New Generation of Wearable Medical Devices Calls for Secure, High-Density Non-Volatile MemorySeptember 01, 2020 by Winbond
In the age of COVID-19, medical wearable security and data storage stand to change immensely.
As the world emerges from the Covid-19 crisis, it is likely to leave lasting impacts not only on the patients who have been treated by dedicated doctors and nurses, but also generally on the way that medicine is practised.
As a leading manufacturer of specialty memory ICs, Winbond is constantly looking ahead to understand the broad trends in areas such as the medical equipment market. It is clear that post-Covid changes in patient health monitoring and in the way that medical services are delivered face-to-face are going to create greater demand for personal and wearable medical devices. This change in the pattern of demand has important implications for users of memory products.
As this article argues, the new state of the medical electronics market calls for wide deployment of secure memory devices, and for non-volatile memory chips which can store greater quantities of user data at a lower cost-per-bit.
Personal Medical Devices at Risk of Intrusion or Attack
If COVID has taught us anything, it is the risk to health when large numbers of potentially infected people congregate in a confined space.
For the foreseeable future, social distancing is going to continue to be mandatory in indoor spaces for citizens in many countries. Like schools and factories, hospitals too will be looking for ways to reduce the number of people gathered inside at any one time, to make it easier to maintain distance between people.
Health systems are therefore going to be giving high priority to technologies which enable monitoring and diagnosis to take place outside the hospital, and which do not require the patient to be admitted to a ward for observation.
Consumers are already familiar with wearable activity trackers which monitor physiological signs such as the user’s heart rate. Now Winbond expects to see a rapid expansion in the use by medical practitioners of wearable devices for use in the treatment of a range of conditions.
Patients can be expected to embrace this new approach to medical treatment. Covid-19 will not be the last novel virus to cause an epidemic: HIV, MERS and SARS are other recent examples, and a growing human population is certain to catch new diseases transferred from wild animals. And through Covid-19 we have learned that we are less likely to suffer if we are healthy at the time we become infected. Activity and health trackers provide a new way for consumers to maintain a more healthy lifestyle and to increase their resistance to new illnesses.
So both specialist wearable diagnostic equipment and consumer wearable devices seem likely to become much more widely used post-Covid.
This broad expansion of the user of wearable medical technology has huge implications for security, for two reasons:
- Specialist medical equipment will in some cases be safety-critical – the user’s life will depend on it. So the device must be safe from malicious attacks, such as denial of service attack, which could disable or impair its operation.
- Private user data are logged and transmitted by a wearable device, normally over a wireless link such as a Bluetooth® Low Energy radio to a host device such as a smartphone. It is crucial to the user’s trust in their device that these data should only be shared with authorized entities such as the user’s physician.
The risk to connected, wearable devices is real. Official bodies such as the US Food and Drug Administration (FDA) have issued a stream of warnings to device users and manufacturers about known risks, such as the SweynTooth family of cybersecurity vulnerabilities affecting Bluetooth Low Energy radio chipsets. The FDA’s March 2020 announcement about SweynTooth said that ‘software to exploit these vulnerabilities in certain situations is already publicly available’.
Winbond is ready to help manufacturers of wearable and medical equipment to protect against threats such as SweynTooth by providing secure memory for code and data storage. In medical devices, exposure to threats is greatest when data or code are in transit: for instance, when logged heartbeat measurements are uploaded via a Bluetooth Low Energy link from a wearable heart monitor to the user’s smartphone; or when updated firmware is delivered over-the-air from the cloud to the wearable device.
In simple wearable products, security provision may be confined to a microcontroller or system-on-chip (SoC), which will include a small on-chip Flash memory area for secure code storage. In more sophisticated devices, however, the size of the code will be too large for the embedded MCU’s memory, requiring the use of external Flash for code storage. If this external memory, however, does not provide security functions such as an encryption engine and a root-of-trust, then it will be vulnerable. And no matter how secure the host MCU or SoC, if the external memory is at risk, the whole device and its data are at risk.
This is the problem solved by Winbond’s TrustME® family of secure memory products. The latest TrustME® memory product, the W77Q, protects connected devices from remote software attack. By ensuring robust, end-to-end security in connected medical devices it enables:
- Secure code updates, including over-the-air updates, via an end-to-end secure channel between an update authority and the W77Q even when the host MCU or SoC has been compromised.
- Secure boot and root-of-trust
- Authenticated and encrypted data transfer between the Flash device and the host
- Execute-in-Place (XiP) of boot and application code
- System resilience, enabled by the key security functions of protection, detection and recovery
How to Store a Torrent of Personal User Data at Lower Cost
The use of wearable and in-home patient monitoring equipment will relieve pressure on medical facilities and facilitate social distancing in surgeries and hospitals. But this personal equipment will generate a torrent of personal data. Multi-sensor monitoring equipment is already available to track various vital signs simultaneously, such as heart rate, heart-rate variability, blood oxygen levels, and temperature.
Wearable devices cannot be assumed to have continuous access to the internet, so the system architecture has to allow for local storage of these user data. This means that wearable medical devices need high-density, non-volatile memory. And because decisions about a patient’s diagnosis and treatment might be based on the data, data integrity is a mission-critical requirement.
The traditional choice of memory type for non-volatile, error-free storage of data is NOR Flash. In low densities of below 512Mbits, NOR Flash is a cost-effective choice. When data capacity of 512Mbits or more is required, however, the fabrication process advantage of NAND Flash comes into play.
Winbond’s outlook on the medical equipment market suggests that high-reliability, high-speed alternatives to NOR Flash for user data are likely to become increasingly popular. This is why Winbond has developed new technologies to increase the Read and Write performance of its reliable Single-Level Cell (SLC) NAND Flash products.
For instance, the W25N QspiNAND family is available in densities of 512Mbits, 1Gbit, 2Gbits and 4Gbits. It shares the same interface as conventional SPI NOR Flash for easy replacement in existing designs, and at densities of 512Mbits offers a lower cost-per-bit and a smaller board footprint. The W25N devices also feature fast Program/Erase performance, and high reliability: their specifications include more than 100,000 Program/Erase cycles, and longer than 10 years’ data retention. An on-chip Error Correction Code (ECC) engine ensures that data in storage are free of bit errors.
Winbond also offers a migration route to higher performance , for medical devices integrating a higher number of sensors and operating at higher sampling speeds: the High-Performance QspiNAND Flash and OctalNAND Flash products offer the same high-reliability SLC NAND Flash quality, but with even higher data bandwidth.
A New Generation of Personal Medical Devices
The implications of the Covid-19 pandemic are still emerging, but it is already clear that the medical world will need to embrace the use of more personal and wearable technology. Data are the key to these emerging personal medical devices – and this has huge implications for the design of security and storage systems.
Winbond’s forward-looking approach to memory technology has seen it take a lead in the development of secure NOR Flash products and high-reliability, high-density QspiNAND Flash. As the market for wearable medical technology evolves, OEMs can expect Winbond to continue to introduce new product types and technologies to meet the latest requirements for secure and low-cost code and data storage.
By Hung-Wei Chen, Director, Winbond Security Solution Marketing, Winbond Electronics Corporation; Wilson Huang, Manager, Flash Memory Product Marketing, Winbond Electronics Corporation