A Vanderbilt University team has received a funding of up to $7 million from the Advanced Research Projects Agency for Health (ARPA-H) UPGRADE program. The Advance Risk Management and Operational Resilience for Hospitals (ARMOR-H) system is designed as an autonomous cyber-threat solution that enables proactive, scalable, and assured security updates.
Medical device cyberattacks can endanger patient lives by disrupting life-critical devices like ventilators, monitors and pumps, as well as compromising sensitive patient data by targeting vulnerable hospital systems. The project is led by Himanshu Neema, principal research scientist at Vanderbilt’s Institute for Software Integrated Systems, and Co-PIs Sandeep Neema, director of the Vanderbilt Institute for Software Integrated Systems, and James Weimer, assistant professor of computer science and biomedical engineering.
The team’s system will include a Vulnerability Mitigation Platform (VMP) that proactively detects and validates remediation for vulnerabilities in an emulated hospital environment without disrupting clinical operations, and a digital twinning platform to generate emulators of medical devices. The VMP will emulate device usage in clinical workflows and enable automated deployment of vulnerability detection and remediation tools, along with integrated decision-support dashboards to quantitatively assess and incorporate the impact of medical device patching on patient care.
“ARMOR-H aims for breakthrough solutions to protect patient care and hospital operations,” said Himanshu Neema. “The goal is to develop decision-support tools for IT teams to defend against cyber threats and manage risks at scale, especially concerning medical devices, which are hard to patch and test.”
Dashboards for final approval of remediations will use human-in-the-loop (HITL) machine learning where human expertise is integrated into automated processes to improve threat detection, response accuracy, and accelerate decision-making.
“The medical domain is replete with thousands of medical devices that vary radically in their hardware and software stacks and the available information about them,” said Weimer. ARMOR-H will develop “an emulator synthesis pipeline that automatically builds precise virtual replicas of hospital equipment using a combination of information from public source code repositories and user manuals by utilizing Large Language Models (LLMs),” he said.
The ARMOR-H project is supported by subject matter experts from Vanderbilt University Medical Center: Esfandiar Zafar, executive director of Infrastructure & Operations, and Dr. Kenneth Holroyd, associate professor and assistant vice chancellor, who bring in expertise and contextual information on real-world hospital operations.
Medical device manufacturers Sibel Health, Inc., Vasowatch, Inc., and Neuralert, Inc. will provide subject matter expertise on medical devices and support integration, evaluation, and validation of the emulation technology. “We are proud to be working within this world-class consortium to take this to the next level ensuring our devices are both clinically impactful and highly secure,” said Dr. Steve Xu, CEO and co-founder of Sibel Health. Microsoft Corporation will provide support for cloud deployment and integration of data analytics.
Other Vanderbilt researchers on the project include Computer Science Assistant Professors Yu Huang and Kevin Leach, who will contribute their expertise on vulnerability discovery and assured patching.
“This is a pivotal investment towards creating tools that can confidently and quickly generate and deploy custom defenses or patches for identified vulnerabilities in critical medical devices,” said Himanshu Neema.
This research was, in part, funded by the Advanced Research Projects Agency for Health (ARPA-H). The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the United States Government.
Contact: brenda.ellis@vanderbilt.edu