Woman Gets Diabetes, Builds Own Pancreas

For the most part, when we break out the soldering iron to make a project for ourselves – we do so for fun. Sometimes we do so for necessity. Rarely do we, however, do so to save our own lives.  [Dana Lewis] is one of the 30 million people in the US who suffer from diabetes. It’s a condition where the pancreas fails to make insulin, resulting in a buildup of sugar in the bloodstream. Managing the levels of insulin and sugar in their bodies is a day-to-day struggle for the millions of diabetics in the world. It’s a great deal more for [Dana], however. She sleeps with machines that monitor the glucose levels in her blood, but lives with constant worry.

“I was afraid at night because I am a super-deep, champion sleeper,” Lewis said, “I sleep through the alarms on the device that are supposed to wake me up and save my life…”

What she needed was the glucose data from the device and use it to trigger a louder alarm. It wasn’t long until she found someone who had done just this. Using a Raspberry Pi, she was able to capture the data and then alarm her via her phone. She then setup a web interface so others could see her data and call her if she didn’t wake.

The next step is obvious. Why not make the state of the insulin pump a function of the data? And thus, a sort of artificial pancreas.

The project is open source for anyone to use and improve upon. She was placed on a list for the 100 most creative people in the US for 2017. We’re not strangers to the idea of an artificial pancreas, but it’s always great to see people using things we make video game consoles out of to save lives.

Thanks to [Dave Zzzz] for the tip!

64 thoughts on “Woman Gets Diabetes, Builds Own Pancreas

  1. A great idea.

    The linked web site is unclear regarding the extent to which the computer running the pump is internet connected when delivering the content to the web. I would not sleep at night if my device were running services with possibly unknown vulnerabilities… funnily enough negating the need for the device…

    1. Forget just vulnerabilities, one bug or unexpected behaviour and your dead. Thats why medical devices are tested so heavily and regulated.
      As a t2 for 16 years diagnosed, I was in a situation where I was told that I had to inject insulin for the rest of my life, shown how to use a pen which during tuition I fubar’d a calculation of quantities to go between a nearly empty and a full pen and nearly overinjected, was pointed at cgm devices and new tech and other stuff, but chose to ignore medical advice and my doc refused to support me so I just didnt tell him. I lost 80lb on a low carb diet very similar to the recently reported breakthrough study but eating actual food of 800 calories/day rather than shakes, and now I’m cutting back on my tablet form meds that had stopped working. He looked at my a1c results a few weeks back and they have been the lowest he has ever recorded for me, and well in the normal range for a normal person, never mind a diabetic. He just said to me on recieving these “I dont fully understand what youve been doing to yourself fully, but er, keep doing it”

      It can’t work for everyone sadly and its been a massive amount of long term commitment, but if you can make a choice, each time I’d go for the not adding extra hardware to my body option instead.
      I think the nutritional hacks haven’t filtered down to all of the medical profession, in 10-20 years it will be what your health professional recommends, but I’d encourage anyone with a chance to do their own research right now.

      1. That’ part of why the system is restricted to only enact temp basals – which make it MUCH harder for a bug to cause a dangerous situation.

        e.g. if you repeatedly command a bolus, you rapidly wind up in a dangerous unrecoverable situation. If you repeatedly command a temp basal – not much really changes since each new command overrides the previous one, and there are additional rate limits set in the pump itself that prevent the temp basal from being set too high.

        Unfortunately this makes it MUCH harder to find a compatible pump – remote control was missing from Medtronic devices for a while, and now that it’s back, only boluses can be remotely issued. Why the hell Medtronic brought back the most dangerous remote feature and not the safest one, I do not know.

        1. Andy, your basing your comment on only being able to adjust the basal’s, which is fine to stop a user in the fog of hypo or a hyper from making a wrong adjustment however Its not impossible for a bug or unexpected behaviour to alter other things in addition to the expected. Whats the failure mode of each of the components? what happens if its struck by lightning or a strong emf field? what if it gets too hot or cold.
          MIssing just one of these tests or any other random combination of such might lead to the injection mechanism over injecting and thats why the resource to test and developing things to this methodology is so expensive.

          1. This is pretty much the reason why a lot of people aren’t looking at open-source insulin pumps. We know the commercial pumps we have will have been through this testing, and will be as reliable as is practical. OpenAPS uses safety limits built in to the pump to provide upper bounds to the amount of insulin it can deliver. The OpenAPS devices communicate wirelessly with the pump, issuing commands which contain the device’s serial number. For interference or environmental conditions to cause catastrophic errors, it would require a couple of bits being flipped in a specific way with the rest of the system operating completely normally. This is…unlikely.

            The OpenAPS algorithm is designed in such a way that if it loses communication with the insulin pump, it will have been left in a state where the current bolus / basal rate should be able to run to completion without the person being in danger. On top of that, there are the built in pump alerts to detect when a low or high blood sugar might happen (including basal suspend on most pumps being used), and lastly the user has the option of manually checking their blood sugar if they feel something isn’t right.

          2. A remote basal command (two parameters – rate and time) getting misinterpreted as a bolus command (one parameter – amount) with a valid CRC by the pump being controlled? REALLY?

            As to EMI – valid concerns for any pump user. One of the reasons I delayed getting a pump was because I used to work in a military EMI testing environment and no insulin pump on the market is shielded against EMI to any degree more than minimal FCC consumer product standards. But there’s enough protection of the remote control interface that you can safely assume that if you’re only issuing remote basal commands to the pump with an external device, you’re not going to have the pump somehow misinterpret it as a bolus.

            Temperature-related failures of the electronics are not a concern. There’s simply no way to reach a temperature that can cause electronics failure without silently reaching a catastrophic failure of the medicine being delivered by the pump. Insulin CANNOT be frozen and degrades rapidly at elevated temperatures, to the point where even a hot summer day in the 90s or above is a major concern for pump users (another reason I’ve been nervous about a pump vs. MDI – it’s a lot easier to store the vials for MDI in a cold bag with ice than to store an operational pump. There is NO way to determine that insulin has had a temperature failure other than “why the hell is my blood sugar skyrocketing despite insulin delivery”.

            Or another way of putting it – insulin pumps have so many damn failure modes that are not really solvable by the device manufacturer (destruction of contents by temperature, infusion site biofouling) that the potential failure of external control electronics is “yeah whatever dude I already have to constantly oversee the system anyway”.

          3. Devices don’t need to be directly struck by lightning to be affected by it. My mom had a wireless keyboard that was destroyed by a lightning strike in the neighbor’s yard. So yes, a lightning strike can cause damage to electronics without affecting the user directly.

          4. Yeah, I’d want this system TEMPEST hardened with MOV’s, Polyphasers (if wireless) or equivalent grounding, GFI’s at the least… maybe even arc fault. Awesome idea… now to apply the same type systems for other conditions requiring food and drugs.

        1. I’m saying for me as a long term t2 diabetic, following this process, its worked for me – even though I was put on insulin injections when in hospital (after a major vehicle accident, burns, grafts etc) and advised I would hereon be injecting insulin for life as my pancreas had become too damaged to be controlled by metformin/gliclizides etc.
          I’ve never really been into fad diets or health food, and tended to view such claims as a diet would work to this level as something that spamassassin should have flagged, and my diabetic specialist was equally as sceptical but, its worked for me and another relative that I know that has tried it has the same result. The bbc had a article on the paper which has been presented on a controlled trial of the same principles, I hope that means the same principles would work in others also :-

          Make of that what you will.

      2. Old builder that works with a friend was in same boat as that, Gave up everything stopped eating synthetic foods no salty carbonated drinks, Only eats real foods no additive based sauces etc, Apparently makes his own soap and clothes and other things he’s right to be jaded by the entire medical industrial complex and the monopoly held, balanced his body him self. So you’re not alone on that one. It’s no myth!

      3. You lost me at “t2”.

        T2s with a pump are incredibly rare, if any exist. T2s still have a partially functional pancreas that can autotune out quite a bit of treatment error.

        T1s have none of that luxury. The difference in required management and monitoring is a few orders of magnitude.

        1. False. There are a significant number of T2s on insulin pumps, especially in the US. They have all of the same problems as T1s do with managing carb intake, and if they’re on insulin they have exactly the same problems with hypos T1s do. Don’t treat it like “them and us”. It’s still horrible, and nowhere near easy for a lot of people with T2.

        2. I AM a t2, and my health professional was saying a cgm pump would be where they wanted to go with me in the medium term once they had me injecting with the pen and stable. They told me after the amount of years I’d been on metformin and other medications (avandia, gliclizides etc etc) that my pancreas was done and would be unlikely to ever recover to even be able to maintain a diabetic normal without injections and the cgm was the least intrusive way to achive that.

          1. That’s pretty rare – and t2s that have degraded that far aren’t going to succeed with what the person I was replying to was claiming in the first place.

  2. How easy it would be for a skilled hacker to hack this system and either change the value so alarm is not triggered at all or trigger the insulin pump to cause overdose, hypoglycemia and death?
    How about someone writing a virus that targets RPi modules used as IoT devices, that will interfere with their operation? It could kill someone by accident because someone was too stupid and not paranoid enough to consider safety risks.
    There is reason why medical devices must follow strict engineering guidelines and get approved before can be sold to people in need…

    1. When you have two options:
      1) assured death/illness because of your blood sugar levels.
      2) a chance of death/illness because of a security vulnerability that could be exploited.

      You choose number 2.

      Pacemakers, insulin pumps, artificial hearts… all of them from the big manufacturers have proven to have vulnerabilities too… the level of risk from a manufacturer vs from a home rolled system is debatable, manufactures present more targets so finding an exploit has a higher pay off, but home rolled systems have potentially more vulnerabilities so less effort…
      In the end though, I’d stick with the manufacturer’s, because odds of death from hyper or hypo glycemia without noticing it first (especially when you know to monitor for it) seem low, odds of illness because of it seems high, and having some one to carry that liability other than yourself seems like a really smart idea.

      1. If someone is hacking your home brew one though, you should be more worried that someone is specifically out to kill you and if you stop them there there will be a bomb under your car or something.

        1. Or they just found it on shodan one day.
          And RPI, would you really trust one to be 100% reliable? I wont even run one as a media centre I had such bad experiences with them.

          1. The system in that case fails about as safely as simply not having the system in the first place – your last temp basal will remain and it will expire. IIRC I think the OpenAPS ref implementation doesn’t set temps for longer than 30 minutes – so after 30 minutes you’re as open-loop as if you didn’t have the system anyway.

            Dana’s situation where the inbuilt CGM alarm was insufficient is relatively rare, although her initial alarm insufficiency case could potentially trace back to Dexcom’s speaker recall. For most people the CGM receiver’s onboard alarm is sufficient to wake them and will alarm if glucose levels go out of range if the control system fails.

            If you want to be really scared: The FDA approved for Dexcom’s G5 to use an iOS device as the sole monitoring system. iOS does NOT allow a user to set separate alarm and notification silencing settings – you cannot silence notifications (emails, etc.) without also silencing alarms. That, among other reasons, is why I lasted about a month of testing the G5 with an iPod Touch before going back to the tried and true (and superior) G4 system permanently.

      2. As someone who is a Type I diabetic and has a Dexcom CGM – If it were easier to source a pump that were compatible with the system (you have to use pumps at least four years old currently), I’d do it.

        You can’t underestimate the value of sleep and the negative impact on daily life that originates from having to manually address high/low alarms in a system without automatic basal tuning.

        As it is – right now I only get good nights’ sleep at the cost of my health on nights when I don’t have my CGM. But frequently running highs for hours because I’m sleeping is BAD. (I know enough about my body thanks to the Dexcom to not have lows due to overcorrection at night even without the dexcom, or at least extremely rarely and not so low as to be dangerous.)

      1. Good talk…

        It’s really annoying though that when you bring up the questions of frailty of technology, the absolutely INEVITABLE problems with it, you get accused of being a Luddite. Nonononono, I just know wayyyy too much, all the gory details, and it’s getting scary that 80% of the populace now, have no actual understanding of tech basics and just believe in it as magic, a technomancy cargo cult, that among it’s core beliefs is anything is possible, throw more tech at it… yyyyyyyno.

        1. In almost all schools they don’t require any education on electricity or electrical safety at all. It’s the one thing everyone is guaranteed to use literally nonstop for their whole lives, and they say “you don’t need to know about that unless you become an engineer.” So as a result tech is just magic.

        2. So people don’t like to hear what they don’t like to hear.

          That said there are people that paint a dark picture of technological reliability, those that can’t seem to accept that all things that exist in the real world have failure modes. Not saying that you are one of them but that could explain some of the backlash.

  3. So I’m no expert, but you can buy CGM’s (continuous glucose monitors) that talk to insulin pumps to provide information for when you blood sugar is high, and thus insulin, and my understanding is that those same systems can alert you when you are low, and notify caregivers as well (since most pumps don’t have the capacity to hit you with a sugar solution to bring you back up… though some were in development I’ve heard nothing about FDA approval for them)

    That was the whole point of CGM’s to start with…

    The linked article says it makes updates every 5 minutes…. again I’m no expert but my understanding is that the interstitial tissue sugar content (where the CGM plugs (stabs really, it’s a needle) in) can lag behind actual blood sugar by something like 30 minutes, which is where a large portion of the artificial pancreas come into play… we don’t have a good way to measure blood sugar in a repeatable automated fashion we can only measure tertiary measures, which lag behind actual blood sugar, now sleep is actually ideal for measures we have because people aren’t eating or exercising in their sleep, so blood sugar does tend to change in a more predictable way than if they were out doing stuff, basically we’ve got the easy part down… which is already commercially available, so building your own seems weird to me when you’ve already got all the components for the commercially available system and you opt not to use their code and do your own instead. granted the commercial systems still require regular finger pricking for blood testing, because the CGM readings need to be calibrated regularly, and as I mentioned tend to lag behind the actual blood sugar…

    Basically I’d stick with the commercial systems already build around the concept rather than rolling my own…

    1. The lag is closer to 10-15 minutes than 30 minutes. There have been commercial systems around for a while now that suspend insulin delivery when it thinks you are already low. Anything more advanced than that is *far* more recent. Two years ago, a pump (Medtronic 640G) was released that would suspend insulin delivery if it thought you would go low within 30 minutes, and could re-enable insulin delivery once blood sugar was ok again.

      The Medtronic 670G was actually available this year. It has a mode that can adjust background insulin rates to try and keep blood sugars in range. This is the point OpenAPS was at over two years ago. And while it does help glucose control a lot, it can still take a very long time to bring down high blood sugar.

      The Medtronic automated systems also rely on exactly the same 10-minute-delayed CGM sensor data that OpenAPS relies on, so they don’t have any advantage there.

      OpenAPS has now moved past what the current Medtronic pump is doing, and allows it to actually give small extra doses of insulin when high to try and drop blood sugar faster. This has allowed some people to not have to give boluses for meals for several months. They just need to enter the amount of carbohydrate they’re about to eat, and OpenAPS takes care of the rest. That’s a *huge* reduction of time and effort required to manage the condition, and it generally provides better results than even the basal-adjusting method.

      As for safety; yes, there are risks. The code won’t be 100% bug-free. Generally, people using the system keep an eye on what it’s doing to make sure it isn’t doing something that looks unreasonable. The system also utilises safety features on the pump itself to reduce the chances of anything going catastrophically wrong – this is one of the reasons for not designing/using an open-source insulin pump.

      Lastly, cost is an issue. OpenAPS works with devices people have already had for years (which is another issue in itself, Medtronic blocked the functionality it required sometime in 2013 on newly-issued pumps). The new Medtronic pumps cost several thousand dollars. I’m based in the UK, and my insulin pump gets upgraded by the NHS every 4 years. I got my last one just before the 640G was fully released, so the next time I’m due an official upgrade is sometime in late 2019. Until then, if I only use official licensed devices, I’m stuck with the “suspend if you’re already low” system.

      1. btw, you can explain this publicum here as long as you can but they will still not understand.
        I’m one of this who using openAPS for over a year now. 0.6.0 (I’m always using dev) is excellent, SMB is the best feature since openAPS was released.

    2. I use a CGM with an insulin pump. You are supposed to calibrate the CGM with a finger stick twice daily, about every 12 hours to be sure the readings are consistent. There is a lag between what the CGM shows and a finger stick reading, I mostly notice it when recovering from a low blood sugar. I can feel the change quicker than it seems to be reflected on the CGM. Some of that maybe due to only having reading every 5 minutes though. Most times when calibrating, I find that it is extremely close.

  4. >There is reason why medical devices must follow strict engineering guidelines and get approved before can be sold to >people in need…
    While I readily admit that paranoia hopefully _has_ been applied, I seem to remember several stories about (apparently) ‘strictly engineered’ medical devices, under headlines reporting vulnerabilities.

    1. Harold Thimbleby is a mathematics professor who has spent much of his life researching failures of human interaction with infusion pumps and aspects of their design which are poor, leading to a higher chance of mistakes being made which can include death of the patient. His work has not always made him popular with large med tech companies. While this may seem to be a rather dull subject, some of the case examples are fascinating. My favourite, although not an infusion pump, is the coastguard emergency telephone which had only 3 buttons labelled 1, 2 and 3 surrounded by a large sign telling you to dial 999 to report the emergency.

  5. It’s funny as I was reading the hackaday email about this post the first thing I thought if was all the comments that would say this was a bad idea- I wasn’t disappointed.

    Everything we do holds an element of risk. How big that risk we choose to live with is our own choice. If some us didn’t choose to live with a higher level of risk than a lot of commentators no one would get out of bed of a morning.

    Maybe when she started the project a commercial unit was it available ( interestingly I saw for the first time an add on TV only 1/2 hour ago annadd for an embedded glucometer) . Given she has been given a place in a list of the100 most creative people ( I presume for this project) means at least some committee thinks she has done well and she’s not just blowing her own trumpet.

    1. Problem is those people hardly understand why the regulations are in place. This is a huge risk, especially if being one by an amateur, which is why the open source nature scares me. It’s gonna be fine if its being done by someone with experience, but an amateur should not be playing around with this stuff

      1. The people behind OpenAPS (Dana and Scott) are very aware of why the regulations are in place. Every decision they make is weighed against the safety of the system. They have even written up the safety considerations: https://openaps.org/reference-design/ as well as talking to the FDA about the safety of ‘homemade’ devices.

        Secondly, anyone using the code is resposible for ensuring they are happy that the system works for them. If anyone is at all suspicious about anything it does, they can stop it and take corrective action. It is strongly recommended that any time someone tries a new feature they do say when they can carefully watch what is going on.

        From a recent presentation: https://pbs.twimg.com/media/DQR7VSlW0AALJSM.jpg:large an estimate of roughly 2.8 million user-hours with OpenAPS. This has gone beyond one person trying code on their own on a small dataset.

  6. Another T2 for 8 years. Since i was diagnosed, the Dr. told me i would invariably had to inject insulin in the near future. She prescribed 3 tablets (1 for high blood, pressure, 1 for “control of absorption of carbs, 1 for high colesterol). Did my own research. It seems that HC medication furbars natural colesterol control PERMANENTLY, so you become a slave of the pill. Never took those.
    Entered a particular way of eating, i can eat whatever i want, only that the quantities and proportions must be followed. One desert per week. Took instead vitamins and mineral supplements that are pretty much absent in currently available food.
    After a year, my A1C went from 8.0 to 5.9, no exercise done (that will help tremendously also).
    I cant understand how people can commit themselves to permanent medication, rather than providing the body the food it needs to repair itself.

    1. “I cant understand how people can commit themselves to permanent medication, rather than providing the body the food it needs to repair itself.”

      You’re a T2, I have no sympathy for you. Your pancreas has not destroyed 100% of your body’s inbuilt insulin production capacity.

      This article is about a solution for T1 diabetics who have a few orders of magnitude more effort required to manage their disease than T2s, as you yourself have proven.

      If I did ONLY what you did to try and manage my disease, I’d be dead due to ketoacidosis within 48-72 hours.

        1. He deserves no sympathy. I will happily be a dick to anyone who ignorantly weight-shames people, especially by saying what amounts to “eat less fatty” on an article about Type I diabetes treatment.

      1. Please don’t insult people. T2 diabetes is linked to obesity, but it doesn’t directly cause it (you can have T2 diabetics at a normal body weight, even Olympic athletes get it). It’s also possible for people with T1 diabetes to also develop insulin resistance (which is what T2 diabetes actually is).

  7. Before my mother passed I was working on a system that would monitor her pulse/ox readings and adapt her oxygen generator for when she was under strain. She needed more going up the steps than just sitting, etc. The plan was to have her wear a monitoring band which would alert her to the lower oxygen levels, then allow her to bump the system up for 2 minutes to a higher value, at which time it would revert.

    A good deal easier with oxygen, which if you begin getting too much you can remove the canula from your nose and sort out what happens. But I agree with the concept of the technology. On demand systems are one of the places where medical science needs to improve. Imagine getting a drug ONLY WHEN YOUR BODY NEEDS THE DRUG. In pain meds and in medicines with serious side effects the payoff is huge.

  8. You should read the disclaimers from some of the electronic parts vendors. The ones I have seen are all similar. Here is the one I found from TI in about 15 seconds on my first search,

    IMHO, this is a dangerous place to play, and using something like a pi is downright suicidal.

    DISCLAIMER: TI products are not authorized for use in safety-critical applications (such as life support) where a failure of the TI product would reasonably be expected to cause severe personal
    injury or death, unless TI and the customer have executed an agreement specifically governing such use. The customer shall fully indemnify TI and its representatives against any damages
    arising out of the unauthorized use of TI products in such safety-critical applications. The customer shall ensure that it has all necessary expertise in the safety and regulatory ramifications of its
    applications and the customer shall be solely responsible for compliance with all legal, regulatory and safety-related requirements concerning its products and any use of TI products in customer’s
    applications, notwithstanding any applications-related information or support that may be provided by TI.

    1. That’s just lawyer speak for: “If you don’t let us go over your design with a fine tooth comb to rule out any possibility of damage before you use it in a critical application, don’t come crying to us if it kills you”. It’s a waiver of responsibility, not a statement of product incapability.

  9. I don’t think my expectations are to high in expecting that HaD would do a bit more due diligence and give credit where its due. Most of the code for this is written by Ben West who did the reverse engineering for the CGM and insulin pump protocols over the span of years. It’s not fair to say that this lady has come up with it.

    Here’s a talk with Ben regarding the progress of OpenAPS.

  10. It’s as simple as risky…but all risks can be minimized to a near zero value: 1st approach: measure sugar level – > release Insuline. 2nd approach: measure continuously – Use backup hardware to compare measurement -> release insuline keep monitoring and warn if there’s any risk. 3rd approach: measure continuously – Use backup hardware to compare measurement -> release insuline keep monitoring and warn if there’s any risk and finally release sugar compose if sugar level is critical.

  11. I”m using OpenAPS. This comments section is awful. It’s a very different situation as a healthy person looking into the struggles of diabetes and easily saying it’s not worth the risk without fully reading the documentation or code in use. These systems are designed with safety in mind, The pump is still in charge of max doses and won’t let openaps go beyond these built in limits. What in reality is the difference between injecting manually your daily dose of insulin by accident twice because you’ve had a drink or because you’re tired after a long day and forget when you did it. That’s just, if not more dangerous. the pump is still in charge of this system. it’s inputs mimic the human’s only it checks every 5 minutes. Using this system has saved my vision and my kidneys so far which have been proven through the graphs I receiver of my treatment over time. Would you rather not take the risk if you were in my position and have lost your Kidneys and be on permanent dialysis? It’s saved my life.

    Reading the above serves nothing but than to depress and there are a great many uniformed opinions up there. Sad really. This is what hackaday has become.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.