A Colored Petri Nets model of the risk management process based on the ISO 14971 standard

Medical devices help physicians to diagnose and treat patients at home and healthcare facilities. However, when complexity of devices grows, new risks can also arise and put users in hazard situations. Manufacturers must develop medical devices taking into account ways to mitigate risks and avoid injuries to users. In this context, regulatory agencies impose the ISO 14971 standard during the risk management of medical devices. The ISO 14971 specifies risk management process activities and suggests manufacturers to use techniques such as the Failure Mode Effects and Criticality Analysis (FMECA). Nevertheless, the ISO 14971 is a subjective document written in natural language. Therefore, the correct interpretation of its requirements depends on the understanding of manufacturers. This paper presents a Colored Petri Nets (CPN) model of the risk management process based on the ISO 14971 and FMECA technique. The model aims to deal with the subjectivity problem of the ISO 14971. Besides, we verified and validated abstract and detailed versions of the model using model checking and simulation results to increase confidence on the specification.

[1]  Angelo Perkusich,et al.  Using Colored Petri Nets for the requirements engineering of a surface electrogastrography system , 2014, 2014 12th IEEE International Conference on Industrial Informatics (INDIN).

[2]  Nuo Zhao,et al.  An event-chain risk assessment model based on definition evolution in safety criterions , 2011, The Proceedings of 2011 9th International Conference on Reliability, Maintainability and Safety.

[3]  Chung-Ling Lin,et al.  Generation of Assurance Cases for Medical Devices , 2015, Computer and Information Science.

[4]  G. Yan,et al.  Toward a Wireless Electronic Capsule With Microsensors for Detecting Dysfunction of Human Gastric Motility , 2015, IEEE Sensors Journal.

[5]  Ravishankar K. Iyer,et al.  Analysis of Safety-Critical Computer Failures in Medical Devices , 2013, IEEE Security & Privacy.

[6]  Ying-jie Xie,et al.  [Risk management for medical devices]. , 2007, Zhongguo yi liao qi xie za zhi = Chinese journal of medical instrumentation.

[7]  Hyungchul Kim,et al.  New FMECA Methodology Using Structural Importance and Fuzzy Theory , 2011, IEEE Transactions on Power Systems.

[8]  Colin Boyd,et al.  Analysis of two authorization protocols using Colored Petri Nets , 2014, International Journal of Information Security.

[9]  Tao Li,et al.  From Offline toward Real Time: A Hybrid Systems Model Checking and CPS Codesign Approach for Medical Device Plug-and-Play Collaborations , 2014, IEEE Transactions on Parallel and Distributed Systems.

[10]  John A. McDermid,et al.  Assurance cases and prescriptive software safety certification: A comparative study , 2013 .

[11]  Angelo Perkusich,et al.  Towards medical device certification: A colored Petri Nets model of a surface electrocardiography device , 2014, IECON 2014 - 40th Annual Conference of the IEEE Industrial Electronics Society.

[12]  Xu Qian-qian,et al.  Study on Implementation Approach for Standard YY/T 0316(ISO 14971) "Medical Devices-Application of Risk Management to Medical Devices" , 2012 .

[13]  M. Meek,et al.  IT risk management , 2014 .

[14]  Reza Lotfi,et al.  A Level-Crossing Based QRS-Detection Algorithm for Wearable ECG Sensors , 2014, IEEE Journal of Biomedical and Health Informatics.

[15]  Alexander H. Levis,et al.  Computational Verification of System Architectures , 2007, 2007 IEEE Symposium on Computational Intelligence in Security and Defense Applications.

[16]  Alvaro Alvares de C. C. Sobrinho Biomedical signal acquisition systems: Towards a hybrid methodology for certification-based development , 2014, INDIN.

[17]  Jingyue Li,et al.  Towards Goal-Based Software Safety Certification Based on Prescriptive Standards , 2011, 2011 First International Workshop on Software Certification.

[18]  John Knight,et al.  Analysis of Critical Systems Certification , 2014, 2014 IEEE 15th International Symposium on High-Assurance Systems Engineering.