Modern medical devices are often complex distributed systems. They require substantial embedded software and exhibit feedback loops between their components that involve multiple humans, such as caregivers, doctors, and patients. Such systems need to be flexible enough to accommodate significant uncertainty in their environments, such as varying and often unpredictable reactions of patients to treatments and medications. As with many other complex systems, the increasingly prominent trend is to assemble medical devices from independently developed hardware and software components. To accommodate this trend and simultaneously maintain the high degree of confidence that is required of medical systems, research is needed in the area of active components. The idea of an active component extends traditional components with novel capabilities that support compositional reasoning to improve interoperability. The basic concept of an active component is that the component carries a self-model that can be used by its peers, which specifies the intended and failure behaviors that peers can expect and the behavior it assumes from peers. The project is developing active components as a compositional framework for medical device software and systems (MDSS), and applies active components to model and analyze the environmental aspects of MDSS, to anticipate expected and unexpected interactions, and to compare mental models and systems models to detect and prevent potential user errors. In particular, the active component framework will be applied to establish high confidence in MD PnP (Medical Device Plug-and-Play) interoperability, an on-going effort targeting dynamic integration of medical devices. The project also seeks to apply, evaluate, and refine the notion of active components by using them for new advanced medical device systems where compositionality and interoperability are essential, such as medical devices based on sensor networks.
The goal of the project was to develop new technology for composing independently developed cyber-physical components. A cyber-physical component contains a computational core that interacts with the physical world, and is capable of communicating with other such components. In this project, we focused on the medical domain. Today, a typical patient is treated using multiple medical devices, most of which have a network interface for configuration and data exchange. We view each device as a cyber-physical component. A complex clinical scenario is successful only if devices are used in a coordinated fashion. The Medical Device Plug-and-Play (MD PnP) Interoperability Initiative aims to develop the means of establishing on-the-fly interconnection and coordination between devices that work together on treating the same patient. In this project, we performed a series of case studies of increasing complexity, which illustrated the use of interoperability in common clinical scenarios. The case studies demostrated the feasibility of MD PnP vision. The culmination of this series of case studies was a system that controls infusion of pain medication in a patient. Control is performed in a closed-loop fashion based on patient's vital signs such as blood oxygenation. A controller detects overdose and safely stops infusion. The challenge is to guarantee patient safety even if communication links between devices temporarily fail. We have developed an approach based on mathematical modeling of device operation and patient physiology. Analysis of the models allow us to reason about patient safety. Similar development and analysis approaches should be applicable to cyber-physical components in other engineering domains such process control, vehicle coordination, etc. In the medical domain, the focus on common clinical scenarios holds the promise of impact to the society at large. Another project, which is complementary to the first research direction, has been to develop compositional analysis techniques for cyber-physical components that share computational resources with other components. Such components are becoming more prevalent with the current "app"-based development approach, where multiple applications with timing and performance constraints are deployed on the same platform. A typical example of such components are a heart-rate monitor and a driving navigation app are both deployed on a person's cell phone. In order for either app to be useful, they should get a guaranteed amount of the phone's processor. We have developed analysis techniques that allow us to analyze whether a computing platform will be able to satisfy the constraints of a collection of components deployed on it. The salient aspect of our technique is that the analysis is performed on component interfaces, without looking into the details of component implementations. We have also designed and implemented, in collaboration with researchers from Washington University in St. Louis, a deployment platform that supports these analysis techniques. The platform is based on the popular Xen virtualization platform. Research performed in this project has contributed to 4 journal and 32 conference publications. One paper has received the best student paper award at the IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS) in 2012. The primary author of this paper, Miroslav Pajic, has received his Ph.D. degree in Summer 2012. Much of his thesis work has been contributing to this project.
