Research Article
Surgeon Training in Telerobotic Surgery via a Hardware-in-the-Loop Simulator
Table 1
Three common safety hazard scenarios, with corresponding examples from real incidents reported to the FDA MAUDE database.
| | Safety hazard scenario (outcome) | Unsafe control action example | Possible causal factors (accidental failures) | Raven-II simulation | Impact (clinical scenarios for safety training) [example] | | Target software module | Target variables |
| | System temporarily unavailable (recoverable system error) | A user command is provided but not followed by the robot. | Improper operator actions or console control malfunctions | Network-layer thread (network_layer) | User-desired | Restart the system [MAUDE 3293519]
Troubleshoot error
contact manufacturer | | (i) Position | | (ii) Orientation | | (iii) Grasper angle | | (iv) Foot pedal |
| | System permanently unavailable (nonrecoverable system error) | A motor command is provided by the robot control, but it is not followed by the motors. | Sensor (encoder) failure | Control thread (get_USB_packet) | USB board | Convert the procedure [MAUDE 2663924] Reschedule [MAUDE 3275500] | | (i) Address | | (ii) Returned status | | USB board | Report to manufacturer | | (i) Address | | (ii) Returned status |
| | Unintended movement of robotic arms (sudden jump) | A command is provided by the robot control to motors while the calculated next position is at large distance (big jump) from current position. | Actuator failures | Control thread (put_USB_packet) | Commands to robot joints | Puncture of artery [MAUDE 1590517] Bleeding of uterine tube [MAUDE 2120175] |
|
|
