Docs / Raw

Roadmap

Sourced from docs/ROADMAP.md

Edit on GitHub

VoiceAssist V2 Development Roadmap (15 Phases)

This is the canonical V2 development roadmap for VoiceAssist. It presents a 15-phase implementation plan (Phase 0-14) organized by timeframe and deliverables.

For detailed phase documentation, see:

Roadmap Overview

Total Duration: 90-110 hours (12-14 weeks part-time)

Architecture Approach: Compose-First, Kubernetes-Later

  • Phases 0-10: Build with Docker Compose (80% of development)
  • Phases 11-12: Kubernetes manifest creation and testing
  • Phases 13-14: Production deployment and finalization

Development Environment: MacBook Pro (local), Ubuntu Server (production)

Table of Contents

  1. Week 1-2: Foundation (Phases 0-1)
  2. Week 3-4: Security & Core Services (Phases 2-3)
  3. Week 5-6: Voice & Medical AI (Phases 4-5)
  4. Week 7-8: Integration & Admin (Phases 6-7)
  5. Week 9-10: Observability & Optimization (Phases 8-10)
  6. Week 11-12: Kubernetes Preparation (Phases 11-12)
  7. Week 13-14: Production Deployment (Phases 13-14)
  8. Major Milestones
  9. Success Criteria

Week 1-2: Foundation (Phases 0-1)

Phase 0: Project Initialization & Architecture Setup

Duration: 4-6 hours Goal: Establish project foundation and development environment

Key Deliverables:

  • Complete project directory structure for all microservices
  • Docker Desktop installed and configured
  • Initial architecture documentation created
  • Base docker-compose.yml skeleton
  • CURRENT_PHASE.md tracking system initialized
  • Git repository with proper .gitignore

Dependencies: None (starting point)

Critical Path: All subsequent phases depend on this

Phase 1: Core Infrastructure & Database Setup

Duration: 6-8 hours Goal: Deploy core databases and create base microservice framework

Key Deliverables:

  • PostgreSQL (with pgvector) running via Docker Compose
  • Redis deployed for caching and sessions
  • Qdrant vector database deployed and accessible
  • Dockerfiles for all microservices created
  • Database schemas defined with Alembic migrations
  • Health check endpoints for all databases
  • Docker volumes configured for data persistence

Dependencies: Phase 0 complete

Critical Path: Database foundation required for all services

Week 3-4: Security & Core Services (Phases 2-3)

Phase 2: Security Foundation & Nextcloud Integration

Duration: 6-8 hours Goal: Implement authentication infrastructure with Nextcloud SSO

Key Deliverables:

  • Nextcloud deployed in Docker Compose (separate stack)
  • Keycloak configured for OIDC authentication
  • JWT-based auth service with short-lived tokens
  • User registration and login via Nextcloud
  • Multi-factor authentication (MFA) with TOTP
  • HTTPS configured with self-signed certificates (mkcert for local dev)
  • User synchronization service (Nextcloud ↔ PostgreSQL)

Dependencies: Phase 1 (databases must be ready)

Critical Path: Authentication required for all user-facing features

Phase 3: API Gateway & Core Microservices

Duration: 6-8 hours Goal: Create microservice skeletons with basic observability

Key Deliverables:

  • API Gateway deployed (Kong or Nginx) in Compose
  • Voice Proxy service skeleton (WebSocket endpoints)
  • Medical KB service skeleton (RAG pipeline foundation)
  • Admin API service skeleton (management endpoints)
  • All services registered in docker-compose.yml
  • Prometheus deployed for metrics collection
  • Grafana deployed with initial dashboards
  • Service discovery via Docker Compose networking

Dependencies: Phase 2 (auth must be functional)

Critical Path: API Gateway required for frontend integration

Week 5-6: Voice & Medical AI (Phases 4-5)

Phase 4: Advanced Voice Pipeline & Dynamic Conversations

Duration: 8-10 hours Goal: Build web-based voice assistant with real-time AI

Key Deliverables:

  • React voice client with WebRTC streaming
  • Voice Activity Detection (VAD) implemented
  • Echo cancellation (WebRTC AEC) and noise suppression
  • OpenAI Realtime API integration
  • WebSocket connection management in Voice Proxy
  • Conversation context and memory management
  • Dynamic clarification prompts (e.g., "kidney disease" → ask for specifics)
  • Barge-in support for natural conversation flow
  • Persistent conversation storage

Dependencies: Phase 3 (Voice Proxy service must exist)

Critical Path: Voice is a core differentiator

Phase 5: Medical Knowledge Base & RAG System

Duration: 8-10 hours Goal: Implement advanced medical RAG with domain-specific models

Key Deliverables:

  • PDF processing pipeline (PyPDF2, pdfplumber, Tesseract OCR)
  • BioGPT integration for medical-specific embeddings
  • PubMedBERT integration for enhanced medical understanding
  • Advanced RAG with multi-hop reasoning
  • UpToDate API integration (if licensed)
  • OpenEvidence API integration
  • Automated guideline scraper (CDC, WHO, specialty societies)
  • Medical calculator library (Wells, GRACE, renal dosing)
  • PubMed search and retrieval
  • Citation generation with AMA format

Dependencies: Phase 1 (Qdrant must be deployed)

Critical Path: Medical knowledge is the core value proposition

Week 7-8: Integration & Admin (Phases 6-7)

Phase 6: Nextcloud App Integration & Unified Services

Duration: 6-8 hours Goal: Package web apps as Nextcloud apps and integrate calendar/email

Key Deliverables:

  • VoiceAssist web client packaged as Nextcloud app
  • VoiceAssist admin panel packaged as Nextcloud app
  • Documentation site packaged as Nextcloud app
  • CalDAV integration for calendar operations
  • Google Calendar sync (optional external calendar)
  • Email integration via Nextcloud Mail
  • File indexing service for Nextcloud documents
  • Automatic indexing of uploaded medical documents
  • Task synchronization with Nextcloud Tasks

Dependencies: Phase 5 (file indexer must be functional)

Critical Path: Nextcloud unification provides seamless UX

Phase 7: Advanced Admin Panel & RBAC

Duration: 6-8 hours Goal: Build comprehensive admin control center with role-based access

Key Deliverables:

  • Admin dashboard with real-time Prometheus metrics
  • Role-based access control (RBAC) with Open Policy Agent
  • Model selection UI (local vs cloud, model parameters)
  • Cost tracking and analytics dashboard
  • Knowledge base management interface (upload, reindex, delete)
  • Security policy configuration editor
  • User management interface (create, update, disable users)
  • Audit log viewer with filtering and search

Dependencies: Phase 3 (Admin API must exist)

Critical Path: Admin features required for production management

Week 9-10: Observability & Optimization (Phases 8-10)

Phase 8: Distributed Tracing & Advanced Observability

Duration: 4-6 hours Goal: Implement comprehensive observability stack

Key Deliverables:

  • Jaeger deployed for distributed tracing
  • All services instrumented with OpenTelemetry
  • Loki deployed for centralized logging
  • PHI redaction implemented in all logs
  • AlertManager configured with HIPAA-relevant alerts
  • Comprehensive Grafana dashboards (service health, latency, errors)
  • Log retention policies configured (30-90 days)
  • Alert rules for critical issues (downtime, high latency, errors)

Dependencies: Phase 3 (Prometheus/Grafana must be deployed)

Critical Path: Observability critical for production reliability

Phase 9: Infrastructure as Code & CI/CD

Duration: 6-8 hours Goal: Automate infrastructure and deployment pipelines

Key Deliverables:

  • Terraform modules for all infrastructure
  • Ansible playbooks for Ubuntu server setup
  • GitHub Actions CI/CD pipelines
  • Automated test suites (unit, integration, security)
  • Security scanning (SAST with Bandit, DAST)
  • Automated deployment scripts
  • Infrastructure documentation with diagrams

Dependencies: Phases 1-8 (all services must be functional)

Critical Path: Automation reduces deployment risk

Phase 10: Load Testing & Performance Optimization

Duration: 6-8 hours Goal: Verify system can handle production load

Key Deliverables:

  • Load testing scripts (k6 or Locust)
  • Performance benchmarks for 100, 200, 500 concurrent users
  • Voice mode concurrent connection testing
  • Database query optimization (indexes, query plans)
  • Redis caching implementation for hot paths
  • Docker Compose resource limits tuned
  • Performance report with bottleneck analysis

Dependencies: Phases 1-9 (full system must be functional)

Milestone: Docker Compose system is production-ready

Week 11-12: Kubernetes Preparation (Phases 11-12)

Phase 11: Security Hardening & HIPAA Compliance

Duration: 6-8 hours Goal: Implement comprehensive security measures

Key Deliverables:

  • Security audit report (vulnerability scanning)
  • Encryption at rest for all databases
  • mTLS for inter-service communication (prepare for service mesh)
  • Comprehensive audit logging for all data access
  • Network segmentation policies documented
  • PHI detection service (Presidio-based)
  • PHI redaction tested and verified
  • HIPAA compliance documentation
  • Penetration testing (if possible)

Dependencies: All previous phases

Critical Path: Security required for HIPAA compliance

Phase 12: High Availability & Disaster Recovery

Duration: 4-6 hours Goal: Configure HA, backups, and recovery procedures

Key Deliverables:

  • PostgreSQL streaming replication configured
  • Automated daily encrypted backups
  • Backup stored off-site (Nextcloud, S3, or similar)
  • Disaster recovery runbook with step-by-step procedures
  • Backup restoration tested and verified
  • RTO (Recovery Time Objective) and RPO (Recovery Point Objective) documented

Dependencies: Phase 1 (database infrastructure)

Critical Path: DR essential for production systems

Week 13-14: Production Deployment (Phases 13-14)

Phase 13: Final Testing & Documentation

Duration: 6-8 hours Goal: Comprehensive end-to-end testing and documentation finalization

Key Deliverables:

  • Complete E2E test suite covering all workflows
  • Voice interaction testing (accuracy, latency, reliability)
  • Integration testing (all services working together)
  • Updated ARCHITECTURE_V2.md with as-built architecture
  • Updated all service READMEs
  • Deployment guide for Ubuntu server
  • User documentation (clinician-facing)
  • Troubleshooting guide with common issues

Dependencies: All previous phases

Critical Path: Testing prevents production issues

Phase 14: Production Deployment

Duration: 6-8 hours Goal: Deploy to Ubuntu server and configure production environment

Key Deliverables:

  • VoiceAssist deployed to production Ubuntu server
  • SSL certificates configured (Let's Encrypt)
  • Domain DNS configured (voiceassist.asimo.io, admin.asimo.io, etc.)
  • Production monitoring active (Prometheus, Grafana, alerts)
  • Production smoke tests passed (all services healthy)
  • Production documentation complete (runbooks, incident response)
  • Backup verification (automated backups running)

Dependencies: All previous phases

Milestone: VoiceAssist V2 is live in production!

Major Milestones

Milestone 1: Docker Compose System Complete (After Phase 10)

  • All microservices functional in Docker Compose
  • Full feature parity with V2 architecture design
  • Performance validated for production load
  • Observability stack operational
  • Status: Ready for Kubernetes migration OR production deployment via Compose

Milestone 2: Kubernetes Migration Prepared (After Phase 12)

  • K8s manifests created and tested locally (K3s or Minikube)
  • Security hardening complete
  • High availability configured
  • Disaster recovery tested
  • Status: Ready for production K8s deployment

Milestone 3: Production Deployment Complete (After Phase 14)

  • System live on production Ubuntu server
  • All services healthy and monitored
  • Backups running automatically
  • Documentation complete
  • Status: Production-ready system in operation

Phase Dependencies Diagram

Phase 0 (Init)
    ↓
Phase 1 (Infrastructure)
    ↓
Phase 2 (Security) ←──────────────┐
    ↓                              │
Phase 3 (Microservices)            │
    ↓                              │
Phase 4 (Voice)   Phase 5 (Medical KB)
    ↓                ↓             │
    └────────┬───────┘             │
             ↓                     │
Phase 6 (Nextcloud Apps) ──────────┘
             ↓
Phase 7 (Admin Panel)
             ↓
Phase 8 (Observability)
             ↓
Phase 9 (IaC & CI/CD)
             ↓
Phase 10 (Load Testing)
         [Milestone 1]
             ↓
Phase 11 (Security)   Phase 12 (HA/DR)
             ↓              ↓
             └──────┬───────┘
                    ↓
         Phase 13 (Testing)
                    ↓
         Phase 14 (Production)
             [Milestone 3]

Success Criteria

Technical Metrics

Performance:

  • Voice activation latency: < 500ms
  • Chat response time: < 2s (simple queries)
  • Medical search latency: < 5s (including RAG)
  • WebSocket connection stability: > 99%

Reliability:

  • System uptime: > 99.5%
  • Error rate: < 1%
  • All tests passing: 100%

Security:

  • HIPAA compliance: Verified
  • PHI never in logs: 100% redaction
  • mTLS coverage: 100% of inter-service traffic
  • Audit log coverage: 100% of data access

Scalability:

  • Concurrent users supported: 500+
  • Voice sessions supported: 100+ simultaneous
  • Knowledge base size: 10,000+ documents
  • Vector search: Sub-second latency

Business Metrics

Features:

  • All workflows functional (Quick Consult, Case Workspace, etc.)
  • Voice interaction working (VAD, echo cancellation)
  • Medical knowledge base comprehensive (textbooks, journals, guidelines)
  • Admin panel fully functional (KB management, analytics)

Documentation:

  • Architecture documented
  • API contracts documented
  • Deployment procedures documented
  • User guides complete

Quality:

  • Code coverage: > 80%
  • No critical security issues
  • Performance benchmarks met
  • All acceptance criteria passed

Risk Mitigation

High-Risk Areas

Risk 1: Voice Quality Issues

  • Mitigation: Extensive testing in Phase 4, fallback to text-only mode
  • Contingency: Use commercial VAD/AEC libraries if open-source insufficient

Risk 2: RAG Accuracy

  • Mitigation: Comprehensive testing with clinical experts in Phase 5
  • Contingency: Implement confidence scoring, show multiple sources

Risk 3: Performance Under Load

  • Mitigation: Load testing in Phase 10, early optimization
  • Contingency: Horizontal scaling via Docker Compose replicas

Risk 4: HIPAA Compliance Gaps

  • Mitigation: Security audit in Phase 11, expert review
  • Contingency: Additional controls, third-party audit

Timeline Buffers

  • Phase estimates include 20% buffer
  • Critical path phases (1, 2, 4, 5) have priority
  • Non-critical features can be deferred to post-launch

Post-Launch Roadmap

Phase 15+: Kubernetes Migration (Optional)

  • Migrate from Docker Compose to Kubernetes
  • Implement service mesh (Linkerd/Istio)
  • Configure auto-scaling (HPA)
  • Multi-zone deployment for HA

Future Enhancements

Platform Expansion:

  • Mobile app (iOS/Android) with offline voice mode
  • Multi-user collaboration features (shared case reviews)
  • Telemedicine integration (video conferencing, remote monitoring)

Clinical Intelligence:

  • Full care-gap detection and preventive care reminders
  • Additional medical specialties (cardiology, oncology, pediatrics)
  • Advanced ML models for medical diagnosis assistance
  • Clinical decision support (CDS) rules engine

EHR Enhancements:

  • Offline EHR sync with conflict resolution
  • Additional EHR systems (Cerner, Allscripts, athenahealth)
  • Bidirectional patient messaging integration
  • Lab result trending and alerts

Voice & AI:

  • Multi-language voice support (Spanish, Arabic, Mandarin)
  • Custom voice cloning for personalized TTS
  • Context-aware medical terminology pronunciation
  • Voice biometrics for patient authentication

Infrastructure:

  • Integration with EHR systems (HL7 FHIR)COMPLETE - Epic FHIR integration implemented
  • Federated learning for privacy-preserving model improvement
  • Edge deployment for low-latency voice processing

Recently Completed (Dec 2025)

Epic FHIR Integration (Phase 6b/7):

  • Read-only FHIR operations: Patient, Observation, MedicationRequest, AllergyIntolerance
  • Write operations: Create/update/delete for MedicationRequest, ServiceRequest, DocumentReference
  • EHRCommandExecutor plugin for voice-driven orders ("prescribe amoxicillin 500mg twice daily")
  • Order confirmation workflow with duplicate detection
  • Circuit breaker pattern with provider health monitoring
  • Chaos engineering framework for resilience testing
  • HIPAA-compliant audit logging for all EHR operations
  • Feature flags with A/B testing support
  • Operational runbook at docs/operations/epic-fhir-runbook.md

Last Updated: 2025-12-04 Version: V2.1 Status: Implementation Complete (Phases 0-10, Epic FHIR Phase 6b/7)

← All documentationHome
Beginning of guide
End of guide