study explores vulnerability of telesurgical robots to cyber attacks

The medical profession made history back in 2001 when a surgeon based in New York performed the first-ever telesurgical procedure on a patient located in France, successfully removing their gall bladder using console controls linked to a robot via a dedicated fiber.

Since this feat, the number of telesurgical procedures performed has grown significantly, while the process itself has improved considerably. One such improvement, at least according to some medical professionals, has been turning away from costly dedicated fibers and instead using more cost-effective communication links over a standard Internet connection.

Interestingly enough, a growing group of computer experts are now arguing that this is not actually an improvement given that these open communication links are accessible to virtually anyone, such that telesurgical robots could potentially be hit by a cyber attack.

In order to test this theory that greater exposure to public networks means greater exposure of telesurgical robots to cyber attacks, a team of researchers at the University of Washington simulated three different types of cyber attacks against a telesurgical robot developed by researchers at their own institution.

Here, the researchers tried to move rubber blocks from one area to another using the telesurgical robot — which consists of a technologically advanced control console, a single PC that carries out console commands and the machine itself — during the simulated cyber attacks.

Somewhat shockingly, the researchers were able to successfully connect to the same open network and interfere with the commands sent from by the console to the telesurgical robot’s operating computer, accomplishing the following:

  • Changing the commands sent by the operator (i.e., deleting, re-ordering or delaying them), making movement of the rubber blocks harder to control and more jumpy.
  • Modifying the operator’s intended signals (i.e., changing the distance or rotation of robotic arms), making movement of the rubber blocks inaccurate.
  • Seizing control of the machine from the operator, making movement of the rubber blocks impossible.

As alarming as this study is, the researchers suggest that much of this cyber exposure can be eliminated if the communications between the console and the telesurgical robot’s operating computer are encrypted, a relatively simple step.

How do you feel about this study? Does it make you less willing to undergo a telesurgical procedure due to fear of a surgical error attributable to hackers? Do you think this danger is probably overblown? Do you think encryption will rectify the problem?

Leave a Reply

Your email address will not be published.