An insulin pump. Needle Assembly: Connected to pump. Component used to deliver insulin into the diabetic body.

Slides:



Advertisements
Similar presentations
Formal Specifications
Advertisements

Update on Artificial Pancreas Project
IGCSE ICT Control Systems.
The Fault-Tolerant Insulin Pump Therapy Alfredo Capozucca, Nicolas Guelfi, Patrizio Pelliccione University of Luxembourg Faculty of Sciences, Technologies.
Formal Methods in Software Engineering
1-800-DIABETES DIABETES CARE TASKS AT SCHOOL: What Key Personnel Need to Know DIABETES CARE TASKS AT SCHOOL: What Key Personnel Need to.
Repeating Actions While and For Loops
Continuous Glucose Monitoring
Algorithms. Software Development Method 1.Specify the problem requirements 2.Analyze the problem 3.Design the algorithm to solve the problem 4.Implement.
Modified from Sommerville’s originalsSoftware Engineering, 7th edition. Chapter 10 Slide 1 Formal Specification.
8. Fault Tolerance in Software 8.5 Construction of Acceptance Tests Goal Goal: describe the types and selection criteria for acceptance tests Two levels.
Modified from Sommerville’s originalsSoftware Engineering, 7th edition. Chapter 10 Slide 1 Formal Specification.
©Ian Sommerville 2000Software Engineering, 6/e, Chapter 91 Formal Specification l Techniques for the unambiguous specification of software.
Self-Contained Particulate Filter Filter 3 Presenters: Ian Gray, Kyhia Bostic Demo Given by: Nathan Sullivan.
Insulin Syringes Marked in units Calibrated in 1- or 2-unit increments
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 10 Slide 1 Formal Specification.
©Ian Sommerville 2004Software Engineering, 7th edition. Insulin Pump Slide 1 An automated insulin pump.
©Ian Sommerville 2004Software Engineering, 7th edition. Insulin Pump Slide 1 The portable insulin pump Developing a dependability specification for the.
The embedded control software for a personal insulin pump
Physics and Electronics. Electronic systems Electronic systems are made up of 3 parts: 1)An INPUT SENSOR – these detect changes in the environment Examples:
Helping Belton ISD Students Succeed What Every BISD Staff Needs to Know About: Helping Belton ISD Students Succeed What Every BISD Staff Needs to Know.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 10 Slide 1 Critical Systems Specification 3 Formal Specification.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 10 Slide 1 Formal Specification.
Reliability of Automated Insulin Pumps Medtronic Mini-Med Paradigm® DSES-6070 HV7 Statistical Methods for Reliability Engineering Professor Ernesto Gutierrez-Miravete.
An example of a critical system
Domina PLUS B WORKING DIAGRAMS TROUBLESHOOTING INTERNAL VIEWS WIRING DIAGRAMS INSTALLATION 03 PREVIOUS MODEL.
GENE THERAPY FOR DIABETES Lindsey Rowbotham Period 7.
Chapter 1- “Diversity” “In higher education they value diversity of everything except thought.” George Will.
What do you need to survive right now? Homeostasis!
Day Objective: Define homeostasis and its affect on human body systems. Describe the role of the cell membrane in maintaining homeostasis. Warm up: Which.
©Ian Sommerville 2000Software Engineering, 6th edition. Chapter 9 Slide 1 Formal Specification l Techniques for the unambiguous specification of software.
Diabetes Technology Update
©Ian Sommerville 2000Software Engineering, Chapter 10 Slide 1 Chapter 10 Formal Specification.
©Ian Sommerville 2000Software Engineering, 6th edition. Chapter 9 Slide 1 Chapter 9 Formal Specifications.
THE INSULIN PUMP INNOVATIVE TECHNOLOGIES. WHAT IS AN INSULIN PUMP? Machine delivery of insulin. Most commonly for those with Type one diabetes.
Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor.
Diabetes Edutool: Tutorial 1 Food and insulin. Introduction During these tutorials, the individual effects that can affect the blood glucose will first.
WXGE6103 Software Engineering Process and Practice Formal Specification.
Control & Programming Controlling a Sports Car. Systems in Cars Many modern cars use sophisticated sensors and control systemsMany modern cars use sophisticated.
Continuous Glucose Monitors
Insulin By: Zach Seabrook (Dedicated to Adam DeKoning)
Taking Care of Diabetes High Blood Sugar Things That Affect Blood Sugar How To Take Your Insulin How To Check For Ketones Low Blood Sugar How To Check.
Figures – Chapter 15. Figure 15.1 Model checking.
What is diabetes? Some people are unable to regulate their blood glucose levels because their pancreas doesn’t produce enough insulin. This is called diabetes.
Hydro Multi-B – (2) or (3) CME Pumps in Parallel
Maintain Homeostasis How hard does your body work to maintain blood sugar concentration?
Algorithm Discovery and Design Objectives: Interpret pseudocode Write pseudocode, using the three types of operations: * sequential (steps in order written)
Magnum Chiller Plant Manager
1. 2 INDEX MAIN DISPLAYS3-4 SYSTEM LAYOUT 5-6 ROOM P-109 DISPLAY7 ROOM P-108 DISPLAY8 ROOM P-107 DISPLAY 9 ROOM P-106 DISPLAY 10 ROOM P-105 DISPLAY 11.
Clearly Visual Basic: Programming with Visual Basic 2008 Chapter 13 How Long Can This Go On?
Temperature Regulation By the end of the lesson you should know How the body corrects overheating How the body corrects overcooling What thermocreceptors.
A life-changing story of invention for people with diabetes Dan Quinn 21.
©Ian Sommerville 2000Software Engineering, Chapter 10 Slide 1 Chapter 10 Formal Specification.
COMP Loop Statements Yi Hong May 21, 2015.
Temperature Regulation We need to regulate body temperature to provide the optimum conditions for enzyme-catalysed reactions to be carried out.
Simple Water Level Controller Circuit with Microcontroller and Alarm.
A life-changing story of invention for people with diabetes Dan Quinn 21.
MI Shielding Machine Protection Credit D. Capista March 7,2010.
 History of advancement in diabetes treatment  New technology  Features  Pros and Cons  Safety in school  Questions.
Computer Control and Monitoring Today we will look at: What we mean by computer control Examples of computer control Sensors – analogue and digital Sampling.
CASE STUDIES * System Engineering, 9th Edition Sommerville.
CompSci 280 S Introduction to Software Development
IS301 – Software Engineering V:
Formal Specification.
सोलर पॅनेलचा उपयोग करुन रीचर्जेबल टॉर्च बनवणे.
Chapter 27 Formal Specification.
Chapter - Karnaugh Maps
Input-Output-Process Demo
Exercise Solution First questions What's output What's input
Presentation transcript:

An insulin pump

Needle Assembly: Connected to pump. Component used to deliver insulin into the diabetic body.

An insulin pump Sensor: Measure the level of glucose in the user’s blood. The input from sensor is represented by reading? in the formal specification.

An insulin pump Pump: Pumps insulin from the reservoir to needle assembly. The value represents the dose in the formal specification.

An insulin pump Controller: Controls the entire system. Has on/off switch plus a button to set the amount to be delivered.

An insulin pump Alarm: Goes off if there is some problem. The value sent to the alarm is represented by alarm!

An insulin pump Displays: There are two displays. One ( reading1! ) displays the last measured blood sugar reading and the other ( reading1! ) displays status.

An insulin pump Clock: Provides the controller with the current time.

Insulin Pump Schema Insulin_Pump reading? : ℕ dose, cumulative_dose: ℕ r0, r1, r2: ℕ capacity: ℕ alarm!: (on, off) pump!: ℕ display1!, display2!: STRING dose ≤ capacity  dose ≤ 5  cumulative_dose ≤ 50 capacity ≥ 40  display! = “” capacity ≤ 39  capacity ≥ 10  display! = “Insulin low” capacity ≤ 9  alarm! = on  display! = “Insulin very low” r2 = reading?

Insulin Pump Schema Insulin_Pump reading? : ℕ dose, cumulative_dose: ℕ r0, r1, r2: ℕ capacity: ℕ alarm!: (on, off) pump!: ℕ display1!, display2!: STRING dose ≤ capacity  dose ≤ 5  cumulative_dose ≤ 50 capacity ≥ 40  display! = “” capacity ≤ 39  capacity ≥ 10  display! = “Insulin low” capacity ≤ 9  alarm! = on  display! = “Insulin very low” r2 = reading? State variables

Schema invariant Insulin Pump Schema Insulin_Pump reading? : ℕ dose, cumulative_dose: ℕ r0, r1, r2: ℕ capacity: ℕ alarm!: (on, off) pump!: ℕ display1!, display2!: STRING dose ≤ capacity  dose ≤ 5  cumulative_dose ≤ 50 capacity ≥ 40  display! = “” capacity ≤ 39  capacity ≥ 10  display! = “Insulin low” capacity ≤ 9  alarm! = on  display! = “Insulin very low” r2 = reading?

Insulin Pump Schema Insulin_Pump reading? : ℕ dose, cumulative_dose: ℕ r0, r1, r2: ℕ capacity: ℕ alarm!: (on, off) pump!: ℕ display1!, display2!: STRING dose ≤ capacity  dose ≤ 5  cumulative_dose ≤ 50 capacity ≥ 40  display! = “” capacity ≤ 39  capacity ≥ 10  display! = “Insulin low” capacity ≤ 9  alarm! = on  display! = “Insulin very low” r2 = reading? display1 shows the status of the insulin reservoir

Modelling the insulin pump The schema models the insulin pump as a number of state variables –reading? –dose, cumulative_dose –r0, r1, r2 –capacity –alarm! –pump! –display1!, display2!

Schema invariant Each Z schema has an invariant part which defines conditions that are always true For the insulin pump schema it is always true that –The dose must be less than or equal to the capacity of the insulin reservoir –No single dose may be more than 5 units of insulin and the total dose delivered in a time period must not exceed 50 units of insulin. This is a safety constraint. –display1! shows the status of the insulin reservoir.

The dosage computation The insulin pump computes the amount of insulin required by comparing the current reading with two previous readings If these suggest that blood glucose is rising then insulin is delivered Information about the total dose delivered is maintained to allow the safety check invariant to be applied Note that this invariant always applies - there is no need to repeat it in the dosage computation

Dosage Computation DOSAGE ∆ Insulin_Pump ( dose = 0 ∧ ((( r1 ≥ r0)  (r2 = r1)) ∨ ((r1>r0)  (r2 ≤ r1))  (( r1 (r0 – r1))))  dose = 4  (((r1 ≤ r0))  (r2 = r1))  ((r1 < r0 )  ((r1 – r2) ≤ (r0 – r1))))  dose = 4 * (r2 – r1)  (((r1 ≤ r0))  (r2 > r1))  ((r1 > r0)  ((r1 – r2) ≥ (r0 – r1)))) ) capacity’ = capacity – dose cumulative_dose’ = cumulative_dose + dose r0’ = r1  r1’ = r2

Calculate dose by comparing the current reading with previous two readings Dosage Computation DOSAGE ∆ Insulin_Pump ( dose = 0 ∧ ((( r1 ≥ r0)  (r2 = r1)) ∨ ((r1>r0)  (r2 ≤ r1))  (( r1 (r0 – r1))))  dose = 4  (((r1 ≤ r0))  (r2 = r1))  ((r1 < r0 )  ((r1 – r2) ≤ (r0 – r1))))  dose = 4 * (r2 – r1)  (((r1 ≤ r0))  (r2 > r1))  ((r1 > r0)  ((r1 – r2) ≥ (r0 – r1)))) ) capacity’ = capacity – dose cumulative_dose’ = cumulative_dose + dose r0’ = r1  r1’ = r2

Insulin is delivered if the rate of change is NOT decreasing. Dosage Computation DOSAGE ∆ Insulin_Pump ( dose = 0 ∧ ((( r1 ≥ r0)  (r2 = r1)) ∨ ((r1>r0)  (r2 ≤ r1))  (( r1 (r0 – r1))))  dose = 4  (((r1 ≤ r0))  (r2 = r1))  ((r1 < r0 )  ((r1 – r2) ≤ (r0 – r1))))  dose = 4 * (r2 – r1)  (((r1 ≤ r0))  (r2 > r1))  ((r1 > r0)  ((r1 – r2) ≥ (r0 – r1)))) ) capacity’ = capacity – dose cumulative_dose’ = cumulative_dose + dose r0’ = r1  r1’ = r2

Update state variables Dosage Computation DOSAGE ∆ Insulin_Pump ( dose = 0 ∧ ((( r1 ≥ r0)  (r2 = r1)) ∨ ((r1>r0)  (r2 ≤ r1))  (( r1 (r0 – r1))))  dose = 4  (((r1 ≤ r0))  (r2 = r1))  ((r1 < r0 )  ((r1 – r2) ≤ (r0 – r1))))  dose = 4 * (r2 – r1)  (((r1 ≤ r0))  (r2 > r1))  ((r1 > r0)  ((r1 – r2) ≥ (r0 – r1)))) ) capacity’ = capacity – dose cumulative_dose’ = cumulative_dose + dose r0’ = r1  r1’ = r2

Dosage Computation DOSAGE ∆ Insulin_Pump ( dose = 0 ∧ ((( r1 ≥ r0)  (r2 = r1)) ∨ ((r1>r0)  (r2 ≤ r1))  (( r1 (r0 – r1))))  dose = 4  (((r1 ≤ r0))  (r2 = r1))  ((r1 < r0 )  ((r1 – r2) ≤ (r0 – r1))))  dose = 4 * (r2 – r1)  (((r1 ≤ r0))  (r2 > r1))  ((r1 > r0)  ((r1 – r2) ≥ (r0 – r1)))) ) capacity’ = capacity – dose cumulative_dose’ = cumulative_dose + dose r0’ = r1  r1’ = r2 Invariant always applies – no need to repeat it again

Output schemas The output schemas model the system displays and the alarm that indicates some potentially dangerous condition The output displays show the dose computed and a warning message The alarm is activated if blood sugar is very low - this indicates that the user should eat something to increase their blood sugar level

Output schemas DISPLAY display2!’ = Nat_to_string(dose)  (reading? < 3  display1!’ = “Sugar low”  reading? > 30  display1!’ = “Sugar high”  reading? ≥ 3  reading? ≤ 30  display1!’ = “OK” ∆ Insulin_Pump

Output schemas ALARM (reading? 30)  alarm!’ = on  (reading? ≥ 3  reading? ≤ 30 )  alarm!’ = off ∆ Insulin_Pump

Schema consistency It is important that schemas are consistent. Inconsistency suggests a problem with the system requirements The INSULIN_PUMP schema and the DISPLAY are inconsistent –display1! shows a warning message about the insulin reservoir (INSULIN_PUMP) –display1! Shows the state of the blood sugar (DISPLAY) This must be resolved before implementation of the system

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.