The Medical Internet-of-Things (MIoT) has developed revolutionary ways of delivering medical care to patients. An example system, showing increasing demand, is the artificial pancreas system that offers convenience and reliable support care to patients with Type 1 Diabetes. Despite the apparent benefits, the system cannot escape potential cyber threats that may worsen a patient's condition. The security risks need immediate attention to ensure the privacy of the patient and preserve safe functionality. Motivated by this, we proposed a security protocol for the APS environment wherein support to essential security requirements is guaranteed, the security context negotiation is resource-friendly, and the protocol is resilient to emergencies. Accordingly, the security requirements and correctness of the design protocol were formally verified using BAN logic and AVISPA, and proved its feasibility through the emulation of APS in a controlled environment using commercial off-the-shelf devices. Moreover, the results of our performance analysis indicate that the proposed protocol is more efficient than the other existing works and standards.
Keywords: artificial pancreas system (APS); formal verification; security protocol.