Available at: https://digitalcommons.calpoly.edu/theses/3376
Date of Award
6-2026
Degree Name
MS in Computer Science
Department/Program
Computer Science
College
College of Engineering
Advisor
Stephen Beard
Advisor Department
Computer Science
Advisor College
College of Engineering
Abstract
Embedded system security in implantable medical devices (IMDs) remains an underexplored challenge due to the unique constraints of these systems. Specifically, pacemakers are optimized for ultra-low power consumption to maximize device lifespan, are highly resource constrained, and demand reliable and correct operation to prevent severe health consequences. These systems rely on sensing electrodes, called leads, to detect cardiac activity and stimulate the patient’s heart when appropriate. Therefore, pacemaker lead integrity is a critical issue, as malfunction or compromise can result in device failure jeopardizing patient safety.
The security framework presented in this thesis integrates several works to proactively detect and address lead failure issues in pacemaker systems. The framework is then applied with a proof-of-concept anomaly detection system (ADS) for lead compromise, system compromise, and malicious or unauthorized communications. The security module makes appropriate system adjustments before yielding to failsafe mode. System failsafe operation is guided by proposed failsafe policy.
The framework can feasibly be implemented on current pacemaker systems but requires systems to have 309 KB of available flash memory and marginally increases system wake time and energy consumption. The proof-of concept estimates a 45% increase (512 KB) in flash memory but incurs less than a 4.2% (0.21 ms) sensing latency overhead with sequential prediction of three models with a compatible ML accelerator and 3.8 ∗ 10-5% (5 µJ to 44mJ) annual energy consumption overhead depending on usage frequency. The performance of the overall ADS is dependent on model selection, but the suggested non-optimized autoencoder and multi-layer perceptron (MLP) models yield an approximate area under the curve (AUC) of 0.86 and an F1 score of 99.960, respectively. Altogether, the framework, proof-of-concept, and failsafe policies provide a foundation for future implementation and testing of security features for pacemakers.