Abstract
Risk management is a key part of the development of medical devices to achieve acceptable product safety and pass regulatory scrutiny. As model-based development (MBD) techniques gain ground in the medical device industry, the medical device industry needs guidelines on the best practices of integrating risk management principles and activities in MBD-driven product development.
In this paper, we demonstrate how the SAE standard Architecture, Analysis, and Definition Language (AADL) and its Error Modeling (EM) annex can be applied in the development of an open-source patient-controlled analgesic (PCA) pump to support the risk management tasks of ISO 14971 - the primary risk management standard in the medical device domain. While AADL EM has been applied in other domains, our work provides the first mapping of AADL EM to ISO 14971 concepts. It not only represents one of the largest applications to-date of AADL’s EM framework, but also provides the industry and academia an example with considerable complexity to investigate methodologies and methods of integrating MBD and risk management. This work is part of the Open PCA Pump project, which presents a variety of open source integrated development artifacts for a realistic medical device.
This work was supported in part under the U.S. Army Medical Research Acquisition Activity Contract W81XWH-17-C-0251.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The following is a direct link to the artifacts for this paper https://awas.sireum.org/doc/03-risk-analysis/index.html.
- 2.
- 3.
Note that the purpose of these screenshots is to illustrate application of the Awas tools at scale (capturing system-wide browsing across a large system with many complex components). The screen captures of the tool cannot capture both the scalability aspect while preserving the readability of the component/port/details, etc. In the Awas tool, mouse scrolling easily zooms in and out to reveal details.
References
Architecture Analysis & Design Language (AADL) (Rev. C). Aerospace Standard AS5506C (2017)
Architecture analysis and design language (AADL) annex volume 1: Annex E: Error model annex (2015)
Aizpurua, J.I., Muxika, E.: Model-based design of dependable systems: limitations and evolution of analysis and verification approaches. Int. J. Adv. Secur. 6(1&2), 12–31 (2013)
Avizienis, A., Laprie, J.C., Randell, B., Landwehr, C.: Basic concepts and taxonomy of dependable and secure computing. IEEE Trans. Depend. Secure Comput. 1(1), 11–33 (2004)
Sireum Awas (2018). https://awas.sireum.org
Blandine, A.: Systems Theoretic Hazard Analysis (STPA) applied to the risk review of complex systems: an example from the medical device industry. Ph.D. dissertation, Massachusetts Institute of Technology (2013)
Brunel, J., et al.: Performing safety analyses with AADL and AltaRica. In: Proceedings of 4th International Symposium on Model-Based Safety and Assessment, pp. 67–81 (2017)
Carpenter, T., Hatcliff, J., Vasserman, E.Y.: A reference separation architecture for mixed-criticality medical and IoT devices. In: Proceedings of the ACM Workshop on the Internet of Safe Things (SafeThings). ACM, November 2017
Center for Devices and Radiological Health: Infusion Pumps Total Product Life Cycle-Guidance for Industry and FDA Staff. Technical report FDA-2010-D-0194, US Food and Drug Administration (2014)
Delange, J., Feiler, P.: Architecture fault modeling with the AADL error-model annex. In: 2014 40th EUROMICRO Conference on Software Engineering and Advanced Applications, pp. 361–368 (2014)
Guiochet, J., Hoang, Q.A.D., Kaaniche, M., Powell, D.: Model-based safety analysis of human-robot interactions: the MIRAS walking assistance robot. In: Proceedings of IEEE 13th International Conference on Rehabilitation Robotics, pp. 1–7 (2013)
Hatcliff, J., Larson, B., Carpenter, T., Jones, P., Zhang, Y., Jorgens, J.: The Open PCA pump project: an exemplar open source medical device as a community resource. SIGBED Rev. 16, 8–13 (2019)
Hatcliff, J., Larson, B.R., Belt, J., Robby, Zhang, Y.: A unified approach for modeling, developing, and assuring critical systems. In: Margaria T., Steffen B. (eds.) Leveraging Applications of Formal Methods, Verification and Validation. Modeling, ISoLA 2018. LNCS, vol. 11244, pp. 225–245. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03418-4_14
ISO: ISO 14971:2019(E) Medical devices - Application of risk management to medical devices (2019)
Larson, B., Hatcliff, J., Fowler, K., Delange, J.: Illustrating the AADL error modeling annex (v.2) using a simple safety-critical medical device. In: Proceedings of the 2013 ACM SIGAda Annual Conference on High Integrity Language Technology, HILT 2013, pp. 65–84. ACM, New York (2013)
Larson, B.R., Chalin, P., Hatcliff, J.: BLESS: formal specification and verification of behaviors for embedded systems with software. In: Brat, G., Rungta, N., Venet, A. (eds.) NFM 2013. LNCS, vol. 7871, pp. 276–290. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38088-4_19
Larson, B.R., Jones, P., Zhang, Y., Hatcliff, J.: Principles and benefits of explicitly designed medical device safety architecture. Biomed. Instrum. Technol. 51(5), 380–389 (2017)
Masci, P., Zhang, Y., Jones, P., Campos, J.C.: A hazard analysis method for systematic identification of safety requirements for user interface software in medical devices. In: Cimatti, A., Sirjani, M. (eds.) SEFM 2017. LNCS, vol. 10469, pp. 284–299. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66197-1_18
Open PCA Pump Project (2018). http://openpcapump.santoslab.org
Papadopoulos, Y., McDermid, J.A.: Hierarchically performed hazard origin and propagation studies. In: Felici, M., Kanoun, K. (eds.) SAFECOMP 1999. LNCS, vol. 1698, pp. 139–152. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48249-0_13
Procter, S., Hatcliff, J.: An architecturally-integrated, systems-based hazard analysis for medical applications. In: 2014 Twelfth ACM/IEEE Conference on Formal Methods and Models for Codesign (MEMOCODE), pp. 124–133, October 2014
Procter, S., Vasserman, E.Y., Hatcliff, J.: Safe and secure: deeply integrating security in a new hazard analysis. In: Proceedings of ASSURE 2018 International Workshop on Assurance Cases for Software-Intensive Systems, pp. 1–10, September 2018
Sharvia, S., Kabir, S., Walker, M., Papadopulos, Y.: Model-based dependability analysis: state-of-the-art, challenges, and future outlook. In: Software Quality Assurance, pp. 251–278. Morgan Kaufmann (2016)
Sun, M., Meseguer, J., Sha, L.: A formal pattern architecture for safe medical systems. In: Ölveczky, P.C. (ed.) WRLA 2010. LNCS, vol. 6381, pp. 157–173. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16310-4_11
University of Pennsylvania Real Time Systems Group: The Generic Infusion Pump (GIP). http://rtg.cis.upenn.edu/gip.php3
US Food and Drug Administration: Examples of Reported Infusion Pump Problems. https://www.fda.gov/medical-devices/infusion-pumps/examples-reported-infusion-pump-problems
US Food and Drug Administration: Infusion Pump Improvement Initiative. https://www.fda.gov/medical-devices/infusion-pumps/infusion-pump-improvement-initiative
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Thiagarajan, H., Larson, B., Hatcliff, J., Zhang, Y. (2020). Model-Based Risk Analysis for an Open-Source PCA Pump Using AADL Error Modeling. In: Zeller, M., Höfig, K. (eds) Model-Based Safety and Assessment. IMBSA 2020. Lecture Notes in Computer Science(), vol 12297. Springer, Cham. https://doi.org/10.1007/978-3-030-58920-2_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-58920-2_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-58919-6
Online ISBN: 978-3-030-58920-2
eBook Packages: Computer ScienceComputer Science (R0)