Murder in Hospital – Crime Scene Unknown

The murder victim was killed in hospital but no one knew where the murderer committed the crime since one of their weapons was the internet.

Is this scenario science-fiction or has it actually happened somewhere? No such case has ever been publicised but the conditions that would make it possible (still) exist.

What sounds like the plot of a bad crime novel is technically realisable. A murderer could hack their way into a hospital's IT network, free to look up patient details and where, how, why and when they will be treated. Not much left to do to deliberately influence the electronic devices on the wards. It could just be a playful experiment or it could be an attempt at targeted manipulation. Maybe it will hurt one of patients, just by chance, maybe the patient was the killer's rich uncle. That the murderer will also receive confidential hospital data, including personal details on all the patients and staff along the way, is not to be further contemplated.

This fictional scenario may already have been the reason for "incidents" where "unexplainable events" took place. The fact is that no infrastructure that needs to meet demands of integration and remote maintenance, as well as protect the rights of third parties, can be built reliably on the hardware components currently available.

The challenge lies in connecting different devices with various functions together in such a way that they form a functional system. In order for the security of the complete system to be legally guaranteed, each individual part needs to be secure in and of itself. Since every subsystem may demand a different interpretation of "security", inevitable gaps will emerge that can only be closed by making sure that every subsystem remains secure, in IT terms, and reliable despite weaknesses in other parts of the system.

The weakness in these systems exists in the hardware of the processors. Practically all standard makes of these hardware components are based on an architecture that has existed for around eighty years. The software that has been "stretched over" this architecture can compensate for some, but not all, of the deficiencies that adhere to these systems. Even multiple systems which monitor each other and offer each other redundancies can be "switched off" by malware attacks. The most important deficiency is the non-existent separation between instructions (for the hardware to carry out) and data (information to be worked with) in the database. The resulting muddle leads to the high success rate of hacking attempts that are being reported more and more often. These attacks usually run along these lines: instructions disguised as data are channelled into the computer over an interface (internet, modem, external drives) to be carried out by the processors.

A new hardware architecture, which demands and supports a clean and thorough separation between the data categories that exist in the system, could remedy these issues. This is achieved by the technology advertised here. It prevents software from being installed without the operator's involvement. This allows the operator to maintain complete control over the systems thus formed making it a mark of quality and a risk-minimising criterion in any system's performance.

Diese Hardware-Architektur ist patentiert und hat beim Wettbewerb „INNOVATIONSPREIS-IT 2015″ in der Kategorie „Hardware“ einen der vorderen Plätze belegt.

IT-Sicherheit „Made in Germany“ – weitere Informationen unter friedhelm.becker2@t-online.de.