Low complexity system architecture design for medical Cyber-Physical-Human Systems (CPHS)

Cyber-Physical-Human Systems (CHPS) are safety-critical systems, where the interaction between cyber components and physical components can be influenced by the human operator. Guaranteeing correctness and safety in these highly interactive computations is challenging. In particular, the interaction between these three components needs to be coordinated collectively in order to conduct safe and effective operations. The interaction nevertheless increases by orders of magnitude the levels of complexity and prevents formal verification techniques, such as model checking, from thoroughly verifying the safety and correctness properties of systems. In addition, the interactions could also significantly increase human operators' cognitive load and lead to human errors. In this thesis, we focus on medical CPHS and examine the complexity from a safety angle. Medical CPHS are both safety-critical and highly complex, because medical staff need to coordinate with distributed medical devices and supervisory controllers to monitor and control multiple aspects of the patient's physiology. Our goal is to reduce and control the complexity by introducing novel architectural patterns, coordination protocols and user-centric guidance system. This thesis makes three major contributions for improving safety of medical CPHS. Reducing verification complexity: Formal verification is a promising technique to guarantee correctness and safety, but the high complexity significantly increases the verification cost, which is known as state space explosion problems. We propose two architectural patterns: Interruptible Remote Procedure Call (RPC) and Consistent View Generation and Coordination (CVGC) protocol to properly handle asynchronous communication and exceptions with low complexity. Reducing cyber-medical treatment complexity: Cyber medical treatment complexity is defined as the number of steps and time to perform a treatment and monitor the corresponding physiological responses. We propose treatment and workflow adaptation and validation protocols to semi-autonomously validate the preconditions and adapt the workflows to patient conditions, which reduces the complexity of performing treatments and following best practice workflows. Reducing human cognitive load complexity: Cognitive load (also called mental workload) complexity measures human memory and mental computation demand for performing tasks. We first model individual medical staff's responsibility and team interactions in cardiac arrest resuscitation and decomposed their overall task into a set of distinct cognitive tasks that must be specifically supported to achieve successful human-centered system design. We then prototype a medical Best Practice Guidance (BPG) system to reduce medical staff's cognitive load and foster adherence to best practice workflows. Our BPG system transforms the implementation of best practice medical workflow

Model and Integrate Medical Resource Available Times and Relationships in Verifiably Correct Executable Medical Best Practice Guideline Models (Extended Version)

Improving patient care safety is an ultimate objective for medical cyber-physical systems. A recent study shows that the patients' death rate is significantly reduced by computerizing medical best practice guidelines. Recent data also show that some morbidity and mortality in emergency care are directly caused by delayed or interrupted treatment due to lack of medical resources. However, medical guidelines usually do not provide guidance on medical resource demands and how to manage potential unexpected delays in resource availability. If medical resources are temporarily unavailable, safety properties in existing executable medical guideline models may fail which may cause increased risk to patients under care. The paper presents a separately model and jointly verify (SMJV) architecture to separately model medical resource available times and relationships and jointly verify safety properties of existing medical best practice guideline models with resource models being integrated in. The SMJV architecture allows medical staff to effectively manage medical resource demands and unexpected resource availability delays during emergency care. The separated modeling approach also allows different domain professionals to make independent model modifications, facilitates the management of frequent resource availability changes, and enables resource statechart reuse in multiple medical guideline models. A simplified stroke scenario is used as a case study to investigate the effectiveness and validity of the SMJV architecture. The case study indicates that the SMJV architecture is able to identify unsafe properties caused by unexpected resource delays.Comment: full version, 12 page

Cyber-Physical Threat Intelligence for Critical Infrastructures Security

Modern critical infrastructures can be considered as large scale Cyber Physical Systems (CPS). Therefore, when designing, implementing, and operating systems for Critical Infrastructure Protection (CIP), the boundaries between physical security and cybersecurity are blurred. Emerging systems for Critical Infrastructures Security and Protection must therefore consider integrated approaches that emphasize the interplay between cybersecurity and physical security techniques. Hence, there is a need for a new type of integrated security intelligence i.e., Cyber-Physical Threat Intelligence (CPTI). This book presents novel solutions for integrated Cyber-Physical Threat Intelligence for infrastructures in various sectors, such as Industrial Sites and Plants, Air Transport, Gas, Healthcare, and Finance. The solutions rely on novel methods and technologies, such as integrated modelling for cyber-physical systems, novel reliance indicators, and data driven approaches including BigData analytics and Artificial Intelligence (AI). Some of the presented approaches are sector agnostic i.e., applicable to different sectors with a fair customization effort. Nevertheless, the book presents also peculiar challenges of specific sectors and how they can be addressed. The presented solutions consider the European policy context for Security, Cyber security, and Critical Infrastructure protection, as laid out by the European Commission (EC) to support its Member States to protect and ensure the resilience of their critical infrastructures. Most of the co-authors and contributors are from European Research and Technology Organizations, as well as from European Critical Infrastructure Operators. Hence, the presented solutions respect the European approach to CIP, as reflected in the pillars of the European policy framework. The latter includes for example the Directive on security of network and information systems (NIS Directive), the Directive on protecting European Critical Infrastructures, the General Data Protection Regulation (GDPR), and the Cybersecurity Act Regulation. The sector specific solutions that are described in the book have been developed and validated in the scope of several European Commission (EC) co-funded projects on Critical Infrastructure Protection (CIP), which focus on the listed sectors. Overall, the book illustrates a rich set of systems, technologies, and applications that critical infrastructure operators could consult to shape their future strategies. It also provides a catalogue of CPTI case studies in different sectors, which could be useful for security consultants and practitioners as well

Wearable Platform for Automatic Recognition of Parkinson Disease by Muscular Implication Monitoring

The need for diagnostic tools for the characterization of progressive movement disorders - as the Parkinson Disease (PD) - aiming to early detect and monitor the pathology is getting more and more impelling. The parallel request of wearable and wireless solutions, for the real-time monitoring in a non-controlled environment, has led to the implementation of a Quantitative Gait Analysis platform for the extraction of muscular implications features in ordinary motor action, such as gait. The here proposed platform is used for the quantification of PD symptoms. Addressing the wearable trend, the proposed architecture is able to define the real-time modulation of the muscular indexes by using 8 EMG wireless nodes positioned on lower limbs. The implemented system “translates” the acquisition in a 1-bit signal, exploiting a dynamic thresholding algorithm. The resulting 1-bit signals are used both to define muscular indexes both to drastically reduce the amount of data to be analyzed, preserving at the same time the muscular information. The overall architecture has been fully implemented on Altera Cyclone V FPGA. The system has been tested on 4 subjects: 2 affected by PD and 2 healthy subjects (control group). The experimental results highlight the validity of the proposed solution in Disease recognition and the outcomes match the clinical literature results