Mar 16, 2021

AI "will lead to faster R&D, but held back by bias"

drug development
Leila Hawkins
3 min
AI "will lead to faster R&D, but held back by bias"
New research finds that while AI and blockchain will lead to faster drug research and development, skills gaps and data bias are preventing wider adopti...

A new report by the Pistoia Alliance has found that while interest in artificial intelligence and blockchain has increased, there are still barriers to adoption such as skills gaps and data bias. 

The Pistoia Alliance is a global, not-for-profit alliance that works to lower barriers to innovation in life science and healthcare R&D. Its members include pharmaceutical giants such as Pfizer, AstraXeneca and Bayer, as well as startups, academics and other non-profits in the life sciences sector. 

Their latest research shows a high level of interest in AI and blockchain among respondents, with 57 per cent already engaging in computational drug repurposing and 89 per cent aware of blockchain technology. However 30 per cent say a lack of access to people with relevant blockchain skills is the main barrier to wider adoption. 

The survey's key takeaways are:

  • 70 per cent of respondents think blockchain has the potential to make a real difference in patient data management and sharing
  • 62 per cent say AI will lead to faster R&D
  • 30 per cent identified a lack of access to people with relevant blockchain skills as the biggest barrier to widespread adoption
  • 19 per cent said a lack of standards, and 17 per cent said interoperability issues were barriers to adoption
  • 38 per cent believe algorithmic bias poses a barrier to AI for drug repurposing

Commenting on the survey Dr Steve Arlington, President of the Pistoia Alliance, said: “The industry clearly has a willingness to engage with blockchain and AI technologies, but historical barriers are hampering progress. Cross-industry collaboration will be essential to overcoming issues around access to data and skills, so that more companies and thus, patients, can benefit from these technologies.” 

“70 per cent of our survey participants think blockchain has the potential to make a real difference in patient data management and sharing. Blockchain’s ability to instantly create tamper-proof records will become a key part of increasing patient participation as more clinical trials are conducted remotely because of the pandemic. We hope the security advantages can both improve patient trust and facilitate further knowledge sharing across the life science community.”

Pistoia Alliance consultant Becky Upton said the quality of data must improve to eliminate bias. "Technologies including AI and blockchain have the potential to transform drug development. Yet no matter how powerful these technologies become, challenges and bias will exist until we improve the quality of data feeding algorithms" she said. 

“To eliminate bias, data sets must be varied and drawn from accurate, diverse sources. Standards for data storing and sharing must also be improved. The Pistoia Alliance has created a Center of Excellence in AI and a project dedicated to Informed Consent using blockchain – to provide a space for the industry to share best practices and discuss common challenges. We urge any interested parties to get involved with our work and help inform our outputs, so that we can collectively continue to accelerate R&D.”

Share article

Jun 17, 2021

Peloton vulnerable to cyber attacks, McAfee research finds

2 min
​​​​​​​Software security experts McAfee discovered exercise bikes by Peloton are vulnerable to cyber attacks, which the company have since resolved 

Peloton, the popular exercise bikes, were found to be vulnerable to cyber attacks in the latest research from McAfee. 

Peloton is a brand of electric bikes that combines high end exercise equipment with cutting-edge technology. Its products use wi fi to connect to a large tablet that interfaces with the components of the exercise device, and provides an easy way for physical activity enthusiasts to attend virtual workout classes over the internet several times a week.

Peloton has garnered attention recently around the privacy and security of its products. So McAfee decided to take a look for themselves and purchased a Peloton Bike+.

The problem

Researchers looked at the Android devices and uncovered a vulnerability  that could allow an attacker with either physical access to the Bike+ or access during any point in the supply chain to gain to hack into the bike’s tablet, including the camera, microphone and personal data. 

For the person using it there would be no indication the Bike+ has been tampered with, potentially putting Peloton’s 16.7 million users at risk.  

The flaw was found in the Android Verified Boot (AVB) process. McAfee researchers were able to bypass the Android Verified Boot process, which normally verifies all code and data before booting. They were then able to get the device to boot bypassing this step. 

This could potentially lead to the Android OS being compromised by an attacker who is physically present. Even worse, the attacker could boot up the Peloton with a modified credential to gain privileges, granting them access to the bike remotely. 

As the attacker never has to unlock the device to boot it up, there would be no trace of their access on the device. This type of attack could also happen at any point from construction to warehouse to delivery, by installing a backdoor into the Android tablet without the user ever knowing. 

The solution

Given the simplicity and criticality of the flaw, McAfee informed Peloton while auditing was ongoing. The vendor was sent full details,  and shortly after, Peloton confirmed the issue and released a fix for it. 

Further conversations between McAfee and  Peloton confirmed that this vulnerability had also been present on the Peloton Tread exercise equipment. 

Peloton’s Head of Global Information Security Adrian Stone, commented on the research: “This vulnerability reported by McAfee would require direct, physical access to a Peloton Bike+ or Tread. Like with any connected device in the home, if an attacker is able to gain physical access to it, additional physical controls and safeguards become increasingly important.

"To keep our members safe, we acted quickly and in coordination with McAfee. We pushed a mandatory update in early June and every device with the update installed is protected from this issue.”

Share article