White Paper: ABA Buddy - An AI-Driven Companion for ABA Therapy

1. Executive Summary

Autism Spectrum Disorder (ASD) affects 1 in 36 children in the U.S., with families and therapy providers spending over $60B annually. While ABA therapy and school support are central to autism care, families still lack a child-friendly assistive tool that offers real-time support, reduces caregiver paperwork, and gives parents/BCBAs clear, actionable insights.

ABA Buddy delivers a closed-loop ecosystem:

• Child companion (plush buddy MVP ➜ pocket device) with sensory-tunable feedback.
  
  

• Bracelet wearable (silicone; HR/HRV/EDA) with alternative form factors for sensory-averse kids.
  
  

• Caregiver app (ABA annotation, function-driven plans, generalization probes).
  
  

• Parent console (plain-language digests, visual schedules, safety plans, consent control).
  
  

• Supervisor/BCBA console (fidelity review, payer-ready reports, IOA).
  
  

Design principles: assistive (not diagnostic), dignity-preserving, generalization-focused, payer-aligned, and privacy by default.

 

---

 

2. Market Opportunity

2.1 The Autism Economy

• ASD services in the U.S.: $60B+ annually
  
  

• ABA therapy: $15K–$45K/year per child
  
  

• Demand: tools that improve outcomes, reduce documentation load, and extend learning beyond the session
  
  

2.2 Gaps in the Market

• Fitness wearables: not child-specific, limited clinical relevance
  
  

• ABA apps: often data-heavy, kid-unfriendly, weak on generalization
  
  

• Caregivers: manual notes, payer documentation burden, limited BCBA oversight tooling
  
  

2.3 Positioning

• Assistive, not diagnostic (no FDA pathway)
  
  

• Kid-friendly hardware with sensory controls
  
  

• Clinically aligned (function of behavior, reinforcer rotation, generalization tracking)
  
  

• Payer-aware (supervisor review + insurer-ready exports)
  
  

• Parent-centric (visual schedules, safety mode, digestible progress)
  
  

---

 

3. Business Strategy

3.1 Vision

The first autism-specific AI wearable ecosystem that unites child engagement, therapist workflow, BCBA oversight, and family practice at home/school.

3.2 Components

• Bracelet: HR/HRV/EDA telemetry (BLE)
  
  

• Plush Buddy MVP: speaker, LEDs, interactive LED eyes, vibration motor, policy-controlled camera (optional)
  
  

• Caregiver App: ABC + function tagging, trials, generalization probes, reinforcement tracking, crisis logging
  
  

• Parent Console: visual schedules, token charts, safety plan, consent center, secure messaging
  
  

• Supervisor/BCBA Console: fidelity/IOA, mastery criteria, payer notes
  
  

3.3 Business Model

• Hardware: Bracelet $99 retail (~$20–25 COGS); Buddy $399 retail (~$100 COGS)
  
  

• SaaS: $29–$49/mo (caregiver + parent + BCBA surfaces)
  
  

• Channels: B2B (ABA clinics, schools), B2C (direct-to-parent)
  
  

3.4 Competitive Advantage

• First autism-focused AI wearable suite
  
  

• End-to-end: child engagement + therapist workflow + BCBA review + parent practice
  
  

• Function-aware data model; generalization baked in
  
  

• Payer-friendly exports; dignity & consent by design
  
  

---

 

4. Technical Concept

4.1 Plush Buddy MVP

• Form factor: plush with modular electronics bay
  
  

• Core: speaker (prompting/soothing), LEDs (state/feedback), interactive LED eyes (affect cueing), vibration (paced breathing/transition), optional event camera (policy-gated, LED recording indicator)
  
  

• Processor: Raspberry Pi Zero 2W
  
  

• Battery: Li-ion, USB-C, fast swap bay
  
  

• Sensory controls: max LED brightness, haptic intensity, audio volume set via policy (child/org)
  
  

4.2 Bracelet (Kid-Friendly)

• Silicone band; HR/HRV/EDA
  
  

• BLE → plush; clip-on alt form factor for tactile-defensive users
  
  

4.3 Cloud + App

• Plush → Cloud: Wi-Fi (MQTT)
  
  

• Caregiver/Parent UIs: WebSockets
  
  

• Local-first calm routines (<200ms), cloud for summaries/insights
  
  

• No continuous recording; event-only clips (4–6s) when policy permits
  
  

---

 

5. ABA Caregiver Workflow (Core to the App)

5.1 ABC + Function of Behavior

• Log antecedent, behavior, consequence; attach function hypothesis (escape, attention, tangible, automatic) + confidence
  
  

• Auto-suggest antecedents when stress spikes align with schedule
  
  

5.2 Targets / Programs with Mastery Criteria

• Trials per target: Correct, Incorrect, Prompted, Independent
  
  

• Mastery: configurable criteria (e.g., ≥80% independent across 3 sessions)
  
  

5.3 Prompt Levels & Fading

• Independent, Verbal, Gestural, Physical; latency/duration
  
  

• Auto-graphs and fading recommendations when independence trend allows
  
  

5.4 Generalization Probes

• Tag trials by setting (home/school/community), people (parent/teacher/therapist), materials
  
  

• Generalization matrix + coverage gaps surfaced to therapist & parents
  
  

5.5 Reinforcement Management

• Quick preference checks (MSWO/paired choice)
  
  

• Reinforcer rotation; satiation alerts; efficacy scoring over time
  
  

5.6 Session Notes → BCBA Review

• AI draft summary from trials/ABC/episodes + context
  
  

• Therapist edits; BCBA approval with comments required for payer export
  
  

5.7 Critical Incidents

• One-tap logging for elopement/SIB/aggression with mandatory fields
  
  

• Optional real-time alert to parents/BCBA per policy
  
  

5.8 Reporting

• Real-time graphs (skills %, behavior frequency/duration)
  
  

• Insurer-ready note template: goals, progress to mastery, minutes, place of service, supervision
  
  

Flow: Start session → 1-tap trials/ABC/stress → end session → AI draft → therapist edit → BCBA approve → exports/digests.

---

 

6. Hybrid AI Architecture (Cloud-First, Wi-Fi Connected)

6.1 On-Device (Plush + Bracelet)

• Compute stress_score (baseline + smoothing)
  
  

• Local calm routines: LED/vibration/audio (<200ms)
  
  

• Hot phrase bank (50–150 WAV/MP3) for instant prompts
  
  

• Eyes reflect states locally (idle/stress/reward)
  
  

• Buffer telemetry offline; no facial ID or continuous speech capture
  
  

6.2 Cloud Services

• MQTT ingest → Node/TS workers
  
  

• DB: Postgres (RLS); media: S3 (KMS)
  
  

• LLM tasks: session summaries, payer notes layout, parent weekly tips
  
  

• Cloud TTS → cache → push to device
  
  

6.3 Latency & Cost

• UI WS updates: 0.5–2s
  
  

• Token budgets: summaries 500–800; payer notes 600–900
  
  

• Cache TTS; event-only clips; retention windows
  
  

6.4 Reliability & Safety

• Offline baselines; health pings; OTA with canary + rollback
  
  

• Policy engine gates camera/audio/brightness/haptics by child/org and mode (School/Clinic/Home/Bedtime)
  
  

6.5 Data Contracts (extended)

Telemetry JSON

{

  "ts": 1733352004123,

  "fw": "0.3.1",

  "battery_pct": 78,

  "hr": 96,

  "hrv_rmssd": 42,

  "eda": 0.63,

  "skin_temp_c": 33.1,

  "stress_score": 0.71,

  "state": "elevating",

  "policy_id": "pol_abc123"

}

Command JSON

{"cmd":"CALM_MODE","params":{"pattern":"breath_pulse","seconds":60,"led":"blue","haptics":"low"}}

Function Hypothesis JSON

{

  "session_id": "sess_123",

  "behavior_id": "beh_991",

  "function": "escape",

  "confidence": 0.72,

  "notes": "Spike during math-to-reading transition"

}

Reinforcer Sample JSON

{

  "child_id": "child_7",

  "reinforcer_id": "reinf_22",

  "context": "table_time",

  "efficacy": 0.8,

  "satiation": false

}

Generalization Probe JSON

{

  "target_id": "tgt_55",

  "setting": "home",

  "person": "parent",

  "materials": "picture_cards",

  "outcome": "independent"

}

 

---

 

7. App Development Roadmap

Phase 1 (0–3 months)

• Plush MVP (Pi, LEDs, speaker, vibration, interactive eyes)
  
  

• Bracelet HR/HRV/EDA
  
  

• Caregiver app v1: trials, ABC, function tagging, live stress
  
  

• Parent daily digest (email)
  
  

• Policy engine v1 (LED/haptics/audio caps; School Mode)
  
  

Phase 2 (3–9 months)

• Custom plush & swappable battery
  
  

• Caregiver: generalization probes, reinforcer rotation, BCBA review
  
  

• Parent console: visual schedules, token charts, safety plan, secure messaging
  
  

• Payer note templates; camera (policy-gated) event clips
  
  

Phase 3 (9–18 months)

• Predictive early-warning (assistive framing)
  
  

• Classroom multi-child dashboard
  
  

• OTA fleet mgmt; IOA & supervision hours modules
  
  

• Teacher read-only view (FERPA-aware)
  
  

---

 

8. AI Integration

• Speech simplification → child-friendly prompts
  
  

• Annotation engine → stress/ABC alignment + function suggestions
  
  

• Parent digest → plain-language + weekly “what to try”
  
  

• Payer note builder → maps data to insurer format after BCBA approval
  
  

• LED Eyes layer → visual feedback synced with policy + context (avoid overstimulation)
  
  

---

 

9. Risks & Mitigations

• Sensory overload → per-child policy caps; gradual intro; audio-only/buddy-off modes
  
  

• Wearable rejection → alt clip-on; garment integrations (roadmap)
  
  

• Privacy → opt-in camera; event-only; LED recording indicator; consent center
  
  

• Payer acceptance → BCBA review + insurer templates; audit trails
  
  

• Ethical concerns → dignity language; child choice (voice, eye style, prompts); “helper not tracker” framing
  
  

• Security → mTLS, secure element keys, WAF, rate limits, encrypted media, strict RLS
  
  

---

 

10. Base44 Usage Policy

• Base44 = view layer only (caregiver/parent)
  
  

• Real-time via MQTT→WS bridge; Auth/RBAC in our API
  
  

• Media via S3 presigned URLs; background jobs (digests/reports) on our infra
  
  

• Feature flags: camera/clip behind org/child policy
  
  

---

 

11. Backend Architecture — Authoritative Spec (with Full API)

11.1 Multi-Tenancy & Isolation

• Orgs (clinics/schools) and families; strict RLS; org/{orgId} namespace for MQTT/WS/S3.
  
  

11.2 Identity, AuthN/Z & RBAC

• Roles: owner, admin, bcba, therapist, assistant, parent, teacher (RO), viewer.
  
  

• JWT + refresh; MFA; org switching (audited); service-to-service OAuth; JWKS.
  
  

11.3 Canonical Data Model (adds)

• function_hypothesis, preference_assessment, generalization_probe, policy,
  critical_incident, supervision_log, ioa_record (as defined earlier).
  
  

11.4 API Surface (REST /v1) — Full Callouts

Global Conventions

• Versioning: Accept: application/vnd.ababuddy.v1+json
  
  

• Auth: OAuth2 (JWT), refresh; client-creds for services; GET /.well-known/jwks.json
  
  

• Idempotency: Idempotency-Key on POST/PUT
  
  

• Pagination: cursor; Caching: ETag/If-None-Match; Errors: RFC 7807
  
  

Auth & Org

• POST /auth/login, /auth/refresh, /auth/logout
  
  

• POST /auth/forgot, /auth/reset
  
  

• POST /auth/mfa/setup|verify|disable (TOTP/WebAuthn)
  
  

• POST /auth/switch_org
  
  

• GET /sso/oidc/metadata (per org), GET /.well-known/jwks.json
  
  

• POST /api_keys, DELETE /api_keys/{id}
  
  

• GET /users/me, GET /users?org_id=…
  
  

• POST /org/invites, POST /org/invites/{id}/accept, DELETE /org/invites/{id}
  
  

• POST /org/members, DELETE /org/members/{user_id}
  
  

• PATCH /org/members/{user_id}/role
  
  

• GET /org, PATCH /org
  
  

• GET /org/settings, PATCH /org/settings (feature flags, defaults)
  
  

Children, Links, Consent & Privacy

• POST /children, GET /children?org_id=…, GET/PATCH/DELETE /children/{id}
  
  

• POST /children/{id}/link_parent, DELETE …
  
  

• POST /children/{id}/link_teacher, DELETE …
  
  

• Consents: GET|POST|PATCH /children/{id}/consents, GET /children/{id}/consents/history
  
  

• Privacy/Data Rights: POST /privacy/export_request, POST /privacy/erasure_request, GET /privacy/access_log?child_id=…
  
  

• Retention: GET|PATCH /retention_policies
  
  

• Media redaction: POST /media/{id}/redact
  
  

ABA Programs, Targets, Sessions & Semantics

• Programs: POST /programs, GET /programs?child_id=…
  
  

• Targets: POST /targets, GET /targets?program_id=…, PATCH /targets/{id}/mastery_criteria, POST /targets/{id}/archive
  
  

• Sessions: POST /sessions (start), PATCH /sessions/{id} (end),
  GET /sessions/{id}, GET /sessions?child_id=&from=&to=, GET /sessions/{id}/timeline
  
  

• Trials/ABC/Episodes: POST /sessions/{id}/trials, POST /sessions/{id}/abc, POST /sessions/{id}/episodes
  
  

• Function of Behavior: POST /sessions/{id}/function_hypothesis, GET /children/{id}/function_summary?range=…
  
  

• Generalization: POST /targets/{id}/probes, GET /targets/{id}/generalization_progress
  
  

• Reinforcers & Preference: POST /preference_assessments, GET /reinforcers?child_id=…, POST /reinforcers, PATCH /reinforcers/{id}
  
  

• Critical Incidents: POST /sessions/{id}/critical_incident, GET /critical_incidents?child_id=&from=&to=
  
  

• Summaries/Reviews: POST /sessions/{id}/summarize, PATCH /summaries/{id}, POST /summaries/{id}/request_review, POST /summaries/{id}/approve, POST /summaries/{id}/reject
  
  

Parent Console (Generalization & Safety)

• Visual Schedules: POST /schedules, GET /schedules?child_id=…, PATCH /schedules/{id}, DELETE /schedules/{id}, POST /schedules/{id}/publish_to_buddy
  
  

• Token Economy: POST /tokens/award, POST /tokens/redeem, GET /tokens/balance?child_id=…
  
  

• Safety & Alerts: GET|PATCH /children/{id}/safety_plan, GET|PATCH /alerts/settings?child_id=…
  
  

• Messaging: POST /threads, POST /threads/{id}/messages, GET /threads?child_id=…
  
  

• Teacher View: POST /teacher_links, DELETE /teacher_links/{id}
  
  

• Health Logs (opt-in): POST /health_logs, GET /health_logs?child_id=&from=&to=
  
  

Supervisor / Payer

• BCBA: GET /review/queue?org_id=…, GET /analytics/fidelity?child_id=…
  
  

• IOA & Supervision: POST /ioa, GET /ioa?session_id=…, POST /supervision/logs, GET /supervision/logs?bcba_id=&from=&to=
  
  

• Reports: POST /reports/insurer_note, POST /reports, GET /reports/{id}
  
  

Devices, Policies, Fleet

• Devices: POST /devices, GET /devices?org_id=…, GET/PATCH /devices/{id}, POST /devices/claim|unclaim|transfer, POST /devices/{id}/commands, POST /devices/{id}/ota, POST /devices/{id}/quarantine|wipe|rotate_key
  
  

• Policies (sensory & privacy): GET|PATCH /policies/{id}, GET /children/{id}/policy, PATCH /devices/{id}/policy (push active caps: LED/haptics/audio; School/Clinic/Home modes)
  
  

Telemetry, Timeseries, Analytics

• Ingest: POST /telemetry (server ingest), POST /telemetry/batch (idempotent)
  
  

• Timeseries: GET /children/{id}/timeseries?metric=stress|hr|hrv|eda&granularity=1m|5m|1h&from=&to=
  
  

• Events: GET /children/{id}/events?types=trial,abc,episode,incident&from=&to=
  
  

• Analytics: GET /analytics/heatmap?child_id=&metric=stress|incident, GET /analytics/prompt_fading?target_id=…, GET /analytics/reinforcer_efficacy?child_id=…, GET /analytics/generalization_matrix?target_id=…
  
  

Media & Storage

• POST /media/presign (PUT), GET /media/{id}/url, DELETE /media/{id}, POST /media/{id}/redact
  
  

• Ingest callbacks: POST /media/{id}/ingest_complete, POST /media/{id}/failed
  
  

Exports & Interop

• POST /exports (csv/pdf: programs, trials, abc, episodes, incidents, timeseries)
  
  

• GET /exports/{id}
  
  

Billing & Entitlements

• GET /billing/products|plans
  
  

• POST /billing/subscriptions, GET /billing/subscriptions/{id}, PATCH /billing/subscriptions/{id}
  
  

• GET|PATCH /billing/seats?org_id=…
  
  

• Webhooks (Stripe/etc.): /billing/webhooks (signed)
  
  

• Entitlements enforced via GET /org/settings (feature flags) + policy
  
  

Offline Sync

• Delta: GET /sync/changes?since=cursor
  
  

• Conflict resolution: POST /sync/resolve_conflict (server returns authoritative merge)
  
  

Admin/Ops & Health

• GET /health (readiness/liveness), HEAD /health
  
  

• GET /rate_limit/status
  
  

• Admin (privileged): GET /admin/queues, POST /admin/ota/canary, POST /admin/ota/rollback,
  GET /admin/broker/sys, GET /admin/slo
  
  

Docs & SDKs

• GET /openapi.json (versioned); Postman collection; typed SDKs (TS/Swift/Kotlin); webhook HMAC verifier.
  
  

11.5 Realtime (WebSockets)

• Endpoint: wss://api.ababuddy.com/ws (JWT)
  
  

• Channels: org:{orgId}:child:{childId}:session:{sessionId}
  
  

• Server emits: stress_tick, trial_count, episode_update, device_status, calm_mode_ack,
  critical_incident.alert, policy.updated, review.requested, review.approved
  
  

• Client emits: start_timer, mark_trial, tag_abc, request_calm_mode, ack_alert
  
  

11.6 MQTT/Topics

• TLS/mTLS; ACL per device
  
  

• Topics: telemetry/event/media/commands under org/{orgId}/child/{childId}/device/{deviceId}/…
  
  

• Policy sync on device connect
  
  

11.7 Background Jobs & Schedulers

• SummarizeSession, DailyDigest, WeeklyInsights, MediaLifecycle, AnomalyGuard, OTAEngine,
  PayerNoteBuild, PolicyEnforcer, RedactionQueue
  
  

11.8 Reporting & Exports

• Parent digest, clinical summary, insurer templates with BCBA sign-off captured
  
  

11.9 Security & Privacy

• mTLS, secure element keys, KMS, RLS, WAF, rate limits; tamper-evident audit chain
  
  

11.10–11.16 Ops

• Observability (metrics/logs/traces), SLAs, DR, CI/CD, testing (unit/contract/load), i18n/a11y, cost controls
  
  

---

 

12. Parent & Supervisor Surfaces (Concise Spec)

Parent Console

• Today: visual schedule, transition timers, token chart (Buddy sync)
  
  

• Goals & Progress: plain-language cards; generalization coverage; weekly “try at home”
  
  

• Calm & Safety: personalized safety plan; alert thresholds; mode presets
  
  

• Care Team: secure messaging; teacher read-only link; role-based caregiver access
  
  

• Consent Center: camera/audio toggles; data export/delete; retention windows
  
  

• Settings: device brightness/haptics/audio; language; notifications
  
  

Supervisor/BCBA Console

• Fidelity/IOA, reinforcer efficacy, prompt-fading progress
  
  

• Review queue (drafts → approve/reject with comments)
  
  

• Payer exports (mapped to clinic templates)
  
  

• Supervision hours tracking
  
  

 

---

 

13. Pricing & Unit Economics (Updated)

• Bracelet: BOM ~$25 → Retail $99–129
  
  

• Plush Buddy: BOM ~$100–120 → Retail $399–499
  
  

• SaaS: $29–49/mo (tier gates camera, clip length, #children, report types)
  
  

• Margins: Hardware 65–70%; SaaS 80%+; LTV/family $1,000–1,500/yr
  
  

---

 

14. Conclusion

ABA Buddy is a therapy-aligned, family-centered, privacy-first platform: it couples a child-friendly device with rigorous ABA workflows (function analysis, reinforcer dynamics, generalization), BCBA supervision and payer-ready evidence, plus parent tools that drive practice at home. The architecture and complete API are explicit enough for contractors to ship v1 and conservative enough for real clinic/school adoption.

 

---

Confidentiality & Legal Notice

This document contains confidential and proprietary information regarding the ABA Buddy Project. By accepting or reviewing this material, the recipient agrees to keep its contents strictly confidential and not disclose, reproduce, or distribute any portion of it without prior written consent from the project owners.

The concepts, technical specifications, and product designs described herein are the intellectual property of the project owners and are provided solely for the purpose of evaluation and discussion. No license, assignment, or other transfer of rights is granted or implied by the sharing of this document.

Any unauthorized use, disclosure, or reproduction of this material is strictly prohibited and may result in legal action.