NSF Award
1041469
Since software is easier to configure, modify and re-use than hardware, an increasingly large portion of a medical device?s functionality is now being implemented in code. This presents considerable engineering challenges for both device regulators and manufacturers in terms of ensuring the safety and effectiveness of the deployed software. This NSF-FDA Scholar in Residence project focuses on the use of generic software architecture specifications for medical devices as a path to reducing the complexity of engineering medical device software. For manufacturers, generic device specifications can serve as a base artifact from which concrete implementations may be constructed. For regulators, they represent an artifact that can be modeled and used in evaluating implementations for adherence to a base set of safety requirements. The primary goals of this project are to explore a generic infusion pump architecture that can be extended to different infusion pump classes while preserving the requisite safety properties in a trustable, verifiable manner. The project explores challenges for developing usable generic device software architecture specifications and for applying them: producing concrete device instances, constructing extended subclasses from the generic architecture while verifying that properties are preserved, and supporting regulators and manufacturers as they evaluate device software conformance to safety architectures. The research employs model-checking, assertion-based verification, static analysis and reverse engineering to support assurance of safety-critical devices such as the Patient-Controlled Analgesia (PCA) infusion pump. The aim of the research is to provide an informative pilot study towards adoption of such techniques in device manufacturing workflows and regulatory regimes. One of the driving goals of this project is to create techniques and approaches that will benefit patients (by increasing device safety), device manufacturers (by helping them cut development costs) and regulators (by enabling them to automate and formalize their regulatory activities).
