1 / 36

Towards Patient Safety in Closed-Loop Medical Device Systems

Towards Patient Safety in Closed-Loop Medical Device Systems. Authors David Arney , Miroslav Pajic , Julian Goldman, Insup Lee, Rahul Mangharam , Oleg Sokolsky Presenter Velin Dimitrov. Need. Nurses and other clinicians deal with a multitude of tasks

kaili
Download Presentation

Towards Patient Safety in Closed-Loop Medical Device Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Towards Patient Safety in Closed-Loop Medical Device Systems Authors David Arney, MiroslavPajic, Julian Goldman, Insup Lee, RahulMangharam, Oleg Sokolsky Presenter Velin Dimitrov

  2. Need Nurses and other clinicians deal with a multitude of tasks They need to quickly assess dangerous situations and take preventive action Delays are life-threatening Adding autonomy to medical devices will relieve the burden on nurses

  3. Typical Clinical Setting The clinician “closes the loop” Alarm sounds when sensor passes threshold Clinician arrives to assess the situation Clinician must first acquaint themselves Clinician takes action

  4. Proposal What if devices themselves could sense common fault/dangerous conditions and respond more quickly than a clinician could? Human caregiver will always be in the loop!

  5. Bridge to Control Systems

  6. Two Models • Formal, timed automata based model • UPPAAL tool • Exhaustively test system behaviors in failure mode • Timing constraints from dynamic model • Detailed, informal model • Simulink/MATLAB • Captures dynamics of human/device interaction

  7. Case Study MD PnP and ICE Architecture

  8. Clinical Use Case • Patient Control Analgesia (PCA) pump • Provide pain meds to patient • Customized dosing • Programmed limits on how many doses can be delivered

  9. Modes of Failure Mis-programming Overestimation of maximum dose Wrong concentration Accidental pressing of button These failures cannot be currently avoided

  10. System

  11. Control Loop

  12. PCA Pump • Programmed by caregiver • Normal rate of infusion • Increased rate of bolus • Bolus total duration • Drug limit • Built in sensors to catch device faults • Network interface for status • No pumps can currently accept control sigs

  13. Pulse Oximeter Measure SpO2 and HR Finger clip sensor Ratio of IR to red light Amplitude

  14. Patient Model • Pain, Pain-controlled, Overmedicated • Critical Region • Overdose, Respiratory distress • SpO2 <70%, HR <11.5 bpm • Drug level is a linear mapping to HR and SpO2 in this model

  15. Supervisor Model Decides when to stop pump to keep patient out of critical region Clinical application script (CAS) Alarming Region Sp02 <90% or HR <57 bpm Notify caregiver – Alarming condition

  16. Communication Structure

  17. Verification and Validation Will the system function correctly? Finding faults and recovering gracefully

  18. Formal Model –Pulse Oximeter

  19. Formal Model – PCA Pump

  20. Formal Model - Supervisor

  21. Formal Model - Patient

  22. Formal Model - Network

  23. Verifying Safety Properties Check that the pain eventually goes up in the model Check that the pump is stopped in the alarming condition

  24. Informal, Detail Simulink Models Used to determine the timing/rate parameters that make the system safe Models patient dynamics, network delays, pump delays

  25. System

  26. Patient Model

  27. Safety Requirement PCA pump will always be stopped before we reach critical condition

  28. Variables

  29. Finding t_crit

  30. Comparing Time Delays to tcrit alpha is 0.001s^-1 Half life of drug is 11.5 minutes For H1 = 90% and H2 = 70% Tcrit = 26.8 minutes

  31. Network Delay Tolerance Supervisor control algorithm and pump design must maintain open-loop stability Essentially adding capability to limit given dose per command from the supervisor – activation command

  32. t_del Disregard button pressed for tdel time units t_del must be less than t_safe for this to work

  33. t_safe t_safe must satisfy the following condition

  34. t_safe dl_max= 100, Hdl_2 = 85.71, Hdl_1 = 28.57, dl_cur = 20 This corresponds to alarm/critialcond t_safe = 1723 sec

  35. Retrofittable Solution Supervisor dynamically sets max drug level

  36. Related and Future Work Alaris 8210 SpO2 mdoule connects to Alaris 8000 pump controller Tightly integrated system from single vendor Need good model that captures whole process of drug delivery Pharmacokinetic models are not sufficient

More Related