Pajic, Miroslav

Email Address
ORCID
Disciplines
Research Projects
Organizational Units
Position
Introduction
Research Interests

Filters

2008 - 200932010 - 201617
20
1442
Reset filters

Settings

Author: Pajic, Miroslav × Subject: Computer Engineering ×

Search Results

Now showing 1 - 10 of 20
  • Publication
    Real-time Heart Model for Implantable Cardiac Device Validation and Verification
    (2010-01-20) Jiang, Zhihao; Pajic, Miroslav; Connolly, Allison T; Dixit, Sanjay; Mangharam, Rahul
    Designing bug-free medical device software is dif- ficult, especially in complex implantable devices that may be used in unanticipated contexts. Safety recalls of pacemakers and implantable cardioverter defibrillators due to firmware problems between 1990 and 2000 affected over 200,000 devices, comprising 41% of the devices recalled and are increasing in frequency. There is currently no formal methodology or open experimental platform to validate and verify the correct operation of medical device software. To this effect, a real-time Virtual Heart Model (VHM) has been developed to model the electrophysiological operation of the functioning (i.e. during normal sinus rhythm) and malfunctioning (i.e. during arrhythmia) heart. We present a methodology to extract timing properties of the heart to construct a timed-automata model. The platform exposes functional and formal interfaces for validation and verification of implantable cardiac devices. We demonstrate the VHM is capable of generating clinically-relevant response to intrinsic (i.e. premature stimuli) and external (i.e. artificial pacemaker) signals for a variety of common arrhythmias. By connecting the VHM with a pacemaker model, we are able to pace and synchronize the heart during the onset of irregular heart rhythms. The VHM has also been implemented on a hardware platform for closed-loop experimentation with existing and virtual medical devices. The VHM allows for exploratory electrophysiology studies for physicians to evaluate their diagnosis and determine the appropriate device therapy. This integrated functional and formal device design approach will potentially help expedite medical device certification for safer operation.
  • Publication
    Modeling and Verification of a Dual Chamber Implantable Pacemaker
    (2012-04-16) Jiang, Zhihao; Pajic, Miroslav; Moarref, Salar; Alur, Rajeev; Mangharam, Rahul
    The design and implementation of software for medical devices is challenging due to their rapidly increasing functionality and the tight coupling of computation, control, and communication. The safety-critical nature and the lack of existing industry standards for verification, make this an ideal domain for exploring applications of formal modeling and analysis. In this paper, we use a dual chamber implantable pacemaker as a case study for modeling and verification of control algorithms for medical devices in UPPAAL. We present detailed models of different components of the pacemaker based on the algorithm descriptions from Boston Scientific. We formalize basic safety requirements based on specifications from Boston Scientific as well as additional physiological knowledge. The most critical potential safety violation for a pacemaker is that it may lead the closed-loop system into an undesirable pattern (for example, Tachycardia). Modern pacemakers are implemented with termination algorithms to prevent such conditions. We show how to identify these conditions and check correctness of corresponding termination algorithms by augmenting the basic models with monitors for detecting undesirable patterns. Along with emerging tools for code generation from UPPAAL models, this effort enables model driven design and certification of software for medical devices.
  • Publication
    Real-time Heart Model for Implantable Cardiac Device Validation and Verification
    (2010-07-06) Jiang, Zhihao; Pajic, Miroslav; Connolly, Allison; Dixit, Sanjay; Mangharam, Rahul
    Designing bug-free medical device software is challenging, especially in complex implantable devices that may be used in unanticipated contexts. Safety recalls of pacemakers and implantable cardioverter defibrillators due to firmware problems between 1990 and 2000 affected over 200, 000 devices. This encompasses 41% of the devices recalled and continues to increase in frequency. There is currently no formal methodology or open experimental platform to validate and verify the correct operation of medical device software. To this effect, a real-time Virtual Heart Model (VHM) has been developed to model the electrophysiological operation of the functioning (i.e. during normal sinus rhythm) and malfunctioning (i.e. during arrhythmia) heart. We present a methodology to construct a timed-automata model by extracting timing properties of the heart. The platform employs functional and formal interfaces for validation and verification of implantable cardiac devices. We demonstrate the VHM is capable of generating clinically-relevant response to intrinsic (i.e. premature stimuli) and external (i.e. artificial pacemaker) signals for a variety of common arrhythmias. By connecting the VHM with a pacemaker model, we are able to pace and synchronize the heart during the onset of irregular heart rhythms. The VHM has also been implemented on a hardware platform for closed-loop experimentation with existing and virtual medical devices. This integrated functional and formal device design approach has potential to help expedite medical device certification for safe operation.
  • Publication
    Attack-Resilient Minimum Mean-Squared Error Estimation
    (2014-06-01) Weimer, James; Bezzo, Nicola; Pajic, Miroslav; Sokolsky, Oleg; Lee, Insup
    This work addresses the design of resilient estimators for stochastic systems. To this end, we introduce a minimum mean-squared error resilient (MMSE-R) estimator whose conditional mean squared error from the state remains finitely bounded and is independent of additive measurement attacks. An implementation of the MMSE-R estimator is presented and is shown as the solution of a semidefinite programming problem, which can be implemented efficiently using convex optimization techniques. The MMSE-R strategy is evaluated against other competing strategies representing other estimation approaches in the presence of small and large measurement attacks. The results indicate that the MMSE-R estimator significantly outperforms (in terms of mean-squared error) other realizable resilient (and non-resilient) estimators.
  • Publication
    Architecture for a Fully Distributed Wireless Control Network
    (2011-04-12) Pajic, Miroslav; Aneja, Mansimar; Vemuri, Srinivas; Pappas, George; Mangharam, Rahul; Sundaram, Shreyas
    We demonstrate a distributed scheme for control over wireless networks. In our previous work, we introduced the concept of a Wireless Control Network (WCN), where the network itself, with no centralized node, acts as the controller. In this demonstration, we show how the WCN can be utilized for distillation column control, a well-known process control problem. To illustrate the use of a WCN, we have utilized a process-in-the-loop simulation, where the behavior of a distillation column was simulated in Simulink and interfaced with an actual, physical network (used as the control network), which consists of several wireless nodes, sensors and actuators. The goal of this demonstration is to show the benefits of a fully-distributed robust wireless control/actuator network, which include simple scheduling, scalability and compositionality.
  • Publication
    Resilient Parameter-Invariant Control With Application to Vehicle Cruise Control
    (2013-03-20) Weimer, James; Bezzo, Nicola; Pajic, Miroslav; Pappas, George J.; Sokolsky, Oleg; Lee, Insup
    This work addresses the general problem of resilient control of unknown stochastic linear time-invariant (LTI) systems in the presence of sensor attacks. Motivated by a vehicle cruise control application, this work considers a first order system with multiple measurements, of which a bounded subset may be corrupted. A frequency-domain-designed resilient parameter-invariant controller is introduced that simultaneously minimizes the effect of corrupted sensors, while maintaining a desired closed-loop performance, invariant to unknown model parameters. Simulated results illustrate that the resilient parameter-invariant controller is capable of stabilizing unknown state disturbances and can perform state trajectory tracking.
  • Publication
    Safety-Critical Medical Device Development Using the UPP2SF Model
    (2014-01-01) Pajic, Miroslav; Jiang, Zhihao; Lee, Insup; Sokolsky, Oleg; Mangharam, Rahul
    Software-based control of life-critical embedded systems has become increasingly complex, and to a large extent has come to determine the safety of the human being. For example, implantable cardiac pacemakers have over 80,000 lines of code which are responsible for maintaining the heart within safe operating limits. As firmware-related recalls accounted for over 41% of the 600,000 devices recalled in the last decade, there is a need for rigorous model-driven design tools to generate verified code from verified software models. To this effect we have developed the UPP2SF model-translation tool, which facilitates automatic conversion of verified models (in UPPAAL) to models that may be simulated and tested (in Simulink/Stateflow). We describe the translation rules that ensure correct model conversion, applicable to a large class of models. We demonstrate how UPP2SF is used in the model-driven design of a pacemaker whose model is (a) designed and verified in UPPAAL (using timed automata), (b) automatically translated to Stateflow for simulation-based testing, and then (c) automatically generated into modular code for hardware-level integration testing of timing-related errors. In addition, we show how UPP2SF may be used for worst-case execution time estimation early in the design stage. Using UPP2SF, we demonstrate the value of integrated end-to-end modeling, verification, code-generation and testing process for complex software-controlled embedded systems.
  • Publication
    Embedded Virtual Machines for Robust Wireless Control Systems
    (2009-01-01) Mangharam, Rahul; Pajic, Miroslav
    Embedded wireless networks have largely focused on open loop sensing and monitoring. To address actuation in closed loop wireless control systems there is a strong need to re-think the communication architectures and protocols for reliability, coordination and control. As the links, nodes and topology of wireless systems are inherently unreliable, such time-critical and safety-critical applications require programming abstractions where the tasks are assigned to the sensors, actuators and controllers as a single component rather than statically mapping a set of tasks to a specific physical node at design time. To this end, we introduce the Embedded Virtual Machine (EVM), a powerful and flexible programming abstraction where virtual components and their properties are maintained across node boundaries. In the context of process and discrete control, an EVM is the distributed runtime system that dynamically selects primary-backup sets of controllers to guarantee QoS given spatial and temporal constraints of the underlying wireless network. The EVM architecture defines explicit mechanisms for control, data and fault communication within the virtual component. EVM-based algorithms introduce new capabilities such as predictable outcomes and provably minimal graceful degradation during sensor/actuator failure, adaptation to mode changes and runtime optimization of resource consumption. Through the design of a natural gas process plant hardware-in-loop simulation we aim to demonstrate the preliminary capabilities of EVM-based wireless networks.
  • Publication
    Anti-Jamming for Embedded Wireless Networks
    (2009-01-01) Pajic, Miroslav; Mangharam, Rahul
    Resilience to electromagnetic jamming and its avoidance are difficult problems. It is often both hard to distinguish malicious jamming from congestion in the broadcast regime and a challenge to conceal the activity patterns of the legitimate communication protocol from the jammer. In the context of energy-constrained wireless sensor networks, nodes are scheduled to maximize the common sleep duration and coordinate communication to extend their battery life. This results in well-defined communication patterns with possibly predictable intervals of activity that are easily detected and jammed by a statistical jammer. We present an anti-jamming protocol for sensor networks which eliminates spatio-temporal patterns of communication while maintaining coordinated and contention-free communication across the network. Our protocol, WisperNet, is time-synchronized and uses coordinated temporal randomization for slot schedules and slot durations at the link layer and adapts routes to avoid jammers in the network layer. Through analysis, simulation and experimentation we demonstrate that WisperNet reduces the efficiency of any statistical jammer to that of a random jammer, which has the lowest censorship-to-link utilization ratio. WisperNet has been implemented on the FireFly sensor network platform.
  • Publication
    WisperNet: Anti-Jamming for Wireless Sensor Networks
    (2008-09-01) Pajic, Miroslav; Mangharam, Rahul
    Resilience to electromagnetic jamming and its avoidance are difficult problems. It is often both hard to distinguish malicious jamming from congestion in the broadcast regime and a challenge to conceal the activity patterns of the legitimate communication protocol from the jammer. In the context of energy-constrained wireless sensor networks, nodes are scheduled to maximize the common sleep duration and coordinate communication to extend their battery life. This results in well-defined communication patterns with possibly predictable intervals of activity that are easily detected and jammed by a statistical jammer. We present an anti-jamming protocol for sensor networks which eliminates spatio-temporal patterns of communication while maintaining coordinated and contention-free communication across the network. Our protocol, WisperNet, is time-synchronized and uses coordinated temporal randomization for slot schedules and slot durations at the link layer and adapts routes to avoid jammers in the network layer. Through analysis, simulation and experimentation we demonstrate that WisperNet reduces the efficiency of any statistical jammer to that of a random jammer, which has the lowest censorship-to-link utilization ratio. WisperNet is more energy efficient than low-power listen CSMA protocols such as B-mac and is simple to analyze in terms of effective network throughput, reliability and delay. WisperNet has been implemented on the FireFly sensor network platform.