As a diabetic, I have two devices attached to me at all times; an insulin pump and a continuous glucose monitor. This combination of devices turns me into a Human SCADA system; in fact, much of the hardware used in these devices are also used in Industrial SCADA equipment. I was inspired to attempt to hack these medical devices after a presentation on hardware hacking at DEF CON in 2009. Both of the systems have proprietary wireless communication methods.
Could their communication methods be reverse engineered? Could a device be created to perform injection attacks? Manipulation of a diabetic's insulin, directly or indirectly, could result in significant health risks and even death. My weapons in the battle: Arduino, Ham Radios, Bus Pirate, Oscilloscope, Soldering Iron, and a hacker's intuition.
After investing months of spare time and an immense amount of caffeine, I have not accomplished my mission. The journey, however, has been an immeasurable learning experience - from propriety protocols to hardware interfacing-and I will focus on the ups and downs of this project, including the technical issues, the lessons learned, and information discovered, in this presentation "Breaking the Human SCADA System."
Jay Radcliffe has been working in the computer security field for over twelve years and is currently a Senior Threat Intelligence Analyst for a major computer security organization. He has an extensive public speaking background, going back to middle school, and has spoken on a variety of security and legal topics at major conferences, universities, and other community events. He holds a Masters degree in Information Security Engineering form SANS Technology Institute as well as a bachelor's degree in Criminal Justice/Pre-Law from Wayne State University. His experience with radios and hardware goes back to when he was 12 and earned his Ham Radio license, now with the callsign N8OS.