IoMT CardioAI — System Dashboard

200

Tests Passing

100% pass rate · 0 failures

Active Agents

All agents running

Message Types

WS protocol messages

3-Way

Auth Handshake

HMAC-SHA256 + JWT

1,965

Lines of Code

iomt_cardioai_handshake.py

6.76s

Test Runtime

20 suites · 200 tests

Multi-Agent Processing Pipeline

AGENT 1

📡

Data Acquisition

→

AGENT 2

⚡

Processing

→

AGENT 3

🔍

Pattern Recognition

→

AGENT 4

🩺

Diagnostic

→

AGENT 5

🚨

Alert Monitor

→

AGENT 6

👤

Personalization

→

AGENT 7

📢

Communication

Shared MessageBus

pub/sub · async · topic-isolated

3-Way HMAC Handshake

CardioAI ──→ IoMT Server HELLO client_id · v1.0

IoMT Server ──→ CardioAI CHALLENGE 16-byte UUID

CardioAI ──→ IoMT Server CHALLENGE_RESP HMAC-SHA256

IoMT Server ──→ CardioAI AUTH_OK JWT token

CardioAI ──→ IoMT Server SUBSCRIBE device_ids[]

IoMT Server ──→ CardioAI RPM_DATA continuous stream

Security Stack

🔐

HMAC-SHA256 Challenge Auth

16-byte UUID challenge · deterministic signing · tamper detection

✓ TESTED

🎫

JWT Session Tokens

HS256 · expiry enforced · wrong-secret rejection tested

✓ TESTED

🌐

WebSocket TLS Transport

wss://iomt-server.hospital.local/stream

✓ CONFIG

💓

Heartbeat Loop + Health Monitor

30s stale threshold · 3 missed heartbeats → inactive event

✓ TESTED

🔄

Back-Pressure Queue (maxsize=2000)

Oldest-frame eviction on full queue · RPMDataPump

✓ TESTED

Protocol Message Types

HELLO

CHALLENGE

CHALLENGE_RESP

AUTH_OK

AUTH_FAIL

HEARTBEAT

HEARTBEAT_ACK

DEVICE_LIST

DEVICE_LIST_ACK

SUBSCRIBE_ACK

UNSUBSCRIBE

DISCONNECT

RPM_DATA

RPM_ACK

ERROR

Test Coverage by Suite

Sequence Diagram — IoMT ↔ CardioAI 3-Way Handshake

IoMTServerConnector

WS Client

CardioAI Backend

Orchestrator

SecurityManager

HMAC + JWT

→ HELLO client_id · version: "1.0" WS send

← CHALLENGE 16-byte UUID nonce HMAC

SecurityManager.sign_challenge(nonce) → HMAC-SHA256

HMAC-SHA256

→ CHALLENGE_RESP challenge + signature signed

IoMT Server verifies signature using shared secret

verify

← AUTH_OK JWT token (HS256) JWT

→ DEVICE_LIST fetch registered devices

← DEVICE_LIST_ACK array of device ids

→ SUBSCRIBE device_ids[] to monitor

← SUBSCRIBE_ACK confirmed subscriptions

← RPM_DATA continuous stream → inbound queue → 7-agent pipeline

Protocol Message Reference

Message Type	Direction	Purpose	Payload
HELLO	C→S	Initiate connection	client_id, version
CHALLENGE	S→C	Issue auth nonce	challenge (16-byte UUID)
CHALLENGE_RESP	C→S	Prove identity	challenge + HMAC-SHA256 sig
AUTH_OK	S→C	Grant access	JWT token (HS256)
AUTH_FAIL	S→C	Reject auth	reason string
HEARTBEAT	BOTH	Keep-alive probe	timestamp
HEARTBEAT_ACK	BOTH	Keep-alive response	echo timestamp
DEVICE_LIST	C→S	Request device catalog	—
DEVICE_LIST_ACK	S→C	Deliver device list	device_id[]
SUBSCRIBE	C→S	Register for RPM feeds	device_ids[]
SUBSCRIBE_ACK	S→C	Confirm subscriptions	ack'd device_ids[]
UNSUBSCRIBE	C→S	Cancel RPM feed	device_ids[]
DISCONNECT	BOTH	Graceful shutdown	reason
RPM_DATA	S→C	Telemetry frame	device_id, HR, BP, SpO2…
RPM_ACK	C→S	Telemetry receipt	msg_id ref
ERROR	BOTH	Protocol error	code + message