Month: March 2019

Exploring Security Issues in Telehealth Systems

Telehealth systems (TS’s) provide remote health-based services to improve the quality of service of patient treatment. Most healthcare professionals have access to standard telecommunications technology (such as Wireless Body Area Network (WBAN), biosensors, remote medical robots, and others) to offer remote care of elderly and physically less able patients as well as remote surgeries, treatments, and diagnoses. In order to ensure the functionality of TS’s, several systemic properties must be satisfied, including security. Although there are studies that discuss different security approaches in TS’s, it is difficult to have a clear view of existing security issues and solutions for these systems.

We conducted a review to detect, organize and characterize security issues in TS’s in order to discuss challenges (emerged from these issues) from Software Engineering point of view. In summary, we identified 5 attacks, 4 vulnerabilities, 2 threats, and 1 weakness commonly reported in TS’s. Also, we described solutions (reported in academia) to face these security issues plus other qualitative results.

Finally, in the following figure, we illustrate the evolution of security issues according to years and TS’s contexts.

Screen Shot 2019-03-08 at 12.17.27 AM.png

Letters “I” (Integration), “P” (Privacy), “D” (Insecure data transmission), “T” (Trust), “IO” (Interoperability), “M” (Risk Management), and “R” (Requirements) indicates target problems. Composed letters (e.g., I-T) indicate more than one target problem.

Finally, our paper was accepted in the 1st International Workshop on Software Engineering for Healthcare (SEH) (in conjunction with ICSE 2019).