Mariam Elgabry, Darren Nesbeth, Paul Ekblom, Shane Johnson
{"title":"BAKE: a novel framework for iterative security design for identifying criminally-exploitable vulnerabilities in biotechnology products.","authors":"Mariam Elgabry, Darren Nesbeth, Paul Ekblom, Shane Johnson","doi":"10.1186/s40163-025-00256-8","DOIUrl":null,"url":null,"abstract":"<p><p>Emerging \"in-body\" monitoring, such as via ingestible devices, promises the future of personalised health, yet discussions of crime and security implications remain of low priority. Here, we develop and deploy the scenario building of the Delphi process and the prototyping of the hackathon through a hybrid hackathon Delphi framework that we have labelled \"BAKE\". The aim of BAKE is to capture insight from experts regarding the risks posed by these devices; and to produce evidence for the utility of the model as a mechanism to identify at an early stage of design/development, criminally-exploitable vulnerabilities in biotechnology (bio-electronic devices), especially medical products/services. Findings from four expert groups include the identification of four crime forms (e.g., corporate exploitation, data breaches). Five secure by design principles (e.g., end-to-end encryption) and four governance mechanisms (e.g., independent body) were recognised. Four stakeholders were identified (e.g., technical, advocates for equitable treatment). Results indicate that the inclusion of non-traditional experts and early career researchers within the hackathon model can allow the identification of highly challenging threats within the cyber-physical device system. We demonstrated that hosting a hackathon with an embedded Delphi process can instigate secure by design thinking earlier in the product development life cycle of any emerging technology.</p>","PeriodicalId":37844,"journal":{"name":"Crime Science","volume":"14 1","pages":"16"},"PeriodicalIF":2.6000,"publicationDate":"2025-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC12491385/pdf/","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Crime Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1186/s40163-025-00256-8","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2025/10/2 0:00:00","PubModel":"Epub","JCR":"Q1","JCRName":"CRIMINOLOGY & PENOLOGY","Score":null,"Total":0}
引用次数: 0
Abstract
Emerging "in-body" monitoring, such as via ingestible devices, promises the future of personalised health, yet discussions of crime and security implications remain of low priority. Here, we develop and deploy the scenario building of the Delphi process and the prototyping of the hackathon through a hybrid hackathon Delphi framework that we have labelled "BAKE". The aim of BAKE is to capture insight from experts regarding the risks posed by these devices; and to produce evidence for the utility of the model as a mechanism to identify at an early stage of design/development, criminally-exploitable vulnerabilities in biotechnology (bio-electronic devices), especially medical products/services. Findings from four expert groups include the identification of four crime forms (e.g., corporate exploitation, data breaches). Five secure by design principles (e.g., end-to-end encryption) and four governance mechanisms (e.g., independent body) were recognised. Four stakeholders were identified (e.g., technical, advocates for equitable treatment). Results indicate that the inclusion of non-traditional experts and early career researchers within the hackathon model can allow the identification of highly challenging threats within the cyber-physical device system. We demonstrated that hosting a hackathon with an embedded Delphi process can instigate secure by design thinking earlier in the product development life cycle of any emerging technology.
期刊介绍:
Crime Science is an international, interdisciplinary, peer-reviewed journal with an applied focus. The journal''s main focus is on research articles and systematic reviews that reflect the growing cooperation among a variety of fields, including environmental criminology, economics, engineering, geography, public health, psychology, statistics and urban planning, on improving the detection, prevention and understanding of crime and disorder. Crime Science will publish theoretical articles that are relevant to the field, for example, approaches that integrate theories from different disciplines. The goal of the journal is to broaden the scientific base for the understanding, analysis and control of crime and disorder. It is aimed at researchers, practitioners and policy-makers with an interest in crime reduction. It will also publish short contributions on timely topics including crime patterns, technological advances for detection and prevention, and analytical techniques, and on the crime reduction applications of research from a wide range of fields. Crime Science publishes research articles, systematic reviews, short contributions and theoretical articles. While Crime Science uses the APA reference style, the journal welcomes submissions using alternative reference styles on a case-by-case basis.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
