| CPC H04L 63/0442 (2013.01) [G06F 21/305 (2013.01); G06F 21/606 (2013.01); G16H 40/67 (2018.01); G16H 80/00 (2018.01); H04L 9/0656 (2013.01); H04L 9/0869 (2013.01); H04L 9/3236 (2013.01); H04L 9/3271 (2013.01); H04L 63/10 (2013.01); H04W 12/02 (2013.01); H04W 12/033 (2021.01); H04W 12/041 (2021.01); H04W 12/08 (2013.01); H04L 63/0435 (2013.01); H04L 67/025 (2013.01); H04L 2209/88 (2013.01); H04W 12/03 (2021.01)] | 16 Claims |
|
1. A method for securely remotely controlling a medical device with a control device, the medical device and the control device being coupled by a communications system, the control device including a control messaging system and a control communications system, the medical device including a medical device communications system and a medical device control system, the method comprising:
preparing, by the control messaging system, a device-specific message based on a current medical device state of the medical device, the device-specific message being encapsulated in a second communications protocol having a message identification, the message identification being associated with the medical device;
preparing, by the control messaging system, a communications message based on a current control device state, the communications message including a first communications protocol encapsulating the device-specific message and the second communications protocol;
queuing, by the control messaging system, the communications message based on the current control device state;
dequeuing, by the control communications system, the communications message based on a current control device communications state of the control device;
applying, by the control communications system, communications threat control to the communications message by obfuscating clear text data in the communications message to obtain a threat controlled communications message including whitening an input counted string of the clear text data using a linear feedback shift register (LFSR) seed value forming obfuscated clear text data in the communications message;
transmitting, by the control communications system, the threat controlled communications message based on the current control device communications state;
receiving, by the medical device communications system, a message based on a current medical device communications state of the medical device;
verifying, by the medical device communications system, based on the communications threat control and the current medical device state, that the received message is the same as the threat controlled communications message;
deobfuscating, by the medical device communications system, the obfuscated clear text data including dewhitening the whitened input counted string based at least on the LFSR seed value;
queuing, by the medical device communications system, the verified received message;
dequeuing, by the medical device control system, based on the current medical device state, the verified received message; and
controlling, by the medical device control system, the medical device based on the device-specific message included in the verified received message and the current medical device state;
wherein the first communications protocol comprises:
a driver byte;
a header comprising:
a length of payload;
a command;
a subcommand; and
a sequence number;
a payload comprising the communications message; and
a cyclic redundancy check.
|