Engineering Medical Processes to Improve Their Safety

An Experience Report
  • Leon J. Osterweil
  • George S. Avrunin
  • Bin Chen
  • Lori A. Clarke
  • Rachel Cobleigh
  • Elizabeth A. Henneman
  • Philip L. Henneman
Part of the IFIP — The International Federation for Information Processing book series (IFIPAICT, volume 244)


This paper describes experiences in using precise definitions of medical processes as the basis for analyses aimed at finding and correcting defects leading to improvements in patient safety. The work entails the use of the Little-JIL process definition language for creating the precise definitions, the Propel system for creating precise specifications of process requirements, and the FLAVERS systems for analyzing process definitions. The paper describes the details of using these technologies, employing a blood transfusion process as an example. Although this work is still ongoing, early experiences suggest that our approach is viable and promising. The work has also helped us to learn about the desiderata for process definition and analysis technologies that are intended to be used to engineer methods.


Fault Tree Medical Process Exception Handler Process Definition Fault Tree Analysis 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    L.T. Kohn, J.M. Corrigan, M.S. Donaldson (Eds). To Err is Human: Building a Safer Health System. Washington, DC: National Academy Press, 1999.Google Scholar
  2. 2.
    P.P. Reid, W.D. Compton, J.H. Grossman, G. Fanjiang (Eds). Building a Better Delivery System: A new Engineering/Healthcare Partnership. Nat. Academies Press, Washington. DC, 2005.Google Scholar
  3. 3.
    E.H. Henneman, R.L. Cobleigh, K. Frederick, E. Katz-Bassett, G.A. Avrunin, L.A. Clarke, L.J. Osterweil, C. Andrzejewski, K. Merrigan, P.L. Henneman, Increasing patient Safety and Efficiency in Transfusion Therapy using Formal Process Definitions, Transfusion Medicine Reviews, 21,1, pp. 49–57, January 2007CrossRefGoogle Scholar
  4. 4.
    J.L. Callum, H.S. Kaplan, L.L. Merkley, Near-miss Event Reporting for Transfusion Medicine: Improving Transfusion Safety, Transfusion, 41, 1204–1211, 2001.CrossRefGoogle Scholar
  5. 5.
    D. Voak, J.F. Chapman, P. Phillips, Quality of transfusion practice beyond the blood transfusion laboratory is essential to prevent ABO-incompatible death. Transfusion Medicine 10: 95–96, 2000.CrossRefGoogle Scholar
  6. 6.
    J. Burgmeier, Failure Mode and Effect Analysis: An Application in Reducing Risk in Blood Transfusion. Quality Improvement 28,331-339, 2002.Google Scholar
  7. 7.
    B. Chen, G.S. Avrunin, L.A. Clarke, L.J. Osterweil, Automatic Fault Tree Derivation from Little-JIL Process Definitions, SPW/PROSIM 2006, Shanghai, China, May 20–22, 2006, Springer-Verlag LNCS. 3966, pp. 150–158.Google Scholar
  8. 8.
    A. Cimatti, E. Clarke, E. Giunchiglia, F. Giunchiglia, M. Pistore, M. Roveri, R. Sebastiani, A. Tacchella, NuSMV vers. 2: An Open-Source Tool for Symbolic Model Checking, Computer Aided Verification Conf., Springer-Verlag, 2002, 359–365.Google Scholar
  9. 9.
    M.B. Dwyer, L.A. Clarke, J.M. Cobleigh, G. Naumovich, Flow Analysis for Verifying Properties of Concurrent Software Systems. ACM Trans. on Software Engineering and Methodology, 13(4) 359–430, 2004.CrossRefGoogle Scholar
  10. 10.
    J.M. Cobleigh, L.A. Clarke, L.J. Osterweil, Verifying Properties of Process Definitions, ACM SIGSOFT Intl. Symp. on Software Testing & Analysis, Portland, OR, ACM Press, 2000:96–101Google Scholar
  11. 11.
    J.V. Linden, K. Wagner, A.E. Voytovich,, Transfusion Errors in New York State: An Analysis of 10 Years’ Experience, Transfusion, 40(10), 1207–1213, 2000.CrossRefGoogle Scholar
  12. 12.
    A.G. Cass, B.S. Lerner, E.K. McCall, et al. Little-JIL/Juliette: A Process Definition Language and Interpreter, Intl Conf. on Software Engineering. Limerick, Ireland, 754–758, 2000.Google Scholar
  13. 13.
    A. Wise, Little-JIL 1.5 Language Report, Lab. for Advanced SW Eng. Research (LASER). Dept. of Comp. Sci., UMass, Amherst, Tech. Report, 2006.Google Scholar
  14. 14.
    R.L. Smith, G.S. Avrunin, L.A. Clarke, L.J. Osterweil, PROPEL: An Approach To Supporting Property Elucidation, 24th Intl. Conf. on Software Engineering, Orlando, FL, 11–21, 2002.Google Scholar
  15. 15.
    A. ten Teije, M. Marcos, M. Balser, J. van Croonenborg, C. Duelli, F. van Harmelen, P. Lucas, S. Miksch, W. Reif, K. Rosenbrand, A. Seyfang, Improving Medical Protocols by Formal Methods. Artificial Intell. in Medicine, 36(3), 193–209, 2006.CrossRefGoogle Scholar
  16. 16.
    R. Noumeir, Radiology interpretation process modeling. Journal of Biomedical Informatics 39(2) 103–114, 2006.CrossRefGoogle Scholar
  17. 17.
    M. Ruffolo, R. Curio, L. Gallucci, Process Management in Health Care: A System for Preventing Risks and Medical Errors, Business Process Mgmt. 334–343 2005.Google Scholar
  18. 18.
    M.L. Foss, S.B. Moore, Evolution of Quality Management: Integration of Quality Assurance Functions Into Operations, or “Quality is Everyone’s Responsibility”. Transfusion 43 1330–1336, 2003.CrossRefGoogle Scholar
  19. 19.
    J.B. Battles, H.S. Kaplan, T.W. van der Schaaf, C.E. Shea, The Attributes of Medical Event Reporting Systems for Transfusion Medicine. Arch Pathology Laboratory Medicine 122, 231–238, 1998.Google Scholar
  20. 20.
    S.A. Galel, C.A. Richards, Practical Approaches to Improve Laboratory Performance and Transfusion Safety, Am. J. Clinical Pathology 107(Suppl 1): S43–S49, 1997.Google Scholar
  21. 21.
    L.C. van der Gaag, S. Renooji, C.L.M. Witteman, B.M.P. Aleman, B.G. Taal, Probabilities for a Probabilistic Network: A Case-Study in Oesophageal Cancer, Artificial Intelligence in Medicine, 25(2), 123–148.Google Scholar
  22. 22.
    S.M. Sutton Jr., D.M. Heimbigner, L.J. Osterweil, APPL/A: A Language for Software-Process Programming, ACM Trans. on Software Engineering and Methodology, 4(3), 221–286, 1995.CrossRefGoogle Scholar
  23. 23.
    I.Z. Ben-Shaul, G. Kaiser, A Paradigm for Decentralized Process Modeling and its Realization in the Oz Environment, 16th Intl. Conference on Software Engineering, 179–188, 1994.Google Scholar
  24. 24.
    S. Bandinelli, A. Fuggetta, C. Ghezzi, Process Model Evolution in the SPADE Environment. IEEE Transactions on Software Engineering 19(12) 1993.Google Scholar
  25. 25.
    S. Paul, E. Park, J. Chaar, RainMan: A Workflow System for the Internet, Usenix Symposium on Internet Technologies and Systems, 1997.Google Scholar
  26. 26.
    B. Grosof, Y. Labrou, H.Y. Chan, A Declarative Approach to Business Rules in Contracts: Courteous Logic Programs in XML, ACM Conf. on Electronic Commerce (EC 99), Denver, CO, 68–77, 1999.Google Scholar
  27. 27.
    G. J. Holzmann, The SPIN Model Checker, Addison-Wesley, 2004.Google Scholar
  28. 28.
    J.C. Corbett, G.S. Avrunin, Using Integer Programming to Verify General Safety and Liveness Properties, Formal Methods in System Design, 6, 97–123, 1995.zbMATHCrossRefGoogle Scholar

Copyright information

© International Federation for Information Processing 2007

Authors and Affiliations

  • Leon J. Osterweil
    • 1
  • George S. Avrunin
    • 1
  • Bin Chen
    • 1
  • Lori A. Clarke
    • 1
  • Rachel Cobleigh
    • 1
  • Elizabeth A. Henneman
    • 2
  • Philip L. Henneman
    • 3
    • 4
  1. 1.Laboratory for Advanced Software Engineering Research (LASER)University of Massachusetts at AmherstAmherst
  2. 2.School of NursingUniversity of Massachusetts at AmherstAmherst
  3. 3.Baystate Medical CenterSpringfield
  4. 4.Tufts University School of MedicineBoston

Personalised recommendations