Energy-Conscious and Regulation-Ready Security Protocol for Wearable Medical Devices: From Formal Proofs to Deployment
Why this work is in the frame
A frame that forgets how it found something cannot be audited. These are the routes that admitted this work.
Bibliographic record
Abstract
This paper introduces a formally verified, lightweight security protocol tailored for energy-constrained wearable medical devices operating in regulated healthcare environments. Designed to satisfy emerging cybersecurity mandates from HIPAA, GDPR, and Health Canada, the protocol incorporates Ed25519-based mutual authentication, ephemeral Curve25519 key exchange, and ChaCha20-Poly1305 authenticated encryption, providing in-transit protection across heterogeneous nodes with minimal computational and energy overhead. Formal verification through ProVerif and Scyther confirms strong resilience against key compromise, replay, and session confusion, with verified guarantees of end-to-end authentication, forward secrecy, nonce protection, and key integrity across multi-node interactions. To ensure practical feasibility, the protocol was validated through a dual-phase evaluation strategy. A Python-based simulation testbed enabled controlled symbolic testing, adversarial fault injection, and modular verification of cryptographic behavior and session dynamics. This was followed by real-world deployment on an STM32L431-powered ECG wearable, relayed through an Android node to a cloud server. Energy profiling with Nordic PPK2 measured only ∼7.91 mWh of daily security overhead, under 16% of system budget, supporting 30+ days of secure operation per charge. The total system consumption (∼58 mWh/day) remains lower than many reported BLE-ECG designs [1, 35] that lack full-stack security, demonstrating that strong cryptographic guarantees can be achieved without exceeding typical power budgets. These results affirm that regulatory-compliant, secure communication is feasible in embedded MedTech systems without compromising runtime efficiency, offering a reproducible model for future IoMT protocol research and deployment.
Fetched live from OpenAlex and de-inverted. Abstracts are not stored in this database: the inverted indexes are 8.6 GB of the frame’s 9.3 GB of text, and the host has 13 GB free.
Full frame distilled prediction
Teacher imitationNot calibrated prevalence, not ground truth. Human validation pending. Learned from the 10,348 direct Codex labels and 10,348 direct Gemma labels. Candidate is the union of thresholded teacher heads; consensus is their intersection. These outputs are machine_predicted_unvalidated and are not human labels or direct frontier model labels.
Codex and Gemma teacher scores by category
| Category | Codex | Gemma |
|---|---|---|
| Metaresearch | 0.001 | 0.000 |
| Meta-epidemiology (narrow) | 0.001 | 0.001 |
| Meta-epidemiology (broad) | 0.001 | 0.000 |
| Bibliometrics | 0.000 | 0.001 |
| Science and technology studies | 0.001 | 0.000 |
| Scholarly communication | 0.001 | 0.002 |
| Open science | 0.002 | 0.002 |
| Research integrity | 0.000 | 0.000 |
| Insufficient payload (model declined to judge) | 0.001 | 0.000 |
Machine scores (provisional)
The two teacher heads of the student model, read on this work. A score orders the frame for review; it never asserts a category, and the validation status ships verbatim with every row.
Baseline scores from an immature model (maturity gate not passed, 7 training rounds). Scores rank; they never assert a category.
score_only:v0-immature-baseline · verbatim from the scoring run: score_only means the number may rank works, and no category label ships from it