NYU CCS and Abu Dhabi Researchers Identify Significant Security Risks in Labs-on-chips

Labs-on-chips is an exciting new medical technology that enables technicians to perform multiple laboratory tests on tiny fluid samples, such as blood droplets. Unfortunately, malicious parties are already finding ways to tamper with these devices and affect their functionality. In a study published last fall in Scientific Reports, a team of researchers from CCS and NYU Abu Dhabi reported that in one type of these devices, called flow-based microfluidic biochips (FMBs), the microscopic valves that control the fluid flow can be subtly altered during manufacturing. Such tampering affects a critical parameter for the integrated microfluidic circuitry of the device.

According to an NYU Research story about the investigation, the team found that “stealthy tampering can be achieved by introducing harmful chemicals or by altering the associated chemical composition, which significantly changes the energetics of the microvalve deformation. The researchers, who include lead author Navajit Singh Baban, a CCS postdoctoral associate, named these bad valves “BioTrojans,” and cautioned that they “look identical to normal valves but behave very differently under stress.” As microfluidic biochips are increasingly used in critical applications, such as disease diagnosis, DNA analysis, drug discovery, and biomedical research, the presence of these BioTrojans could have devastating consequences. Ramesh Karri, the senior author of the study and chair of NYU Tandon’s Electrical and Computer Engineering Department, adds, “This isn’t just about a malfunctioning medical device. It’s about the potential for malicious actors to intentionally sabotage these critical tools in ways that are very difficult to detect.”

The research team proposed several solutions in their Scientific Reports article, including recommending design modifications to make valves more resilient, and a novel authentication method using fluorescent dyes to detect tampered components.

To learn more about the study, read the NYU Research story at https://engineering.nyu.edu/news/nyu-tandon-researchers-uncover-security-flaw-miniature-medical-labs or download the Scientific Reports article “BioTrojans: Viscoelastic microvalve-based attacks in flow-based microfluidic biochips and their countermeasures,” published in August 2024, at https://www.nature.com/articles/s41598-024-70703-0.