Adventium Labs Receives Another Million For Device Security


Via News Release

“Minneapolis, MN Jan. 23, 2017 ‐ Adventium Labs added another $1 million to its research initiative into the safety and security of medical devices, bringing the total raised to nearly $4 million since 2015.”

The new funds are from the Army to develop software to analyze the safety and security of networks of interoperating medical devices. The project will develop the Safety and Security Co‐Analysis Tool Environment (SSCATE) which will allow both manufacturers and the Health Delivery Organizations (hospitals, clinics, etc.) to make risk‐aware decisions about the medical devices and configurations of their networks.


“Implantables get a lot of the attention, but the fact is that hospitals and clinics have many medical devices that stay in the hospital and stay there for years. Hackers have been known to use them to access patient insurance information and other financial targets.” said Rand Whillock, Senior Principal Research Scientist at Adventium and the lead of the SSCATE effort.

Adventium’s medical device research portfolio also includes $2.2 million from the Department of Homeland Security to develop the next generation safe and secure medical device platform, called ISOSCELES, and $750,000 from the Defense Advanced Research Projects Agency ( DARPA) to develop TEEE, technology to enable software on long‐lifetime cyber physical systems to adapt over service lives that may span decades. Cyber physical systems are systems which interact directly with the physical environment. Examples include airplanes, automobiles, industrial control systems, internet of things (IoT), and medical devices, the focus of the TEEE effort.

Adventium also offers a Product Security Risk Assessment service, and has ongoing relationships with multiple companies, including several medical device companies. Typical engagements teach the risk assessment process and provide opportunities to transfer technology solutions.

The portfolio covers the full range of time scales with the common goal to address security concerns while maintaining device safety. Risk Assessment services help uncover and address issues in the real world, today. SSCATE will help identify and address security issues in current medical settings. ISOSCELES will provide a safe and secure technology base on which companies can develop next generation devices.

Finally, TEEE will help maintain this critical software over decades as technology in hospitals and clinics evolves.

Adventium Labs brings extensive experience with real‐time, life‐critical and secure embedded systems, systems design and trade‐off tools, and constraint satisfaction techniques. Joining the Adventium team is Kansas State University (ISOSCELES and SSCATE), the University of Michigan (ISOSCELES), and the University of Kansas (TEEE).

About Adventium Labs: Adventium Labs is a research and development company that develops and commercializes solutions for hard problems in the areas of cyber security, system engineering, and automated reasoning.

About Kansas State University: The SAnToS Laboratory and Security research group at Kansas State University focus on developing tools and methodologies for modeling, automated analysis and verification, risk management, and certification of safety‐ and security‐critical systems.

About the University of Kansas: The Information and Telecommunications Technology Center is a University of Kansas research center that performs research in a broad set of information‐related areas including remote sensing, telecommunications, security and province, high‐assurance systems, and data analysis.

About the University of Michigan: The Security and Privacy Research (SPQR) Group at the University of Michigan explores the research frontiers of computer science, electrical and computer engineering, and healthcare. The latest project examines the susceptibility of analog sensors to electromagnetic interference signal injection attacks.

This material is based upon work supported by the Department of Homeland Security, United States Air Force, United States Army, and DARPA under contracts D16PC00057, FA8750‐16‐C‐0273, and W81XWH‐ 16‐C‐0192. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the Department of Homeland Security, United States Air Force, United States Army, or DARPA.