Applying Safety Goals to a New Intensive Care Workstation System

  • Uwe Becker
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5219)


In hospitals today, there is a trend towards the integration of different devices. Clinical workflow demands are growing for the integration of formally independent devices such as ventilator systems and patient monitoring systems. On one hand, this optimizes workflow and reduces training costs. On the other hand, testing complexity and effort required to ensure safety increase. This in turn gives rise to new challenges in the design of such systems. System designers must change their mindset because they are now designing a set of distributed systems instead of a single system which is only connected to a central monitoring system. In addition, the complexity of such workstation systems is much higher than that of individual devices. This paper presents a case-study on an intensive care workstation. To cope with this complexity, different use-cases have been devised and a set of safety goals have been defined for each use-case. The influence of the environment on the use-cases is highlighted and some measures to ensure data integrity within the workstation system are shown.


Medical devices health care systems systems design resilience reliability safety goals safety cases 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bishop, P., Bloomfield, R., Guerra, S.: The Future of Goal-Based Assurance Cases. In: Proc. Workshop on Assurance Cases, pp. 390–395 (2004)Google Scholar
  2. 2.
    Bloomfield, R., Bishop, P., Jones, C., Froome, P.: ASCAD – Adelard Safety Case Development Manual, Adelard (1998)Google Scholar
  3. 3.
    Bloomfield, R., Littlewood, B.: On the use of diverse arguments to increase confidence in dependability claims. In: Besnard, D., Gacek, C., Jones, C.B. (eds.) Structure for Dependability: Computer-Based Systems from an Interdisciplinary Perspective, pp. 254–268. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  4. 4.
    Bridal, O., et al.: Deliverable D3.1 Part 1 Appendix E: Safety Case, Version1.1. Technical Report, EASIS Consortium (February 2006),
  5. 5.
    CENELEC EN 50129 – Railway Applications – Safety related electronic systems for signaling, CENELEC Brussels (2003)Google Scholar
  6. 6.
    Chinneck, P., Pumfrey, D., McDermid, J.: The HEAT/ACT Preliminary Safety Case: A case study in the use of Goal Structuring Notation. In: 9th Australian Workshop on Safety Related Programmable Systems (2004)Google Scholar
  7. 7.
    European Council: Council Directive 93/42/EEC of 14 June 1993 concerning medical devices. Official Journal L 169, 12/07/1993, pp. 0001 – 0043 (1993)Google Scholar
  8. 8.
    Greenwell, W.S., Strunk, E.A., Knight, J.C.: Failure Analysis and the Safety-Case Lifecycle, Department of Computer Science, University of VirginiaGoogle Scholar
  9. 9.
    IEC 60601-1 – Ed. 3.0 – Medical electrical equipment – Part 1: General requirements for basic safety and essential performance. IEC Geneva (2005)Google Scholar
  10. 10.
    IEC 60601-1-4 – Ed. 1.0 – Medical electrical equipment – Particular Requirement for the Safety of Programmable Medical Devices. IEC Geneva (2000)Google Scholar
  11. 11.
    IEC 62304 – Ed. 1.0 – Medical device software – Software life cycle processes. IEC Geneva (2006)Google Scholar
  12. 12.
    IEC 62366 – Ed. 1.0 – Medical devices – Application of usability engineering to medical devices. Draft. IEC Geneva (2006)Google Scholar
  13. 13.
    Intl. Electrotechnical Commission. IEC 61508: Functional Safety of Electrical/ Electronic/Programmable Electronic Safety-Related Systems. Technical Report (April 1999)Google Scholar
  14. 14.
    ISO 14971:2007 – Application of risk management to medical devices. ISO Geneva (2007)Google Scholar
  15. 15.
    Karapetian, A.V., Some, R.R., Beahan, J.J.: Radiation Fault Modeling and Fault Rate Estimation for a COTS Based Space- Borne Supercomputer. In: Proc. IEEE Aerospace Conf., Mar. 2002, vol. 5, pp. 5-2121–5-2131 (2002)Google Scholar
  16. 16.
    Kelly, T., McDermid, J., Weaver, R.: Goal-Based Safety Standards: Opportunities and Challenges. In: Proc. of the 23rd International System Safety Conference (2005)Google Scholar
  17. 17.
    Kelly, T., McDermid, J.: A Systematic Approach to Safety Case Maintenance. Reliability Engineering and System Safety 71, 271–284 (2001)CrossRefGoogle Scholar
  18. 18.
    Kelly, T.: A Systematic Approach to Safety Case Management. In: Kelly, T. (ed.) Proc. of SAE 2004 World Congress (2004)Google Scholar
  19. 19.
    Kelly, T.: Managing Complex Safety Cases. In: Proc. 11th Safety Critical Systems Symposium. Springer, Heidelberg (2003)Google Scholar
  20. 20.
    Kelly, T.P., McDermid, J.: Safety Case Construction and Reuse using Patterns. In: Proceedings of 16th International Conference on Computer Safety, Reliability and Security (SAFECOMP 1997), September 1997. Springer, Heidelberg (1997)Google Scholar
  21. 21.
    Kelly, T.P.: Arguing Safety: A Systematic Approach to Managing Safety Cases. PhD Thesis, University of York, UK (September 1998)Google Scholar
  22. 22.
    Leveson, N.G.: Safeware: System Safety and Computers. Addison-Wesley, Boston (1995)Google Scholar
  23. 23.
    McDermid, J.: Support for safety cases and safety argument using SAM. Reliability Engineering and System Safety 43(2), 111–127 (1994)CrossRefGoogle Scholar
  24. 24.
    Mukherjee, S.S., Emer, J., Reinhardt, S.K.: The Soft Error Problem: An Architectural Perspective. In: Proc. 11th Int’l Symp. High-Performance Computer Architecture, pp. 243–247 (Febuary 2005)Google Scholar
  25. 25.
    Nicolescu, B., Velazco, R.: Detecting Soft Errors by a Purely Software Approach: Method, Tools and Experimental Results. In: Proc. Design, Automation and Test in Europe Conf. and Exhibition, pp. 57–62 (March 2003)Google Scholar
  26. 26.
    Nordland, O.: Safety Case Categories – Which One When? In: Redmill, F., Anderson, T. (eds.) Current issues in security-critical systems, pp. 163–172. Springer, Heidelberg (2003)Google Scholar
  27. 27.
    Pradhan, D.K.: Fault-Tolerant Computer System Design. Prentice Hall, Englewood Cliffs (1996)Google Scholar
  28. 28.
    Pullum, L.L.: Software Fault Tolerance Techniques and Implementation. Artech House (2001)Google Scholar
  29. 29.
    Ridderhof, W., Gross, H.-G., Doerr, H.: Establishing Evidence for Safety Cases in Automotive Systems – A Case Study. In: Computer Safety, Reliability, and Security, 26th International Conference, SAFECOMP 2007, Nuremberg, Germany, pp. 1–13 (September 2007)Google Scholar
  30. 30.
    RVSM Pre-Implementation Safety Case, Eurocontrol (2001)Google Scholar
  31. 31.
    Shirvani, P.P., Saxena, N.R., McCluskey, E.J.: Software- Implemented EDAC Protection against SEUs. IEEE Trans. Reliability 49(3), 273–284 (2000)CrossRefGoogle Scholar
  32. 32.
    Storey, N.: Safety Critical Computer Systems. Addison-Wesley, Reading (1996)Google Scholar
  33. 33.
    Sujan, M., Harrison, M., Pearson, P., Steven, A., Vernon, S.: Demonstration of Safety in: Healthcare Organisations. In: Górski, J. (ed.) SAFECOMP 2006. LNCS, vol. 4166. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  34. 34.
    Sujan, M.-A., Koornneef, F., Voges, U.: Goal-Based Safety Cases for Medical Devices: Opportunities and Challenges. In: Saglietti, F., Oster, N. (eds.) SAFECOMP 2007. LNCS, vol. 4680, Springer, Heidelberg (2007)CrossRefGoogle Scholar
  35. 35.
    Weaver, R., Despotou, G., Kelly, T., McDermid, J.: Combining Software Evidence: Arguments and Assurance. In: Proceedings of the 2005 workshop on Realising evidence-based software engineering, St. Louis, Missouri, pp. 1–7 (2005)Google Scholar
  36. 36.
    Weaver, R.A.: The Safety of Software – Constructing and Assuring Arguments. DPhil Thesis, Department of Computer Science, University of York, UK (2003)Google Scholar
  37. 37.
    Zhou, Y., Lakamraju, V., Koren, I., Krishna, C.M.: Software-Based Failure Detection and Recovery in Programmable Network Interfaces. IEEE Transactions on Parallel and Distributed Systems 18(11), 1539–1550 (2007)CrossRefGoogle Scholar
  38. 38.
    Ziegler, J.F., et al.: IBM Experiments in Soft Fails in Computer Electronics (1978-1994). IBM J. Research and Development 40(1), 3–18 (1996)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Uwe Becker
    • 1
  1. 1.Dräger Medical AG & Co KGLübeckGermany

Personalised recommendations