The questions below are provided by the Pacemaker Challenge community.
Our work aims to increase the confidence on safety and efficacy of the device itself and its development process while reducing the cost due to revisions during the development process. Our research has three outcomes:
Our Heart-on-a-Chip, Virtual Heart Model, Model Checking and end-to-end Model-based Design testing approach have been designed, published and are currently in the prototyping phase. This puts us in the TR4 level of readiness according to the DoE Technology Readiness Assessment Guide (page 9)
Our focus has been on establishing high confidence in the system software and the software development process of the pacemaker. We have developed the following component evaluations:
Timed Automata and the Mathworks toolchain. The reasons for using timed automata are:
Timed automata is a rigorous formulation.
Timed automata is an extension of state machine with real-time clocks, which is intuitive for engineers. The tools and Temporal Logic are intuitive to learn with minimal training.
All our models, code and platforms are publicly available for the research community. The UPPAAL tool is free and open sourced. Mathworks tools require a license to be purchased. The models themselves are easy to use and require less than a week's effort by a software engineer with 5 years of experience.
We have verified safety properties regarding avoidance of unsafe closed-loop states (i.e. low heart rate, paced high heart rate) and unsafe closed-loop executions (i.e. existence of Pacemaker Mediated Tachycardia).
Timing and correctness of software properties are verified at the abstract pacemaker model level. These properties are maintained in the Stateflow/Simulink by the UPP2SF model translation tool. The verified models are used to generate operational pacemaker code. Thus, our end-to-end model-based toolchain allows us to proceed from verified models to verified code.