Abstract
The paper describes the practical use of a model checking technique to contribute to the risk analysis of a new paediatric dialysis machine. The formal analysis focuses on one component of the system, namely the table-driven software controller which drives the dialysis cycle and deals with error management. The analysis provided evidence of the verification of risk control measures relating to the software component. The paper describes the productive dialogue between the developers of the device, who had no experience or knowledge of formal methods, and an analyst who had experience of using the formal analysis tools. There were two aspects to this dialogue. The first concerned the translation of safety requirements so that they preserved the meaning of the requirement. The second involved understanding the relationship between the software component under analysis and the broader concern of the system as a whole. The paper focuses on the process, highlighting how the team recognised the advantages over a more traditional testing approach.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abrial, J.-R.: Modeling in Event-B: System and Software Engineering. Cambridge University Press, New York (2010)
Atlee, J.M., Gannon, J.: State-based model checking of event-driven system requirements. IEEE Trans. Softw. Eng. 19(1), 24–40 (1993)
Barnes, J., Chapman, R., Johnson, R., Everett, B., Cooper, D.: Engineering the tokeneer enclave protection software. In: IEEE International Symposium on Secure Software Engineering. IEEE (2006)
BSI: Medical device software - software life cycle processes. Technical report BS EN 62304:2006, British Standards Institution, CENELEC, Avenue Marnix 17, B-1000 Brussels (2008)
Campos, J.C., Harrison, M.D.: Systematic analysis of control panel interfaces using formal tools. In: Graham, T.C.N., Palanque, P. (eds.) DSV-IS 2008. LNCS, vol. 5136, pp. 72–85. Springer, Heidelberg (2008). doi:10.1007/978-3-540-70569-7_6
Cimatti, A., Clarke, E., Giunchiglia, E., Giunchiglia, F., Pistore, M., Roveri, M., Sebastiani, R., Tacchella, A.: NuSMV 2: an opensource tool for symbolic model checking. In: Brinksma, E., Larsen, K.G. (eds.) CAV 2002. LNCS, vol. 2404, pp. 359–364. Springer, Heidelberg (2002). doi:10.1007/3-540-45657-0_29
Clarke, E.M., Grumberg, O., Peled, D.A.: Model Checking. MIT Press, Cambridge (1999)
Freitas, L., Stabler, A.: Translation strategies for medical device control software. Technical report, Newcastle University, August 2015
Harrison, M.D., Masci, P., Campos, J.C., Curzon, P.: Demonstrating that medical devices satisfy user related safety requirements. In: Huhn, M., Williams, L. (eds.) FHIES 2014. LNCS, vol. 9062, pp. 113–128. Springer International Publishing, Cham (2017)
Heitmeyer, C., Kirby, J., Labaw, B., Bharadwaj, R.: SCR: a toolset for specifying and analyzing software requirements. In: Hu, A.J., Vardi, M.Y. (eds.) CAV 1998. LNCS, vol. 1427, pp. 526–531. Springer, Heidelberg (1998). doi:10.1007/BFb0028775
Holzmann, G.J.: Trends in software verification. In: Araki, K., Gnesi, S., Mandrioli, D. (eds.) FME 2003. LNCS, vol. 2805, pp. 40–50. Springer, Heidelberg (2003). doi:10.1007/978-3-540-45236-2_4
Kim, B., Ayoub, A., Sokolsky, O., Lee, I., Jones, P., Zhang, Y., Jetley, R.: Safety-assured development of the GPCA infusion pump software. In: Proceedings of the Ninth ACM International Conference on Embedded software, EMSOFT 2011, pp. 155–164. ACM, New York (2011)
Klein, G., Andronick, J., Elphinstone, K., Murray, T.C., Sewell, T., Kolanski, R., Heiser, G.: Comprehensive formal verification of an OS microkernel. ACM Trans. Comput. Syst. 32(1), 2 (2014)
Masci, P., Ayoub, A., Curzon, P., Harrison, M.D., Lee, I., Sokolsky, O., Thimbleby, H.: Verification of interactive software for medical devices: PCA infusion pumps and FDA regulation as an example. In: Proceedings ACM Symposium Engineering Interactive Systems (EICS 2013), pp. 81–90. ACM Press (2013)
Monk, A.F., Curry, M., Wright, P.C.: Why industry doesn’t use the wonderful notations we researchers have given them to reason about their designs. In: Gilmore, D.J., Winder, R.L., Detienne, F. (eds.) User-Centred Requirements For Software Engineering, pp. 185–189. Springer, Berlin, Heidelberg (1991)
US Food and Drug Administration: General principles of software validation: final guidance for industry and FDA staff. Technical report, Center for Devices and Radiological Health, January 2002. http://www.fda.gov/medicaldevices/deviceregulationandguidance
Yeganefard, S., Butler, M.: Structuring functional requirements of control systems to facilitate refinement-based formalisation. In: Proceedings of the 11th International Workshop on Automated Verification of Critical Systems (AVoCS 2011), vol. 46. Electronic Communications of the EASST (2011)
Acknowledgements
This work has been funded by: EPSRC research grant EP/G059063/1: CHI+MED (Computer–Human Interaction for Medical Devices). It has also been financed by the ERDF – European Regional Development Fund through the Operational Programme for Competitiveness and Internationalisation - COMPETE 2020 Programme, and by National Funds through the FCT – Fundação para a Ciência e a Tecnologia (Portuguese Foundation for Science and Technology) within project POCI-01-0145-FEDER-006961.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Harrison, M.D. et al. (2017). Safety Analysis of Software Components of a Dialysis Machine Using Model Checking. In: Proença, J., Lumpe, M. (eds) Formal Aspects of Component Software. FACS 2017. Lecture Notes in Computer Science(), vol 10487. Springer, Cham. https://doi.org/10.1007/978-3-319-68034-7_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-68034-7_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-68033-0
Online ISBN: 978-3-319-68034-7
eBook Packages: Computer ScienceComputer Science (R0)