#!/usr/local/bin/php
<html>
<head>
<meta name="keywords" content="Real Time Systems Group, Computer and Information Science, Computer Science, Computer, Information, Science, Informatics, Research, Distributed Systems, Embedded Systems, Real-time systems, Logic and Computation, syntax, semantics, information extraction, probabilistic models, simulation, Software Principles, Formal Methods, Software Engineering, software design, computer systems, software testing, software validation, software certification, object-oriented, concurrent, concurrency, mobile computing, mobile agents, Security, Information Assurance, energy consumption, model checking, networking, distributed applications, scalability, heterogeneous systems, Software Verification">

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="icon" type="image/ico" href="favicon.ico"></link>
<link rel="shortcut icon" href="favicon.ico"></link>
<link rel="stylesheet" href="style.css" type="text/css">

<title>High Confidence Medical Device Software and Systems</title>
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
try {
var pageTracker = _gat._getTracker("UA-16027371-1");
pageTracker._trackPageview();
} catch(err) {}</script>

</head>
<body>
  
<table width=100%  height=100% border="0" cellspacing="0" cellpadding="0">
  <tr height=100%><td bgcolor=#011F5B valign=top width="200">

<!----------- Left Bar ----------->
<div id="leftbar">
<a href="http://www.seas.upenn.edu/"><img src="penn-eng-logo.gif"  alt="Penn Engineering" width="200" height="80" border="0"></a>
<hr><br><br>
<ul>
 <li><a href="http://rtg.cis.upenn.edu/index.php3"><span>RTG Home</span></a></li>
 <li><a href="http://rtg.cis.upenn.edu/personnel.php3"><span>RTG Personnel</span></a></li>
 <li><a href="http://rtg.cis.upenn.edu/projects.php3"><span>RTG Projects</span></a></li>
 <li><a href="http://rtg.cis.upenn.edu/publications.php3"><span>RTG Publications</span></a></li>
 <li><a href="http://rtg.cis.upenn.edu/reading-group/"><span>RTG Seminars</span></a></li>
</ul>
</div>
</td><td valign=top>

<!----------- Right Content ----------->
<div id="content">

<!----------- Top Bar ----------->
<div id="topbottombar">
<a href="http://rtg.cis.upenn.edu/">RTG Home</a>&nbsp;&nbsp;|&nbsp;&nbsp; 
<a href="http://precise.seas.upenn.edu/">PRECISE</a>&nbsp;&nbsp;|&nbsp;&nbsp; 
<a href="http://www.cis.upenn.edu/">CIS Home</a>&nbsp;&nbsp;|&nbsp;&nbsp; 
<a href="http://www.seas.upenn.edu/">Penn Engineering</a>&nbsp;&nbsp;|&nbsp;&nbsp;  
<a href="http://www.upenn.edu/">Penn</a>
</div>

<!---<br>  --->

<!----------- Title ----------->
<div id="titlename">
<table><tr><td>High Confidence Medical Device Software and Systems</td></tr></table>
</div>

<br><br>

<!----------- Main content ----------->
<div id="main"><br><br>
<table width=620><tr><td valign=top>

The development and production of medical device software and systems  is a critical issue as medical device software is increasingly  sophisticated and medical devices are networked.  Of particular  importance is how to ensure such medical device systems are safe. <p>
Papers:
<ul>
<li><a href="http://repository.upenn.edu/cis_papers/735/"><i>
		Rationale and Architecture Principles for Medical Application Platforms</i></a> by 
		John Hatcliff, Andrew King, Insup Lee, Alasdair MacDonald, Anura Fernando, Michael Robkin, Eugene Vasserman, Sandy Weininger  and Julian Goldman. 
		<em> ACM/IEEE Third International Conference on Cyber-Physical Systems (ICCPS 2012)</em>. Beijing, China, April 2012 (Invited Paper).
<li><a href="http://repository.upenn.edu/cis_papers/487"><i>
		Challenges and Research Directions in Medical Cyber-Physical Systems</i></a> by
		Insup Lee, Oleg Sokolsky, Sanjian Chen, John Hatcliff, Eunkyoung Jee, BaekGyu Kim, Andrew King, Margaret Mullen-Fortino, Soojin Park, Alexander Roederer, and Krishna Venkatasubramanian, 
        <i>Special Issue on Cyber-Physical Systems, Proceedings of the IEEE</i>, Volume 100, Issue 1, pp.75-90, 
        January 2012 (Invited Paper) </li>
<li><a href="http://repository.upenn.edu/cis_papers/241"><i>
       High-Confidence Medical Device Software and Systems</i></a> by
       Insup Lee, George J. Pappas, Rance  Cleaveland, John  Hatcliff, Bruce H.  Krogh, Peter Lee, Harvey  Rubin, and Lui Sha,  
       <i>IEEE Computer, Volume 39, Issue 4, April 2006, pages 33-38</i> </li>
</ul>

<h3> Projects</h3>
<h4>Current Projects: </h4>
<ul>
<li> <a href="http://rtg.cis.upenn.edu/MDCPS/index.html">Medical Cyber-Physical Systems </a>
<li> <a href="parameter-invariant.html">Parameter-invariant Monitors for Medical CPS</a>
<li> <a href="smartalarm/smartalarm.php3">Smart Alarms</a> 
<li> <a href="gip.php3">Generic Infusion Pump</a>
<li> <a href="medical/gpca/gpca.html">GPCA</a>
<li> <a href="medical/mdpnp.php3">MD PnP</a>
<li> <a href="http://rtg.cis.upenn.edu/ohc/">Open Health Connector</a>
<li> <a href="medical/assurance_cases.html">Assurance cases</a>
<li> <a href="http://mlab.seas.upenn.edu/index.php/research/medical/mdvv/vhm/">Virtual Heart Model project</a>
</ul>
<h4>Former Projects: </h4>
<ul>

<li> <a href="medical/pacemaker.php3">Pacemaker Challenge</a>
<li> <a href="medical/ahlta.php3">AHLTA-Mobile</a>
<li> <a href="medical/bloodbank.php3">Bloodbank</a>
</ul>

<!--------
<h3><a name = "smart"></a>Smart Alarm </h3>
Caregivers are inundated by alarms from a variety of medical devices that 
monitor vital signs of patients. These alarms are used to warn caregivers 
of possible problems with patients monitored by the devices.  Most of these 
warnings are false positive and caregivers can be overwhelmed by incessant 
alarming, a phenomenon known as alarm fatigue.  Alarm fatigue can lead 
caregivers to stop paying attention to alarms or turn off some of the alarms, 
which could result in fatal consequences.<p>

<a href="smartalarm/smartalarm.php3">Smart Alarms </a>  is a project to develop an alarm algorithm that eliminates unnecessary alarms and also differentiates alarms based on criticality.
<p>


<h3><a name = "gip"></a> GIP </h3>

The goal of the 
<a href="gip.php3">
Generic Infusion Pump (GIP)
</a>
project is to develop a set of 
models and reference specifications of generic infusion pumps to verify the 
correct functioning of software for different types of infusion pumps 
submitted for FDA approval. The project defines a reference specification of 
a generic infusion pump which device manufacturers could use to develop more 
specialized pumps.<p>

Our process of building these formal models starts with requirements 
elicitation and hazard analysis.  These requirements and hazards are used in 
building the formal models as extended finite state machines and to create 
properties which are checked against the EFSM models using model checkers. <p>

So far we have gathered informal requirements and done a hazard analysis for a 
generic large volume pump model as well as the additional requirements and 
hazards to extend this large volume model to cover patient controlled 
analgesia (PCA) infusion pumps.  We plan to use these models and properties 
to generate tests which can be used for conformance testing infusion pump 
implementations. Our future work will focus on extending these pump models 
with additional safety requirements and exploring the use of test generation 
for conformance testing real pump implementations.<p>

Using a recognized reference specification would allow device manufacturers to 
concentrate on the specialized functionality of their particular pump devices 
and simplify the verification process.<p>
Papers:
<ul>
<li><a href = "http://repository.upenn.edu/cis_reports/893"   onClick="javascript: pageTracker._trackPageview('/scholarly/report_893'); "> <i>Generic Infusion Pump Hazard Analysis and Safety Requirements Version 1.0</i></a> by David Arney, Raoul Jetley, Paul Jones, Insup Lee, Arnab Ray, Oleg Sokolsky, and Yi Zhang  </li>

<li><a href = "http://repository.upenn.edu/cis_papers/358" onClick="javascript: pageTracker._trackPageview('/scholarly/paper_358'); "><i>Formal Methods Based Development of a PCA Infusion Pump Reference Model: Generic Infusion Pump (GIP) Project</i></a> by David Arney, Raoul Jetley, Paul Jones, Insup Lee, and
Oleg Sokolsky </li>
</ul>
----->




<p>&nbsp;<p>

<p class = small>
These projects are being supported in part by NSF CNS-0834524 and TATRC/FDA 
grant MIPR-6MRXMM-6093, and were supported in part by
NSF-CNS-0610297 (FDA SIR), NSF CNS-0509327, and ARO URI DAAD19-01-1-0473.  
Any opinions, findings, and conclusions or recommendations expressed in this 
material are those of the author(s) and do not necessarily reflect the views 
of the sponsoring agencies.
</td></tr></table></br>
</div>

<!----------- Bottom Bar ----------->
<div id="topbottombar">
<a href="http://rtg.cis.upenn.edu/" onClick="javascript: pageTracker._trackPageview('/outgoing/rtg_home'); ">RTG Home</a>&nbsp;&nbsp;|&nbsp;&nbsp; 
<a href="http://precise.seas.upenn.edu/" onClick="javascript: pageTracker._trackPageview('/outgoing/precise'); ">PRECISE</a>&nbsp;&nbsp;|&nbsp;&nbsp; 

<a href="http://www.cis.upenn.edu/" onClick="javascript: pageTracker._trackPageview('/outgoing/penn_cis'); ">CIS Home</a>&nbsp;&nbsp;|&nbsp;&nbsp; 
<a href="http://www.seas.upenn.edu/" onClick="javascript: pageTracker._trackPageview('/outgoing/penn_seas'); ">Penn Engineering</a>&nbsp;&nbsp;|&nbsp;&nbsp;  
<a href="http://www.upenn.edu/" onClick="javascript: pageTracker._trackPageview('/outgoing/penn_univ'); ">Penn</a>
</div>

</div><!-- End right content -->

</td></tr></table>

</body>
</html>