Goldman, Julian M.
Email Address
ORCID
Disciplines
Search Results
Now showing 1 - 2 of 2
Publication Toward Patient Safety in Closed-Loop Medical Device Systems(2010-04-13) Arney, David; Pajic, Miroslav; Goldman, Julian M.; Lee, Insup; Mangharam, Rahul; Sokolsky, OlegA model-driven design and validation of closed-loop medical device systems is presented. Currently, few if any medical systems on the market support closed-loop control of interconnected medical devices, and mechanisms for regulatory approval of such systems are lacking. We present a system implementing a clinical scenario where closed-loop control may reduce the possibility of human error and improve safety of the patient. The safety of the system is studied with a simple controller proposed in the literature. We demonstrate that, under certain failure conditions, safety of the patient is not guaranteed. Finally, a more complex controller is described and ensures safety even when failures are possible. This investigation is an early attempt to introduce automatic control in clinical scenarios and to delineate a methodology to validate such patient-in-the-loop systems for safe and correct operation.Publication Model-Driven Safety Analysis of Closed-Loop Medical Systems(2012-10-01) Pajic, Miroslav; Mangharam, Rahul; Sokolsky, Oleg; Arney, David; Goldman, Julian M.; Lee, InsupIn modern hospitals, patients are treated using a wide array of medical devices that are increasingly interacting with each other over the network, thus offering a perfect example of a cyber-physical system. We study the safety of a medical device system for the physiologic closed-loop control of drug infusion. The main contribution of the paper is the verification approach for the safety properties of closed-loop medical device systems. We demonstrate, using a case study, that the approach can be applied to a system of clinical importance. Our method combines simulation-based analysis of a detailed model of the system that contains continuous patient dynamics with model checking of a more abstract timed automata model. We show that the relationship between the two models preserves the crucial aspect of the timing behavior that ensures the conservativeness of the safety analysis. We also describe system design that can provide open-loop safety under network failure.