Blog | Medical, Project

How the patient safety system contributes to high availability at MedAustron

We explore how a well-constructed patient safety system is able to integrate tightly with a Dose Delivery System and how it contributes to an overall High Availability system. High Availability is an important success factor in the exploitation of capital-intensive medical facilities, such as particle therapy.

High Availability Dose Delivery System

MedAustron, a state-owned institute in Wiener Neustadt, Austria, was designed to be one of the most advanced centers for particle therapy (PT) and research in Europe. The facility’s system architecture was developed in close collaboration with CERN with a twofold objective: to employ state of the art technologies and to complement them with proven subsystems and designs from existing PT systems. Additionally, for a PT facility, beamtime is an expensive asset and thus of utmost importance, so the system uptime should be as high as reasonably achievable.

At the time (construction started around 2009), PT lacked industry-wide standardization, and so the subsystems were not originally conceived to seamlessly work together in a new system context. Cosylab joined the effort in 2009 as an expert in these kinds of system integration challenges.

In 2012, the MedAustron team, with specialists from CERN, started talking to Cosylab about the system architecture surrounding the Dose Delivery System that was acquired from CNAO in Italy. This Dose Delivery System featured an atypically large set of about a hundred safety signals. This posed a challenge for the Patient Interlock System, as it had to process those signals very quickly and if safety conditions were not met, to react within 1 microsecond to stop the treatment. Cosylab was selected as a partner to work on the Patient Interlock System.

The aim was to deliver a Patient Interlock solution that would at the same time protect the patient from potential harm and do so in a way that minimized “false positive” interlocks, i.e. shutting down the treatment when it was not necessary.

Preparation

The Dose Delivery System and the Patient Interlock System are part of the clinical aspect of the treatment machine, so the Patient Interlock System had to operate safely and it needed to conform to strict medical regulations and standards.

The choice of what technologies to use affects both the safety and certification aspects, so Cosylab combined its experience from previous safety systems with a sound understanding of MedAustron’s needs and requirements and evaluated a variety of technologies for the architecture, including PLCs, embedded controllers, and FPGAs.

Technical Solution

Due to the strict constraints and requirements, Cosylab proposed the military and aerospace-grade non-volatile FPGAs from Microsemi. One set of the interlock logic would use the flash-based variant and the other set would use the anti-fuse programmable option. In a redundant setup, this further reduced any technology dependent systemic risk. Microsemi FPGAs also feature higher immunity from radiation, something that is present in the treatment room, as well as a longer lifetime.

Sizeable Documentation

The certification of a PT facility is a documentation intensive process and while EBG MedAustron was responsible for the overall facility-wide medical certification, Cosylab delivered all the necessary documentation for as the Patient Interlock System. These documents could then be incorporated directly into the overall system documentation technical file without the need to adapt it. This was only possible because the teams agreed up-front that Cosylab would follow the applicable processes and use the correct document templates.

Measurable Benefit of High Beam Availability

As the Patient Interlock System interfaces to 13 external systems, it is vital that is reliable, i.e. safely and by avoiding avoidable false positives, because these reduce system availability and disrupt workflows. The focus on high reliability of the system was strong. Everything was thoroughly tested in a validated simulation environment before deployment.

This meant that there were no defects during commissioning which reduced commissioning time. Following certification, the system was put into production and since then, no defects that would deteriorate the operation of the facility have been observed.

Download the full Case Study on Cosylab’s How the patient safety system Contributes to High Availability at MedAustron.

Others Also Read