Shayan Mohammed - Security of Biochip Cyberphysical Systems

Biochemistry deals with chemical reactions in a variety of life forms. It is the basis for practical advances in medicine, agriculture, molecular genetics, and biotechnology. Traditionally, biochemical protocols are carried out in wet labs, wherein qualified professionals manually perform a sequence of steps using specialized instruments. Often the ability to perform a biochemical protocol is limited by either monetary/time cost or availability of specialized professionals/machinery. Automation can help overcome the latter limitation. The cost of experiments is a function of the quantity of materials used and the experiment duration. So, if the experiments can be done on a miniaturized level, the cost can be minimized. A vision of expanding the biochemical applications motivated the idea of a lab-on-a-chip (LoC)shrinking a wet lab onto a tiny platform.

Microfluidic technologies are one of the major driving forces towards the miniaturization of laboratory-based biochemical protocols. A microfluidic biochip or lab-on-a-chip (LoC) performs biochemical reactions by consuming nano-/pico-liter volume of reagents []. These platforms provide advantages such as minimal sample and reagent use, quicker results, automation, and reduced reliance on high-skilled personnel.

Biochips have brought a complete paradigm shift in several biochemical applications, some of which are referred to in this book. These chips have made a profound impact on health care by redefining point-of-care diagnostics [].

Fig. 1.1

An open-source DMFB system: (a) DMF biochip and (b) DropBot platform (source: ]

The global biochip market is projected to reach from $5.7 billion in 2018 to $12.3 billion by 2025 [].

1.1 Threat to Integrity

As biochips are penetrating the market, security and trust issues are being uncovered. Biochips have multiple usage scenarios, such as in a biomedical research lab and in a remote location. Depending on the usage scenario, biochemical protocol implementation faces different threats. To highlight this, we describe three real-life situations:

1. A disgruntled employee can tamper with the biochemical experiments to take revenge on colleagues or management []. The usage of biochips in such labs increases the risk of such attacks due to the biochips easy controllability.

2. An unfaithful biochip designer, who uses fraudulent or falsified claims, is a threat to the users, investors, and regulators. Edison microfluidic blood testing device from Theranos faced technical, commercial, and legal challenges over the scientific basis of its technologies [].

3. Studies have flagged security flaws in medical devices such as tampering of controls, denial-of-service, data theft, and ransom attacks []. As biochips are becoming an integral part of health care services, these threats become more pronounced.

These threats may lead to a loss of revenue and trust or, more importantly, jeopardizes the well-being of its users [].

1.2 The Threat to IP Rights

Companies, such as pharmaceuticals, invest large sums of money and person-hours in a slow and expensive bio-protocol development process laced with tough regulations. For example, a DMFB implementation of a thyroid-stimulating hormone immunoassay requires hundreds of experiments to determine the right bio-protocol parameters []. This opens new avenues for IP theft. Biochip applications inside and outside a lab pose a new challenge to IP protection:

Inside a Lab

Due to the transparent nature of bioprotocol implementation on the biochip, the bioprotocol sequence can be reverse-engineered. This can be achieved using the biochip snapshots and/or the controlling actuation sequence []. This opens the door for bio-IP theft by reverse-engineering.