Occupancy and climate analytic monitor

Background

This project was a follow up research project funded by the German government (Bundesministerium), in order to boost digitalization in Germany, especially in public transportation. Theprevious project had the goal to only focus on the occupancy, while in this project we built our own hardware to analyse the climate conditions in vehicles. We used our knowledge that we gained in the previous project and applied it to the new platform Senalyse and built an app that serves several purposes: passenger occupancy, climate analyisis to make a product that operatiors of a public transportation company can use. Moreover since it is a research project, we forward the data to our research partners, which are:Fraunhofer ENAS, Hacon (a Siemens company), Regionalbus Leizpzig, Stadwerke Dessau and Chemnitz University of Technology.

Tech Stack

The main tech stack is: NextJS (React), TypeScript, Drizzle ORM layer, Postgres, ESP32, Docker, AWS, REST. Since NextJS is a full stack solution, I implemented a secure API that connects to the IoT devices via REST, which constantely send data that are analysed by the sensors which are deployed in the vehicles. Many devices constantely send data, which leads to a large amout of data over time, that we have to manage in our database. In order to keep a solid data management, we use an ORM layer for TypeScript which is on top of a PostgreSQL database.

Full Stack

Since I am a full stack engineer, my task was it to implement the whole platform from scratch, offer REST API endpoints for the IoT devices, think wisely of a good and secure deployment strategy, as well as data management for big data. It was also my task to provide a user friendly user interface (UI/UX), that looks appealing and works on all devices equally (responsive webdesign). While the data schema is quite complex (since we have many data from several sources, that we have to connect with each other), it was also crucial to keep performance in mind, when designing the data schema for CRUD operations. Our team is divided into hardware and software. Although the hardware team has to write embedded code as well, my task is handle everything that gets send to the server. Lastly one of my tasks is security. IT-Security is a large topic and shouldn't be treated lightly. It involves everything from writing code that is secure, keeping all software modules that are imported up-to-date, think about a secure deployment solution and a strong authentication method.

Core features

Dashboard

The dashboard offers an insight into live and historic data. You can see the current occupancy in real-time as well as getting information about the historic occupancy of the whole day and week. Every vehicle that generates data is listed there. To get an even deeper insight of it, it offers statistics about the passenger who entered and left the vehicle for every hour and every day during the week. Therefore the public transportation companies can analyse their passengers very precisely and investigate to which times they have the most traffic.

Remote controlling

Every device in any vehicle can be remotely configured. It is a little risky to have a mechanism like that, since the IoT devices are all over Germany. If there are misconfiguration it can lead to a malfunction of the device and someone of our team has to travel there to reset it. Therefore it was crucial to have a mechanism to carefully configure them remotely. The user gets asked more than once, if all configurations are correct and the input data have to match certain criteria to get accepted. If in any case it will lead to a malfunction the IoT devices are designed to load a fallback configuration file, so that they can connect to our servers again. This is very important since the user can edit the internet connection paramters via Ethernet or mobile internet (LTE), which leads to an inability to connect to our servers in case of a misconfiguration. Moreover the devices can get restarted remotely.

One unique feature that we implemented is the ability to control other hardware devices in the vehicle. For instance, our IoT master unit is tightly connected to the ventilation system. We can define certain air quality tresholds that our sensors analyses, which then trigger the ventilations system and provide better and cleaner air in the vehicles. In the future we also plan to control the doors and lights in the vehicles remotely.

Map

The map feature offers live tracking of vehicles as well as analysing past data for each station. Operators of public transportation companies want to know exactly how many people entered and left the vehicle for each station to understand their passengers better. Having accurate data gives them the opportunity to plan their routes and infrastructure better, as well as investigation more about their sold tickets. Those companies get a certain money pool for passengers by the public transportation association. By analysing theactualpassenger amount, it enables them to get a better insight about how many tickets were sold and understanding ticket fraud better.

Analytics

To get an ever more precise insight about the occupancy very specific for every station, it is possible to extract those information out of the database. It even offers an export to CSV, which is handy for our customers to import that into their internal systems. They can select a time rage and for which station (or all) they want to have those analytic data and it shows it either in a visual graph or sortable table.

User and Vehicle Management

The system is designed to serve several customers. Every customer has a pool of users, which also are in certain groups. Every group has certain permissions, what they are allowed to do / have access to. It is cruial to keep data privacy secure, so that the data of a customer is isolated and it not leaking any information about another customer.

A basic vehicle management offers a structured and clean solution for the public transportation companies to distingiush the data for every vehicle. Since our master units are unique, it is important for us to know which master unit device is installed in which vehicle. Moreover it is important to know how large the vehicle is, what type of vehicle it is (e.g. bus, train...) and most of all how many passengers it can carry. This data is important for us to show the occupancy relatively in percentage.

What else?

The whole platform is responsive, even though most of the users will use it from desktop, I am so used to always go for "mobile-first". Even though this is still in pilot phase, we already have millions of data rows in our database. Therefore it was also crucial to design the database efficent, starting from the table structure to the queries and constraints. Choosing the right serverless deployment strategy for security and maintance reduction was also important. Even though it reduces the risks of misconfiguration and not focusing on keeping the whole operation system up to date and secure, it still does not eliminate all risks. A very dangerous security risk that was detected in NextJS (https://nextjs.org/blog/CVE-2025-66478) lead to a failed attack of our systems. Most of my NextJS apps that are online were affected. Thankfully I was able to detect it very soon and fix it.

The platform is still in development and will most likely leave the pilot phase in summer 2026, which will be very exiting for me to see the product, that I developed in production for many customers.