NASS (Network-Aware Supervisory System) Framework Demonstration Airway-laser Surgery Charlie Kim Maryam Rahmaniheris Lui Sha University of Illinois at Urbana-Champaign October 2010
1. NASS (Network-Aware Supervisory System) Framework
Demonstration Airway-laser Surgery Charlie Kim Maryam Rahmaniheris
Lui Sha University of Illinois at Urbana-Champaign October
2010
2. Outline Demonstration Scenario Surgery Scenario Potential
Hazards Motivation NASS Framework Fundamental Goals Flow of Airway
Laser surgery Airway Laser Surgery Components Airway Laser Surgery
Demonstration Closed-loop Safety Open-loop Safety Nass Framework-
Behind the Scene
3. Surgery Scenario Laser surgery on vocal cords. An
endotracheal tube is used to aid the patient with breathing during
the surgery.
4. Potential Safety Hazard 1: Oxygen + Laser -> Fire!
Relative flammability of various ETTs Laser heat as the ignition
source Oxygen concentration > 20%
6. Potential Hazard2: Brain Damage Oxygen flow is closed when
laser is activated Brain injury can happen due to the lack of
Oxygen
7. Motivation
8. Motivation Seems simple to prevent! Why 600 fires every
year?! The Answer is simple: To Err is Human!
9. MDPnP : The Medical Device Plug-and-Play Chair: Dr. Julian
Goldman Inter-disciplinary, multi-institutional medical device
informatics research program. Leading patient-centric Integrated
Clinical Environment (ICE) standard MDPnP group is based at CIMIT
and Massachusetts General Hospital. The MDPnP Program
10. ICE Architecture
11. NASS Framework Replace human with machines! But machines
fail, too. What if there is a network failure or the computer
suddenly fails in the middle of the procedure? NASS framework An
implementation of ICE Maintains safety in spite of the failure of
network or any of the computers
12. NASS Framework: Fundamental Goals Certifiably safe
automation of inter-device coordination Replacing human implemented
safety interlock with computer implemented safety interlock Maximal
use of common computers and equipment Low cost Convenience
Robustness
13. ICE Architecture NASS framework is a fail- safe
implementation of ICE architecture. NASS Supervisor Wi-Fi Medical
Device Customized HW Application
14. Airway laser Surgery : Components
15. Flow of the Airway Laser Surgery Anesthesia Monitoring the
patient Block Oxygen flow & Activate Laser Configuration check
Do not block Oxygen flow Request Laser activation Is SpO2 above the
safe threshold? Move the patient to OR Yes No
16. NASS Framework: Behind the Scene
17. NASS Framework NASS Supervisor WLAN NASS Device Medical
Device FPGA NASS Device Medical Device FPGA NASS Device Medical
Device FPGA NASS Device Medical Device FPGA ApplicationApplication
Application Application
18. NASS Supervisory Plan Time Mode 1-5s Enforced 5-15s
Enforced 16-29s Prohibited 30-50s Prohibited 51-59s Prohibited
60s-~ Enforced NASS Device NASS Supervisor Records the Plan
(Generates the Plan) Plays the Plan (Follows the Plan) Plan Medical
Device Application Only completed plan is executed (Atomic
Transaction) FPGA Execution of contingency safety plan without
communication with supervisor.
19. NASS Device Architecture FPGA and Medical device do not
fail Any component above the FPGA can fail FPGA stores and executes
the plans sent by the supervisor When the Device-Supervisor loop is
open, FPGA keeps executing the stored plan NASS Device Medical
Device FPGA Application
20. Hardware/Software Co-design Full SW Design HW/SW Co-Design
Software Application Library Operating System Microprocessor Need
to Have Verified Robustness Software Application Library Operating
System Microprocessor HW COTS FPGA Needs to Have Verified
Robustness
22. Limitations of NASS Framework Currently the actual amount
of medicine injected by the medical staff is not monitored by the
system The NASS framework can be easily extended to cover this case
IV tube sensors and scanners can be used for this purpose Safety
rules are pre-loaded at the configuration time. They are verified
by the physician for each specific procedure and cannot be changed
on the fly. Safety rules should be simple rules that can be
correctly and unambiguously interpreted by machine