The 9th IEEE International Conference on Dependable Systems, Services and Technologies, DESSERT’2018

24-27 May, 2018, Kyiv, Ukraine

Availability Models for Healthcare IoT Systems:

Classification and Research Considering Attacks
on Vulnerabilities
Anastasiia Strielkina, Vyacheslav Kharchenko, Dmytro Uzun
Computer Systems, Networks and Cybersecurity Department, National Aerospace University “KhAI”,
17, Chkalova Street, Kharkiv, Ukraine, 61070,
a.strielkina@csn.khai.edu, v.kharchenko@csn.khai.edu, d.uzun@csn.khai.edu, https://csn.khai.edu/

Abstract—Networked medical and healthcare devices
and their applications are already creating an Internet of
Medical Things which is aimed at better health monitoring
and preventive care. But the new concepts and applying of
new technologies bring certain risks including failures of
devices, infrastructure which may lead to the worst
outcome. This paper presents an approach to develop a
Markov models set for a healthcare IoT infrastructure that
allows taking into account safety and security issues. In
addition, it is presented a case study with a Markov model
considering attacks on vulnerabilities of the healthcare IoT
system.
Keywords—attack; failure; Internet of
healthcare; Markov model; security; vulnerability
I. INTRODUCTION
A. Motivation
The Internet of Things (IoT) has an important
technical, social and economic significance. According to
the preliminary forecasts [1], [2], about 50 billion devices
will be connected to the Internet and the IoT market will
reach about $1.7 trillion by 2020.
The IoT can significantly improve the existing
healthcare system as well as other domains. Combining
the capabilities of the Internet of Things with medical
equipment can greatly improve the quality and
effectiveness of healthcare services and create better
conditions for patients who need constant medical and
healthcare supervision and / or preventive intervention.
One of the most widely used IoT devices is an insulin
pump. According to the statistics of the World Healthcare
Organization presented in 2016 [3], about 8.5% of the
world population had diabetes in 2014. The networked
insulin pump can be placed in an inconspicuous place
under the patient’s clothes, so a patient can carry out and
control the injection of insulin with a special console or
smartphone.
Nevertheless, with all the benefits of using such
networked devices, the security and dependability risks
are increasing. Thus, the dependability and security
assessment of such systems is a complex process. Such
systems are characterized by a large number of failures
due to the dynamism, multicomponence and
multilevelness. For reducing this issues the
fragmentedness of the models being developed should be
used in some cases to describe repeated parts of models
which have similar structure and differ only values of
some parameters. It concerns fragmentedness caused by
changing of design faults and attacked vulnerabilities
number and the corresponding failure rates.
B. Related Works Analysis
For today there are a lot of papers that describe
Things; opportunities and benefits of healthcare IoT and medicine
and at the same time they emphasize on issues of this
technology as the security and dependability.
The authors of [4] presented all healthcare IoT trends,
solutions, platforms, services and applications. They
outlined main problems during development and using of
such devices related mostly to standardization and
regulatory issues. In addition, that paper analyzed
healthcare IoT security and privacy features, including
requirements, threat models, and attack taxonomies and
proposed an intelligent collaborative security model to
minimize security risk.
A healthcare IoT infrastructure with a brief
description of each component was presented in [5]. The
constituent components of the healthcare IoT
infrastructure are: Cloud, end-node (patient’s device),
medical or healthcare providers and communication
channels between: device and Cloud, and healthcare
provider and Cloud. The authors gave basic cases with a
few models of healthcare IoT system based on the
queueing theory. The models describe streams of the
requests and attacks on vulnerabilities and procedure of
recovery by restarting and eliminating of one and / or two
vulnerabilities.
The existing standards and regulatory acts in the field
of healthcare [6-8] provide different approaches for risk
management to determine safety and security of medical
and healthcare devices.
Attacks on vulnerabilities of IoT based systems can
be simulated using Markov’s modelling. In [9] was

978-1-5386-5903-8/18/$31.00 ©2018 IEEE 58

Authorized licensed use limited to: Manchester Metropolitan University. Downloaded on January 21,2021 at 16:01:52 UTC from IEEE Xplore. Restrictions apply.
 presented and explained how Markov modelling can be
used to evaluate the reliability of the complex systems
parallel redundant system. In [10] was shown that
dependability consists of many measures (as reliability,
availability, safety, performability and security and it’s
attributes). Authors presented a good state-of-the-art how
Markov models can be applied to the dependability and
security analysis.
A Markov model, which takes into account the
technical conditions of typical network components of the
IoT-based smart business center was presented in [11].
The authors emphasized that the analysing dependability
IoT system must take into account the reliability and
security of the system at several levels IoT architecture.
In [12] the metric-based approach based on the
analysis of Markov chain’s stiffness, decomposability,
sparsity and fragmentedness was shown. According to the
authors the fragmentedness can be achieved dividing the
model into N fragments (they have the similar structure
but different parameters). Such approach may help to
present interconnection between different parts of system.
As a result of the foregoing the task of Markov
modelling of healthcare IoT systems is in demand and
relevant.
C. Goals and Structure
In this paper, it is proposed to develop a Markov
models set for the healthcare IoT infrastructure that allows
taking into account the specificity of end user devices,
communication channels, technologies of data flows and
safety and security issues of these components.
The paper is structured as follows. The section II
presents a brief description of models sets for the
healthcare IoT system based on Markov process approach.
The section III presents a case study with a Markov model
considering attacks on vulnerabilities of the healthcare IoT
system followed by concluding remarks. The section IV
concludes and describes future research directions.
II. DESCRIPTION OF MODELS SETS FOR THE
HEALTHCARE IOT SYSTEM BEHAVIOR
For the description formalization of the healthcare IoT
system behavior, it is proposed to apply the set-theoretic
model that would adequately represent both the structure
of the system and the cause-effect relationships between
its components. Set-theoretical model that describes a set
of models behavior of the healthcare IoT infrastructure is
presented in Fig. 1.
10
M 00 F0
M 00
M 10 M 010RD M 10 M RFI00 M 0FR0D
RI 0 RI RD
1V FV
M 00 M 00
M 1RVI 0 M 01VRD M 1RVI RD M RFV M 0FV
I0 RD
Figure 1. Model range for healthcare IoT systems
Authorized licensed use limited to: Manchester Metropolitan University. Downloaded on January 21,2021 at 16:01:52 UTC from IEEE Xplore. Restrictions apply.
M RFV is a model that takes into account all possible
I RD
states of the the healthcare IoT system (functional states,
vulnerabilities and reliability issues).
F – is the cardinality of a functional states set

F = SF0 ,SF1 ,...,SFm . 
When F=1 the set is a degenerate (e.g., only request
function). This case can be described using Markov
process with discrete states and continuous time i.e. the
10
birth–death process (see Fig. 2 for M 00 , where n is a
number of requests in the queue incoming from different
end IoT users, λ01, λ12, λn-1n are intensities of service
requests flow, μ10, μ21, μnn-1 are intensities of processing
flow) and in more details it was described in [5].
Figure 2. A scheme of “Birth-death” process for the healthcare IoT
behavior
When F > 1 the model takes into account different modes
of operation of healthcare IoT infrastructure (e.g., readout,
request, monitoring, sleep mode, injection (for insulin pump),
F0
etc.). This case is depicted on Fig. 3 for M 00 .
Figure 3. Graph describing the functional states of the healthcare IoT
infrastructure
V – is the cardinality of the security vulnerabilities set

V = SV0 ,SV1 ,...,SVp ,  where p is a number of
vulnerabilities. When V = 0 the set is a degenerate; when
V  1 the modes of attack reflection and eliminating of
attacks are taking into account. As the vulnerabilities are
eliminated the number of attacks decreases.
RI – is the cardinality of the degradation levels of the

healthcare IoT infrastructure set RI = S RI ,S RI ,...,S RI
0 1 k
,
i.e. ability to serve applications from device nodes. When
RI = 0 failures are not taken into account, i.e. top level –
nondegrading infrastructure. For the case M 10 RI 0 Markov
M RFI 0RD model is presented in Fig. 4 (where λ0’01, λ1’11, … are
intensities of infrastructure faults, μ’010, μ’212, … are
intensities of recovering). RD – is the cardinality of the
devices (for this paper networked insulin pump) failures
M RFV
I RD
 
set RD = S RD ,S RD ,...,S RD , and when RD = 0 failures
0 1 l
are also not taken into account. For the case M 010RD
59
 Markov model is presented in Fig. 5 (λ0’’01, λ1’’11, … are
intensities of end-deviced faults, μ’’010, μ’’212, … are
intensities of recovering).
Figure 4. Graph describing faults of the healthcare IoT
infrastructure
Figure 5. Graph describing faults of the devices (end nodes) in
healthcare IoT infrastructure
Based on the developed models in the context of models
behavior set of the healthcare IoT infrastructure it can be
concluded that the use of such models is promising for
research, analysis and improvement of the healthcare IoT
infrastructure on account of multilevelness decomposition,
fragmentedness, inheritance and convolution.
III. CASE STUDY: A M ARKOV MODEL CONSIDERING
ATTACKS ON VULNERABILITIES OF HEALTHCARE IOT
SYSTEM
A. Analysis of the Origin Nature and Classification of
Possible Cyber Attacks
Since attacks are the possible consequences of the
threat implementation the existing vulnerabilities.
Therefore it is necessary to consider the attack as a
malicious action affecting the healthcare IoT system's
performance.
In [13] mentioned that about 250 cyber attacks were
targeted on health sector (only publicly disclosed
incidents) in 2016-2017. There are several types of attacks
on IoT that were discussed in many papers [14]–[16]. The
security issues of insulin pump in the context of cyber-
security systems were shown in [17]. The authors of these
60
Authorized licensed use limited to: Manchester Metropolitan University. Downloaded on January 21,2021 at 16:01:52 UTC from IEEE Xplore. Restrictions apply.
papers presented attacks’ targets, weaknesses, and
technique of the security attacks. The main categories of
IoT attacks are aimed for control, data, controllers (end-
nodes) and networks. Attacks on data are very devastating
in the healthcare field due to the physician–patient
privilege and a patient privacy and confidentiality. Attacks
on control involve imply an intruder's intention to gain
access to the management of both the entire healthcare
IoT system and individual components. Attacks on
controllers are aimed at end-nodes (patients’ devices) to
gain access to control them and make a physical damage.
Attacks on networks are aimed to sniffing out, copying the
confidential information or any other data flowing in the
networks.
After analyzing classification of attacks according the
main aims and focus is presented in Fig. 6.
Figure 6. Classification of healthcare IoT attacks
Such attacks on vulnerabilities can prevent the devices
and infrastructure to communicate correctly and without
failures.
B. Markov Model Considering Attacks on Components
Vulnerabilities of Healthcare IoT System
According to the approach described above in the
1V
Section II for the case M 00 , a simplified Markov’s graph
is presented below. The model does not take into account
eliminating of vulnerabilities and design faults. The failure
and/or attack, recovery and/or repulse rates are constant.
Fig. 7 shows a Markov’s graph of the main components
functioning of the healthcare IoT system during attacks, λ -
the failure and/or attack rate, µ - the recovery and/or
reflection rate. Thereby, the basic states of the healthcare IoT
system are: 1 - normal condition (upstate) system; 2 – traffic
analysis attack; 3 – spoofing attack; 4 – cloning attack; 5 –
unauthorized access to the network or database; 6 – failure
of the network; 7 – failure due the data leakage; 8 – man-in-
the-middle attack; 9 – DoS/DDoS attack; 10 – failure due
the loss of control; 11 – attacks on software (i.e., viruses,
worms, Trojan horses, spyware, adware, etc.); 12 – phishing
attack; 13 – malicious scripts injection attacks; 14 – social
engineering; 15 – failure or controllers (hardware, end-
nodes); 16 – tampering of the end-nodes attack; 17 –
jamming attack; 18 – malicious node injection attack; 19 –
 physical damage; 20 – complete failure of healthcare IoT
system.

Figure 8. Dependence of the changing of the availability function

depending on the changing λ15 rate

Figure 7. Markov’s graph of attacks on healthcare IoT

infrastructure
Figure 9. Dependence of the changing of the availability function
Such Markov model for the healthcare IoT system can depending on the changing λ19 rate
be divided into four levels: the first level is the upstate (state
1), the second level are the states state the transition to which
occurred due to attacks (states 2-5, 8, 9, 11-14, 16-19), the
third level implies states with different failures (states 6, 7,
10, 15); the fourth level is a failure of a whole system (state
20). So, there is only one up-state in the considering system.
After solving the system of Kolmogorov-Chapmen
equations, it is possible to obtain the availability function
value of the healthcare IoT system, the number of system
failures due to cyber attacks.
To solve a system of linear Kolmogorov differential
equations it is necessary to collect and analyse statistics on
failures and attacks on the healthcare IoT infrastructure. The
data for model simulation was taken from [18], [19] (for the Figure 10. Dependence of the changing of the availability function
healthcare cyber attacks [20] – [22]) and experts’ depending on the changing λ111 rate
assessments.
The obtained steady-state probabilities for the considered
Markov model are:
P1(t) = 0.9183149; P2(t) = 3.43523e-05;
P3(t) = 2.292919e-05; P4(t)= 0.0001693283;
P5(t) = 0.0002168167; P6(t) = 0.006018265;
P7(t) = 0.04055902; P8(t) = 4.878616e-05;
P9(t) = 0.0001007445; P10(t) = 0.01365683;
P11(t) = 3.79046e-05; P12(t) = 0.0001206337;
P13(t) = 1.514862e-05; P14(t) = 0.001278129;
P15(t) = 0.001488987; P16(t) = 0.0006177497;
P17(t) = 0.0104252; P18(t) = 0.0005000198;
P19(t) = 0.005830752; P20(t) = 0.0005435141. Figure 11. Dependence of the changing of the availability function
Fig. 8 – 11 show the dependence of the changing of the depending on the changing λ114 rate
availability function depending on the changing of the
different types of attacks on the healthcare IoT systems rates.

61

Authorized licensed use limited to: Manchester Metropolitan University. Downloaded on January 21,2021 at 16:01:52 UTC from IEEE Xplore. Restrictions apply.
 The analysis of the obtained results shows that the
biggest influence on the change in the availability function
has the λ19 rate – DoS/DDoS attack (one of the most
frequent and destructive attacks), next is the λ114 rate –
social engineering (i.e., human factor), next the rates λ15 –
unauthorized access to the network or database and λ111 –
attacks on software (i.e., viruses, worms, Trojan horses,
spyware, adware, etc.), that are confirmed by statistical
data.
IV. CONCLUSIONS AND FUTURE WORK
Integrating sensors, devices and people into a single
network, IoT technologies enable new opportunities for
interaction between a person and a machine, software and
equipment. However, with such great potential IoT leads
to a variety of threats.
In this paper, a Markov models set for the healthcare
IoT infrastructure that allows taking into account the
specificity of end user devices, communication channels,
technologies of data flows and safety and security issues
of these components has been developed. One of the
Markov models considering attacks on vulnerabilities of
the healthcare IoT infrastructure has been developed and
researched to implement the suggested approach.
Next steps of research will be dedicated to
development of safety and security models for healthcare
IoT systems and combining results of this paper and future
developed models taking into account both the reliability,
safety and security requirements and issues.
ACKNOWLEDGMENT
This paper results from the Erasmus+ programme
educational project ALIOT «Internet of Things: Emerging
Curriculum for Industry and Human Applications»
(reference number 573818-EPP-1-2016-1-UK-EPPKA2-
CBHE-JP, web-site http://aliot.eu.org) in which the
appropriate course is developed (ITM4 - IoT for health
systems) within its framework, we have developed
modules related to IoT systems modelling. The authors
would like to thank colleagues on this project, within the
framework of which the results of this work were
discussed. The authors also would like to show deep
gratitude to colleagues from Department of Computer
Systems, Networks and Cybersecurity, National
Aerospace University «KhAI» for their patient guidance,
enthusiastic encouragement and useful critiques of this
paper.
REFERENCES
[1] D. Lund, C. MacGillivray, V. Turner, and M. Morales,
“Worldwide and Regional Internet of Things (IoT) 2014–2020
Forecast: A Virtuous Circle of Proven Value and Demand,” IDC,
Framingham, MA, 2014.
[2] “Understanding the Internet of Things (IoT)”, GSM Assosiation,
2014, 14 p.
62
Authorized licensed use limited to: Manchester Metropolitan University. Downloaded on January 21,2021 at 16:01:52 UTC from IEEE Xplore. Restrictions apply.
[3] Global report on diabetes, World Healthcare Organization, 2016,
88 p.
[4] S.M.R. Islam, D. Kwak, Md.H. Kabir, M. Hossain, K.-S. Kwak,
"The Internet of Things for Health Care: A Comprehensive
Survey", IEEE Access, vol. 3, pp. 678-707, 2015. DOI:
10.1109/ACCESS.2015.2437951.
[5] A. Strielkina, D. Uzun, V. Kharchenko, “Modelling of healthcare
IoT using the queueing theory,” in 9th IEEE International
Conference on Intelligent Data Acquisition and Advanced
Computing Systems: Technology and Applications (IDAACS), vol.
2, 2017, pp. 849-852. DOI: 10.1109/IDAACS.2017.8095207.
[6] “Applying Human Factors and Usability Engineering to Medical
Devices: Guidance for Industry and Food and Drug
Administration Staff,” U.S. Department of Health and Human
Services Food and Drug Administration Center for Devices and
Radiological Health Office of Device Evaluation, 2016.
[7] Guidance for Industry: Q9 Quality Risk Management, U.S.
Department of Health and Human Services Food and Drug
Administration Center for Drug Evaluation and Research Center
for Biologics Evaluation and Research, 2006.
[8] ISO 14971:2007 Medical devices -- Application of risk
management to medical devices, 2007.
[9] K. S. Trivedi and D. Selvamuthu, "Markov modeling in
reliability," in Encyclopedia of Quantitative Risk Analysis and
Assessment. John Wiley & Sons, Ltd, 2008. DOI:
10.1002/9781118445112.stat03635.
[10] D.M. Nicol, W.H. Sanders, and K.S. Trivedi, "Model-based
evaluation: From dependability to security", IEEE Transactions on
Dependable and Secure Computing, vol. 01, no. 1, pp. 48-65,
2004. DOI: 10.1109/TDSC.2004.11.
[11] V. Kharchenko, M. Kolisnyk, I. Piskachova, and N. Bardis,
“Markov model of the Smart Business Center wired network
considering attacks on software and hardware components,” in
International journal of computers and communications, vol. 10,
2016, pp 113-119.
[12] V. Butenko, V. Kharchenko, E. Odarushenko, and D. Butenko,
“Metric-based approach and tool for modeling the I&C system
using Markov chains,” in Proceedings of ICONE-23 23rd
International Conference on Nuclear Engineering, Chiba, Japan,
2015, p. 9. DOI: 10.1299/jsmeicone.2015.23._ICONE23-1_279.
[13] McAfee Labs Threat Report, December 2017, 13 p.
[14] M. Abomhara, and G. M. Kien, “Cyber Security and the Internet
of Things: Vulnerabilities,Threats, Intruders and Attacks,” in J.
Cyber Secur. Mobil, vol. 4, no. 1, 2014, pp. 65-88.
DOI: 10.13052/jcsm2245-1439.414.
[15] M. Farooq, M. Waseem, A. Khairi, and S. Mazhar, “A Critical
Analysis on the Security Concerns of Internet of Things (loT)”, in
International Journal of Computer Applications, vol. 111, 2015, 6
p. DOI: 10.5120/19547-1280.
[16] M. Nawir et al., "Internet of Things (IoT): Taxonomy of security
attacks", 3rd International Conference on Electronic Design, pp.
321-326, 2016. DOI:10.1109/ICED.2016.7804660.
[17] A. Humayed, J. Lin, F. Li and B. Luo, "Cyber-Physical Systems
Security—A Survey", IEEE Internet of Things Journal, vol. 4, no.
6, pp. 1802-1831, 2017. DOI: 10.1109/JIOT.2017.2703172.
[18] “Kaspersky security bulletin: overall statistics for 2017,”
Kaspersky Lab, 2017, 29 p.
[19] “The State of Industrial Cybersecurity 2017,” The Business
Advantage Group Limited, 2017, 23 p.
[20] G. Bell, and M. Ebert, “Health care and cyber security: ncreasing
Threats Require Increased Capabilities,” KPMG International,
USA, 2015, 7 p.
[21] A. Le Bris, W. El Asri, “State of cybersecurity & cyber threats in
healthcare organizations,” Essec Business School, 2016, 12 p.
[22] “The state of cybersecurity in healthcare organizations in 2016,”
Ponemone Institute, 2016, 32 p.