Link to home
Start Free TrialLog in
Avatar of Francois Koutchouk
Francois KoutchoukFlag for United States of America

asked on

How do I find data in the bluetooth output of a medical sensor?

How do I decipher the results of a pulse oximeter bluetooth (BLE) device?

For one model, I read
04:3e:2b:02:01:00:00:6d:2b:31:50:a0:00:1f:02:01:06:1b:09:42:65:72:72:79:4d:65:64:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:ce
for another, I read
04:3e:21:02:01:00:00:5f:62:98:38:c1:a4:15:02:01:06:11:06:6d:b8:e6:7e:a3:93:46:88:07:4c:35:52:80:cb:ea:cd:dc

Getting help these from those vendors is these days nearly impossible.
Avatar of d-glitch
d-glitch
Flag of United States of America image

It seems like you have access to several monitors and the output data streams.
Do you also have access to the BLE apps or display devices?

Decoding should be pretty easy unless they are trying to obfuscate the data for some reason.

Presumably you realize the data is in Hex format, two characters [0-f] make up each 8-bit byte.

The first string is 43 bytes with a lot of zeroes, the second is 33.

Note the similarities between the two strings:
04:3e: 2b: 02:01:00:00:   6d:2b:31:50:a0:00:1f:02:01:06:1b:09:42:65:72:72:79:4d:65:64:00:00: .......... 00:00:ce
04:3e: 21: 02:01:00:00:   5f:62:98:38:c1:a4:15:02:01:06:11:06:6d:b8:e6:7e:a3:93:46:88:07:4c:35:52:80:cb:ea:cd:dc

Open in new window


The first 7 bytes are probably some sort of header a header.  
The 2b in the first string converts to 43, the number of bytes in the string.  
Same for the 21 in the second string.

The last byte is probably a parity checksum.

I would try converting the rest of the message to ASCII.  That might work.
But if you can get several different messages, i.e. different known oxygen readings, that could work too.

The part of the string that doesn't change between messages could be a device id.  But if it doesn't change, it doesn't matter.
If you can correlate the part that does change with know displayed data, you are probably done.
Avatar of Francois Koutchouk

ASKER

Hmm, we are getting somewhere, thank you.
Using the string:
04:3e:2b:02:01:00:00:6d:2b:31:50:a0:00:1f:02:01:06:1b:09:42:65:72:72:79:4d:65:64:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:c9
https://www.rapidtables.com/convert/number/hex-to-ascii.html
I see BerryMed -- that's definitely the name of the manufacturer.
I think the device transmits 2 (and maybe 3 values). SpO2 was 97 and Pulse 73 which in hex would 61 and 49

04:3e:2b:02:01:00:00:6d:2b:31:50:a0:00:1f:02:01:06:1b:09:42:65:72:72:79:4d:65:64:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:cd
was 97 and 82.  The only byte that changed is the last one though.

If that helps the range for SpO2 from the manufacturer is 70-99 and the pulse 30-250
If that helps the address of the oximeter is: 00:a0:50:31:2b:6d

I kinda of doubt they would be encrypting, there isn't anything confidential since there is no patient information.
I'm thinking the message may not contain the actual data.
I appreciate your thoughts.
I guess I wouldn't expect any encryption either.

The range info for the blood oxygen and pulse rate are very useful.

Each of the data values could be encoded as an 8-bit integer [0-255].
You might also want to check for five ASCII characters.

 How are you capturing these days streams?  How often are the repeated?
When turned on the oximeter transmits rapidly and continuously (once per second).
It takes a few seconds for the device to read the SpO2 and the Pulse.
Since those numbers change, I try to stay very calm until my SpO2 and Pulse remain the same for a few seconds.

I am using a Raspberry Pi running Debian with the bluez library, then establish a socket
(running Python):
[...]
sock.recv(1024)
print(':'.join("{0:02x}".format(x) for x in data))

I then break the loop and copy and paste the last few lines.

Again, thank you for your help!
Here's the background: we have a bunch of those devices we would like to send patients home with.   Them using a smartphone with BLE (if they have one) running a third party app is not an option for most.
More information:  here is the reading from another oximeter:
04:3e:21:02:01:00:00:5f:62:98:38:c1:a4:15:02:01:06:11:06:6d:b8:e6:7e:a3:93:46:88:07:4c:35:52:80:cb:ea:cd:c3
the SpO2 was 99 and the pulse 73
The BLE address is: a4:c1:38:98:62:5f
Attached is the data specifications from the vendor.
Does that help to figure out where is the 99 and the 73 buried in that string?
Andesfit_SpO2.pdf
ASKER CERTIFIED SOLUTION
Avatar of Francois Koutchouk
Francois Koutchouk
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial