Shakil Mahmud - Research

Overview

Security in medical devices is not just a technical challenge; it is a matter of protecting human lives. From pacemakers to insulin pumps, these devices play a critical role in patient care, yet their growing connectivity and reliance on digital systems make them increasingly vulnerable. A single attack or malfunction could compromise sensitive health data or disrupt life-sustaining treatments, leading to severe consequences for patient safety.

The challenge becomes even greater with the rise of the Internet of Medical Things (IoMT). These devices are often small, low-power, and resource-constrained, leaving them more susceptible to threats such as side-channel attacks, tampering, and malware. Similarly, physiological closed-loop control systems (PCLCS), which automate treatments for chronic conditions such as diabetes and heart disease, raise new security and reliability concerns due to their real-time, interconnected nature.

How can we design medical devices that remain secure, reliable, and energy-efficient—even under the threat of faults, cyberattacks, or abnormal system behaviors?

To answer this question, my work integrates hardware security, AI at the edge, and biosignal modeling to detect vulnerabilities, prevent attacks, and ensure continuous safe operation. This involves developing both hardware and software tools to safeguard medical devices during runtime and support post-incident recovery, strengthening trust in healthcare technologies of the future.

Previous Research

An overview of a closed-loop medical device system and its functionalities with or without defects in the system.

An overview of our proposed approach illustrating how virtual sensing can be used to detect an anomaly and improve Trojan and/or fault resilience in WIMDs.

AI-based Biosignal Modeling:

Biomedical devices, particularly wireless implantable medical devices (WIMDs), face reliability and security challenges due to both natural faults (e.g., sensor drift, outages, or manufacturing errors) and malicious threats (e.g., hardware Trojans or denial-of-service attacks). These errors can compromise the accuracy of biosignal acquisition and, in turn, patient safety. A major challenge is that existing error detection and resiliency techniques often involve computationally expensive methods, making them unsuitable for resource-constrained, ultra-low-power implantable devices.

To address this challenge, I developed lightweight, predictive-model-based error detection and correction techniques that improve system resilience without imposing heavy overhead. My contributions focused on two complementary directions:

Error Detection and Correction for Biosignals

Designed predictive models using two approaches: a neural network and a next-value thresholding (NVT) method.
Proposed an efficient detection and correction method with minimal computational complexity, enabling practical deployment in resource-constrained closed-loop medical devices.

Trojan-Resilient Virtual Biosensors

Developed four virtual biosensors (three neural networks and one statistical model), trained under identical conditions, and combined their outputs using a weighted average ensemble approach.
Created a faulty dataset simulating both natural faults and potential Trojan-induced errors (e.g., random outages, DoS-style attacks, and single-bit errors).
Demonstrated that the ensemble approach significantly reduced mean squared error (MSE), improving fault tolerance in the presence of malicious or faulty signals.

Physiological Hardware Emulation Platform:

Evaluating PCLCS through direct animal or human trials is impractical due to system complexity, high costs, and ethical considerations. While computational modeling and software-based in silico trials have advanced the field, there has been a notable lack of hardware emulation platforms. To address this gap, I developed PEP, a hardware-in-the-loop emulation platform that incorporates all major PCLCS components.

Using an artificial pancreas system (APS) as a case study, I demonstrated PEP’s ability to accurately mimic physiological responses and provide a realistic, scalable testbed for medical device research. This contribution advances methodologies for validating closed-loop medical systems, enabling safer, more reliable, and cost-effective innovations in clinical automation.

PEP with a green LED indicating a normal range of the measured glucose value.

PEP with a red LED indicating that the measured glucose value is out-of-range.

FPGA Security:

Field Programmable Gate Arrays (FPGAs) are programmable digital circuits used in critical systems such as aerospace, defense, medical, and communication. However, their crucial usage makes them vulnerable to various security threats, including reverse engineering, side-channel attacks, hardware Trojan insertion, and malicious modification. Encryption is often used to protect the intellectual property stored in the bitstream that contains the configuration data for the FPGA. Additionally, bitstream obfuscation has been proposed as an additional security measure.

However, there is a potential for side-channel information leakage due to obfuscation. I introduced a framework that enables system designers to compare various key-based obfuscation techniques and choose one that aligns with their design and security needs.

I also have another work that explores the use of hardware mutation inspired by natural evolution for FPGAs. This article illustrates minor modifications to the standard FPGA architecture that facilitate the development of secure and evolving architectures for both present and next-gen FPGAs.

(a) Overview of the top-level architecture and associated FSM logic. (b) FSM controls the data and key inputs, toggling the trigger signal, enabling iterative collection of EM traces from the obfuscated circuit under test. (c) Flowchart of the overall test methodology, beginning with obfuscation of the CUT and integration with the test fixture, followed by design mapping to the target board, signal collection, and analysis.

(a) Experimental setup for programming circuit under test into target FPGA and gathering EM traces for further analysis. (b) Example result of placement into a specific region on an FPGA using chip-planner to ensure the recordings' reproducibility and reliability.

On-chip AI/ML for Edge Devices:

The growing integration of on-chip AI/ML in biomedical devices promises faster data analysis and real-time decision-making at the edge, but challenges such as limited resources and power efficiency remain. My research contributions addressed these challenges through collaborative and applied projects focused on hardware-aware AI for medical applications.

I worked with faculty collaborators on the design tradeoffs of implantable biomedical devices, specifically a wireless implantable micromanometer for bladder pressure monitoring. In parallel, I collaborated with graduate colleagues to develop an automated design-space exploration framework for AI hardware in biomedical systems. As part of this work, we implemented a nonlinear autoregressive neural network (NARNN) for on-chip time-series prediction, such as blood glucose forecasting.

In another project, I contributed to a framework that evaluates tradeoffs between system requirements and edge node capabilities, using diverse optimization metrics to guide efficient AI deployment. I also co-authored an article that analyzed different CNN layer types in terms of power, memory, and latency. Together, we presented four optimized CNN implementations on a low-power heterogeneous computing platform, achieving substantial reductions in power consumption with minimal latency impact while preserving classification accuracy.

Through these efforts, I contributed to advancing resource-efficient AI hardware design for biomedical devices, enabling more reliable and practical deployment of intelligent edge solutions in healthcare.