No, there was a story here about DIY CPAP about a month ago. None of this is new though efforts do appear to be gaining momentum.
What is new is that the tools and technology (think dirt-cheap microcontrollers that you can easily (re)program, 3D printers etc) are getting to the point where it's becoming more realistic for more people to be successful with less effort/risk along with a means (i.e. the web) for people to collaborate and share information.
That said: yeah, one better do their homework as they are definitely taking their own health (or even life) into their hands.
QA and Security for the patient? Difficult topic. Medical devices are expensive because they are released to a regulated market. You spent 1 day developing, 1 day testing and 5 days documenting. So an unregulated but well maintained open source product which spent 2 days in testing, has a better quality but cannot show it to the authorities.
The key is: "Well Maintained". For these insulin closed loop community, I bet they are. They bet their own life on it.
What is intrinsic in closed source products that makes them less concerning? Could a financially backed open source device have equal quality, safety and review?
There is no fundamental reason, the tricky part is (as always) cost and expertise.
For all the issues in medical device engineering, the bar is higher than most people (particularly in software industry) have worked in. Obviously there are other areas too (e.g. aerospace), with similar or higher bars.
Your project will benefit by finding people with experience in hazard analysis and risk mitigation, testing, SDLC management etc. They either have to be motivated to do this on their own or payed, or a mix. Hopefully you'll find people familiar with ISO13489, IEC60601, IEC62304, etc. - not because you'll want to audit to these standards, but because the people will also be familiar with what's needed.
Basically, to have the quality where you want it to be, you need to do the work. The flexibility of such a system is great, but in terms of verification and validation, the amount of work could become exponential with the configurabilty - so you are probably going to want to concentrate on some specific configurations pretty rigorously and encourage them for "real" use.
Systems, particularly safety-critical systems, are tested in specific configurations (inputs, users, integrations).
If you change the configuration, you encounter the possibility of finding new bugs. When someone's life is tethered to the device, this will make engineers (and lawyers) properly twitchy.
For a perfect example of this, have a look at the the Ariane 5 [1]. Existing software was used in a new configuration and when it encountered an untested condition the software crashed, resulting in the rocket self-destructing.
Now, consider, you're adding bluetooth to a safety critical device - this is a protocol stack where people can't get their phone to connect to their car, and my Android phone occasionally needs to be rebooted before it will connect to my headphones.
DRM offers many bugs for an optional feature. I think they realized that the product testing requirements for DRM are so onerous that they'll never be willing to comply. Theoretical example:
"The patient died when the hospital was locked out of the pacemaker due to a bug in the license code parser in the patient's device."
You still need to have security for remote control safety, but a device maker cannot afford even a single bug in the "I have my hands physically on the device and I require access" pathway, or else deaths will eventually occur.
My understanding is that they are partnering with those companies. For instance, Medtronic produces the 670g, the commercial closed loop system (what I have)
Is there a sensible way to log IoT traffic? I'm paranoid not just of who may be trying to access IP cameras, but what they may be sending back to their manufacturer.
Yom says he keeps getting asked if there's some secret recipe for getting students to perform at their highest potential.
"This may sound corny, but you really have to love them," Yom says. "You build this trust, and at that point, whatever you ask them to do, they'll go the extra mile. The recipe is love."
Basically it comes down to soft skills. If people think you care about them they will care about what you want and think and help you achieve things together.
Common Core, in theory, isn't a problem - unifying standards across schools has a lot of benefits (easier to design reusable curriculums, perform scientific inquiries, develop software). The problem is when it gets conflated with high-stakes testing, which is a terrible thing.
High-stakes testing need not be terrible. You just have to be careful:
1. High-stakes testing requires exam security. One must assume that the teachers and administrators, if rated on student performance, will assist cheating.
2. High-stakes testing should be spread out across the year, with the result being a running average that discards the low values. (sickness and other bad luck should not be punished) Instead of a week or two of solid testing, do an hour every other week.
3. Tests should not come from companies that sell textbooks. This is a conflict of interest. It's not good to have an incentive to use non-standard terminology to give an advantage to schools which purchase the matching book.
4. If you can't test something, and you don't mandate hours for it, it will be removed from the schedule. Ideally you'd test for everything, but testing some subjects (band, shop) is difficult. The hours must be mandated to protect the untestable subjects.
5. You get what you test for. (see #4 above) High-quality tests are a must. It shouldn't be practical to cram for a test.
You did not talk about the necessity of unlinking the results of high-stakes testing and the funding for schools/teachers/districts. Or at the very least, to not penalize low-income areas for low test scores by stripping their budget, since that will only make the situation worse. If anything, more resources should flow to areas with lower test scores, even though the opposite happens (or they just flow to charter schools, which are not a great idea either).
Look beyond the mechanical aspects of the problem, and consider the ramifications of testing within the education system as a whole.
Common core is _what_ they should be teaching. Soft skills is _how_ they should be teaching.
I'm fine if you want to hate on the Common Core like so many, but these points are so completely unrelated this argument doesn't make any sense. We aren't min/maxing teachers like we would with our character in an MMORPG, these are human people.
You can get people to do work based on the strength of a personal relationship, sure. I once gave an unexpectedly long assignment to a class of about 30 students, and ended up getting six completed assignments. One was from a student who was just absolutely determined to be "a good student". The other five were clearly done on the basis of my relationship with those five students rather than because they thought it was a reasonable use of their time.
I don't think that approach can scale, though. You can't maintain that kind of relationship with 50 people; you need them to enforce the norm ("do the work!") on each other.
