Transcript sztipanovits_Trust_2005-01-10_IntegrativeProjects

Integrative Projects
Status Report
Janos Sztipanovits
TRUST, Washington, D.C. Meeting January 9–10, 2006
Content


Role of Integrative Projects in TRUST
Status Report on Project Formation:
–
–

Patient Portals
Systems/Security Co-design in Embedded
Systems
Next Steps
TRUST, Washington, D.C. Meeting January 9–10, 2006
2
Role of Integrative Projects




Link research efforts to real-life challenges
Help validating research results
Facilitate technology transitioning toward
National stakeholders
Provide focus for integrating research efforts
TRUST, Washington, D.C. Meeting January 9–10, 2006
3
Patient Portals: Societal Context
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
• The HIPAA Privacy Rule, which became effective in April of 2003,
gives US citizens for the first time a uniform right
to access to information contained in their medical records,
to request amendments or corrections to those records,
to request an accounting of disclosures of their personal health
information made by their healthcare providers.
• The HIPAA Security Rule, which became effective in April, 2005,
requires healthcare organizations to adopt administrative, physical
and technical protections for person-identifiable health data that is
maintained or transmitted in electronic format.
Currently, the civil and criminal liabilities associated with the
Security Rule create additional concerns and reticence of health care
organizations to bring new classes of users into the previously private,
internal domain of electronic clinical information systems.
TRUST, Washington, D.C. Meeting January 9–10, 2006
4
MyHealth@Vanderbilt

Experimental Patient Portal at VUMC
–
–
–

Patient access to lab results
Patient-entered notes e.g., dietary
supplements
Automated drug-drug interaction checking for
items that patients add to their medications
Opportunity
–
Use MyHealth as an evaluation platform for
TRUST technologies
TRUST, Washington, D.C. Meeting January 9–10, 2006
5
Criteria for Being a TRUST Integrative
Project
 Interest from the Medical Community
 Multisciplinary: Social, Systems, Security
 Scale: Societal with huge potential
implications
 Real: MyHealth is a live experimental system
 Technical richness and fundamental
challenges
TRUST, Washington, D.C. Meeting January 9–10, 2006
6
Integrative Project Development on
Patient Portals



Discussions and preparations started with Prof. Bill
Stead, Director, Informatics Center and the Prof. Dan
Masys, Chair, Department of Biomedical Informatics
of Vanderbilt University Medical Center in September,
2005.
We jointly organized a Design Workshop for an
Integrative Project related to Patient Portals on
December 16, 2005 at Vanderbilt Center for Better
Health. (http://dbmi.mc.vanderbilt.edu/trust/#Output)
Detailed project planning between TRUST and the
MyHealth program continue.
TRUST, Washington, D.C. Meeting January 9–10, 2006
7
Meeting at Vanderbilt
TRUST, Washington, D.C. Meeting January 9–10, 2006
8
Presentations
TRUST, Washington, D.C. Meeting January 9–10, 2006
9
The Nature of Biomedical Data

Complexity of privacy
–
–
–
–

Variable levels of sensitivity; “sensitive” is in the eye of multiple
beholders, and highly context-dependent
No bright line between person-identifiable and “anonymous”
data
So inherently rich in attributes that re-identification potential
never reaches zero
Genome as Future Diary: An individual’s medical data may
have implications for other family members who have much
different values and preferences, and for future generations
Complexity of access rights and policies
–
–
Simple role-based access control is insufficient
Governing principles: “need-to-know” and “minimum disclosure”
Source: Dan Masys’s presentation
TRUST, Washington, D.C. Meeting January 9–10, 2006
10
Design Rounds
TRUST, Washington, D.C. Meeting January 9–10, 2006
11
Workshop Results



Real-time Patient Data Monitoring
Project (see poster)
Role-based Access Modeling for Patient
Portals (see poster)
Unintended Consequences
(joint study group between the MyHealth
program and TRUST)
TRUST, Washington, D.C. Meeting January 9–10, 2006
12
Patient Portals:
Technical Challenges 1/2

Access Control
Unique problems:
- Policy languages
- Policy validation
- Distributed policy enforcement

Data Privacy
Unique problems:
- Learning from data while keeping
individual data private
- Publishing data without possibility to link
back to individuals
- Information flow through data access:
“leaking secret data”
- Incorporating background knowledge
- Interaction between privacy and policy
languages
TRUST, Washington, D.C. Meeting January 9–10, 2006
13
Patient Portals:
Technical Challenges 2/2

Distributed trust management
Unique problems:
- Maintaining trust across multiple players
with conflicting interests and policies

Information architecture modeling and analysis
Unique problems:
- Technical and organizational heterogeneity
- Major role of legacy systems
- Scale and complexity

Benchmarking
–
–

Creation of synthetic patient data
Real-life patient data
Societal Impact of Patient Portals
- What privacy policy would make patients comfortable with
contributing data to research study?
TRUST, Washington, D.C. Meeting January 9–10, 2006
14
Approaches

What solutions are possible?
–
–
–
–
–

Policy languages (Stanford)
Data privacy (Cornell)
Information architecture modeling and analysis
(VU, Berkeley)
Distributed trust management (Cornell)
Societal impact (Berkeley)
Use MyHealth as demo system
–
Put TRUST research thrusts in MyHealth contexts
TRUST, Washington, D.C. Meeting January 9–10, 2006
15
Embedded System/Security
Co-design: Societal Context
Embedded and Networked Embedded Systems have huge penetration
in all market sectors: automotive, aerospace, defense, medical,
transportation, energy, chemicals, communications and others.
• Security of embedded systems is becoming a major societal
concern
• Resource limitations, timing, and complexity make the development
of secure embedded and networked embedded systems a significant
scientific and technical challenge
TRUST, Washington, D.C. Meeting January 9–10, 2006
16
Integrative Project Development on
System/Security Co-design




Discussions and preparations started with the
ESCHER companies (GM, Boeing, Raytheon) in
September, 2005.
We solicited input for challenge problem specification
and testbed ideas.
At the December 2005 ESCHER Advisory Group
meeting we discussed specific ideas and plans
A low-cost testbed implementation is ongoing.
TRUST, Washington, D.C. Meeting January 9–10, 2006
17
Testbed Configuration
Plant
Simulator
DAQ
Controller
Controller
Controller
Wireless Link
Different SW platforms:
• Linux
• GRSecurity
• Others (LynxOS, VxWorks,..)
Single board computer
SBC4495 from Micro/Sys
Minilab 1008
TRUST, Washington, D.C. Meeting January 9–10, 2006
18
Integrated Co-design Environment
Composition Platform
Functional
Models
Component
Models
Componentized Model
OS Security Services
HW/SW Arch
Access Control
Partitioning
Model
Secure Component Structure Model
Platform
Model
Deployment Model
Generators
• Domain-specific Modeling Languages
(AADL, Simulink/StateFlow, …)
• Security modeling for different platforms
• Model Analysis tools
• Code Generators
TRUST, Washington, D.C. Meeting January 9–10, 2006
19
Exploratory Integrative Project
Ideas

Sensor Networks in Cooperation
with Oak Ridge National Labs
Dirty Bomb Detection
– Trusted Transportation Corridor (VU)
–
TRUST, Washington, D.C. Meeting January 9–10, 2006
20
Sensor Networks: Dirty Bomb
Detection Demonstration in VU Stadium
Goal: Detection of Rad.
Source position by
tracking location of
moving sensor with less
than 1m error.
Oak Ridge National Labs
TRUST team: Vanderbilt-Berkeley-Cornell
• Demonstration in
Vanderbilt Stadium,
April, 2006 (IPSN’06)
• ORNL: Rad. Sensor
• VU-ISIS: Sensor localization
and system integration
• Berkeley: Platform
• Cornell: Networking
TRUST, Washington, D.C. Meeting January 9–10, 2006
21
Next Steps




Additional integrative projects concepts are
being developed (e.g. sensor networks)
Project teams are formed between TRUST
groups and “stakeholders”
Detailed project plans are discussed
Integrative project teams are formed
First results will be reported at the April 2006
TRUST Review Meeting
TRUST, Washington, D.C. Meeting January 9–10, 2006
22