Abstract:
In contemporary times, implantable medical devices, such as pacemakers, have become part of the Internet of Things ecosystem. Pacemakers play a crucial role in maintaining patients’ health by providing essential functionality. However, as they are integrated into a digital ecosystem, ensuring the safety and security of both the pacemakers themselves and the specialized devices used to configure them, known as pacemaker programmers, is of utmost importance.
This thesis focuses on conducting a comprehensive security analysis of Biotronik’s pacemaker programmer, Renamic. Considering the recent research highlighting vulnerabilities in pacemaker ecosystems, this thesis contributes to the understanding of potential risks and vulnerabilities in the context of pacemaker programmers. The analysis evaluates the current security measures implemented in the Renamic, identifies potential weaknesses and vulnerabilities, and provides recommendations for improvement. The recommendations encompass both the manufacturer Biotronik and hospitals responsible for properly managing the Renamic.
Furthermore, this thesis documents the creation of a virtual machine based on a hard drive image of a Renamic to facilitate further analysis and experimentation. The associated repository provides access to this virtual machine, enabling researchers to replicate the findings and contribute to the ongoing efforts to enhance the security of pacemaker technologies.