Validating and verifying the requirements and design of a haemodialysis machine using the Rodin toolset

摘要

We present a formal specification and analysis of a haemodialysis machine (HD machine) in Event-B using the Rodin Toolset. The medical device domain is a particularly complex multidisciplinary field involving disparate branches of engineering, biological and medical fields as well as a critical patient-machine interface. Requirements include safety properties, process steps, human–machine interfaces, timing constraints, dynamic control algorithms, and design features. Our aim is to demonstrate that the Event-B based modelling, verification and validation tools deal with the variety of requirements involved in a typical medical device. We utilise ProR for structuring and tracking requirements. We model the HD machine using iUML-B state-machines and class diagrams, and build a corresponding BMotion Studio visualisation. For verification, we use both theorem proving and model checking techniques. We validate the design of the system using (i) diagrams to aid the modelling of the sequential properties of the requirements, and (ii) ProB-based animation and visualisation tools to explore the system's behaviour. Some of the safety properties involve dynamic behaviour which is difficult to verify in Event-B. For these properties we use (iii) co-simulation tools to validate against a continuous model of the physical behaviour. We conclude that the Event-B based modelling tools are particularly rich in verification and validation techniques and with the help of supporting tools for requirements tracking, are able to address the different kinds of requirements in a medical device.