Risk Assessment

In order to ensure successful completion of the AtRoom project, all risks that may cause delays or complications during the development process are analysed below. Risks are classified into different categories according to their severity, and explanations on how to mitigate the risks are given.

Data Security

Since the AtRoom service needs to store possibly sensitive data such as building structures and entrances, as well as credit card details of paying organisations, it is essential that the data stored in the system is always encrypted and protected to a high standard.

Therefore, we are using Firebase as our data storage, which automatically encrypts and secures all data.

To make certain that accounts on AtRoom are secured, we will introduce a strict password policy that ensures everyone who signs up – both organisational administrators and private accounts – have suitably strong passwords.

Privacy

Organisations subscribing to AtRoom will want the data that is stored about their buildings to be accessible to users associated with them only. Therefore, the system ensures that registered users are able to access only that data that is part of organisations they are associated with. This is done via organisational tokens.

For unregistered users, the system ensures that they can only see the path to the destination the organisation allows them to see (such as QR codes directing visitors to a specific location).

Additionally, we will ensure that administrative accounts set up by organisations have only those access privileges they necessarily need. This principle of least privilege secures the data and privacy of both organisations and their associated users.

Medium Risks with Possible Project Progression Issues

Technical Difficulties of Creating new Buildings

Due to the creation of new buildings within the AtRoom service being a technical difficulty that has the potential to hold up development, the team tackled this issue first, ensuring that the risk was mitigated before moving on to other parts. Knowing how we handle the creation of buildings helped us integrate this critical functionality into our system, which guaranteed project progression was not held up.

Computer Vision for the Automatic Reading-In of Floor Plan Images

Since it is our plan to utilise advanced machine learning and computer vision to automatically read-in floor plan images that are uploaded by a business and convert them into navigation graphs, the AtRoom development team did extensive research into this area, discovering the right techniques and algorithms to do this. Additionally, our main priority so far has been to complete features related to manual graph creation to mitigate the effects of this risk.

Low Risks with Potential Impact on Deployment

Peaks in User Activity at Certain Points in Time

Since AtRoom's first target demographic consists of students on university campuses, it is quite likely that there will be significant peaks in user activity at certain points in time, such as the beginning of a new semester.

To handle the arising differences in user activity and load, we use the platform Vercel, which has an integrated load handler.

Outages of Services AtRoom Relies on

There are risks involved in taking advantage of external tools. If Vercel or Google were to suffer a server outage, this would mean that AtRoom would be unable to function as normal due to the lack of storage access or even hosting issues. Furthermore, if either service's data were to be breached, this would have a direct consequence on AtRoom and its users.

This is why we have chosen to use services provided by well-known organisations that are expected to maintain their servers to the highest standards. When AtRoom moves on to paid hosting, we will moreover benefit from the built-in redundancy these external services provide.