What DTSec means for portable medical devices and diabetes management

As cybersecurity plays an increasingly important role in medical safety, it has become one of the major issues in the development of wireless medical devices. In 2022 alone, the Health Insurance Portability and Accountability Act (HIPAA) Journal reported 707 data breaches involving 500 or more records. IBM estimates the average total cost of a healthcare-related data breach to be $10.1 million. Today, it is becoming increasingly common for cybercriminals to employ both sophisticated IT and OT attacks. Ransomware-as-a-service is becoming a more standard, professional service, further exacerbating security concerns.

Security breaches in healthcare put people at risk. While wireless-enabled design improves information transfer and expands the benefits of medical devices, it requires additional security measures.

Cybersecurity Guidelines for Adopting Wireless Medical Devices

The U.S. Food and Drug Administration (FDA) has increasingly stringent certification requirements for cybersecurity in medical device designs, so complying with these measures requires a holistic approach. The Consolidated Appropriations Act states that all medical device submissions must include a detailed cybersecurity plan or will be rejected.

Silicon Labs' product portfolio includes SoCs uniquely suited to support medical device designers:

The EFR32BG27 (BG27) wireless SoC is available in an ultra-small WLCSP package (2.3 mm x 2.6 mm) and is capable of running on a coin cell battery. The BG27 Bluetooth SoC features an integrated DC/DC boost function that can operate at voltages as low as 0.8 volts, supporting batteries commonly used in medical applications such as patches and continuous glucose monitoring (CGM) devices. Target applications include connected and portable medical devices, wearables, sensors, switches, smart locks, and commercial and LED lighting.

EFR32BG22 (BG22) Bluetooth Low Energy (LE) wireless SoC solution offers best-in-class ultra-low transmit and receive power (4.1 mA TX, 3.6 mA RX at 0 dBm) and high-performance, low-power Arm® Cortex®-M33 core (27 µA/MHz active, 1.2 µA sleep). Target applications include Bluetooth mesh low-power nodes, smart door locks, and personal healthcare and fitness devices.

Silicon Labs Custom Programming Services

In-house Custom Parts Manufacturing Services (CPMS) securely configures a variety of highly advanced features, including:

Secure boot/debug

Crypto OTA

Public key/private key/secret key

Security identity certificate

Inject custom functionality during testing and assembly, eliminating the need for third-party programming. Silicon Labs' dedicated security team is ready to consult on security lifecycle development and provide fast, cost-effective alternatives to traditional flash programming.

Cybersecurity of diabetes management devices

Potential threats to information flow and device commands could impair the functionality of medical devices and, in turn, the health of patients. Maintaining the CIA triad of confidentiality, integrity, and availability of health data and connected devices requires a thorough cybersecurity plan.

The Diabetes Technology Society (DTS) has taken an active stance on cybersecurity for diabetes management through its Wireless Device Security Standard (DTSec). DTSec was developed with input from the FDA and the U.S. Department of Health and Human Services (HHS) and may form the basis for official FDA guidance.

The first and only DTSec compliant chipset for diabetes management devices

As a leader in IoT security, Silicon Labs has partnered with DTS to launch the first and only DTSec-compliant IC on the market. With the EFR32BG27, device designers stay ahead of FDA standards throughout the product lifecycle. Silicon Labs' EFR32BG family of Bluetooth ICs feature the highest level of Security Evaluation Standard for IoT Platforms (SESIP) certification, ensuring robustness against hardware and software attacks. SESIP certification includes IEEE 2621, the IEEE Connectivity Standard for Medical Devices for Diabetes Management. Assessment reports are available upon request.

EFR32BG features include:

Bluetooth LE SoC features SESIP Level 3 certification based on ISO common standards

Physical attack defense

Software Attacker Defense

Platform isolation

Unbreakable TRNG

The EFR32BG also includes Secure Vault to protect against attack vectors. Secure Vault provides a Secure Processing Environment (SPE) for hardware and software, tamper resistance and counterfeiting through security attestation and authentication injection.

Through Secure Vault, the EFR32BG is also supported by:

True Random Number Generator (TRNG)

Security/Encryption Engineering

Secure boot with RTSL secure debugging

Secure OTA

Differential Power Analysis (DPA) Countermeasures