1. Field of the Invention
The present invention relates generally to the art of medical systems, and more specifically to managing data communications between multiple independent subsystems forming a safety critical system.
2. Description of the Related Art
Today's safety critical systems, such as automated medical system products, for example surgical equipment, may be constructed as a collection of two or more independent modules or subsystems. Constructing a suite of independent modules affords medical system product designers and manufactures the ability to create and deploy subsystems that perform specific functions that are a subset of functions of the complete device or system.
Designs that take advantage of allocating functions to a plurality of specialized modules must include a communications mechanism to enable the modules to interact with each other. Modules may share or communicate control and status information between each other to realize the entire system functionality. These communications are typically realized using a communications protocol that specifies a uniform or consensus format that the modules or subsystems use to transmit and receive information to each other.
Traditionally, medical system products transmit control and status signals between subsystems over a fixed wire or cable using a standard cable interface, such as Universal Serial Bus, Ethernet, etc. Furthermore, these products frequently employ a variety of standardized communications protocols. Some of the most frequently used protocols include: XModem, ZModem, Kermit, MNP, and CCITT V.42. However, each of these currently available protocols exhibits limitations and restrictions that make them unacceptable in the design of a safety critical system. Each of these protocols may exhibit excessive overhead, high bandwidth, lack of system integrity, limited error detection and error correction, and/or a need for excessive processing resources to execute the protocol.
Current standardized communications protocols are problematic in that they require excessive overhead or additional information that must be transmitted with the original data to facilitate control of the protocol by the sending and receiving modules or subsystems. Excessive communications protocol overhead, or poor protocol efficiency, can require additional transmission media (i.e. fixed wire or cable) bandwidth to realize exchange of control and status information between modules. In addition, the excessive overhead requires additional significant processing resources (i.e. CPU cycles, memory, etc.) to execute the protocol. Moreover, this increase in required bandwidth and processing resources adds to cost and complexity to deliver each module.
A major commercial problem with respect to the above mentioned known communications protocols is the lack of a reliable communications watchdog mechanism. A communications watchdog can effectively trigger a control system, such as a surgical device, to switch to a safe state when a module or subsystem exhibits a fault that may result in a dangerous overall system behavior, that is, loss of control of the surgical instrument and potentially severe harm or even death of the patient. Without the benefit of a communications watchdog, current designs do not provide a sufficient level of system integrity for such safety critical systems as surgical devices. Overall systems integrity is paramount to designing and deploying safety critical systems. Thus, today's designers are faced with a difficult and complex implementation challenge to ensure constant communication between independent modules to provide the required level of safety in an operating theater environment.
Furthermore, the protocol employed in the construction of safety critical systems must provide the ability for two modules to send arbitrary data between themselves and to ensure the integrity of that data. The protocol preferably enables either the transmitter or the receiver to detect that an error in the information has been introduced during the transmission, and enables that error to be corrected via the communications protocol.
Based on the foregoing, it would be advantageous to provide a communications protocol for use in safety critical systems that overcomes the foregoing drawbacks present in previously known protocols used in the design of medical systems.