PROJECT SUMMARY The Food and Drug Administration (FDA) has identified cyber-security of medical devices as a high priority, and has taken steps to work with medical device manufactures to address this growing concern. Nokomis proposes to develop an embedded, or standalone device to analyze unintended Radio Frequency (RF) emissions to determine changes in device functionality between normally operating medical devices from those under cyber-attack. The proposed noninvasive analysis device would allow medical professionals, and patients, to rapidly identify cyber-attacks in operating devices in a matter of minutes, increasing the ability to address critical system breaches before harm can be done. The noninvasive RF measurement approach is a significant advantage over any other current mitigation technique, as it relies only on the deviations from normal operational states to identify potential problems. Minimally trained medical professionals, as well as patients with devices at home, would be enabled to use the embedded or standalone device and potentially identify device risks prior to device failure. Nokomis? proposed monitoring device would enable rapid analysis of a widespread array of medical devices for functional capabilities in a noninvasive, and easy to use, system that would provide many benefits to patients and medical professionals. The proposed device will utilize unintended RF emissions that are casually related to electronic functionality on medical devices to distinguish abnormal operating conditions. Using Nokomis? ultra-sensitive sensor, the deviation in spectral content can be automatically detected to allow an alarm for the user to take action to mitigate damage from a cyber-attack. The proposed research in Phase I will focus on (Aim 1) characterizing a specific medical device in normal operational mode as well as in an altered state under cyber-attack. Differences in spectral content will be used to create detection algorithms (Aim 2) that will be tested in a benchtop prototype system to demonstrate cyber-attack detection capabilities (Aim 3). Successful results from this program will advance the mission of the agency to assure the safety of medical devices to protect the security of human patients that require medical care.