically, BALAM-D leverages reverse engineering and automated program analysis techniques to generate a security patch for a given binary. The binary patch is tested via symbolic execution to ensure that it maintains the safety and performance requirements of the medical device. Once tested, the patch is reintegrated into the medical device firmware, preventing attacks faster than the months a traditional patch might take to develop.
Preventing Exploitation of Medical Devices using Binary Diversification
Medical devices running common binaries may pose a significant security and safety risk to a hospital’s network and patients. Attackers can leverage a single attack against many devices because these devices rely on identical binary code. Kraetonics’ Binary Diversification for Medical Devices (BINDIV-MD) compiler aims to harden binaries by producing functionally equivalent versions with varied control flow and layout in memory. If successful, these transforms will prevent cyber attacks against hardened devices and reduce the hospitals overall attack surface.
Patchestry: Enhancing Code Patchability through Multi-Layered Binary Lifting
Pachestry, by Trail of Bits, is a software patching capability that empowers developers to create software patches for vulnerabilities in the program binaries executed by medical devices and related non-medical devices. Patchestry aims to empower software developers who can read and write C code but do not have binary analysis expertise to precisely address vulnerabilities in deployed program binaries at any point, even if the original vendor is absent. Patchestry mitigates potential adverse effects on patient outcomes, prevents information leakage, and safeguards against infrastructure breakage.
Barnhill
Embedded medical devices are notoriously difficult to emulate and test. Barnhill by Tulip Tree Tech is a device emulation framework created specifically to instrument and assess these uniquely complex systems. Barnhill is comprised of a series of medical device models that can be used to establish a baseline of operational performance and enable interactive debugging of emulated devices.
Enhancing the Resilience of Healthcare IT Systems to Major Cyber Threats
Cybersecurity threats targeting hospital networks are ever changing and evolving. Margin Research seeks to develop an automated framework for targeted threat assessments of hospitals that is grounded in program analysis of hospital software, threat actor activities from other sectors that may be relevant to health care, and considers the use of novel attack methods before they manifest. Hospitals can then leverage these unique data-driven threat assessments to make informed decisions in how to better protect their networks from attacks.
AMdP: Automated Medical device Patching
This project aims to develop Automated Medical device Patching (AMdP2), leveraging technologies originally developed for the Defense Advanced Research Projects Agency (DARPA) under the Assured MicroPatching (AMP) and other programs. If successful, AMdP2 will provide medical device manufacturers and cybersecurity firms with an automated firmware vulnerability detection and remediation capability.
CHALO: Cognitive Health Assistant that Learns and Organizes
Limited resources and large numbers of legacy medical devices make hospital IT infrastructure vulnerable to attack. Private communication between patients and clinicians is cumbersome. Doctors are unable to leverage the latest clinical guidance from multiple medical specialties, especially when treating patients with complex health conditions. The focus of this project is to develop a Cognitive Health Assistant that Learns and Organizes (CHALO). CHALO is developing network security, software assurance, system and data interoperation, applied cryptography, and artificial intelligence solutions to these problems. SRI and its partners plan to transition CHALO technology to enable accessible, resilient healthcare for more Americans.
H-R3P: Healthcare Ransomware Resiliency and Response Program
H-R3P seeks to develop evidence-based interventions to reduce the impact of cyberattacks on health care delivery organizations (HDOs) by identifying ransomware incidents, understanding the impacts with respect to disruption on acute clinical workflows, and deploying substitute systems during a ransomware emergency. H-R3P's goal is to develop clinician-focused tools and techniques for improving capacity for and quality of care during cyberattacks.
RxCRS: Reliable and eXplainable Cyber Reasoning System for Digital Health Security
RxCRS focuses on building new techniques to provide reliable, robust, and clear input for existing binary analysis techniques, and retrofitting them to ensure their soundness. Recent convergences in the development of program analysis, formal protocol analysis, cryptography, and biology has fostered an environment ripe for the augmentation of the binary analysis process with reliability, robustness, and clarity. RxCRS aims to reduce the effort and cost required to find and remediate vulnerabilities in legacy medical devices.
EHR-FIST: Digital Format Rehabilitation to Improve Interoperability of EHR Systems and Records
The goal of this project is to characterize the most problematic constructs in widely used electronic health record (EHR) data formats by discovering and reporting parsing bugs in existing EHR management systems. Once identified, procedures will be specified for reducing existing records into a safe form that facilitates unambiguous and secure interpretation of health records, while maintaining compatibility with existing EHR systems. EHR-FIST aims to improve the security and privacy of patient data without requiring patches to the software processing that data.
Software Bill of Materials and Software Bills of Behaviors for Effective Cyber Risk Mitigation in Healthcare Systems Comparative Study
This project seeks to perform an innovative in-depth investigation of Software Bills of Materials (SBOM) shortcomings by comparing traditional state-of-the-art SBOMs against our novel functionality and behavior-based analysis using health care-relevant datasets. The behavior-based analytical approach aims to provide a more comprehensive automated cybersecurity risk assessment for medical devices than existing approaches.