Integrative Projects Status Report Janos Sztipanovits TRUST Washington

Integrative Projects Status Report Janos Sztipanovits TRUST, Washington, D. C. Meeting January 9– 10, 2006

Content l l Role of Integrative Projects in TRUST Status Report on Project Formation: – – l Patient Portals Systems/Security Co-design in Embedded Systems Next Steps TRUST, Washington, D. C. Meeting January 9– 10, 2006 2

Role of Integrative Projects l l Link research efforts to real-life challenges Help validating research results Facilitate technology transitioning toward National stakeholders Provide focus for integrating research efforts TRUST, Washington, D. C. Meeting January 9– 10, 2006 3

Patient Portals: Societal Context Health Insurance Portability and Accountability Act of 1996 (HIPAA) • The HIPAA Privacy Rule, which became effective in April of 2003, gives US citizens for the first time a uniform right to access to information contained in their medical records, to request amendments or corrections to those records, to request an accounting of disclosures of their personal health information made by their healthcare providers. • The HIPAA Security Rule, which became effective in April, 2005, requires healthcare organizations to adopt administrative, physical and technical protections for person-identifiable health data that is maintained or transmitted in electronic format. Currently, the civil and criminal liabilities associated with the Security Rule create additional concerns and reticence of health care organizations to bring new classes of users into the previously private, internal domain of electronic clinical information systems. TRUST, Washington, D. C. Meeting January 9– 10, 2006 4

My. Health@Vanderbilt l Experimental Patient Portal at VUMC – – – l Patient access to lab results Patient-entered notes e. g. , dietary supplements Automated drug-drug interaction checking for items that patients add to their medications Opportunity – Use My. Health as an evaluation platform for TRUST technologies TRUST, Washington, D. C. Meeting January 9– 10, 2006 5

Criteria for Being a TRUST Integrative Project Ö Interest from the Medical Community Ö Multisciplinary: Social, Systems, Security Ö Scale: Societal with huge potential implications Ö Real: My. Health is a live experimental system Ö Technical richness and fundamental challenges TRUST, Washington, D. C. Meeting January 9– 10, 2006 6

Integrative Project Development on Patient Portals l l l Discussions and preparations started with Prof. Bill Stead, Director, Informatics Center and the Prof. Dan Masys, Chair, Department of Biomedical Informatics of Vanderbilt University Medical Center in September, 2005. We jointly organized a Design Workshop for an Integrative Project related to Patient Portals on December 16, 2005 at Vanderbilt Center for Better Health. (http: //dbmi. mc. vanderbilt. edu/trust/#Output) Detailed project planning between TRUST and the My. Health program continue. TRUST, Washington, D. C. Meeting January 9– 10, 2006 7

Meeting at Vanderbilt TRUST, Washington, D. C. Meeting January 9– 10, 2006 8

Presentations TRUST, Washington, D. C. Meeting January 9– 10, 2006 9

The Nature of Biomedical Data l Complexity of privacy – – l Variable levels of sensitivity; “sensitive” is in the eye of multiple beholders, and highly context-dependent No bright line between person-identifiable and “anonymous” data So inherently rich in attributes that re-identification potential never reaches zero Genome as Future Diary: An individual’s medical data may have implications for other family members who have much different values and preferences, and for future generations Complexity of access rights and policies – – Simple role-based access control is insufficient Governing principles: “need-to-know” and “minimum disclosure” Source: Dan Masys’s presentation TRUST, Washington, D. C. Meeting January 9– 10, 2006 10

Design Rounds TRUST, Washington, D. C. Meeting January 9– 10, 2006 11

Workshop Results l l l Real-time Patient Data Monitoring Project (see poster) Role-based Access Modeling for Patient Portals (see poster) Unintended Consequences (joint study group between the My. Health program and TRUST) TRUST, Washington, D. C. Meeting January 9– 10, 2006 12

Patient Portals: Technical Challenges 1/2 l Access Control Unique problems: - Policy languages - Policy validation - Distributed policy enforcement l Data Privacy Unique problems: - Learning from data while keeping individual data private - Publishing data without possibility to link back to individuals - Information flow through data access: “leaking secret data” - Incorporating background knowledge - Interaction between privacy and policy languages TRUST, Washington, D. C. Meeting January 9– 10, 2006 13

Patient Portals: Technical Challenges 2/2 l Distributed trust management Unique problems: - Maintaining trust across multiple players with conflicting interests and policies l Information architecture modeling and analysis Unique problems: - Technical and organizational heterogeneity - Major role of legacy systems - Scale and complexity l Benchmarking – – l Creation of synthetic patient data Real-life patient data Societal Impact of Patient Portals - What privacy policy would make patients comfortable with contributing data to research study? TRUST, Washington, D. C. Meeting January 9– 10, 2006 14

Approaches l What solutions are possible? – – – l Policy languages (Stanford) Data privacy (Cornell) Information architecture modeling and analysis (VU, Berkeley) Distributed trust management (Cornell) Societal impact (Berkeley) Use My. Health as demo system – Put TRUST research thrusts in My. Health contexts TRUST, Washington, D. C. Meeting January 9– 10, 2006 15

Embedded System/Security Co-design: Societal Context Embedded and Networked Embedded Systems have huge penetration in all market sectors: automotive, aerospace, defense, medical, transportation, energy, chemicals, communications and others. • Security of embedded systems is becoming a major societal concern • Resource limitations, timing, and complexity make the development of secure embedded and networked embedded systems a significant scientific and technical challenge TRUST, Washington, D. C. Meeting January 9– 10, 2006 16

Integrative Project Development on System/Security Co-design l l Discussions and preparations started with the ESCHER companies (GM, Boeing, Raytheon) in September, 2005. We solicited input for challenge problem specification and testbed ideas. At the December 2005 ESCHER Advisory Group meeting we discussed specific ideas and plans A low-cost testbed implementation is ongoing. TRUST, Washington, D. C. Meeting January 9– 10, 2006 17

Testbed Configuration Plant Simulator DAQ Controller Wireless Link Different SW platforms: • Linux • GRSecurity • Others (Lynx. OS, Vx. Works, . . ) Single board computer SBC 4495 from Micro/Sys Minilab 1008 TRUST, Washington, D. C. Meeting January 9– 10, 2006 18

Integrated Co-design Environment Composition Platform Functional Models Componentized Model OS Security Services HW/SW Arch Access Control Partitioning Model Secure Component Structure Model Platform Model Deployment Model Generators • Domain-specific Modeling Languages (AADL, Simulink/State. Flow, …) • Security modeling for different platforms • Model Analysis tools • Code Generators TRUST, Washington, D. C. Meeting January 9– 10, 2006 19

Exploratory Integrative Project Ideas l Sensor Networks in Cooperation with Oak Ridge National Labs Dirty Bomb Detection – Trusted Transportation Corridor (VU) – TRUST, Washington, D. C. Meeting January 9– 10, 2006 20

Sensor Networks: Dirty Bomb Detection Demonstration in VU Stadium Goal: Detection of Rad. Source position by tracking location of moving sensor with less than 1 m error. Oak Ridge National Labs TRUST team: Vanderbilt-Berkeley-Cornell • Demonstration in Vanderbilt Stadium, April, 2006 (IPSN’ 06) • ORNL: Rad. Sensor • VU-ISIS: Sensor localization and system integration • Berkeley: Platform • Cornell: Networking TRUST, Washington, D. C. Meeting January 9– 10, 2006 21

Next Steps l l Additional integrative projects concepts are being developed (e. g. sensor networks) Project teams are formed between TRUST groups and “stakeholders” Detailed project plans are discussed Integrative project teams are formed First results will be reported at the April 2006 TRUST Review Meeting TRUST, Washington, D. C. Meeting January 9– 10, 2006 22