Now showing 1 - 10 of 23
PublicationComputer Aided Clinical Trials for Implantable Cardiac Devices(2018-07-12) Jang, Kuk Jin; Weimer, James; Abbas, Houssam; Jiang, Zhihao; Liang, Jackson; Dixit, Sanjay; Mangharam, RahulIn this paper we aim to answer the question, ``How can modeling and simulation of physiological systems be used to evaluate life-critical implantable medical devices?'' Clinical trials for medical devices are becoming increasingly inefficient as they take several years to conduct, at very high cost and suffer from high rates of failure. For example, the Rhythm ID Goes Head-to-head Trial (RIGHT) sought to evaluate the performance of two arrhythmia discriminator algorithms for implantable cardioverter defibrillators, Vitality 2 vs. Medtronic, in terms of time-to-first inappropriate therapy, but concluded with results contrary to the initial hypothesis - after 5 years, 2,000+ patients and at considerable ethical and monetary cost. In this paper, we describe the design and performance of a computer-aided clinical trial (CACT) for Implantable Cardiac Devices where previous trial information, real patient data and closed-loop device models are effectively used to evaluate the trial with high confidence. We formulate the CACT in the context of RIGHT using a Bayesian statistical framework. We define a hierarchical model of the virtual cohort generated from a physiological model which captures the uncertainty in the parameters and allows for the systematic incorporation of information available at the design of the trial. With this formulation, the CACT estimates the inappropriate therapy rate of Vitality 2 compared to Medtronic as 33.22% vs 15.62% (p PublicationComputer-Aided Design for Safe Autonomous Vehicles(2017-05-01) O'Kelly, Matthew; Abbas, Houssam; Mangharam, RahulThis paper details the design of an autonomous vehicle CAD toolchain, which captures formal descriptions of driving scenarios in order to develop a safety case for an autonomous vehicle (AV). Rather than focus on a particular component of the AV, like adaptive cruise control, the toolchain models the end-to-end dynamics of the AV in a formal way suitable for testing and verification. First, a domain-specific language capable of describing the scenarios that occur in the day-to-day operation of an AV is defined. The language allows the description and composition of traffic participants, and the specification of formal correctness requirements. A scenario described in this language is an executable that can be processed by a specification-guided automated test generator (bug hunting), and by an exhaustive reachability tool. The toolchain allows the user to exploit and integrate the strengths of both testing and reachability, in a way not possible when each is run alone. Finally, given a particular execution of the scenario that violates the requirements, a visualization tool can display this counter-example and generate labeled sensor data. The effectiveness of the approach is demonstrated on five autonomous driving scenarios drawn from a collection of 36 scenarios that account for over 95% of accidents nationwide. These case studies demonstrate robustness-guided verification heuristics to reduce analysis time, counterexample visualization for identifying controller bugs in both the discrete decision logic and low-level analog (continuous) dynamics, and identification of modeling errors that lead to unrealistic environment behavior. PublicationTech Report: Robust Model Predictive Control for Non-Linear Systems with Input and State Constraints Via Feedback Linearization(2016-03-15) Pant, Yash Vardhan; Abbas, Houssam; Mangharam, RahulRobust predictive control of non-linear systems under state estimation errors and input and state constraints is a challenging problem, and solutions to it have generally involved solving computationally hard non-linear optimizations. Feedback linearization has reduced the computational burden, but has not yet been solved for robust model predictive control under estimation errors and constraints. In this paper, we solve this problem of robust control of a non-linear system under bounded state estimation errors and input and state constraints using feedback linearization. We do so by developing robust constraints on the feedback linearized system such that the non-linear system respects its constraints. These constraints are computed at run-time using online reachability, and are linear in the optimization variables, resulting in a Quadratic Program with linear constraints. We also provide robust feasibility, recursive feasibility and stability results for our control algorithm. We evaluate our approach on two systems to show its applicability and performance PublicationA novel programming language to reduce energy consumption by arrhythmia monitoring algorithms in implantable cardioverter-defibrillators(2018-05-09) Abbas, Houssam; Mamouras, Konstantinos; Rodionova, Alena; Liang, Jackson; Rajeev, Alur; Dixit, Sanjay; Mangharam, Rahul PublicationRelaxed decidability and the robust semantics of Metric Temporal Logic(2017-02-16) Abbas, Houssam; O'Kelly, Matthew; Mangharam, RahulRelaxed notions of decidability widen the scope of automatic verification of hybrid systems. In quasi-decidability and $\delta$-decidability, the fundamental compromise is that if we are willing to accept a slight error in the algorithm's answer, or a slight restriction on the class of problems we verify, then it is possible to obtain practically useful answers. This paper explores the connections between relaxed decidability and the robust semantics of Metric Temporal Logic formulas. It establishes a formal equivalence between the robustness degree of MTL specifications, and the imprecision parameter $\delta$ used in $\delta$-decidability when it is used to verify MTL properties. We present an application of this result in the form of an algorithm that generates new constraints to the $\delta$-decision procedure from falsification runs, which speeds up the verification run. We then establish new conditions under which robust testing, based on the robust semantics of MTL, is in fact a quasi-semidecision procedure. These results allow us to delimit what is possible with fast, robustness-based methods, accelerate (near-)exhaustive verification, and further bridge the gap between verification and simulation. PublicationComputer Aided Clinical Trials for Implantable Cardiac Devices(2016-08-19) Abbas, Houssam; Jiang, Zhihao; Jang, Kuk Jin; Beccani, Marco; Liang, Jackson; Dixit, Sanjay; Mangharam, RahulIn this effort we investigate the design and use of physiological and device models to conduct pre-clinical trials to provide early insight in the design and execution of the actual clinical trial. Computer models of physiological phenomena like cardiac electrical activity can be extremely complex. However, when the purpose of the model is to interact with a medical device, then it becomes sufficient to model the measurements that the device makes, e.g. the intra-cardiac electrograms (EGMs) that an Implantable Cardioverter Defibrillator (ICD) measures. We present a probabilistic generative model of EGMs, capable of generating exemplars of various arrhythmias. The model uses deformable shape templates, or motifs, to capture the variability in EGM shapes within one EGM channel, and a cycle length parameter to capture the variability in cycle length in one EGM channel. The relation between EGM channels, which is essential for determining whether the current arrhythmia is potentially fatal, is captured by a time-delayed Markov chain, whose states model the various combinations of (learned) motifs. The heart model is minimally parameterized and is learned from real patient data. Thus the statistics of key features reflect the statistics of a real cohort, but the model can also generate rare cases and new combinations from the inferred probabilities. On the device end, algorithms for signal sensing, detection and discrimination for major ICD manufacturers have been implemented both in simulation and on hardware platforms. The generated arrhythmia episodes are used as input to both the modeled ICD algorithms and real ICDs as part of a Computer Aided Clinical Trial (CACT). In a CACT, a computer model simulates the inputs to the device (such as a new, investigational ICD), and the device’s performance is evaluated. By incorporating these results into the appropriate statistical framework, the Computer Aided Clinical Trial results can serve as regulatory evidence when planning and executing an actual clinical trial. We demonstrate this by conducting a mock trial similar to the 2005-2010 RIGHT trial which compared the discrimination algorithms from two major ICD manufacturers. The results of the CACT clearly demonstrate that the failed outcome of the RIGHT trial could have been predicted and provides statistical support for deeper results that could have been captured prior to the trial. PublicationReal-time Decision Policies with Predictable Performance(2018-01-06) Abbas, Houssam; Mamouras, Konstantinos; Alur, Rajeev; Rodionova, Alena; Mangharam, RahulAs methods and tools for Cyber-Physical Systems grow in capabilities and use, one-size-fits-all solutions start to show their limitations. In particular, tools and languages for programming an algorithm or modeling a CPS that are specific to the application domain are typically more usable, and yield better performance, than general-purpose languages and tools. In the domain of cardiac arrhythmia monitoring, a small, implantable medical device continuously monitors the patient's cardiac rhythm and delivers electrical therapy when needed. The algorithms executed by these devices are streaming algorithms, so they are best programmed in a streaming language that allows the programmer to reason about the incoming data stream as the basic object, rather than force her to think about lower-level details like state maintenance and minimization. Because these devices are resource-constrained, it is useful if the programming language allowed predictable performance in terms of processing runtime and energy consumption, or more general costs. StreamQRE is a declarative streaming programming language, with an efficient and portable implementation and strong theoretical guarantees. In particular, its evaluation algorithm guarantees constant cost (runtime, memory, energy) per data item, and also calculates upper bounds on the per-item cost. Such an estimate of the cost allows early exploration of the algorithmic possibilities, while maintaining a handle on worst-case performance, on the basis of which hardware can be designed and algorithms can be tuned. PublicationTechnical Report: Abstraction-Tree For Closed-loop Model Checking of Medical Devices(2015-05-06) Jiang, Zhihao; Abbas, Houssam; Mosterman, Pieter J; Mangharam, Rahul PublicationBenchmark: Nonlinear Hybrid Automata Model of Excitable Cardiac Tissue(2016-03-20) Abbas, Houssam; Jang, Kuk Jin; Mangharam, RahulImplantable cardiac devices like pacemakers and defibrillators are life-saving medical devices. To verify their functionality, there is a need for heart models that can simulate interesting phenomena and are relatively computationally tractable. In this benchmark we implement a model of the electrical activity in excitable cardiac tissue as a network of nonlinear hybrid automata. The model has previously been shown to simulate fast arrhythmias. The hybrid automata are arranged in a square n-by-n grid and communicate via their voltages. Our Matlab implementation allows the user to specify any size of model $n$, thus rendering it ideal for benchmarking purposes since we can study tool efficiency as a function of size. We expect the model to be used to analyze parameter ranges and network connectivity that lead to dangerous heart conditions. It can also be connected to device models for device verification. PublicationGeneralized Robust MTL Semantics for Problems in Cardiac Electrophysiology(2018-03-01) Abbas, Houssam; Mangharam, RahulRobustness-Guided Falsification (RGF) is an efficient testing technique that tries to find a system execution that violates some formal specification, by minimizing the robustness of the specification over the set of initial conditions of the system. Robustness uses an underlying distance function on the space of system executions. As RGF is applied to new fields like medicine, it is essential to determine whether our distances still capture the domain expert’s intuition of which executions are similar and which are not. Motivated by the problem of testing the algorithms of cardiac defibrillators implanted in millions of patients worldwide, this work develops a (pseudo- )distance function, called conformance, over the space of cardiac signals. By using it to distinguish between fatal and non-fatal arrhythmias obtained from real patients, it is demonstrated that conformance measures the meaningful distance between cardiac signals much better than distances used in medical devices today. Next, conformance is used to re-define the robustness degrees of Metric Temporal Logic (MTL), and it is shown that conformance-based robust semantics of MTL can bound the (conformance-based) robustness degree, thus enabling a principled application of RGF to problems in the cardiac domain, using the appropriate distance notion. Using existing robust semantics based on sup norm can yield incorrect conclusions, with potentially severe consequences to patients.