1 / 13

Risk Management and Safety Requirements for Insulin Pump Systems

This chapter outlines the critical figures and specifications related to risk management in insulin pump systems. It includes the risk triangle, risk classifications, fault trees, and various safety requirements such as limits on insulin delivery, diagnostic execution, and alarm mechanisms. Additionally, it outlines functional reliability requirements, including operator input checks and redundancy strategies. The chapter emphasizes the importance of thorough risk assessments and formal specifications within the software process to ensure the safety and efficacy of medical devices.

ernst
Télécharger la présentation

Risk Management and Safety Requirements for Insulin Pump Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Figures – Chapter 12

  2. Figure 12.1 Risk-driven specification

  3. Figure 12.2 The risk triangle

  4. Figure 12.3 Risk classification for the insulin pump

  5. Figure 12.4 An example of a fault tree

  6. Figure 12.5 Examples of safety requirements SR1: The system shall not deliver a single dose of insulin that is greater than a specified maximum dose for a system user. SR2: The system shall not deliver a daily cumulative dose of insulin that is greater than a specified maximum daily dose for a system user. SR3: The system shall include a hardware diagnostic facility that shall be executed at least four times per hour. SR4: The system shall include an exception handler for all of the exceptions that are identified in Table 3. SR5: The audible alarm shall be sounded when any hardware or software anomaly is discovered and a diagnostic message, as defined in Table 4, shall be displayed. SR6: In the event of an alarm, insulin delivery shall be suspended until the user has reset the system and cleared the alarm.

  7. Figure 12.6 Types of system failure

  8. Figure 12.7 Availability specification

  9. Figure 12.8 Examples of functional reliability requirements RR1: A pre-defined range for all operator inputs shall be defined and the system shall check that all operator inputs fall within this pre-defined range. (Checking) RR2: Copies of the patient database shall be maintained on two separate servers that are not housed in the same building. (Recovery, redundancy) RR3: N-version programming shall be used to implement the braking control system. (Redundancy) RR4: The system must be implemented in a safe subset of Ada and checked using static analysis. (Process)

  10. Figure 12.9 The preliminary risk assessment process for security requirements

  11. Figure 12.10 Asset analysis in a preliminary risk assessment report for the MHC-PMS

  12. Figure 12.11 Threat and control analysis in a preliminary risk assessment report

  13. Figure 12.12Formal specification in a plan-based software process

More Related