RP Group is Germany’s leading producer of emergency and safety luminaires. Established in 1981, the company is on a mission to maximize building safety with LED and wireless technology. In addition to delivering certified hardware, RP Group also supports its international clients in the successful implementation of safety lighting systems.
Among RP Group’s certified products is a 24-volt low-power emergency lighting system. While the hardware itself is highly functional, RP Group wished to equip its clients with an intuitive web interface that would enable users to connect to the physical devices through an internal network and manage the system according to the access they’ve been granted. In short, it was all about making the management of emergency lighting systems easier for installers and facility managers alike.
Having started working on the app in-house, RP Group found themselves in need of a bigger team with impeccable web development skills:
We checked out multiple websites talking about software development and identified those with experience with embedded systems. After speaking with 5-6 companies, we picked Merixstudio because they had the best meeting and asked the right questions.
RP Group’s presence on the Polish market and Merixstudio being relatively close to the Germany-based client also played a role in establishing our partnership.
The overarching goal was to deliver an intuitive and convenient user experience while guaranteeing the operational safety and cost-effectiveness of the client’s system. To achieve that goal, Merixstudio undertook to refine the existing solution through redesign and refactor, as well as keep developing it with new design, frontend, and backend components.
sprints in phase 1
languages supported (EN, DE)
views for desktop (mobile, tablets, and other devices)
Our collaboration began with a 3-day in-house workshop, during which we scrutinized documentation provided by the client. The analysis of wireframes, a list of data necessary for hardware functioning, and legal requirements made for an effective deep dive into product context and business goals. Bearing in mind the business logic, our team suggested suitable solutions for the interface’s looks and features.
The related product by RP Group is a backend-heavy project that called for both modernization and development from scratch. Working on the verge of hardware and software meant we needed to find the most efficient way to communicate the lighting systems with the web app. To ensure its top-notch quality, we carefully reviewed the current process, looked for loopholes, and aimed to translate the course of the communication into the code. In the end, the client’s C++ module responsible for handling requests to hardware is connected via an API to the Python application we’re building, and the communication is handled by ZeroMQ.
Due to hardware limitations, we had to pick lightweight solutions that wouldn’t be a burden on the devices. We bet on Python, resource-saving and scalable Fast API with built-in WebSocket support, and high-performant easy-to-configure SQLite. In terms of architecture, we utilized microservices, as they make it easier to present clients with bespoke solutions made of modules that suit their needs and lighting system best. Most of our software modernization work focused on rewriting the existing microservices from Flask to FastAPI, thus improving their structure, elevating code quality, and enhancing security.
At the core of the app’s frontend lies Vue.js 2 with all its benefits, including high readability, flexibility, and performance. To make the most of its capabilities, we paired it with Vue Router, Vue I18n, and JointJS. Due to the high complexity of the app’s backend side, frontend development proceeded faster – the asynchronicity, however, didn’t adversely affect the project, as we kept the work well documented.
The complexity of the system shows also in the UX and UI, which is why clarity is our design priority. The 240+ views we’ve designed encompass desktop, tablet, mobile, and other devices, which translates into ease of interface adaptation to different screen sizes. Paying attention to a cohesive user experience, we’ve also crafted email templates and printable reports. One of the biggest design challenges in this project has been striking a balance between displaying all necessary data and keeping information architecture comprehensible. We’ve been rising up to it by examining user perspectives, analyzing edge cases, and following tried-and-tested design patterns.
The efficiency of our work has been ensured by Scrum ceremonies and transparent communication between the client’s and Merixstudio’s teams. As a result, our collaboration has become a true tech partnership, whereby Merixstudio’s team not only builds the software but also proactively shares best practices for efficient development, including versioning and CI/CD. On top of that, it’s a long-term partnership. While phase 1 finished in September 2022 and was followed by 4-week-long maintenance, we’ve already begun phase 2, which involves delivering new features, optimizing the app’s performance, and streamlining processes for the end user.
As the project progressed, an essential component we prioritized was the implementation of stringent cybersecurity measures. The intricate web of hardware and software integration, especially in an environment like this, necessitates an unwavering commitment to security. Recognizing the critical role of the building lighting control systems managed by the software, especially during emergencies like fire evacuations, we understood the gravity of maintaining impeccable system integrity. The significance of these security measures was not only operational but also a key requirement for building insurance providers, emphasizing the need for detailed reports validating the software's security protocols.
Our approach to security testing was both systematic and comprehensive, targeting the software's core components. The primary focus was on the web application's user interface and its collaborative Linux backend, crucial elements in the product’s ecosystem. The process unfolded in distinct, meticulously planned phases:
1. Planning and Scoping: Initially, we defined the testing scope, objectives, and methodologies to ensure clarity and direction.
2. Reconnaissance and Information Gathering: This phase involved extensive data collection about the web application and its Linux backend, establishing a foundation for subsequent actions.
3. Vulnerability Scanning and Analysis: Using industry-standard tools, the team identified potential security weaknesses, laying the groundwork for deeper investigation.
4. Exploitation and Penetration Testing: Here, our security experts conducted simulated attacks to evaluate the system's resilience against real-world threats.
5. Reporting and Remediation Recommendations: The final phase entailed compiling a comprehensive report detailing vulnerabilities and recommending actionable steps for remediation. This detailed report spanned 72 pages, offering an in-depth analysis and robust guidance for system enhancements.
Our security testing efforts were documented in the Security Report. This document, far beyond its immediate utility in identifying system vulnerabilities, served as a cornerstone for numerous strategic achievements for developed product. It facilitated a proactive approach to risk mitigation, bolstering stakeholder confidence and underlining our commitment to robust cybersecurity practices. Additionally, the report played a pivotal role in addressing various business, marketing, insurance, and legal requirements, thus cementing the product’s image as a secure, reliable, and forward-thinking solution.
significantly shortens the time to get the system running, e.g., by automatically assigning all lights to the correct operating mode
here users can browse through the lamps’ details, such as name, status, station ID, current, and voltage
operators can manage buildings’ quiet times by setting the dates and times of luminaires switching on and off, also in a recurring manner
allow users to manage the activity and setting the brightness level of luminaire groups
installers can check the key information about the devices, including their IDs, serial numbers, battery and station temperature, output power, as well as battery voltage and current
inform users about circuit’s status, station ID and terminal number, number of luminaires, and power consumption