Backend
- FastAPIREST API
- Python 3.13Runtime
- Pydantic v2Validation
- Auth0 + RLSIdentity
Phoenix Ascend is assembled from small, well-scoped services. Each layer does one thing; together they hold medical-grade data without forcing engineers or clinicians to trust the layer above.
Every telemetry payload follows the same route: captured, validated, stored in time-series tables, and rendered for the role requesting it.
CGM sensors emit a glucose reading every 5 minutes. Pumps emit delivery events alongside them: boluses, basal changes, alarms. Every payload is signed against the device's stored key.
A phone-side relay batches readings, retries on flaky networks, and hands them to the API over mTLS.
FastAPI validates the payload, checks the signature, and writes to the time-series hypertable — all inside one request.
Readings land in a hypertable chunked by 7-day windows. Continuous aggregates compute hourly and daily stats in the background.
The Portal queries pre-aggregated views, so dashboards resolve in one round-trip, not fifty. Athena, our internal trial workbench, reads device exports straight off the client's disk instead.
Four problems every medical-device platform has to answer. Here's what we chose — and the trade-offs behind it.
Most platforms check permissions once, at the application layer. We built four independent gates — if one is compromised, the others still hold.
Multi-factor login, automatic key rotation via JWKS, and short-lived access tokens.
RLS policies enforce access per session — patient, clinician, engineer, or admin — independently of the application layer.
Database triggers log every mutation with before/after state — even direct SQL changes are captured and signed.
Stored OAuth credentials encrypted with session-scoped keys that are never exposed to the application layer.
Medical devices generate hundreds of readings per day per patient. That data has to be stored, compressed, and queryable in real time.
7-day chunks partition data for range queries that stay snappy into the millions of rows.
Old chunks compress on a schedule — storage without sacrificing read performance.
Pre-compute hourly and daily glucose/insulin stats so dashboards don't reaggregate on every page load.
Bulk loading from device bridges handles spike loads without back-pressuring the API.
When incorrect data could affect clinical decisions, coverage isn't optional. We run a two-lane strategy that balances speed with realism.
Minimal seed data, fast feedback — every PR runs the full suite in under a minute.
Months of deterministic synthetic timeseries for realistic validation against production queries.
SQL linting, migration-order verification, and security scanning block merges on policy violations.
Frontend tests use MSW for API mocking with integration tests across critical clinical workflows.
You can't test a medical platform with random numbers. Our generator produces output that matches real device log formats byte for byte, with glucose and pump distributions grounded in published clinical datasets.
Grounded in 9 published clinical datasets covering thousands of real patients — no synthetic shape we haven't seen in the wild.
Pure Python stdlib — runs anywhere, no supply-chain surface.
Over 90 days therapy adjusts, glucose patterns shift, adherence changes — tests see the same drift a clinician would.
Output matches real device logs exactly — validated against the same parsers used in production.
A pragmatic stack — designed today to scale to cloud infrastructure tomorrow.
That is not a slogan. It is how the permissions, the audit trail, and the deploy pipelines are wired. Meet the team that built it, or jump into the apps themselves.