Towards Interoperability in E-health Systems: a three-dimensional approach based on standards and semantics

Proceedings of: HEALTHINF 2009 (International Conference on Helath Informatics), Porto (Portugal), January 14-17, 2009, is part of BIOSTEC (Intemational Joint Conference on Biomedical Engineering Systems and Technologies)The interoperability problem in eHealth can only be addressed by mean of combining standards and technology. However, these alone do not suffice. An appropiate framework that articulates such combination is required. In this paper, we adopt a three-dimensional (information, conference and inference) approach for such framework, based on OWL as formal language for terminological and ontological health resources, SNOMED CT as lexical backbone for all such resources, and the standard CEN 13606 for representing EHRs. Based on tha framewok, we propose a novel form for creating and supporting networks of clinical terminologies. Additionally, we propose a number of software modules to semantically process and exploit EHRs, including NLP-based search and inference, wich can support medical applications in heterogeneous and distributed eHealth systems.This work has been funded as part of the Spanish nationally funded projects ISSE (FIT-350300-2007-75) and CISEP (FIT-350301-2007-18). We also acknowledge IST-2005-027595 EU project NeO

Wireless remote patient monitoring on general hospital wards.

A novel approach which has potential to improve quality of patient care on general hospital wards is proposed. Patient care is a labour-intensive task that requires high input of human resources. A Remote Patient Monitoring (RPM) system is proposed which can go some way towards improving patient monitoring on general hospital wards. In this system vital signs are gathered from patients and sent to a control unit for centralized monitoring. The RPM system can complement the role of nurses in monitoring patients’ vital signs. They will be able to focus on holistic needs of patients thereby providing better personal care. Wireless network technologies, ZigBee and Wi-Fi, are utilized for transmission of vital signs in the proposed RPM system. They provide flexibility and mobility to patients. A prototype system for RPM is designed and simulated. The results illustrated the capability, suitability and limitation of the chosen technology

A rule-based framework for developing context-aware systems for smart spaces

Context-aware computing is a mobile computing paradigm that helps designing and implementing next generation smart applications, where personalized devices interact with users in smart environments. Development of such applications are inherently complex due to these applications adapt to changing contextual information and they often run on resource-bounded devices. Most of the existing context-aware development frameworks are centralized, adopt clientserver architecture, and do not consider resource limitations of context-aware devices. This thesis presents a systematic framework to modelling and implementation of multi-agent context-aware rule-based systems on resource-constrained devices, which includes a lightweight efficient rule engine and a wide range of user preferences to reduce the number of rules while inferring personalized contexts. This shows rules can be reduced in order to optimize the inference engine execution speed, and ultimately to reduce total execution time and execution cost. The use of the proposed framework is illustrated using five different case scenarios considering different smart environment domains

Lab-on-PCB Devices

Lab-on-PCB devices can be considered an emerging technology. In fact, most of the contributions have been published during the last 5 years. It is mainly focussed on both biomedical and electronic applications. The book includes an interesting guide for using the different layers of the Printed Circuit Boards for developing new devices; guidelines for fabricating PCB-based electrochemical biosensors, and an overview of fluid manipulation devices fabricated using Printed Circuit Boards. In addition, current PCB-based devices are reported, and studies for several aspects of research and development of lab-on-PCB devices are described

Engineering Complex Computational Ecosystems

Self-organising pervasive ecosystems of devices are set to become a major vehicle for delivering infrastructure and end-user services. The inherent complexity of such systems poses new challenges to those who want to dominate it by applying the principles of engineering. The recent growth in number and distribution of devices with decent computational and communicational abilities, that suddenly accelerated with the massive diffusion of smartphones and tablets, is delivering a world with a much higher density of devices in space. Also, communication technologies seem to be focussing on short-range device-to-device (P2P) interactions, with technologies such as Bluetooth and Near-Field Communication gaining greater adoption. Locality and situatedness become key to providing the best possible experience to users, and the classic model of a centralised, enormously powerful server gathering and processing data becomes less and less efficient with device density. Accomplishing complex global tasks without a centralised controller responsible of aggregating data, however, is a challenging task. In particular, there is a local-to-global issue that makes the application of engineering principles challenging at least: designing device-local programs that, through interaction, guarantee a certain global service level. In this thesis, we first analyse the state of the art in coordination systems, then motivate the work by describing the main issues of pre-existing tools and practices and identifying the improvements that would benefit the design of such complex software ecosystems. The contribution can be divided in three main branches. First, we introduce a novel simulation toolchain for pervasive ecosystems, designed for allowing good expressiveness still retaining high performance. Second, we leverage existing coordination models and patterns in order to create new spatial structures. Third, we introduce a novel language, based on the existing ``Field Calculus'' and integrated with the aforementioned toolchain, designed to be usable for practical aggregate programming

A rule-based framework for developing context-aware systems for smart spaces

Context-aware computing is a mobile computing paradigm that helps designing and implementing next generation smart applications, where personalized devices interact with users in smart environments. Development of such applications are inherently complex due to these applications adapt to changing contextual information and they often run on resource-bounded devices. Most of the existing context-aware development frameworks are centralized, adopt clientserver architecture, and do not consider resource limitations of context-aware devices. This thesis presents a systematic framework to modelling and implementation of multi-agent context-aware rule-based systems on resource-constrained devices, which includes a lightweight efficient rule engine and a wide range of user preferences to reduce the number of rules while inferring personalized contexts. This shows rules can be reduced in order to optimize the inference engine execution speed, and ultimately to reduce total execution time and execution cost. The use of the proposed framework is illustrated using five different case scenarios considering different smart environment domains

Modélisation formelle des systèmes de détection d'intrusions

L’écosystème de la cybersécurité évolue en permanence en termes du nombre, de la diversité, et de la complexité des attaques. De ce fait, les outils de détection deviennent inefficaces face à certaines attaques. On distingue généralement trois types de systèmes de détection d’intrusions : détection par anomalies, détection par signatures et détection hybride. La détection par anomalies est fondée sur la caractérisation du comportement habituel du système, typiquement de manière statistique. Elle permet de détecter des attaques connues ou inconnues, mais génère aussi un très grand nombre de faux positifs. La détection par signatures permet de détecter des attaques connues en définissant des règles qui décrivent le comportement connu d’un attaquant. Cela demande une bonne connaissance du comportement de l’attaquant. La détection hybride repose sur plusieurs méthodes de détection incluant celles sus-citées. Elle présente l’avantage d’être plus précise pendant la détection. Des outils tels que Snort et Zeek offrent des langages de bas niveau pour l’expression de règles de reconnaissance d’attaques. Le nombre d’attaques potentielles étant très grand, ces bases de règles deviennent rapidement difficiles à gérer et à maintenir. De plus, l’expression de règles avec état dit stateful est particulièrement ardue pour reconnaître une séquence d’événements. Dans cette thèse, nous proposons une approche stateful basée sur les diagrammes d’état-transition algébriques (ASTDs) afin d’identifier des attaques complexes. Les ASTDs permettent de représenter de façon graphique et modulaire une spécification, ce qui facilite la maintenance et la compréhension des règles. Nous étendons la notation ASTD avec de nouvelles fonctionnalités pour représenter des attaques complexes. Ensuite, nous spécifions plusieurs attaques avec la notation étendue et exécutons les spécifications obtenues sur des flots d’événements à l’aide d’un interpréteur pour identifier des attaques. Nous évaluons aussi les performances de l’interpréteur avec des outils industriels tels que Snort et Zeek. Puis, nous réalisons un compilateur afin de générer du code exécutable à partir d’une spécification ASTD, capable d’identifier de façon efficiente les séquences d’événements.Abstract : The cybersecurity ecosystem continuously evolves with the number, the diversity, and the complexity of cyber attacks. Generally, we have three types of Intrusion Detection System (IDS) : anomaly-based detection, signature-based detection, and hybrid detection. Anomaly detection is based on the usual behavior description of the system, typically in a static manner. It enables detecting known or unknown attacks but also generating a large number of false positives. Signature based detection enables detecting known attacks by defining rules that describe known attacker’s behavior. It needs a good knowledge of attacker behavior. Hybrid detection relies on several detection methods including the previous ones. It has the advantage of being more precise during detection. Tools like Snort and Zeek offer low level languages to represent rules for detecting attacks. The number of potential attacks being large, these rule bases become quickly hard to manage and maintain. Moreover, the representation of stateful rules to recognize a sequence of events is particularly arduous. In this thesis, we propose a stateful approach based on algebraic state-transition diagrams (ASTDs) to identify complex attacks. ASTDs allow a graphical and modular representation of a specification, that facilitates maintenance and understanding of rules. We extend the ASTD notation with new features to represent complex attacks. Next, we specify several attacks with the extended notation and run the resulting specifications on event streams using an interpreter to identify attacks. We also evaluate the performance of the interpreter with industrial tools such as Snort and Zeek. Then, we build a compiler in order to generate executable code from an ASTD specification, able to efficiently identify sequences of events