Computer Laboratory

SmartFlow: Extendable Event-Based Middleware

Available Positions Post-doctoral and PhD positions are available on this project. [More...]

Project Motivation

Healthcare providers world-wide are developing electronic solutions to improve patient care and reduce costs. This is a complex and challenging endeavour: such systems need to integrate many distributed and heterogeneous applications and coordinate widely distributed operations as events occur, such as the referral of a patient from a GP to a specialist clinic. All of this has to be done without compromising patient safety and privacy. Not surprisingly, healthcare IT efforts in many countries suffer from cost explosion and project overruns.

In healthcare systems, middleware software acts as the "plumbing" that interconnects the various applications. A major problem is that commercial, off-the-shelf middleware used for this task is inflexible and unable to adapt to the special requirements of the medical domain. For example, a healthcare system must audit all access to a patient's records as they flow through the network — and yet the audit data must not itself compromise confidentiality. This kind of confidential audit is not supported by current middleware, yet the best place to reliably provide these guarantees is at the middleware level. Similarly, a haematology department would need to detect patterns of events: abnormal blood results sent to the electronic patient notes but with no timely confirmation of receipt would signal a network failure or other delay, and haematology would warn the ward. Again, middleware support for this does not exist, yet would be vital for an efficient solution. A major challenge in supporting such novel middleware functionality is that there is no single set of services that covers all application requirements. Instead, middleware functionality must evolve as new applications are added to a healthcare infrastructure.

Project Overview

The focus of this project is to address this challenge with research into an extendable, event-based middleware architecture, SmartFlow, which can integrate heterogeneous systems and provide a framework for dynamically managing middleware extensions. We will show how the SmartFlow approach can support common requirements found in the medical domain, such as privacy, auditing and event pattern detection, without sacrificing efficiency and ease of use. The following figure illustrates a deployment of the SmartFlow middleware in a clinical setting. SmartFlow overview As illustrated above, large and heterogeneous applications link independent hospital departments — with varying middleware requirements, including features unique to clinical environments. Since medical applications must respond quickly to numerous simultaneous events, applications coordinate all activity by sending and receiving messages using an event-driven approach. Messages are handled by SmartFlow nodes, as dictated by a set of extensions. Extensions may be responsible for intelligently routing messages between hospital departments, auditing message flow, applying access control checks to patient data and encrypting patient data to preserve confidentiality. By pushing this functionality into an intelligent middleware layer, all applications in a medical system can use these services, thus simplifying application design and deployment and improving performance. As new departments with new applications (and requirements) join the system, extensions can be added dynamically to SmartFlow nodes in a safe and consistent manner.

Much existing work on extendable middleware has focused on tightly-coupled, synchronous middleware frameworks, such as CORBA. Those frameworks require components to connect simultaneously in order to interact. In contrast, medical systems are loosely coupled, with a mixture of direct, synchronous interactions (such as looking up a patient's blood results), and indirect, asynchronous connections (e.g. a monthly batch of pathology reports, sent electronically to a cancer registry). Web services middleware supports synchronous and asynchronous invocations but emphasises lower-level protocol issues instead of higher-level semantics of middleware functionality. In contrast, SmartFlow provides a comprehensive framework for specifying and managing event-based middleware extensions.

To describe a middleware and its configurations, we will devise a formalism that can capture high-level middleware features, their decomposition into lower-level SmartFlow extensions, and the dependencies and exclusion relationships between extensions. This will let each application specify which extensions it needs. Dynamic reconfiguration will allow SmartFlow to support requirements that change over time. We will also extend the event-driven approach to the inner workings of the middleware itself. Each SmartFlow node will use an event-based kernel to drive the flow of information between extensions, in the form of explicit messages. The advantage of this approach is that existing middleware systems can be integrated with SmartFlow by treating them as particularly rich extensions. This means that SmartFlow can enhance existing middleware with extra features in a way that is straightforward, consistent and easily configured. Making information flow explicit will also enhance security, by identifying and regulating the use of internal messages.

Project Objectives

The aims of the SmartFlow project are to:

  • Develop a framework for extendable event-based middleware, in which applications can formally define their middleware needs.
  • Specify an event-driven kernel for fine-grained middleware control on each computer.
  • Construct application prototypes, and define reusable middleware extensions for common features.
  • Evaluate the utility of these techniques for healthcare applications, including resilience to internal and external attacks on confidential data.

To meet our aims, we will address the following research questions:

  • Which middleware extensions cover the main requirements of distributed, heterogeneous medical systems?
  • How do legal, high-level policies in the medical domain map to middleware functionality implemented as a set of extensions to support application deployment?
  • Can functionality provided by commercial middleware software be formulated as a collection of event-based middleware extensions?
  • How complex are the dependencies between common middleware extensions? How to formalise dependencies in a way that respects co-dependencies and mutually exclusive extensions?
  • To what extent can static dependency checking of extensions guarantee safe middleware operation? What are suitable techniques for resolving conflicts between middleware extensions at run-time?
  • How to design an application programming interface (API) suitable for all middleware extensions? How do event-based internal mechanisms affect the performance of middleware and its extensions?
  • Can we use sand-boxing techniques for information hiding and "Chinese Walls" within the middleware?
  • What mechanisms are required for efficient middleware reconfiguration and self-management?


EPSRC Grant EP/F042469/1 — October 2008 to September 2011


  • Cambridge: Jean Bacon, Dave Eyers
  • Imperial College London: Peter Pietzuch
  • Clinical and Biomedical Computing Unit, National Health Service Brian Shand