Personalized heart models for surgical planning

System can convert MRI scans into 3D-printed, physical models in a few hours.

Scientia — Researchers at MIT and Boston Children’s Hospital have developed a system that can take MRI scans of a patient’s heart and, in a matter of hours, convert them into a tangible, physical model that surgeons can use to plan surgery.

New system from MIT and Boston Children’s Hospital researchers converts MRI scans into 3D-printed heart models (shown here).
Photo: Bryce Vickmark

The models could provide a more intuitive way for surgeons to assess and prepare for the anatomical idiosyncrasies of individual patients. “Our collaborators are convinced that this will make a difference,” says Polina Golland, a professor of electrical engineering and computer science at MIT, who led the project. “The phrase I heard is that ‘surgeons see with their hands,’ that the perception is in the touch.”

---

---

This fall, seven cardiac surgeons at Boston Children’s Hospital will participate in a study intended to evaluate the models’ usefulness.

Golland and her colleagues will describe their new system at the International Conference on Medical Image Computing and Computer Assisted Intervention in October. Danielle Pace, an MIT graduate student in electrical engineering and computer science, is first author on the paper and spearheaded the development of the software that analyzes the MRI scans. Mehdi Moghari, a physicist at Boston Children’s Hospital, developed new procedures that increase the precision of MRI scans tenfold, and Andrew Powell, a cardiologist at the hospital, leads the project’s clinical work.

The work was funded by both Boston Children’s Hospital and by Harvard Catalyst, a consortium aimed at rapidly moving scientific innovation into the clinic.

MRI data consist of a series of cross sections of a three-dimensional object. Like a black-and-white photograph, each cross section has regions of dark and light, and the boundaries between those regions may indicate the edges of anatomical structures. Then again, they may not.

Determining the boundaries between distinct objects in an image is one of the central problems in computer vision, known as “image segmentation.” But general-purpose image-segmentation algorithms aren’t reliable enough to produce the very precise models that surgical planning requires.

New system from MIT and Boston Children’s Hospital researchers converts MRI scans into 3D-printed heart models (shown here).
Photo: Bryce Vickmark

Human factors

Typically, the way to make an image-segmentation algorithm more precise is to augment it with a generic model of the object to be segmented. Human hearts, for instance, have chambers and blood vessels that are usually in roughly the same places relative to each other. That anatomical consistency could give a segmentation algorithm a way to weed out improbable conclusions about object boundaries.

The problem with that approach is that many of the cardiac patients at Boston Children’s Hospital require surgery precisely because the anatomy of their hearts is irregular. Inferences from a generic model could obscure the very features that matter most to the surgeon.

In the past, researchers have produced printable models of the heart by manually indicating boundaries in MRI scans. But with the 200 or so cross sections in one of Moghari’s high-precision scans, that process can take eight to 10 hours.

---

---

“They want to bring the kids in for scanning and spend probably a day or two doing planning of how exactly they’re going to operate,” Golland says. “If it takes another day just to process the images, it becomes unwieldy.”

Pace and Golland’s solution was to ask a human expert to identify boundaries in a few of the cross sections and allow algorithms to take over from there. Their strongest results came when they asked the expert to segment only a small patch —one-ninth of the total area — of each cross section.

New system from MIT and Boston Children’s Hospital researchers converts MRI scans into 3D-printed heart models (shown here).
Photo: Bryce Vickmark

In that case, segmenting just 14 patches and letting the algorithm infer the rest yielded 90 percent agreement with expert segmentation of the entire collection of 200 cross sections. Human segmentation of just three patches yielded 80 percent agreement.

“I think that if somebody told me that I could segment the whole heart from eight slices out of 200, I would not have believed them,” Golland says. “It was a surprise to us.”

Together, human segmentation of sample patches and the algorithmic generation of a digital, 3-D heart model takes about an hour. The 3-D-printing process takes a couple of hours more.

Prognosis

Currently, the algorithm examines patches of unsegmented cross sections and looks for similar features in the nearest segmented cross sections. But Golland believes that its performance might be improved if it also examined patches that ran obliquely across several cross sections. This and other variations on the algorithm are the subject of ongoing research.

The clinical study in the fall will involve MRIs from 10 patients who have already received treatment at Boston Children’s Hospital. Each of seven surgeons will be given data on all 10 patients — some, probably, more than once. That data will include the raw MRI scans and, on a randomized basis, either a physical model or a computerized 3-D model, based, again at random, on either human segmentations or algorithmic segmentations.

Using that data, the surgeons will draw up surgical plans, which will be compared with documentation of the interventions that were performed on each of the patients. The hope is that the study will shed light on whether 3-D-printed physical models can actually improve surgical outcomes.

“Absolutely, a 3-D model would indeed help,” says Sitaram Emani, a cardiac surgeon at Boston Children’s Hospital who is not a co-author on the new paper. “We have used this type of model in a few patients, and in fact performed ‘virtual surgery’ on the heart to simulate real conditions. Doing this really helped with the real surgery in terms of reducing the amount of time spent examining the heart and performing the repair.”

“I think having this will also reduce the incidence of residual lesions — imperfections in repair — by allowing us to simulate and plan the size and shape of patches to be used,” Emani adds. “Ultimately, 3D-printed patches based upon the model will allow us to tailor prosthesis to patient.”

“Finally, having this immensely simplifies discussions with families, who find the anatomy confusing,” Emani says. “This gives them a better visual, and many patients and families have commented on how this empowers them to understand their condition better.”

---

---

– Credit and Resource –

Larry Hardesty | MIT News Office

---

Personalized heart models for surgical planning

New cache-coherence core mechanism in 30 years

More efficient memory-management scheme could help enable chips with thousands of cores.

Scientia — In a modern, multicore chip, every core — or processor — has its own small memory cache, where it stores frequently used data. But the chip also has a larger, shared cache, which all the cores can access.

If one core tries to update data in the shared cache, other cores working on the same data need to know. So the shared cache keeps a directory of which cores have copies of which data.

That directory takes up a significant chunk of memory: In a 64-core chip, it might be 12 percent of the shared cache. And that percentage will only increase with the core count. Envisioned chips with 128, 256, or even 1,000 cores will need a more efficient way of maintaining cache coherence.

At the International Conference on Parallel Architectures and Compilation Techniques in October, MIT researchers unveil the first fundamentally new approach to cache coherence in more than three decades. Whereas with existing techniques, the directory’s memory allotment increases in direct proportion to the number of cores, with the new approach, it increases according to the logarithm of the number of cores.

In a 128-core chip, that means that the new technique would require only one-third as much memory as its predecessor. With Intel set to release a 72-core high-performance chip in the near future, that’s a more than hypothetical advantage. But with a 256-core chip, the space savings rises to 80 percent, and with a 1,000-core chip, 96 percent.

When multiple cores are simply reading data stored at the same location, there’s no problem. Conflicts arise only when one of the cores needs to update the shared data. With a directory system, the chip looks up which cores are working on that data and sends them messages invalidating their locally stored copies of it.

“Directories guarantee that when a write happens, no stale copies of the data exist,” says Xiangyao Yu, an MIT graduate student in electrical engineering and computer science and first author on the new paper. “After this write happens, no read to the previous version should happen. So this write is ordered after all the previous reads in physical-time order.”

---

---

Time travel

What Yu and his thesis advisor — Srini Devadas, the Edwin Sibley Webster Professor in MIT’s Department of Electrical Engineering and Computer Science — realized was that the physical-time order of distributed computations doesn’t really matter, so long as their logical-time order is preserved. That is, core A can keep working away on a piece of data that core B has since overwritten, provided that the rest of the system treats core A’s work as having preceded core B’s.

The ingenuity of Yu and Devadas’ approach is in finding a simple and efficient means of enforcing a global logical-time ordering. “What we do is we just assign time stamps to each operation, and we make sure that all the operations follow that time stamp order,” Yu says.

With Yu and Devadas’ system, each core has its own counter, and each data item in memory has an associated counter, too. When a program launches, all the counters are set to zero. When a core reads a piece of data, it takes out a “lease” on it, meaning that it increments the data item’s counter to, say, 10. As long as the core’s internal counter doesn’t exceed 10, its copy of the data is valid. (The particular numbers don’t matter much; what matters is their relative value.)

When a core needs to overwrite the data, however, it takes “ownership” of it. Other cores can continue working on their locally stored copies of the data, but if they want to extend their leases, they have to coordinate with the data item’s owner. The core that’s doing the writing increments its internal counter to a value that’s higher than the last value of the data item’s counter.

Say, for instance, that cores A through D have all read the same data, setting their internal counters to 1 and incrementing the data’s counter to 10. Core E needs to overwrite the data, so it takes ownership of it and sets its internal counter to 11. Its internal counter now designates it as operating at a later logical time than the other cores: They’re way back at 1, and it’s ahead at 11. The idea of leaping forward in time is what gives the system its name — Tardis, after the time-traveling spaceship of the British science fiction hero Dr. Who.

Now, if core A tries to take out a new lease on the data, it will find it owned by core E, to which it sends a message. Core E writes the data back to the shared cache, and core A reads it, incrementing its internal counter to 11 or higher.

Unexplored potential

In addition to saving space in memory, Tardis also eliminates the need to broadcast invalidation messages to all the cores that are sharing a data item. In massively multicore chips, Yu says, this could lead to performance improvements as well. “We didn’t see performance gains from that in these experiments,” Yu says. “But that may depend on the benchmarks” — the industry-standard programs on which Yu and Devadas tested Tardis. “They’re highly optimized, so maybe they already removed this bottleneck,” Yu says.

---

---

“There have been other people who have looked at this sort of lease idea,” says Christopher Hughes, a principal engineer at Intel Labs, “but at least to my knowledge, they tend to use physical time. You would give a lease to somebody and say, ‘OK, yes, you can use this data for, say, 100 cycles, and I guarantee that nobody else is going to touch it in that amount of time.’ But then you’re kind of capping your performance, because if somebody else immediately afterward wants to change the data, then they’ve got to wait 100 cycles before they can do so. Whereas here, no problem, you can just advance the clock. That is something that, to my knowledge, has never been done before. That’s the key idea that’s really neat.”

Hughes says, however, that chip designers are conservative by nature. “Almost all mass-produced commercial systems are based on directory-based protocols,” he says. “We don’t mess with them because it’s so easy to make a mistake when changing the implementation.”

But “part of the advantage of their scheme is that it is conceptually somewhat simpler than current [directory-based] schemes,” he adds. “Another thing that these guys have done is not only propose the idea, but they have a separate paper actually proving its correctness. That’s very important for folks in this field.”

– Credit and Resource –

Larry Hardesty | MIT News Office

---

New cache-coherence core mechanism in 30 years

Researchers attack the Tor anonymity network

Researchers mount successful attacks against popular Tor anonymity network — and show how to prevent them…Phew

Scientia — With 2.5 million daily users, the Tor network is the world’s most popular system for protecting Internet users’ anonymity. For more than a decade, people living under repressive regimes have used Tor to conceal their Web-browsing habits from electronic surveillance, and websites hosting content that’s been deemed subversive have used it to hide the locations of their servers.

Researchers at MIT and the Qatar Computing Research Institute (QCRI) have now demonstrated a vulnerability in Tor’s design. At the Usenix Security Symposium this summer, they will show that an adversary could infer a hidden server’s location, or the source of the information reaching a given Tor user, by analyzing the traffic patterns of encrypted data passing through a single computer in the all-volunteer Tor network.

---

---

Fortunately, the same paper also proposes defenses, which representatives of the Tor project say they are evaluating for possible inclusion in future versions of the Tor software.

“Anonymity is considered a big part of freedom of speech now,” says Albert Kwon, an MIT graduate student in electrical engineering and computer science and one of the paper’s first authors. “The Internet Engineering Task Force is trying to develop a human-rights standard for the Internet, and as part of their definition of freedom of expression, they include anonymity. If you’re fully anonymous, you can say what you want about an authoritarian government without facing persecution.”

Layer upon layer

Sitting atop the ordinary Internet, the Tor network consists of Internet-connected computers on which users have installed the Tor software. If a Tor user wants to, say, anonymously view the front page of The New York Times, his or her computer will wrap a Web request in several layers of encryption and send it to another Tor-enabled computer, which is selected at random. That computer — known as the guard — will peel off the first layer of encryption and forward the request to another randomly selected computer in the network. That computer peels off the next layer of encryption, and so on.

The last computer in the chain, called the exit, peels off the final layer of encryption, exposing the request’s true destination: the Times. The guard knows the Internet address of the sender, and the exit knows the Internet address of the destination site, but no computer in the chain knows both. This routing scheme, with its successive layers of encryption, is known as onion routing, and it gives the network its name: “Tor” is an acronym for “the onion router.”

In addition to anonymous Internet browsing, however, Tor also offers what it calls hidden services. A hidden service protects the anonymity of not just the browser, but the destination site, too. Say, for instance, that someone in Iran wishes to host a site archiving news reports from Western media but doesn’t want it on the public Internet. Using the Tor software, the host’s computer identifies Tor routers that it will use as “introduction points” for anyone wishing to access its content. It broadcasts the addresses of those introduction points to the network, without revealing its own location.

If another Tor user wants to browse the hidden site, both his or her computer and the host’s computer build Tor-secured links to the introduction point, creating what the Tor project calls a “circuit.” Using the circuit, the browser and host identify yet another router in the Tor network, known as a rendezvous point, and build a second circuit through it. The location of the rendezvous point, unlike that of the introduction point, is kept private.

---

---

Traffic fingerprinting

Kwon devised an attack on this system with joint first author Mashael AlSabah, an assistant professor of computer science at Qatar University, a researcher at QCRI, and, this year, a visiting scientist at MIT; Srini Devadas, the Edwin Sibley Webster Professor in MIT’s Department of Electrical Engineering and Computer Science; David Lazar, another graduate student in electrical engineering and computer science; and QCRI’s Marc Dacier.

The researchers’ attack requires that the adversary’s computer serve as the guard on a Tor circuit. Since guards are selected at random, if an adversary connects enough computers to the Tor network, the odds are high that, at least on some occasions, one or another of them would be well-positioned to snoop.

During the establishment of a circuit, computers on the Tor network have to pass a lot of data back and forth. The researchers showed that simply by looking for patterns in the number of packets passing in each direction through a guard, machine-learning algorithms could, with 99 percent accuracy, determine whether the circuit was an ordinary Web-browsing circuit, an introduction-point circuit, or a rendezvous-point circuit. Breaking Tor’s encryption wasn’t necessary.

Furthermore, by using a Tor-enabled computer to connect to a range of different hidden services, they showed that a similar analysis of traffic patterns could identify those services with 88 percent accuracy. That means that an adversary who lucked into the position of guard for a computer hosting a hidden service, could, with 88 percent certainty, identify it as the service’s host.

Similarly, a spy who lucked into the position of guard for a user could, with 88 percent accuracy, tell which sites the user was accessing.

To defend against this type of attack, “We recommend that they mask the sequences so that all the sequences look the same,” AlSabah says. “You send dummy packets to make all five types of circuits look similar.”

“For a while, we’ve been aware that circuit fingerprinting is a big issue for hidden services,” says David Goulet, a developer with the Tor project. “This paper showed that it’s possible to do it passively — but it still requires an attacker to have a foot in the network and to gather data for a certain period of time.”

“We are considering their countermeasures as a potential improvement to the hidden service,” he adds. “But I think we need more concrete proof that it definitely fixes the issue.”

– Credit and Resource –

Larry Hardesty | MIT News Office

---

Researchers attack the Tor anonymity network