Abstract

This paper formally expresses the timing behavior of a cardiac pacemaker as defined in the PACEMAKER System Specification as understood by its principal author.
The PACEMAKER System Specification was publicly released by Boston Scientific to provide a real-world subject for application of formal methods in response to Jim Woodcock's request at FM2006 for an industrial Grand Challenge problem. PACEMAKER's use for purposes other than formal methods has been surprising in its variety. Most ambitious is the Software Certification Consortium's mock regulatory submission, PACEMAKER Grand Challenge, to show that a product with safety-critical software is in fact safe. McMaster University is designing a second-generation hardware platform to execute formally-verified software during system feature test validation with an electrical heart simulator to show correct behavior.
This paper uses first-order predicates, extended with a simple temporal operator, to formally express what the principal author understands to be "correct" behavior defined in PACEMAKER.
- David Gries, The science of programming, Springer-Verlag, Berlin Heidelberg New York, 1981. Google Scholar
Digital Library
- Leslie Lamport, The temporal logic of actions, ACM Trans. Program. Lang. Syst. 16 (1994), no. 3, 872--923. Google Scholar
Digital Library
- Brian R. Larson, Behavior Language for Embedded Systems with Software: Language Reference Manual, 2014, info.santoslab.org/research/aadl/bless.Google Scholar
- Dominique Méry, Bernhard Schätz, and Alan Wassyng, The Pacemaker Challenge: Developing Certifiable Medical Devices (Dagstuhl Seminar 14062), Dagstuhl Reports 4 (2014), no. 2, 17--37.Google Scholar
- SAE International, SAE AS5506B. Architecture Analysis & Design Language (AADL), 2013.Google Scholar
- Boston Scientific, Pacemaker system specification, sqrl.mcmaster.ca/pacemaker.htm, 2007.Google Scholar
- Chaochen Zhou and Michael Hansen, Duration calculus: A formal approach to real-time systems, Springer, Berlin Heidelberg New York, 2004. Google Scholar
Digital Library
Index Terms
Formal semantics for the PACEMAKER system specification
Recommendations
Formal semantics for the PACEMAKER system specification
HILT '14: Proceedings of the 2014 ACM SIGAda annual conference on High integrity language technologyThis paper formally expresses the timing behavior of a cardiac pacemaker as defined in the PACEMAKER System Specification as understood by its principal author.
The PACEMAKER System Specification was publicly released by Boston Scientific to provide a ...
Formal Specification of a Cardiac Pacing System
FM '09: Proceedings of the 2nd World Congress on Formal MethodsThe International Grand Challenge project on Verified Software is a long-term research program involving people from all over the world and is aimed to stimulate the creation of new theories and tools to be applied on industrial-scale problems. One of ...
Behavioral interface specification languages
Behavioral interface specification languages provide formal code-level annotations, such as preconditions, postconditions, invariants, and assertions that allow programmers to express the intended behavior of program modules. Such specifications are ...







Comments