Skip to main content
SpringerLink
Log in

The benefits of formalising design guidelines: a case study on the predictability of drug infusion pumps

  • SI: FMIS
  • Published:
Innovations in Systems and Software Engineering Aims and scope Submit manuscript

Abstract

A demonstration is presented of how automated reasoning tools can be used to check the predictability of a user interface. Predictability concerns the ability of a user to determine the outcomes of their actions reliably. It is especially important in situations such as a hospital ward where medical devices are assumed to be reliable devices by their expert users (clinicians) who are frequently interrupted and need to quickly and accurately continue a task. There are several forms of predictability. A definition is considered where information is only inferred from the current perceptible output of the system. In this definition, the user is not required to remember the history of actions that led to the current state. Higher-order logic is used to specify predictability, and the Symbolic Analysis Laboratory is used to automatically verify predictability on real interactive number entry systems of two commercial drug infusion pumps—devices used in the healthcare domain to deliver fluids (e.g., medications, nutrients) into a patient’s body in controlled amounts. Areas of unpredictability are precisely identified with the analysis. Verified solutions that make an unpredictable system predictable are presented through design modifications and verified user strategies that mitigate against the identified issues.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

Notes

  1. Due to the constraints imposed by the functionalities of the other buttons, the down button may act as recall memory only when the display shows 99999.

References

  1. List of errorprone abbreviations, symbols and dose designations (2006). http://www.ismp.org/tools/abbreviations/

  2. Arney D, Jetley R, Jones P, Lee I, Sokolsky O (2007) Formal methods based development of a PCA infusion pump reference model: generic infusion pump (GIP) project. In: Joint Workshop on High Confidence Medical Devices, Software, and Systems and Medical Device Plug-and-Play Interoperability 0, pp 23–33. doi:10.1109/HCMDSS-MDPnP.2007.36

  3. B-Braun Melsungen AG: Infusomat space and accessory: Instruction for use

  4. Back J, Brumby DP, Cox AL (2010) Locked-out: investigating the effectiveness of system lockouts to reduce errors in routine tasks. In: Proceedings of the 28th of the international conference extended abstracts on Human factors in computing systems, CHI EA ’10. ACM, New York, pp 3775–3780. doi:10.1145/1753846.1754054

  5. Bass EJ, Feigh KM, Gunter EL, Rushby JM (2011) Formal modeling and analysis for interactive hybrid systems. ECEASST 45

  6. Bolton ML, Bass EJ (2010) Formally verifying human–automation interaction as part of a system model: limitations and tradeoffs. Innov Syst Softw Eng 6(3):219–231. doi:10.1007/s11334-010-19730129-9

    Google Scholar 

  7. Campos JC, Harrison MD (2009) Interaction engineering using the ivy tool. In: Proceedings of the 1st ACM SIGCHI symposium on Engineering interactive computing systems, EICS ’09. ACM, New York, pp 35–44. doi:10.1145/1570433.1570442

  8. Campos JC, Harrison MD (2011) Modelling and analysing the interactive behaviour of an infusion pump. ECEASST 45

  9. Cauchi A, Gimblett A, Thimbleby A, Curzon P, Masci P (2012) Safer “5-key” number entry user interfaces using differential formal analysis. In: 26th Annual Conference on Human–Computer Interaction, BCS-HCI

  10. Degani A, Heymann M (2002) Formal verification of human–automation interaction. Human Factors 44(1):28–43

    Article  Google Scholar 

  11. Department fo Health and Human Services, US Food and Drug Administration (2010) Total Product Life Cycle: Infusion Pump—Premarket Notification [510(k)] Submissions—Draft Guidance, April 2010

  12. Dix AJ (1991) Formal methods for interactive systems. Computers and people series. Academic Press, San Diego. http://www.hiraeth.com/books/formal/

  13. Dix AJ, Runciman C (1985) Abstract models of interactive systems. People and computers: designing the interface. Cambridge University Press, Cambridge, pp 13–22

  14. Harrison MD, Thimbleby H (1985)Abstract models of interactive systems. In: Proceedings British Computer Society Conference on Human Computer Interaction (HCI’85). Cambridge University Press, Cambridge, pp 161–171

  15. Endsley MR, Bolte B, Jones DG (2003) Designing for situation awareness: an approach to user-centered design. Taylor and Francis, Boca Raton

  16. Health C (2006) Alaris GP volumetric pump: directions for use

  17. Hinckley K, Cutrell E, Bathiche S, Muss T (2002) Quantitative analysis of scrolling techniques. In: Proceedings of the SIGCHI conference on Human factors in computing systems: changing our world, changing ourselves, CHI ’02. ACM, New York, pp 65–72. doi:10.1145/503376.503389

  18. Javaux D (1998) Explaining sarter and woods’ classical results. In: Second Workshop on Human Error, Safety, and Software Design

  19. Kim B, Ayoub A, Sokolsky O, Lee I, Jones P, Zhang Y, Jetley R (2011) Safety-assured development of the GPCA infusion pump software. In: Proceedings of the ninth ACM international conference on Embedded software, EMSOFT ’11. ACM, New York, pp 155–164. doi:10.1145/2038642.2038667

  20. Leape L (1994) Error in medicine. J Am Med Assoc 272(23):1851–1857

    Article  Google Scholar 

  21. Masci P, Rukšėnas R, Oladimeji P, Cauchi A, Gimblett A, Li Y, Curzon P, Thimbleby H (2011) On formalising interactive number entry on infusion pumps. ECEASST

  22. Medicines and Healthcare products Regulatory Agency (MHRA) (2010) Device bulletin, infusion systems, db2003(02) v2.0. http://www.mhra.gov.uk/Publications/Safetyguidance/DeviceBulletins/CON007321

  23. de Moura L, Owre S, Ruess H, Rushby J, Shankar N, Sorea M, Tiwari A (2004) SAL 2. In: Alur R, Peled DA (eds) Computer aided verification: CAV 2004, Lecture Notes in Computer Science, vol 3114. Springer, Berlin, pp 496–500

  24. Norman DA (1983) Design rules based on analyses of human error. Commun ACM 26(4):254–258. doi:10.1145/2163.358092

    Google Scholar 

  25. Norman DA (2002) The Design of Everyday Things, reprint paperback edn. Basic Books, New York

  26. Oladimeji P, Thimbleby H, Cox A (2011) Number entry interfaces and their effects on error detection. In: Proceedings of the 13th IFIP TC 13 international conference on Human–computer interaction—Volume Part IV, INTERACT’11. Springer, Berlin, pp 178–185. http://dl.acm.org/citation.cfm?id=2042283.2042302

  27. Perrow C (1984) Normal accidents: living with high-risk technologies. Basic Books, New York

    Google Scholar 

  28. Reason J (1990) Human error, 1st edn. Cambridge University Press, Cambridge

  29. Rushby J (2002) Using model checking to help discover mode confusions and other automation surprises. Reliab Eng System Safety 75(2):167–177. http://www.csl.sri.com/users/rushby/abstracts/ress02

  30. Rushby JM (2001) Modeling the human in human factors. In: Proceedings of the 20th International Conference on Computer Safety, Reliability and Security, SAFECOMP ’01. Springer, London, pp 86–91. http://dl.acm.org/citation.cfm?id=647399.724851

  31. Ryan M, Fiadeiro JL, Maibaum TSE (1991) Sharing actions and attributes in modal action logic. In: TACS, pp 569–593

  32. Thimbleby H (2001) Permissive user interfaces. Int J Human Comput Studies 54(3):333–350. doi:10.1006/ijhc.2000.0442

    Article  MATH  Google Scholar 

  33. Thimbleby H (2007) Interaction walkthrough: evaluation of safety critical interactive systems. In: Doherty G, Blandford A (eds) DSVIS 2006, The XIII International Workshop on Design, Specification and Verification of Interactive Systems, Lecture Notes in Computer Science, vol 4323. Springer, Berlin, pp 52–66

  34. Thimbleby HW, Gimblett A (2011) Dependable keyed data entry for interactive systems. ECEASST 45

  35. Trafton GJ, Monk CA (2007) Task interruptions. Rev Human Factors Ergonomics. 3(16):111–126. doi:10.1518/155723408X299852. http://www.ingentaconnect.com/content/hfes/rhfe/2007/00000003

  36. Vincent (2011) Patient safety, 2nd edn. Wiley, New York

Download references

Acknowledgments

Funded as part of the CHI+MED: Multidisciplinary Computer-Human Interaction research for the design and safe use of interactive medical devices project, EPSRC Grant Number EP/G059063/1, and Extreme Reasoning, Grant Number EP/F02309X/1.

Author information

Authors and Affiliations

  1. Queen Mary University of London, School of Electronic Engineering and Computer Science, London, UK

    Paolo Masci, Rimvydas Rukšėnas & Paul Curzon

  2. Future Interaction Technology Lab, Swansea University, Swansea, UK

    Patrick Oladimeji, Abigail Cauchi, Andy Gimblett, Yunqiu Li & Harold Thimbleby

Authors
  1. Paolo Masci
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rimvydas Rukšėnas
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Patrick Oladimeji
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Abigail Cauchi
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Andy Gimblett
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Yunqiu Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Paul Curzon
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Harold Thimbleby
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Paolo Masci.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Masci, P., Rukšėnas, R., Oladimeji, P. et al. The benefits of formalising design guidelines: a case study on the predictability of drug infusion pumps. Innovations Syst Softw Eng 11, 73–93 (2015). https://doi.org/10.1007/s11334-013-0200-4

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11334-013-0200-4

Keywords

Search

Navigation