Today, Virta Labs is proud to congratulate our Chief Scientist, Dr. Kevin Fu, on his induction into the 2018 class of IEEE Fellows for contributions to embedded system and medical device security. This accolade recognizes over a decade of research, teaching, and leadership that has changed the landscape of cybersecurity in healthcare.
In appreciation of Kevin's work, I'd like to offer a few reflections on his career and contributions.
Kevin grew up in the Midwest and was a classics nerd as well as a computer nerd. Like many kids of that era with access to the telephone system, Kevin found a thriving community on regional dial-up bulletin board systems. Raise your hand if you remember the ASCII codes for block characters. Keep them raised if you can rattle off Latin declensions. But he doesn't rub it in.
Kevin parlayed his technical skills into a position at Holland Community Hospital in Michigan, where he got his first taste of healthcare IT and clinical workflow where he was part of a team that rolled out “paperless medical record” systems. Remember that era?
Eager to experience oppressive winters elsewhere in the country, Kevin followed his nose to MIT, which he "liked" so much that he stayed there for three degrees. Among other things, he built an encrypted phone from scratch and built cryptographic file systems. One of his thesis advisors was the "R" in RSA.
Kevin's curiosity about medical device security started around 2006 when a colleague from a nameless fruit company that manufactures computers pointed him to an FDA recall on pacemaker firmware. This inquiry led to to several advances in medical device security technology and public policy, including a widely cited 2008 IEEE paper from a large team effort on implantable cardiac device security (which also included his future co-founder at Virta Labs).
The early work on implantable devices led to a groundswell of support from security and healthcare communities. Kevin and his collaborators began holding the Archimedes series of workshops on medical device security.
Over the last decade, Kevin has taught hundreds of students, regulators, clinical staff, device manufacturers, and auditors how to design security into medical devices. He created the first university course specifically about medical device security. He routinely responds to Congressional questions on medical device security and how to protect the safety of patients. He co-chaired the working group that created the first medical device security consensus standard recognized by the FDA (AAMI TIR57). The list goes on. This work involves a lot of cat-herding and diplomacy, and is not always fun. Sometimes Kevin must wear a tie.
At Virta Labs, we’re healthcare security nerds focused on solving problems rather than admiring problems. Health delivery organizations call us because they know we’re a trusted team of medical device security experts who don’t shy away from real-world challenges or offer silver bullets. We’re laser focused on solving clinically relevant healthcare cybersecurity problems, and we’re lucky and proud to have Kevin on our team.
–Ben Ransford, CEO
and the whole team at Virta Labs