In 1999, when the whole world was getting ready for the so-called “millennium bug”, which feared thought to paralyze individual computers as well as entire networks due to a faulty calendar date format, Kevin Ashton coined the term “the Internet of Things” (IoT) in which physical objects could directly or indirectly obtain, store, send, or process data, mostly via computer networks. Twenty years on, no conclusive definition of IoT has been widely adopted, despite a vast body of publications on the subject. One way to describe the IoT concept is to acknowledge a great proliferation of interconnected smart products with advancements in the field of sensor technology and Internet connectivity. In this approach, the Internet has been extended to encompass physical objects capable of communicating with each other. Thus, the Internet as a technology is here thought to form a sphere that could also accommodate a multiplicity of smart devices, and as such it is termed the Internet of Things.
In another approach, the IoT concept is grounded in machines and devices equipped with sensors and actuators for executing actions. In this context, these interconnected physical objects delineate areas for Internet activity, such as collecting data, remote monitoring, decision-making algorithms, process optimization, etc.
Irrespective of the approach to defining the IoT, the concept is founded on four basic elements:
- objects equipped with sensors and actuators,
- a computer network connecting the objects,
- data exchange and processing systems,
- modules (e.g., computer applications) for generating information and making inferences.
The above elements constitute prerequisites for the IoT as physical objects themselves, even those possessing the most technologically advanced sensors and actuators, but without connectivity (computer networks) and without systems enabling data exchange and processing, cannot function in the Internet sphere. On the other hand, the presence of physical objects in the Internet sphere would be pointless if they did not generate information (by means of applications).
Within the IoT, objects are expected to be enabled with four basic functionalities:
“the IoT concept is grounded in machines and devices equipped with sensors and actuators for executing actions”
The first two functionalities are associated with sensors installed in physical objects. The application of actuators and information-generating and inference modules can greatly enhance the functionality of such objects. Furthermore, monitoring, control, and optimization may ensure levels of autonomy unattainable without the cooperation of all elements comprising the IoT. Thus, the IoT is a concept that presupposes the simultaneous presence of certain components and defines some of their functionalities. Thus, the IoT can be conceived of as an ecosystem in which objects communicate with one another, with or without human participation. The main application areas of this ecosystem are thought to be :
- environment and water management,
- industry and manufacturing,
- transport and energy,
- cities, buildings, and homes,
- health and living.
Simply speaking, the elements that may obtain, collect, send, or process data using a computer network (the constitutive components of the IoT) may be present in all areas of human life, that is, at home, at work, during travel, and indeed, wherever humans may find themselves, the only precondition being access to a network ensuring connectivity between those devices. This is schematically presented in Fig. 2.
Fig. 2. Areas of IoT applicability
The author of the IoT probably did not anticipate the vast number of devices that would be consistent with his novel concept, which has been growing rapidly over the past years. According to Gartner’s predictions, the global sales of IoT devices are going to reach 25 billion by 2050, which means a more than eightfold increase on 2013 (approx. 3.0 billion). According to sales data from the manufacturers of mobiles devices, in 2015 Apple sold 78.1 million smart devices for daily activity and vital sign monitoring, a major increase from 28.8 million the year before.9
SMART PERSONAL PROTECTIVE EQUIPMENT SYSTEMS
Smart personal protective equipment (PPE) systems have also been defined in different ways. According to the current definition by the European Committee for Standardization (CEN) , these are products containing smart textiles or having built-in electronic elements to facilitate the user’s integration with the work environment. Another definition, very similar to the one above, further specifies the design and functioning of such devices as individual PPE products or sets thereof incorporating smart and/or active materials or sensors and micro-electromechanical systems enabling additional, specific functions, and especially active interaction between the user and the environment.
Thus, the definition of smart PPE systems depends not only on technological advancement, but also on assumptions concerning the materials and features that such products must possess. While the CEN’s definition mentions only “smart textiles” (a term that could be substituted, more broadly, with “active materials”), it is a critical part of the definition referring to materials or technology.
Given that smart PPE has become a familiar notion in the occupational and health literature (OSH), and being aware of the evolution of its definition with scientific developments, we hereby propose the term “smart PPE systems,” which consist of personal protective products with integrated sensors and other hardware and software components enabling the transmission and storage of data from those sensors. If those data further lead to the generation of information triggering user interaction, the system should be deemed “smart.”
DATA AND INFORMATION CIRCULATION IN SMART PPE SYSTEMS
An example illustrating the circulation of data and information in a work environment is presented below (Fig. 3). It describes a system consisting of sensors integrated with PPE products. The constitutive elements of the system are:
- an electronic identifier (a chip card),
- a sensor module integrated with PPE enabling the monitoring of such parameters as the heart rate, skin temperature, breathing rate, motion (presence or absence of movement), and position,
- a computer with software controlling the system,
- an alarm module alerting the user to health hazards or restricted locations,
- a computing cloud.
Fig. 3. Sample scheme of data and information circulation in a system consisting of PPE with integrated sensors
In the example given above, the user has an electronic identifier, such as a chip card containing his or her ID data. In order to initialize the system, the user must log in by means of, e.g., his or her name, position, function, etc., to enable the software to correlate the data received by the sensors with a given person. Those data are sent on-line to the cloud via electronic modules. Thus, sensors should be understood as elements containing both detectors and data transmission systems. Once in the cloud, the data are sent to a computer with software operating the system. The software also contains applications that generate information about the user’s health and location. That information is redirected to the cloud, where it may trigger an alarm (in the case of a health hazard or a restricted location). Information about alarms is also sent via the cloud to a computer which records the history of such alarms.
Data may also be stored in identifiers and electronic modules. Given that electronic identifiers fulfil the function of an ID card, the safety of the data recorded in them is largely the responsibility of the users. Indeed, users should be aware of the fact that in the event of a loss or unauthorized sharing of the identifier, a third party may log into the system. In the case of modules enabling data transmission to the cloud, it is recommended that they do not record data, and in particular personal details, for the sake of data security. Modules transmitting data to the cloud are typically integrated with the PPE, either permanently or not. In the latter case, such modules may be external to the sensors and placed in a specially designed pouches or pockets. The permanent local storage or personal data would pose the risk of unauthorized access (e.g., by technical staff or cleaning personnel, etc.).
The above example of data and information circulation in a work environment shows that in order to ensure the security of the data and information generated by the system, one should implement independent security solutions for the three layers of the IoT architecture, that is, the perception, transport, and application layers.
Perception layer security means preventing access of unauthorized persons to all physical elements of the system presented in Fig. 3, that is, computers, electronic identifiers, sensors, etc. In this case, authorized personnel includes:
- smart PPE systems,
- work supervisor,
- system maintenance specialist,
- data administrator.
Importantly, users, who obviously have access to the sensors and alarm modules integrated with PPE, should not be able to modify their function. Any and all activities linked to the operation, maintenance, and calibration of those modules may be performed only by the designated person responsible for those areas. Identifiers should be accessible not only to the users, but also to the maintenance and supervising personnel. Access to the computer with software operating the system should be restricted to the maintenance and security staff, as well as the data administrator. Last but not least, only the administrator should be able to access the data in the cloud.
In the transport layer, data security should be ensured by encrypting data and information transmission in all the instances shown in the diagram. The encryption of data transmission is the responsibility of the maintenance personnel.
In the application layer, protection involves encrypted access points to all applications available in the cloud and on the computer (using a login, password, fingerprint verification, etc.). In this layer, it is the data administrator who is responsible for data security and who should verify passwords (for strength), login procedures, and the status of the resources stored in the memory of the computer supporting the system and in the computing cloud.
RECOMMENDATIONS FOR SECURE DATA AND INFORMATION CIRCULATION IN SMART PPE SYSTEMS
Integrity, confidentiality and accessibility must be ensured for all data. Integrity means that the collected data are complete and collected with sufficient accuracy to generate the desired information while providing appropriate processing methods. According to the principle of confidentiality, the collected data / information should be only available to the authorized personnel. Finally, accessibility means that authorized persons should have access to the data / information whenever necessary. In order to ensure the safety of the data generated, stored and transmitted by smart PPE systems operating within the implemented security architecture, it is crucial for the employer to fulfil the following conditions:
- Fulfilling the legal requirements. The procedures for generating, storing and transmitting data should comply with the applicable regulations (GDPR). The employer should appoint an administrator responsible for the security of personal data as well as a supervisor overseeing the work of smart PPE users and a maintenance officer responsible for the entire smart PPE system.
- Training and keeping workers informed. Smart PPE users should be informed about procedures for data generation, storage, and transmission. They should also be trained in the use of smart PPE systems and data access protocols.
- Obtaining consent from workers. Smart PPE users should express informed consent for their personal data to be processed.
- Securing access. Access to the various components of the smart PPE system should be enabled only for authorized personnel.
- Preventing data leaks. To prevent data leaks, it is not recommended for monitored data to be sent to the employer’s servers or computing clouds. Ideally, the data should be recorded locally on the device used by the worker. Data may be sent only in justified cases. Under no circumstances should one post data (in particular sensitive data) on social networks.
- Deleting data that are no longer needed. At the end of work, all inessential data that were collected by smart PPE systems should be deleted, if possible, automatically.
- System control and supervision. The efficient operation of smart PPE systems, both in technical terms (including penetration tests, sensor inspections, etc.), as well as in terms of compliance with procedures for the verification of passwords and personnel authorized to access the various elements of the system, is an indispensable element of data and information security.
Fig. 4 shows a schematic diagram of the seven elements listed above, crucial to the secure circulation of the data and information generated, stored and transmitted by smart PPE systems.
Fig. 4. Schematic representation of the elements crucial to the secure circulation of the data and information generated, stored and transmitted by smart PPE systems
To efficiently implement the above-mentioned best practices, it is essential to follow general data protection and cyber-security recommendations applicable to all systems, and to smart PPE systems in particular. Of key importance is also a good understanding of the applicable regulations pertaining to the protection and flow of personal data.