Wearable Electronics
A new generation of wearable medical devices calls for secure, high-density non-volatile memory
By Hung-Wei Chen, director, Winbond Security Solution Marketing, Winbond Electronics Corporation; Wilson Huang, manager, Flash Memory Product Marketing, Winbond Electronics Corporation
A
s the world emerges from the Covid-19 crisis, it is likely to leave lasting impacts not only on the patients who have been treated by dedicated
doctors and nurses but also on the way medicine is practised.
As a leading manufacturer of specialty memory ICs, Winbond is constantly looking ahead to understand the broad trends in areas such as the medical equipment market. Post-Covid changes in patient health monitoring and how medical services are delivered face-to-face will create greater demand for personal and wearable medical devices. This change in the pattern of demand has important implications for users of memory products.
As this article debates, the new state of the medical electronics market calls for the wide deployment of secure memory devices and non-volatile memory chips that can store greater user data quantities at a lower cost-per-bit.
Personal medical devices at risk of intrusion or attack
If Covid has taught us anything, it is the health risk when many potentially infected people congregate in a confined space. For the foreseeable future, social distancing will continue to be mandatory in indoor spaces in many countries. Schools, factories, and hospitals will be looking for ways to limit the number of people gathered inside at any one time to make it easier to maintain distance between people.
Therefore, health systems will be giving high priority to technologies that enable monitoring and diagnosis to take place outside the hospital and do not require the patient to be admitted to a ward for observation. Consumers are already familiar with
52 July/August 2022
wearable activity trackers which monitor physiological signs such as the user’s heart rate. Winbond expects to see a rapid expansion in the use by medical practitioners of wearable devices for use in treating a range of conditions. Patients can be expected to embrace this new approach to medical treatment. Covid-19 will not be the last novel virus to cause an epidemic: HIV, MERS and SARS are other recent examples. A growing human population is sure to catch new diseases transferred from wild animals. And through Covid-19, we have learned that we are less likely to suffer if we are healthy when we become infected. Activity and health trackers provide a new way for consumers to maintain a healthier lifestyle and increase their resistance to new illnesses. So, both specialist wearable diagnostic equipment and consumer wearable devices seem likely to become much more widely used post-Covid.
This broad expansion of the use of wearable medical technology has huge implications for security for two reasons: ● In some cases, specialist medical equipment will be safety-critical – the user’s life will depend on it. So, the device must be safe from malicious attacks, such as denial of service attack, which could disable or impair its operation.
● Private user data are logged and transmitted by a wearable device, generally over a wireless link such as a Bluetooth Low Energy radio to a host device such as a smartphone. It is crucial to the user’s trust in their device that these data should only be shared with authorized entities such as the user’s physician.
The risk to connected, wearable devices Components in Electronics
is real. Official bodies such as the US Food and Drug Administration (FDA) have issued a stream of warnings to device users and manufacturers about known risks, such as the SweynTooth family of cybersecurity vulnerabilities affecting Bluetooth Low Energy radio chipsets. The FDA’s March 2020 announcement about SweynTooth said that ‘software to exploit these vulnerabilities in certain situations is already publicly available’.
Winbond is ready to help manufacturers of wearable and medical equipment protect against threats such as SweynTooth by providing secure memory for code and data storage. In medical devices, the exposure to threats is highest when the data or code is in transit. For example, when the logged heartbeat measurements are being uploaded via the Bluetooth Low Energy link from a wearable heart monitor to the user’s smartphone or updated firmware is delivered over-the-air from the cloud to the wearable device.
In simple wearable products, security provision may be confined to a microcontroller or system-on-chip (SoC), which will include a small on-chip Flash memory area for secure code storage. In more sophisticated devices, however, the size of the code will be too large for the embedded MCU’s memory, requiring the use of external Flash for code storage. However, if this external memory does not provide security functions such as an encryption engine and a root-of-trust, it will be vulnerable. And no matter how secure the host MCU or SoC, if the external memory is at risk, the whole device and its data are at risk.
This is the problem solved by Winbond’s TrustME family of secure memory products. The latest TrustME memory product, the
W77Q, protects connected devices from remote software attack. Ensuring robust, end-to-end security in connected medical devices enables: ● Secure code updates, including over- the-air updates, via an end-to-end secure channel between an update authority and the W77Q even when the host MCU or SoC has been compromised
● Secure boot and root-of-trust ● Authenticated and encrypted data transfer between the Flash device and the host
● Execute-in-Place (XiP) of boot and application code
● System resilience, enabled by the key security functions of protection, detection and recovery
How to store a torrent of personal user data at a lower cost The use of wearable and in-home patient monitoring equipment will relieve pressure on medical facilities and facilitate social distancing in surgeries and hospitals. But this personal equipment will generate a torrent of personal data. Multi-sensor monitoring equipment is already available to track various vital signs simultaneously, such as heart rate, heart-rate variability, blood oxygen levels, and temperature. Wearable devices cannot be assumed to have continuous access to the internet, so the system architecture has to allow for local storage of these user data. This means that wearable medical devices need high- density, non-volatile memory. And because decisions about a patient’s diagnosis and treatment might be based on the data, data integrity is a mission-critical requirement. The traditional choice of memory type for non-volatile, error-free storage of data is NOR Flash. In low densities of below
www.cieonline.co.uk
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54 |
Page 55 |
Page 56 |
Page 57 |
Page 58 |
Page 59 |
Page 60 |
Page 61 |
Page 62 |
Page 63 |
Page 64 |
Page 65 |
Page 66 |
Page 67 |
Page 68 |
Page 69 |
Page 70 |
Page 71 |
Page 72 |
Page 73 |
Page 74 |
Page 75 |
Page 76 |
Page 77 |
Page 78 |
Page 79 |
Page 80 |
Page 81 |
Page 82
