Demonstrating that Medical Devices Satisfy User Related Safety Requirements

  • Michael D. Harrison
  • Paolo Masci
  • Jose Creissac Campos
  • Paul Curzon
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9062)

Abstract

One way of contributing to a demonstration that a medical device is acceptably safe is to show that the device satisfies a set of requirements known to mitigate hazards. This paper describes experience using formal techniques to model an IV infusion device and to prove that the modelled device captures a set of requirements. The requirements chosen for the study are based on a draft proposal developed by the US Food and Drug Administration (FDA). A major contributor to device related errors are (user) interaction errors. For this reason the chosen models and requirements focus on user interface related issues.

Keywords

Human error Formal verification Performance Medical devices Model checking MAL Theorem proving PVS 

References

  1. 1.
    Abrial, J.-R.: Modeling in Event-B: System and Software Engineering. Cambridge University Press, Cambridge (2010)CrossRefMATHGoogle Scholar
  2. 2.
    Arney, D., Jetley, R., Jones, P., Lee, I., Sokolsky, O., Ray, A., Zhang, Y.: Generic infusion pump hazard analysis and safety requirements. Technical report MS-CIS-08-31, University of Pennsylvania, February 2009Google Scholar
  3. 3.
    Campos, J.C., Harrison, M.D.: Interaction engineering using the IVY tool. In: Calvary, G., Graham, T.C.N., Gray, P. (eds.) Proceedings of the ACM SIGCHI Symposium on Engineering Interactive Computing Systems, pp. 35–44. ACM Press (2009)Google Scholar
  4. 4.
    Cardinal Health Inc.: Alaris GP volumetric pump: directions for use. Technical report, Cardinal Health, 1180 Rolle, Switzerland (2006)Google Scholar
  5. 5.
    Cimatti, A., et al.: NuSMV 2: an opensource tool for symbolic model checking. In: Brinksma, E., Larsen, K.G. (eds.) CAV 2002. LNCS, vol. 2404, pp. 359–364. Springer, Heidelberg (2002). doi:10.1007/3-540-45657-0_29 CrossRefGoogle Scholar
  6. 6.
    Clarke, E.M., Grumberg, O., Peled, D.A.: Model Checking. MIT Press, Cambridge (1999)Google Scholar
  7. 7.
    Gelman, G.E., Feigh, K.M., Rushby, J.: Example of a complementary use of model checking and agent-based simulation. In: 2013 IEEE International Conference on Systems, Man, and Cybernetics (SMC), pp. 900–905, October 2013Google Scholar
  8. 8.
    Harrison, M.D., Campos, J.C., Masci, P.: Reusing models and properties in the analysis of similar interactive devices. In: Innovations in Systems and Software Engineering, pp. 1–17, April 2013Google Scholar
  9. 9.
    Heitmeyer, J.C., Kirby Jr., J., Labaw, B.: Applying the SRC requirements method to a weapons control panel: an experience report. In: Proceedings of the Second Workshop on Formal Methods in Software Practice (FMSP 1998), pp. 92–102 (1998)Google Scholar
  10. 10.
    Holzmann, G.J.: Trends in software verification. In: Araki, K., Gnesi, S., Mandrioli, D. (eds.) FME 2003. LNCS, vol. 2805, pp. 40–50. Springer, Heidelberg (2003). doi:10.1007/978-3-540-45236-2_4 CrossRefGoogle Scholar
  11. 11.
    Jetley, R., Purushothaman Iyer, S., Jones, P.L.: A formal methods approach to medical device review. Computer 39(4), 61–67 (2006)CrossRefGoogle Scholar
  12. 12.
    Leveson, N.G.: Engineering a Safer World: Systems Thinking Applied to Safety (Engineering Systems). MIT Press, Cambridge (2011)Google Scholar
  13. 13.
    Masci, P., Ayoub, A., Curzon, P., Harrison, M.D., Lee, I., Sokolsky, O., Thimbleby, H.: Verification of interactive software for medical devices: PCA infusion pumps and FDA regulation as an example. In: Proceedings ACM Symposium Engineering Interactive Systems (EICS 2013), pp. 81–90. ACM Press (2013)Google Scholar
  14. 14.
    Masci, P., Ayoub, A., Curzon, P., Lee, I., Sokolsky, O., Thimbleby, H.: Model-based development of the generic PCA infusion pump user interface prototype in PVS. In: Bitsch, F., Guiochet, J., Kaâniche, M. (eds.) SAFECOMP 2013. LNCS, vol. 8153, pp. 228–240. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40793-2_21 CrossRefGoogle Scholar
  15. 15.
    Masci, P., Zhang, Y., Jones, P., Curzon, P., Thimbleby, H.: Formal Verification of Medical Device User Interfaces Using PVS. In: Gnesi, S., Rensink, A. (eds.) FASE 2014. LNCS, vol. 8411, pp. 200–214. Springer, Heidelberg (2014). doi:10.1007/978-3-642-54804-8_14 CrossRefGoogle Scholar
  16. 16.
    Masci, P., Zhang, Y., Jones, P., Thimbleby, H., Curzon, P.: A generic user interface architecture for analyzing use hazards in infusion pump software. In: Turau, V., Kwiatkowska, M., Mangharam, R., Weyer, C. (eds.) 5th Workshop on Medical Cyber-Physical Systems. OpenAccess Series in Informatics (OASIcs), vol. 36, pp. 1–14. Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik, Dagstuhl (2014)Google Scholar
  17. 17.
    Murugesan, A., Whalen, M.W., Rayadurgam, S., Heimdahl, M.P.E.: Compositional verification of a medical device system. In: Proceedings ACM High Integrity Language Technologies (HILT 2013). ACM Press (2013)Google Scholar
  18. 18.
    Owre, S., Rushby, J.M., Shankar, N.: PVS: a prototype verification system. In: Kapur, D. (ed.) CADE 1992. LNCS, vol. 607, pp. 748–752. Springer, Heidelberg (1992). doi:10.1007/3-540-55602-8_217 Google Scholar
  19. 19.
    US Food and Drug Administration: General principles of software validation; final guidance for industry and FDA staff. Technical report, Center for Devices and Radiological Health, January 2002. http://www.fda.gov/medicaldevices/deviceregulationandguidance

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Michael D. Harrison
    • 1
    • 4
  • Paolo Masci
    • 2
    • 3
  • Jose Creissac Campos
    • 2
    • 3
  • Paul Curzon
    • 1
  1. 1.School of Electronic Engineering and Computer ScienceQueen Mary University of LondonLondonUK
  2. 2.Dep. InformáticaUniversidade do MinhoBragaPortugal
  3. 3.HASLabINESC TECBragaPortugal
  4. 4.School of Computing ScienceNewcastle UniversityNewcastle upon TyneUK

Personalised recommendations