‘How it works 6 – Digitalisation‘ is the sixth volume in the ‘How it works‘ series and illustrates, in detail, the state of the art of digitalisation systems used in the world of lifts and escalators, i.e. those systems based on the combination of electronic technologies, remote communication, data exchange in the cloud, interfaces, and self-learning, which make it possible to improve the information gathering, knowledge, safety, use and efficiency of the objects/lifts to which they are applied.

In ‘How it Works 6 – Digitalisation’:

• we talk about sensors, IoT, smart lifts, augmented reality viewers, Digital Twin, BIM (Building Information Modelling), artificial intelligence, the rules and regulations of the sector to ensure connection, interoperability, data exchange, protocols, cybersecurity. The technical and historical foundations are considered to enable understanding even by the uninitiated, those ‘non-digital natives’ who want to be aware of the world in which we all live;
• the objectives, the positive aspects, the benefits obtained in terms of efficiency, performance, safety and comfort are illustrated, such as two-way communication with users, remote monitoring of systems, predictive maintenance, and recovery after a breakdown, which avoid unnecessary travel.

How it works 6 – Digitalisation’: the cover.

There is no hiding the difficulties and dangers encountered on this path. The main obstacle in unlocking all the possibilities of digital technology lies in the lack of interoperability between systems, which require open interface standards, whereas most technologies are currently based on proprietary systems. But open interfaces are also an opening point for threats that have never been present before, related to the existence of malicious actors who can act anonymously from remote.

However, it is certain that improvements in data analysis, energy efficiency, predictive maintenance and overall performance will result in a massive surge in innovation, increased security and reduced downtime in lifts and escalators.

All contents of ‘How it works 6 – Digitalisation’

The table of contents of ‘How it Works 6 – Digitalisation’, the sixth volume of the ‘How it Works’ series, published by Volpe Editore in 2023 and now available on (bilingual, in English and Italian Amazon)

Chapter 1 – Smart lifts

by Marco Cogliati

In the world of lifts, we started with the local exchange of simple information for the synoptic panels of lift units, and then moved on to the remote sending of information on the status of the installation or safety devices. Technological development now makes it possible to collect information in real time, digitise it, send it remotely and receive feedback, either from a person or from an automatic system. Today, it is normal for a switchboard to have the ability to do this, collecting data (e.g. vibration, temperature, current) from sensors connected to the various components, or perhaps from interactive digital screens.

However, most of these systems are ‘proprietary’, i.e. they are known in detail and applied by their manufacturer, and cannot be easily interfaced by third parties. Hence the need to standardise the substantial characteristics of the data exchanged between the lift control panel and the outside world, specifying and encoding a series of signals and events.

CEN (European Committee for Standardisation), and Etsi (European Telecommunications Standards Institute) are working in this field, to give the lift sector a clear direction on how to manage interaction with the digital world.

In particular, the Tre-e Consortium participated in the OneM2M platform for the verification of the Etsi technical specification regarding the data generated, processed and exchanged between lift and sensor technology. Screens were created for the multiple users who need to make use of the content, such as the operating status, system stops, usage statistics, maintenance or inspection visits carried out and those to be carried out in the future, the real time situation, and for the management of the system with a dedicated App for smartphones.

In this way, preventive and predictive maintenance can be approached, with an improvement in the supply of spare parts in stock and a reduction in maintenance personnel intervention times, limiting plant downtime and inconvenience for end users.

This is what happens using IoT (Internet of Things), i.e. a set of technologies, objects and networks that communicate with each other, learning, exchanging, recording and transmitting data via the Internet. Extending from things/objects to more and more complex related systems, of which the lift may only be a ‘small part’, we arrive at smart homes, smart buildings, smart cities, if data interoperability is allowed.

Chapter 2 – Connected lifts for better cities

by Michael Vogt

Thanks to digital services, communication technologies and sensor technology, we have the opportunity to collect more comprehensive data about the behaviour of a lift; passengers, building owners and service technicians benefit from the analysis of this data.

The IoT configuration for lift maintenance consists of a system of sensors on the lift, which collect data about the lift and can be transmitted to a cloud platform; here, an intelligent system analyses it and generates recommendations for maintenance actions, which it sends to a technician. The system also acts in reverse, allowing the technician to make targeted observations and transfer them to the system.

The possibilities for connection to the IoT differ between switchboards with integrated native systems, or stand-alone external sensors that interface with multi-brand lifts. This connection allows the periodic lift maintenance visits required by law to be performed remotely; for example, digital remote inspections can replace up to 12 physical visits in Germany and up to 52 visits per lift per year in Austria.

Chapter 3 – Digitalisation changes the concept of the lift

by Daniele Pavan

In the near future, changes in lift usage will be driven by predictive maintenance, two-way communication, personalisation and interconnection.

With the use of digitised Artificial Intelligence systems, the modernisation of Italy’s fleet of lifts where maintenance shutdowns occur and are worth 27 million hours per year (190 million worldwide) will enable predictive maintenance based on historical data and in real time, anticipating faults or the need for system servicing. The possibility of two-way communication, via camera or video panel, allows a video call type relationship. It will also be possible to customise the service at a later date, detecting passenger habits and behaviour, with better management of rides in a building.

Thanks to touchless mobile app technologies and Bluetooth-based proximity beacons, a digitally connected lift can recognise when users are nearby and be ready to take them to their destination.

This evolution of lift models is also an extension of the smart building concept.

Chapter 4 – Digitalisation is the Engine of the Future

by Ilaria Di Napoli & Fabrizio Vimercati

With the arrival of technologies such as the Internet of Things (IoT), digitisation has radically transformed the world of work, revolutionising methods, interpersonal relationships and the skills required.

The interconnection of networked devices and machines makes it possible to collect and analyse huge amounts of data in real time, improving the efficiency of a large number of objects and products that surround us on a daily basis.

Lifts today are equipped with multiple sensors, which detect operating data such as component temperatures, electrical voltages, and accelerometer sensors. Artificial intelligence algorithms process the data acquired by the sensors and transmit it to the cloud, instead of storing it inside the system.

Thus, maintenance technicians have real-time access to the condition of the plant, even from smartphones, in order to prepare verification activities, take preventive action and prepare the necessary components for possible repairs, even before they reach the building. This translates into an increase in service continuity because, with predictive maintenance, it is possible to anticipate any problems or manage them remotely; then, intervention times are reduced, because they arrive at the plant with spare parts already ready.

The system becomes bi-directional: in addition to sending passengers information, personalised messages, images, videos, news, it becomes an efficient audio-visual link between lift passengers and remote support in the event of an emergency call.

In skyscrapers and high-rise office buildings, the system manages destinations, directing passengers to be transported. The number of stops per ride is reduced; cabins are less crowded and standby conditions are increased.

Also in the lift sector, as in automotive and aeronautics, ‘drive-by-wire’ input/output devices are used, i.e. without a mechanical or hydraulic connection between the parts. In particular, the system for engaging and disengaging the safety brake is electronic.

The systems provided by the new digital lifts are intuitive to use, while encompassing incredible complexity: they are able to provide instantaneous updates on the status of the system, the management of all the units in a building, or in several facilities, and the necessary maintenance. They also feature portals and data analysis and processing tools for use by administrators.

Chapter 5 – Digital solutions in the residential sector

by Luca Gianazza

Integrations between lifts and third-party elements have been carried out for many years, with hardware intermediary elements (e.g. OPT cards) or a mapping of electrical contacts for simple management of movement commands and alarm signals.

Such a dialogue remains minimal and complex, as the data exchanged inevitably ends up being very limited, often in a format that does not allow for their re-use to derive higher value-added information.

These problems are now overcome by placing at the centre of the integration an open digital platform entirely on the cloud, to which the lifts are always connected, where the specifications of the APIs and related response messages are open and publicly available online. Third-party elements can dialogue with the lift via REST or Websocket APIs in a secure manner, relying on a simple HTTPS protocol, receiving as a response a large set of data, easily readable and immediately reusable.

The intermediation is carried out by the platform itself; any development is now carried out only on the side of the element to be integrated and it will therefore be the third party’s freedom to choose the most appropriate way of interacting with the lift, freeing itself from any specific implementation of a given installation, as well as from any other possible existing integration.

In its usual configuration, the lift is equipped with a series of sensors capable of supervising the correct operation of the installation itself (e.g. friction of mechanical elements, intensity of vibrations during travel, door closure status, etc.). Through the integrated connectivity, this data is continuously sent to the digital platform, where it is processed by an artificial intelligence, which is able to intercept deviations in the dynamics of operation and highlight critical issues that, over time, would risk causing the lift to malfunction. Any problem identified is labelled with a specific level of severity and reported to the relevant maintenance technician, who, in the most critical cases, can intervene promptly, before a fault occurs that could lead to a complete breakdown of the system. Passengers can also receive feedback.

More broadly, the fact that a lift is natively connected to a platform on the cloud, open to a wide variety of solutions, means that the lift becomes the central element of a process defined as ‘digital modernisation’ of the entire building.

It is precisely the APIs of the digital platform, which underpin the dialogue of the application capable of moving the lift, that make it possible to develop further solutions that can then find immediate application in any other connected installation with the appropriate access credentials.

Chapter 6 – Lifts and escalators: digitising components

by Alberto Mantovani & Rezarta Rakipi

There are components for lifts and escalators that remain hidden and do not affect the visual/aesthetic sensation of the user, but are fundamental in the perception of service, in the sense of ride comfort, safety, ease of use, installation and maintenance, and reliability (system stoppages due to malfunctioning or breakage, for example).

The possibility of being able to manage them with technology adapted to everyday activities can simplify and improve the quality of the work performed.

With this in mind, an app has been developed, with different levels of access, which aims to provide both specific and unambiguous information related to the serial number of branded products (including verification of their authenticity), and functionality applicable to the lift system.

Chapter 7 – Touch-less lift operation

by Pierluca Masala

Since the Coronavirus pandemic, there has remained a general awareness of the hygiene required in lifts, as well as the possibility of minimising contact surfaces with users.

This is particularly the case in the hospital sector, or in heavily frequented installations in public or large retail buildings, where great importance continues to be attached to more hygienic operating alternatives.

This has led to the development of ‘contactless’ control systems using a wide range of technologies. Pushbuttons with integrated infrared or capacitive sensors, holographic displays, voice commands, smartphones, now make it possible to operate the lift without direct hand contact.

All this also improves the operating comfort and accessibility of a lift.

In the particular case of smartphones, there are basically two different technical approaches.

This solution is suitable for new installations or extensive modernisations, as it requires an ad hoc manoeuvring panel. The user, using an application and by scanning a QR code inside the car, can connect via the internet directly to the lift’s manoeuvring system, and control it from there. The disadvantage of this solution is that it is the user himself who has to call the lift to the correct floor, because the manoeuvring panel does not know him; in addition, an internet connection is required, which is not necessarily always available

A second solution is particularly suitable for modernisations, as low-energy hardware is added to the landing and car buttons to enable Bluetooth communication to smartphones. The amount of hardware depends on the amount of buttons to handle, which are connected to the hardware in parallel.

Bluetooth-based systems do not require an active Internet connection, but are not suitable for destination selection commands, which have no physical buttons to control in parallel. The system knows where the user is in relation to the nearest handset, and therefore in relation to the lift (direction, floor, distance). This makes it possible, for example, to make an automatic call for the lift when approaching, with the automatic selection of the destination floor previously defined as a favourite, without manoeuvring the smartphone, even in the case of a group of lifts. This also prevents people with visual impairments from searching for the buttons.

Chapter 8 – Digitalisation in the machine room

by Aldo Bizzozero

The legislative aspect has also begun to take monitoring and remote control systems into account, and this must be taken into account when designing new devices, although technology is evolving much faster than standardisation.

For example, the automatic test to establish the availability and reliability of the rescue device must be carried out at least every three days, a time that is now laughable for digital processing speeds.

Today we have the possibility for the maintainer to control all his installations in real time, remotely with a simple

Smartphone, with a two-way interaction.

This can be done via a central server, which allows connection in the cloud even in case of failure or malfunction.

The development of the IoT cloud allows space and computing power for the acquisition and processing of large amounts of data collected at strategic points in the plant. This data allows the creation of detailed histories, and the use of Artificial Intelligence (AI), will be able to develop digital models of operation that include behavioural patterns (time slots, floors served, user preferences) and predictive rather than preventive maintenance models, based on utilisation and anticipating possible faults and breakdowns.

The result is the reduction of unnecessary interventions, the optimal management of technical personnel obliged to intervene, the possibility to intervene remotely to restore functionality, and the release of any trapped persons (for cases allowed by regulations). The end user can count on a reliable product, always connected and customisable according to his needs, including video surveillance.

The transformation from analogue to digital therefore allows the lift to enter the building automation ecosystem, interfacing the lift itself as an intelligent part of the building.

Chapter 9 – Remote configuration of tele-service devices

by Paolo Frigerio

Introduced in the late 1990s, remote assistance systems marked an important turning point in the handling of emergency calls: rides became much safer and at the same time rescue operations became more efficient.

They were a small telephone device, allowing people in the cab to communicate with the outside world in the event of an emergency. Their operation was similar to that of home telephones, and they used the fixed telephone network.

Now they rely on the cellular telecommunications network and travel at the same speed as mobile devices, with apps on smartphones. They all use current technologies: Physical SIM and virtual SIM, quad-band for reception and transmission power, simple, immediate and customisable configuration, which can also be done remotely.

In our case, the app communicates with the device by sending SMS text messages, which establish the numbers that can be connected and the different types of alarms; to limit annoying false alarms, filter conditions can be programmed for which the device will not operate. Once programming is complete, in use the connection that will be made can be either voice or messaging.

Chapter 10 – IoT solutions for Smart lift management

by Emanuele Emiliani

Traditional lifts are changing with the development of embedded intelligence and IoT technology to improve the user experience, safety and energy efficiency of buildings.

The move from 2G modems, with the main purpose of providing voice communication for the emergency telephone system, to 3G and 4G modems has enabled the transfer of data covering a much wider range of lift parameters.

Their natural evolution is IoT enablement, which uses specific hardware and software to share information with a cloud via the internet.

So there are:

an IoT Gateway, which is the link between the smart sensors and actuators, the manoeuvring panel and the cloud-based platform, where the data generated by the lift is analysed and processed. Typical data includes information on pressure, temperature, acceleration, speed, noise, time, etc.; sensor accuracy is crucial to ensure the quality and reliability of the information. These gateways can be based on 3G/4G wireless modems or wired, Ethernet-based communication.

A cloud-based platform that receives data from the IoT gateway and analyses it (including with machine learning algorithms) to generate information on lift performance.

The large amounts of data collected are the key to predictive maintenance, which is the most advanced way to manage the lift fleet. By processing them, a performance history can be created for each lift and compared between lifts, identifying possible deviations from standard behaviour and, with statistical logic, acting with predictive maintenance before the malfunction happens.

This results in a ‘smart’ lift that reduces downtime with predictive maintenance and detects potential problems before they occur. With their two-way systems, lifts are a powerful way to connect with users and become a means of disseminating publicity.

Chapter 11 – Digitalisation applied to lifts

by Davide Colombo & Giovanni Grassi

The electronics revolution has made it possible to have ‘digital’ components and systems based on microprocessors, which are flexible, high-performance and cheap, and which allow the transmission and storage of large amounts of data.

In an automated system, hierarchical control is required. At the first level there is an operator panel that allows technical personnel to interact with the machine system; this is connected via a communication network to an intermediate level where there are ‘programmable logic controllers’, which in turn are connected to the components that actually perform specific functions such as actuators and sensors.

In a lift, this system can be a computer with management software installed, or a simple keypad interface, or even a smartphone or tablet with a specific app; this connects with the control board, which in turn communicates with the actuators, e.g. the inverter and a whole chain of sensors (shaft encoder, load weigher), via a field bus, the most common of which is CAN Open. You therefore have a system in which the main components are in communication with each other and can be managed and monitored from a local or remote control panel via the Ethernet port.

With the possibility of accessing the system remotely, it is therefore possible to carry out periodic supervision of the plant by identifying, and in the event of a stoppage, understanding before the technical intervention what the problem might be, circumscribing the type of fault and acting in a targeted manner on the repair, travelling to the site with the necessary spare parts. In addition, assistance can be provided to technicians on site by remote specialists.

Given the current ease of data transmission, it is possible to implement a cloud infrastructure, which allows each installed lift to be in communication with territorially distributed servers, which are able to collect data from the installations themselves, process it and implement any automatic corrections or send notifications to a technician on site.

Predictive maintenance can thus be performed on some component that is capable of self-monitoring, to predict its own malfunctioning.

In this system, automation is used for the collection, management and organisation of data and, in the most common approach, for the automatic management of the simplest operations to ensure the basic functioning of the system. Operators can provide feedback to the system to feed it with new data and make decisions based on the output.

Chapter 12 – Lifts: the predictive maintenance approach

by Daniele Gallo

In the lift sector, the issue of business process efficiency takes on particular relevance with regard to plant maintenance requirements.

In particular, the scheduling of periodic preventive interventions or plant improvement interventions can be established to anticipate and avoid breakdown events, and minimise plant downtime. This is done by exploiting Machine Learning (ML) techniques for generating behavioural models based on analysed big data.

This is relatively simple by starting with a lift from scratch.

Thinking of applying it on a plant fleet with an average age of 20/30 years, which lacks adequate sensors and connection to the network, it becomes more complicated, because without sensors it is not possible to collect data to assess the health of the plant and any component malfunctions, and without a connection, data cannot be transported.

Tre-e took up the challenge to develop a generalised solution method that could be used by its members.

In order to define and test the method, it realised with Machine Learning a behavioural model of the installations based on the analysis of historical data of 200,000 events between ʻcallsʼ, ʻplant stopsʼ and interventions carried out.

Coming from different sources, these data were not structured and standardised. However, with the use of AI, which filtered them, it was possible to homogenise them, and to create a massive and timely aggregation on the type of failure and the critical components that caused it.

Having identified the twenty or so critical components that alone produced around 60% of the failures, their technical data (e.g. manufacturer, year of construction and whether it had been modified over the years, etc.) were surveyed.

This technical data will be cross-referenced with the ʻuseful lifeʼ data provided by the manufacturer, contextualised with respect to external factors (such as climate, environment, frequency of use, etc.) and re-evaluated with the ML with the aim of refining the behaviour model and defining effective preventive maintenance plans, aimed at reducing downtime (for greater customer satisfaction) and optimising resources (for the reduction of emergencies and the possibility of work scheduling).

Chapter 13 – IoT and predictive maintenance, a pratical case

by Piero Mosanghini

The article describes a monitoring system implemented on the lifts and escalators of the Milan metro, managed through a webapp, which takes into account the presence of systems of different makes and models.

Generally the Internet of Things (IoT) is applied to newly manufactured devices, in this case the functionality was integrated on existing devices from different manufacturers.

The system consists of:

– remote sensors to be applied near the mechanical or electrical parts to be analysed. The sensors perform ‘direct’ measurements (e.g. humidity through a hygrometer); or ‘indirect’ measurements (e.g. the wear of a bearing through a thermometer that detects its abnormal temperature rise). The two situations were balanced with a view to performance and cost.

– a local communication protocol, which channels information from remote sensors to a gateway;

– a remote communication protocol for sending data from the gateway to the cloud;

– a cloud for data collection, processing and analysis.

For each escalator, 2 ultrasonic sensors were installed to measure chain elongation, 5 IR sensors to measure the wear and tear of the traction, transmission and motor bearings, and sensor cards for handrail wear and tear.

For each lift, three sensor boards with accelerometer and gyroscope were installed, one to measure the accuracy of the landing stop and car vibrations, a second to check the correct sliding of the doors, and a third to measure the correct landing stop.

Each system is also equipped with sensors for temperature and humidity, voltage, current, handrail and step pulses, and travel controls.

All sensors are interconnected on a local CAN bus network to collect and send data to the remote GSM network.

Open protocols have been used, which, while guaranteeing all the security requirements for cyber-security, will allow the contracting station to continue to have access to the data in the future and will make integration with other control systems owned by the contracting station itself or other external service agencies easier. It will be possible to replace, maintain, update the data analysis software without necessarily being tied to the initial supplier of the same. With the same logic, the mapping of the information sent has also been made known.

In order to remotely monitor the operation and readings made by the sensors, a web application accessible with any browser was created instead of a real app, to avoid the difficulty of managing any changes on different operating systems. By means of a tree selection, one arrives at the precise information.

Chapter 14 – System check-up, state of use, planning interventions

by Marco Comparotto

For a maintenance technician, it is essential to carry out a plant check-up, which is a starting point for subsequent management, planning routine maintenance, the availability of spare parts and any modernisation or repair work.

This check-up is always carried out with the plant at a standstill or otherwise closed down, the effectiveness of which is increased by the use of ‘Assisted Reality’, and yet to be refined, ‘Augmented Reality’.

For this, augmented reality safety glasses are used, certified according to EN 166 and ANSI Z87.1.

With it, one can act hands-free, so as to operate in maximum safety, directly at the point that requires the most attention. Plant data, fault and maintenance history are displayed directly in the operator’s field of vision at the time they are needed, without disturbing manual activities and without requiring the operator to search for a device on which to read the information he needs.

Experienced personnel can guide an operator remotely, via an audio and video connection and the possibility of sending written messages, directly visible on the display. A simultaneous translator also makes communication between two operators speaking different languages possible.

In this way, personnel can follow procedures without getting distracted and following instructions directly superimposed on the field of

vision, without losing anything of the surrounding situation. Hands are free, efficiency is increased by 30 per cent, error reduction is close to 100 per cent and, in some cases, task completion time is reduced by as much as 25 per cent.

Chapter 15 – Vertical transportation, omnidirectional communication

by Katrin Schwickal & Jörg Becker

The use of digital components and internet connection facilitate service and maintenance and enable efficient remote management. However, they make the systems vulnerable to manipulation by unauthorised third parties and entail the risk of misuse by company employees.

Consequently, reliable and secure operation also depends on the quality of the software and IT security measures.

Programming errors or faulty updates, or even the deliberate action of malicious persons can cause the system to break down or compromise its secure use.

So far, no major cyber attacks on lifts have occurred, but the likelihood of these is increasing. To prevent an attack and safeguard the efficiency gains resulting from digitisation, the cyber security of these facilities must be protected. Security measures such as firewalls and encryption procedures can help. However, their interfaces must be precisely defined and password-protected if a system requires a Wi-Fi connection and when and who will be authorised to access it. The access itself must also be protected.

The topic of general information security is mainly addressed by two sets of standards for different application areas: the ISO 2700x series and the IEC 62443 series. The ISO 27001 Standard refers to a classical information security management system (ISMS). The IEC 62443 Standard deals with information security for Industrial Automation and Control Systems (IACS). Since the Standard deals with the security of technology systems and applications and not with the security of business IT, this is referred to by experts as ʻoperational technology securityʼ (OT security).

ISO 8102-20:2022, on the other hand, is specific to lifts, and defines the full scope of IT security requirements applicable to lifts, escalators and moving walks. It includes security levels (SL), which identify the specific levels of cybersecurity required of lift components. These SL levels are divided by ʻdomainsʼ which are ʻSafetyʼ, for all components with a SIL (Safety Integrity Level) characteristic; they are ʻEssentialʼ, for operational functions; ʻAlarmʼ, for emergency alarm systems; and ʻOtherʼ.

It is important to note that the safety levels SL and SIL used in functional safety are not the same thing. A high integrity SIL level in functional safety means that a high risk needs to be reduced, whereas a high safety level (SL) in computer safety means that a component needs to be protected from sophisticated and skilled attackers. For this reason, at least some of the safety-related components must have a higher SL than, for example, components in the ʻEssentialʼ category.

The IEC 62443 Standard is always oriented towards establishing an overall SL for an entire system. ISO 8102-20, on the other hand, applies seven foundational requirements (FRs), and within the individual domains, different SLs must be achieved according to different needs.

While e.g. FR1 – ʻControl of identification and authenticationʼ – prescribes a SL3 for the ʻSecurityʼ domain, for the ʻEssentialʼ domain a lower SL2 is sufficient. The Standard does not define any SL for the ʻOtherʼ domain.

Chapter 16 – Software security in vertical transport

by Matteo Meucci

In the increasingly connected and digital world in which we live, software security and protection from cyber threats has also become a key priority for lift companies.

In order to ensure the security of their products and services, it is necessary to perform an in-depth analysis of software development processes, a product review on the security side, and training of developers.

This can be done with OWASP’s SAMM (Software Assurance Maturity Model) framework, an internationally recognised de facto standard since 2010. It provides a tool to assess the security status of their software development process and offers a roadmap to implement security best practices against vulnerabilities and potential risks.

From the resulting analysis, a strategic plan can be defined to improve software security by taking specific preventive and corrective measures. This becomes a systematic approach to software security as early as the development phase.

In order to ensure the correct level of security of a new product from the initial design phase, threat modelling is adopted, i.e. a proactive process of analysis and identification of possible threats and vulnerabilities that may affect it. This is divided into:

Component identification:

All the components of the new product are identified, including hardware, software and associated services, with the associated communication flow diagram.

Identification of potential threats:

Potential threats are identified, including attacks on communication flows, software vulnerabilities, unauthorised access, hardware tampering and others.

Risk assessment:

then threats are assessed according to their likelihood and severity of damage to the product and users; this defines a risk and priority for action.

Design of countermeasures:

Appropriate countermeasures are designed and implemented, to eliminate or mitigate the identified risks.

In parallel, the software security development team must be educated and trained, to make them aware of the latest techniques used by cyber criminals.

Chapter 17 – IoT: framework to interact with three structures

by Marco Fortunato & Marco Marelli

In IoT protocols, the most commonly used modelling of the information collected is that of tree structures, whose leaves are the data acquired from the sensors that make up the IoT system. The typical operation (both in the acquisition phase and in the subsequent information processing phase) consists in performing operations on these large trees, acting on their nodes and leaves with insertions, modifications, deletions or queries affecting more or less limited portions of them.

The objective of the framework is to allow its user to ʻdescribeʼ the operations to be performed on the tree in a declarative, simple and uniform manner. It is then delegated to the framework the task of translating these requests into an optimised sequence of invocations to the APIs made available by the particular platform used to manage the particular tree, exploiting its potentialities or making up for its shortcomings if this is not the case.

The first step is to correctly design the structure of such a tree; since this is a world in continuous and constant technological evolution, it is obvious that the choice of the initial platform to rely on may not be the definitive one. Therefore, the framework must introduce a strong decoupling between the logic with which the devices decide what to read or write and the way in which operations must be requested from the IoT platform, giving the programmer the possibility of defining the actions to be performed on the tree while remaining at a high level of abstraction.

For example, a sensor collects a piece of data and sends it to the IoT platform to be loaded below a particular node, whose position within the tree models the characteristics of the sensor itself. What happens if the path is not present in the tree? Should the underlying platform automatically create the missing nodes with an API invocation, or should the data be discarded, or should an error be generated?

What must happen if the same information has already been written? Should it be added or overwritten?

It is through the framework that one specifies what the expected behaviour should be. For each node, we describe the action that is expected to be performed on the tree and what must happen if the execution of this action should generate an error.

Detailed examples of such differentiated behaviour for different situations are then provided.

Chapter 18 – Digitalisation in the construction sector

by Giacomo Galli

The digitisation of products and processes is an urgent necessity.

This concerns design and contract management processes, sustainability and energy efficiency, building and workplace safety, system and operator qualification, the adoption of BIM and Digital Twin and related tools. And in Italy it also concerns, in particular, the digitisation of Public Administration, the new Procurement Code and the management of PNRR projects.

Digital solutions help to develop collaborative platforms, in which different actors contribute to the realisation of a project. Cloud-based solutions allow data to be accessed remotely, saving the cost and time of moving people and sharing data; they also make them independent of external service providers and are fully scalable in terms of number of users and types of applications. This avoids the need to plan requirements and mitigates possible margins of error.

In the field of public administration, the electronic management of tenders and contracts is facilitated by specific applications, which allow direct communication with partners and eliminate (or significantly reduce) paper documentation.

One of the most important digitisation processes in the construction sector is BIM (Building Information Modelling), which can be defined as a synthesis model of a work (building, infrastructure, etc.) composed organically of all the data from the various disciplines that contribute to its realisation; it thus goes from the instantaneous assessment of the specific phase to that of its interaction throughout the entire life of the work. BIM allows each professional figure involved to add their own specific knowledge to the ‘virtual model’; the generalised optimisation of the process reduces the loss of information, increases the quality of the finished product and helps to contain waste of time and resources.