Synthesis of a Context-Aware Safety Monitor for an Artificial Pancreas System

Rapid advances in sensing and computing technology have led to the proliferation of medical cyber-physical systems (CPS) in personalized and clinical settings. However, the increasing device complexity, shrinking technology sizes, and shorter time to market have resulted in major challenges in ensuring the reliability, safety, and security of medical devices. This research presents a hybrid model- and data-driven approach for the synthesis of safety monitors that can continuously detect faults and mitigate hazards in medical CPS. The synthesis process starts with the identification of safety requirements using systems-theoretic (STPA) hazard analysis and specification of temporal logic rules for the detection of unsafe system context. The extracted temporal logic is further refined using the closed-loop simulation of the controller with a dynamic patient model. The final synthesized monitor is integrated with the target control software as a wrapper that only has access to the input-output interface (sensor and actuator values) and performs real-time execution of logic rules along with a simulation of the patient model. We demonstrate the effectiveness of our approach using a case study of a closed-loop artificial pancreas system (APS), consisting of an APS control software (OpenAPS) and a patient glucose simulator (Glucosym). The performance of the monitor is assessed in terms of timely and accurate detection of potentially unsafe controller commands due to hardware errors. Results show that the proposed monitor can correctly generate alerts and shows a significant increase in F1 score (up to 23%) with a trade-off of 33-minute decrease in reaction time but having a lower number of false positives, 175 compared to 649 for a baseline.