ProHealth 2014
Modelling and implementation of
correct by construction
healthcare workflows
Petros Papapanagiotou
Jacques Fleuriot
This research is supported by EPSRC grant
EP/J001058/1 and the College of Sciences and Engineering, University of Edinburgh.
Healthcare Processes
• Long, complicated
guidelines or sometimes
complete lack of
documentation!
• Medical staff employ
informal, error-prone
practices, such as:
– Post-it notes
– Oral handovers
• Result:
miscommunications,
delays, errors, omissions,
repetitions, …
Correct-by-construction workflows
Workflows
(BPM)
Formal
Methods
(Theorem
Proving)
WorkflowFM
WorkflowFM Focus
Focus less on:
• Clinical guidelines
• Knowledge management
•
•
•
•
•
• Decision making
•
Focus more on:
Information flow
Resource tracking
Communication
Process dependencies
Facilitating administrative
tasks (e.g. documentation)
Procedure optimisation
Methodology in Healthcare
Assumptions
1. Set of atomic healthcare processes with IOPE
specifications, that can interface:
– EMRs, equipment/instruments, HPSs (eForms),
etc.
2. “Black-boxes”
3. Always terminate
WorkflowFM Combined Value
•
•
•
•
•
•
Workflows (BPM)
Management and
governance
Flexibility and scalability
Effectiveness and
separation of concerns
Integration of technology
Simulation
Maintainability
•
•
•
•
•
Formal verification
Explicit, verified
information/resource flow
Systematic resource
management (including
exception handling)
Concurrency and freedom
of deadlocks and livelocks
Type correctness during
composition
Automated workflow
deployment
Applications
• Patient handovers (Assignment/Delegation).
• Intra-hospital patients’ transfers.
(St Mary’s Hospital, London)
• Integrated Care Pathways for HIV patients.
(NHSGGC, NHSL)
Proofs-as-processes theory
logical proofs  concurrent processes
CLL  π-calculus

Diagrammatic Interface
• Simple mouse gestures to apply actions.
• Minimum interaction with CLL or theorem proving.
Example of resource management
?
Example of resource management
Architecture
Assignment / Delegation
1. GP diagnoses patient with Acute Renal Failure.
2. GP assigns treatment to nephrologist Dr. John.
3. Dr. John settles on hæmodialysis treatment.
4. Dr. John delegates hæmodialysis to APN Anna.
Assignment / Delegation
Request
Provider
Requester
GP assigns treatment to nephrologist Dr. John.
Provide
.
Request
Provider
Requester
Dr. John delegates hæmodialysis to APN Anna.
Provide
Assignment / Delegation
Handle exceptions + Check outcome
Request
Provider
Requester
GP assigns treatment to nephrologist Dr. John.
Provide
.
Request
Provider
Requester
Dr. John delegates hæmodialysis to APN Anna.
Provide
Handle exceptions + Check outcome
Patient handover (Assignment)
Deployment
DigiHealth prototype
DigiHealth prototype
WorkflowFM in Healthcare:
Lessons learned
• A lot of stakeholders, a lot of resources.
• Tracking of information, resources, and people
is highly important (time, cost, safety).
• Workflow technicalities are challenging for
clinical staff.
• Trust on the correctness of the deployed
system is a requirement.
• Formal approach opens doors to further
analysis and verification.
Conclusion
• WorkflowFM aims to improve healthcare processes by
eliminating errors, inconsistencies, redundancies, lack
of specifications/guidelines, etc.
• Formally verified process workflows.
– Logical engine uses Proofs-as-processes paradigm
• Two stages:
– Modelling: close collaboration with experts
– Deployment: automated – facilitated integration
• Interface hides underlying logical engine.
• Prototype implementation is actively being applied in
real-world cases in collaboration with clinicians.
• Still quite a few open challenges.