Technology Battles Device Cloning

NEWS TRENDS

The cloning and remanufacturing of medical devices is a growing and unsafe problem, especially given that the perpetrators are getting more skilled at operating under the radar. Technology developed by Cryptography Research Inc. (San Francisco) aims to prevent both potentially dangerous practices by making them unprofitable.

“If you remove profit incentive, you remove all of the infrastructure that's in place to put out potentially dangerous consumables,” says Benjamin Jun, vice president of technology at Cryptography Research, a company that specializes in adding security, such as tamper resistance, to products.

Cloning and remanufacturing remain an issue across a number of industries. While Jun declined to name specific medical device companies that have experienced this issue, he stressed this isn't a theoretical problem.

“[Cloners and remanufacturers] aren't people in garages hacking your equipment for fun,” says Jun. “They're for-profit businesses who invest a reasonable amount of time in reverse engineering a piece of equipment and a protocol and take the knowledge to remanufacture clones.”

Many of these companies are based in Asia, where they can invest hundreds of cheaper labor hours. “Their primary goal is to manufacture interoperable devices,” says Jun. “Whether or not they meet the appropriate certifications is probably secondary.”

Jun defines remanufacturing as a situation when a device is refurbished or reproduced by an unauthorized vendor. Cloning occurs when medical equipment is reverse engineered and manufactured to be an interoperable device that will work with diagnostic verifying equipment. “The issues here are an untrusted source that didn't undergo all appropriate industry certifications,” says Jun. “Also, you're looking at a device that was manufactured by a third party, which in many cases, makes a device look just like the real brand.”

CryptoFirewall, manufactured by Cryptography Research, is a custom silicon chip that is placed in an ­application-specific integrated circuit (ASIC). The mated pair of chips is integrated into a medical device and its diagnostic verification device. The chips work together to prevent cloning and remanufacturing.

The technology works best when used with intelligent devices, such as patient monitoring equipment, that communicate with a two-way console device or verifier diagnostic equipment. The chip interfaced with the medical device is aware of its surroundings and can store how many times a device has been used, and track how many hours it has been turned on and interfaced with a patient. The chip integrated into the verifier device is designed to confirm that it's talking with a valid product.

For example, bedside monitoring equipment interfaces with a disposable probe kit, which is a calibrated and sterile package of electrodes and sensors. Because many of these systems require a new probe kit for each patient application, the anticloning technology is designed to protect against the use of unauthorized clones of the kits, says Jun. It can also protect against unauthorized remanufacturing, in the case where kits are refurbished and may no longer be sterile.

Jun recommends that manufacturers consider integrating the anticloning technology into their product during the development phase. “You want your security core to be as closely coupled to the device as possible. For example, if your device is making measurements that are being digitized and then being transmitted over a link, you'd like your security core to be as close as possible to that communication process.” When a company is making a device secure, Jun says, the key is to build a system that is harder for an intruder to break than it is for the company to manufacture.

Copyright ©2007 Medical Device & Diagnostic Industry