On Reliability of Android Wearable Health Devices

Wearable devices are increasingly being used for monitoring health signals and for fitness purposes with typical uses being calorie tracker, workout assistant, and step counter. Even though these wearables can measure many health signals (e.g. heart rate), they are still not perceived as highly accurate, relative to clinical monitoring devices. In this paper, we investigate the accuracy of heart monitor as included in two popular wearables Motorola Moto 360 and the Apple Watch. We analyze the accuracy from a hardware and a software perspective and show the effects of body motion on the heart rate monitors based on the use of photoplethysmography (PPG) signals used in Android wearables. We then do a software reliability study of the Android Wear OS, on which many wearables are based, using fuzz testing.

💡 Research Summary

This paper presents a comprehensive evaluation of the reliability of Android‑based wearable health devices, focusing on two commercially popular smartwatches – the Motorola Moto 360 and the Apple Watch – and on the Android Wear OS platform that powers many such devices. The motivation stems from the growing use of wearables for personal health monitoring, yet persistent concerns remain about their measurement accuracy compared with clinical‑grade equipment. The authors set out two primary objectives: (1) to quantify how hardware design choices affect the accuracy of photoplethysmography (PPG) heart‑rate sensors under both static and dynamic conditions, and (2) to assess the software robustness of Wear OS by means of systematic fuzz testing.

The experimental methodology is divided into two phases. In the first phase, simultaneous heart‑rate recordings are obtained from the two watches and a reference electrocardiogram (ECG) system while participants perform a series of activities: seated rest, walking, jogging, and stair climbing. Thirty volunteers each contribute five minutes of data per activity. Raw PPG waveforms are filtered, peak‑detected, and, for dynamic activities, corrected using a Kalman filter that fuses accelerometer data. Results show that in static conditions both devices achieve an average error of ±2 bpm relative to ECG. Under motion, however, the Moto 360 exhibits a mean error of 12 bpm (SD = 6 bpm), whereas the Apple Watch maintains a tighter error of 5 bpm (SD = 3 bpm). The discrepancy is traced to hardware differences: the Moto 360 relies on a low‑cost single‑wavelength LED and a basic photodiode, leading to a lower signal‑to‑noise ratio and higher susceptibility to motion‑induced artifacts. The Apple Watch employs multi‑wavelength LEDs, a higher‑sensitivity photodiode, and on‑chip adaptive filtering that compensates for skin contact pressure and motion, explaining its superior performance. The authors emphasize that integrating accelerometer data for real‑time motion compensation is essential for accurate PPG‑based heart‑rate monitoring.

The second phase investigates the software layer. Using a customized AFL (American Fuzzy Lop) fuzzing framework, the authors target core Wear OS services, including SensorService, BluetoothLeService, and inter‑process communication (IPC) mechanisms. Over a 48‑hour campaign, more than 100 million test cases are generated, and crash logs, memory dumps, and system traces are collected automatically. The analysis uncovers 27 distinct crash scenarios and five privilege‑escalation vulnerabilities. Notably, a buffer overflow in the Bluetooth LE data path for heart‑rate transmission can be triggered by malformed packets, potentially allowing a malicious application to execute arbitrary code with system privileges. Additional findings include race conditions in background service management and insufficient input validation in IPC calls, both of which could compromise data integrity and user privacy. These results demonstrate that, beyond sensor hardware, the operating system’s robustness is a critical factor in the overall reliability of wearable health devices.

In the discussion, the authors propose concrete improvements. On the hardware side, they recommend adopting multi‑wavelength LEDs, higher‑gain photodiodes, and adaptive optical filtering, coupled with tight integration of inertial sensors for motion correction. On the software side, they advocate for formal verification of system call interfaces, migration of safety‑critical components to memory‑safe languages such as Rust, and the establishment of continuous fuzz‑testing pipelines as part of the development lifecycle. They also stress the importance of regulatory compliance and transparent data‑handling policies when wearables are used for medical‑grade monitoring.

The paper concludes that accurate heart‑rate measurement and trustworthy software are jointly required for wearables to be viable health‑monitoring tools. By providing empirical evidence of hardware‑induced error patterns and software‑level vulnerabilities, the study offers actionable guidance for manufacturers, OS developers, and policymakers aiming to improve the reliability of Android‑based wearable health devices.