Towards Assurance for Plug & Play Medical Systems

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9337)


Traditional safety-critical systems are designed and integrated by a systems integrator. The system integrator can asses the safety of the completed system before it is deployed. In medicine, there is a desire to transition from the traditional approach to a new model wherein a user can combine various devices post-hoc to create a new composite system that addresses a specific clinical scenario. Ensuring the safety of these systems is challenging: Safety is a property of systems that arises from the interaction of system components and it’s not possible to asses overall system safety by assessing a single component in isolation. It is unlikely that end-users will have the engineering expertise or resources to perform safety assessments each time they create a new composite system. In this paper we describe a platform-oriented approach to providing assurance for plug & play medical systems as well as an associated assurance argument pattern.


Medical device interoperability Safety assurance  Compositional safety 



This research was supported in part by NSF CNS-1035715, NSF CPS 1239324, NIH 1U01EB012470-01, and DGIST Research and Development Program of the Ministry of Science, ICT and Future Planning of Korea (CPS Global Center).


  1. 1.
    Alur, R., Dill, D.L.: A theory of timed automata. Theor. Comput. Sci. 126(2), 183–235 (1994)MathSciNetCrossRefzbMATHGoogle Scholar
  2. 2.
    Amnell, T., Fersman, E., Mokrushin, L., Pettersson, P., Yi, W.: TIMES - a tool for modelling and implementation of embedded systems. In: Katoen, J.-P., Stevens, P. (eds.) TACAS 2002. LNCS, vol. 2280, pp. 460–464. Springer, Heidelberg (2002) CrossRefGoogle Scholar
  3. 3.
    Arney, D., Pajic, M., Goldman, J.M., Lee, I., Mangharam, R., Sokolsky, O.: Toward patient safety in closed-loop medical device systems. In: Proceedings of the 1st ACM/IEEE International Conference on Cyber-Physical Systems, pp. 139–148. ACM (2010)Google Scholar
  4. 4.
    Ayoub, A., Kim, B.G., Lee, I., Sokolsky, O.: A safety case pattern for model-based development approach. In: Goodloe, A.E., Person, S. (eds.) NFM 2012. LNCS, vol. 7226, pp. 141–146. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  5. 5.
    Behrmann, G., David, A., Larsen, K.G., Hakansson, J., Petterson, P., Yi, W., Hendriks, M.: Uppaal 4.0. In: 2006 Third International Conference on Quantitative Evaluation of Systems, QEST 2006, pp. 125–126. IEEE (2006)Google Scholar
  6. 6.
    Bonner, J., McClymont, W.: Respiratory arrest in an obstetric patient using remifentanil patient-controlled analgesia*. Anaesthesia 67(5), 538–540 (2012)CrossRefGoogle Scholar
  7. 7.
    Goldman, J.: Advancing the adoption of medical device plug-and-play interoperability to improve patient safety and healthcare efficiency. Medical Device “Plug-and-Play” Interoperability Program, Technical report (2000)Google Scholar
  8. 8.
    Goldman, J.M.: Getting connected to save lives. Biomed. Instrum. Tech. 39(3), 174–174 (2005)Google Scholar
  9. 9.
    Hatcliff, J., King, A., Lee, I., MacDonald, A., Fernando, A., Robkin, M., Vasserman, E., Weininger, S., Goldman, J.M.: Rationale and architecture principles for medical application platforms. In: 2012 IEEE/ACM Third International Conference on Cyber-Physical Systems (ICCPS), pp. 3–12. IEEE (2012)Google Scholar
  10. 10.
    Hatcliff, J., Vasserman, E., Weininger, S., Goldman, J.: An overview of regulatory and trust issues for the integrated clinical environment. In: Proceedings of HCMDSS 2011 (2011)Google Scholar
  11. 11.
    Hicks, R.W., Sikirica, V., Nelson, W., Schein, J.R., Cousins, D.D.: Medication errors involving patient-controlled analgesia. Am. J. Health Syst. Pharm. 65(5), 429–440 (2008)CrossRefGoogle Scholar
  12. 12.
    Hilderman, V., Baghi, T.: Avionics certification: a complete guide to DO-178 (software), DO-254 (hardware). Avionics Communications (2007)Google Scholar
  13. 13.
    Hudcova, J., McNicol, E.D., Quah, C.S., Lau, J., Carr, D.B.: Patient controlled opioid analgesia versus conventional opioid analgesia for postoperative pain. The Cochrane LibraryGoogle Scholar
  14. 14.
    Kelly, T., Weaver, R.: The goal structuring notation-a safety argument notation. In: Dependable Systems and Networks Workshop on Assurance Cases (2004)Google Scholar
  15. 15.
    Kelly, T.P.: Concepts and principles of compositional safety case construction (2001)Google Scholar
  16. 16.
    King, A., Procter, S., Andresen, D., Hatcliff, J., Warren, S., Spees, W., Jetley, R., Jones, P., Weininger, S.: An open test bed for medical device integration and coordination. In: 31st International Conference on Software Engineering-Companion, ICSE-Companion 2009, vol. 2009, pp. 141–151.IEEE (2009)Google Scholar
  17. 17.
    Leveson, N.: A new accident model for engineering safer systems. Saf. Sci. 42(4), 237–270 (2004)CrossRefGoogle Scholar
  18. 18.
    Plourde, J., Arney, D., Goldman, J.M.: Openice: An open, interoperable platform for medical cyber-physical systems. In: 2014 ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS), pp. 221–221. IEEE (2014)Google Scholar
  19. 19.
    Quigley, P.: F2761 and the integrated clinical environment. Stand. News 37(5), 20 (2009)MathSciNetGoogle Scholar
  20. 20.
    Rushby, J.: Modular certification. Technical report, SRI CSL, September 2001Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.University of PennsylvaniaPhiladelphiaUSA
  2. 2.Kansas State UniversityManhattanUSA

Personalised recommendations