Formal specification for a clinical cyclotron control system

This report describes preliminary experience writing formal specifications for the control system for a cyclotron and neutron radiation therapy apparatus. This effort is motivated by high reliability and safety requirements, and a need for concise, authoritative documentation to support coding, user instruction, and testing. Software development practices for therapy machines and physics reserach acclerators are reviewed. The operation of our machine from the point of view of the cyclotron operator is described. Many of the cyclotron operator’s controls are well-matched to model-based notations such as Z and VDM. Sample specifications in Z are presented for representative operations of the cyclotron control programs. These notations provide no built-in way to represent the passage of time, and they cannot express some features of concurrent systems and event-driven systems. Alternative notations are discussed, including Petri Nets and Software C’ost Reduction project (SCR) notation. We conclude that it is practical to attempt a comprehensive formal specification of our application, and anticipate that this will be a valuable supplement to traditional development practices.

[1]  C. J. Karzmark,et al.  Electron linear accelerators for radiation therapy: history, principles and contemporary developments. , 1973, Physics in medicine and biology.

[2]  Kathryn L. Heninger Specifying Software Requirements for Complex Systems: New Techniques and Their Application , 2001, IEEE Transactions on Software Engineering.

[3]  Jonathan Jacky,et al.  INSTALLATION OF THE CYCLOTRON BASED CLINICAL NEUTRON THERAPY SYSTEM IN SEATTLE. , 1984 .

[4]  Aloysius K. Mok,et al.  Safety analysis of timing properties in real-time systems , 1986, IEEE Transactions on Software Engineering.

[5]  Cliff B. Jones,et al.  Systematic software development using VDM , 1986, Prentice Hall International Series in Computer Science.

[6]  Robin E. Bloomfield,et al.  The application of formal methods to the assessment of high integrity software , 1986, IEEE Transactions on Software Engineering.

[7]  W. T. Harwood,et al.  The specification of complex systems , 1986 .

[8]  A Brahme,et al.  Design principles and clinical possibilities with a new generation of radiation therapy equipment. A review. , 1987, Acta oncologica.

[9]  Nancy G. Leveson,et al.  Safety Analysis Using Petri Nets , 1987, IEEE Transactions on Software Engineering.

[10]  Ian J. Hayes,et al.  Specification case studies , 1987 .

[11]  Lewis P. Rowland,et al.  Proceedings of the 1987 IEEE particle accelerator conference: Accelerator engineering and technology , 1988 .

[12]  Jonathan Jacky,et al.  Relational database: a radiation therapy machine control software development tool , 1989, Images of the Twenty-First Century. Proceedings of the Annual International Engineering in Medicine and Biology Society,.

[13]  N. Delisle,et al.  Formally specifying electronic instruments , 1989, IWSSD '89.

[14]  J. Michael Spivey,et al.  The Z notation - a reference manual , 1992, Prentice Hall International Series in Computer Science.

[15]  M Loyd,et al.  Dose delivery error detection by a computer-controlled linear accelerator. , 1989, Medical physics.

[16]  J A Purdy,et al.  Testing of a medical linear accelerator's computer-control system. , 1990, Medical physics.