Threat Modelling for AI/ML-based Healthcare Systems
A huge amount of data is generated by electronic health records, various biosensors and other means. To receive benefits like more effective detection of diseases from these enormous amounts of data, Artificial Intelligence (AI) and Machine Learning (ML) systems are becoming more widely used. With this technological progress comes the potential for new or previously overlooked security threats. Because of the nature of the system, the security issues within healthcare systems could bear devastating consequences. This study identifies the threats opposed to AI/ML-based healthcare systems by conducting comprehensive threat modelling and threat analysis. The model captures all the characteristics of a modern healthcare system that utilizes the usage of an AI/ML component with an in-house development approach. The model has different ways to gather data and interact with patients and doctors. The threat modelling is conducted based on the STRIDE methodology. In addition, STRIDE-based attack trees are used to further identify all the relevant threats that could endanger a modern healthcare system. As a result, a comprehensive list of identified threats is provided for all the components that are used in a modern healthcare AI/ML-based system. The threat list consists of conventional and AI/ML-specific threats. For AI/ML-specific threats to be successful, they need some form of a conventional attack to be carried out beforehand. The model itself and the threats identified are validated by various experts from the cybersecurity and AI/ML field. This study aims to contribute to the safe and effective implementation of AI/ML technologies in healthcare settings.
