We play adult cars-2: how we became a telematics supplier for car sharing and opened 5 offices around the world

    2 years ago, we started a blog on Habr, starting with a review text about what we do, what technologies we use and where we are moving. Since 2017, a lot has changed, and today we will tell you how to make our decision - the Connected Cars global management platform, which is used by many users and companies of various levels. The material is broken down by process, from problem statement to deployment.

    Flagship Product Bright Box - Remoto- a technologically sophisticated, rich in functionality platform for Connected Car, which includes equipment, software for dealers and car manufacturers, plus a mobile application for the user. According to primary Bright Box analytics among car owners, it turned out that first of all they need remote control of door locks, climate control and search for a car with alerts about shock or evacuation. The latter is already a classic. Now the Remoto block provides the user with the following services: remote control of vehicle functions, the ability to receive data from hardware and CAN, GPRS, SMS, Bluetooth and control of the output power to the electronic ignition unit. The user receives this information in a mobile application.

    And such a user can be not only the owner of the machine. Information available for collection can be a useful tool for many car market participants. For example, car sharing. Today, car sharing companies are the most active players in the automotive market. Moscow has become the number one city in the total number of cars involved in car sharing. By 2020, car sharing should reach the mark of 40 thousand cars in Russia. Car sharing companies become owners of the following data: mileage, GPS coordinates, speed, door status and fuel level. The key to all this is a smartphone, which is a cheaper and safer option.

    Andrey Kuprikov, co-founder and director of business development at YouDrive and one of Bright Box's clients:
    “Car sharing without a telematic solution is hard to imagine. Our platform is obliged to collect all possible information about the car, what and how it happens. Otherwise, it will affect the business. It is telematics that gives information about the cost of repairs and spare parts, the cost of downtime of a car that is under repair due to the fault of a speed lover. With a telematics device on board, you can build a unique user loyalty program. ”

    Since the beginning of this year, Remoto has become a solution provider for two large car sharing companies, YouDrive and EasyRide, with 1,000 cars in its fleet. Using the solution in car sharing is not only convenient, but also effective from the standpoint of security and the financial side - in the form of reducing the risk of accidents and in the loyalty program. With the development of car sharing, user data is being accumulated, and now car sharing, like banks, has a certain customer scoring system. We wrote about the logic of the operation of scoring algorithms for car sharing users, analyzing first the scoring algorithm based on sharp accelerations and braking, and then the driving style analysis algorithms based on the values ​​of speed, engine speed and accelerometer indicators .

    But we are actively working not only in the Russian market, but this is an additional challenge. With the expansion of the geography of work, it became clear that the correct and effective restructuring of the engineering vertical is a key moment of development.

    Say Vitaliy Baum, Chief Product Officer
    and Vyacheslav Sokolov, Chief Engineering Officer:

    Our system consists of a set of components. In engineering, dedicated teams are responsible for them. In fact, Engineering includes 3 business processes and a set of supporting services.

    The following business processes can be distinguished within Engineering units:
    • Development of a telematic device with embedded software for integration with cars. Deals with the HW engineering department.
    • The process of manufacturing devices for a specific client by order of a business unit. Responsible for Manufacturing
    • Development of Remoto Cloud Services, responsible for the interaction of the client, user and telematics device. It is a multitude of backend services with a set of portals for various users, client mobile applications, Data lake. The production is handled by the Product management department. The development of the entire software part is the Product Development department, with releases and support, the RCS operational team.

    It is worth noting that the task of determining the functional requirements for a particular feature lies with the Product Management department, which, in addition to product experts, also includes analysts and designers. Further, the requirements go to the Product development department, which faces the difficult task of decomposing features into system components, including device firmware. This task is handled by the Product Development Architect, along with a team of systems analysts.

    What does product planning look like? Recently, product management has become part of an engineering team. And such an organizational structure was reflected in how we started to work. The PM team determines which product should be in general, what functions it should have, regardless of system components. It turns out a brief - a superficial description of what needs to be done in the task. After that, functional specifications are prepared, which we call FSD, or a set of job stories - for example, the ability to send an application “register for maintenance” in the product. Each feature is described by a set of similar job stories.

    PMs are also involved in technical design. They perform a technical analysis of the functional specification and create a technical design - TDD (Technical Design Document), discuss this technical design with developers, and land it under their understanding. After the functional requirements and technical design are written, we begin to work on the interface - this is the user experience interface.

    Thus, product engineers form a certain set of “units” of utility for the customer (“sign up for maintenance” can be such a unit of utility) and pass it on to a specialist who describes the logic in this set. Usefulness in an application for maintenance means that the customer can fill out a form with the necessary information, which coincides with what dealers expect when submitting an application for maintenance. The product specialist also analyzes the market, studies what should be in the product and what value it gives to customers.

    Our product experts today communicate more with business within the company or with customers directly. Roadmap is formed by the roadmap committee, which includes the top managers of the company to take into account all areas of the company's development. The committee meets once a quarter.

    This is done in order to coordinate common understandings and ensure product integrity so that features smoothly fit into the current vision of the product.

    There is a separate service - cyber security, which interacts with people working with devices and specialists from the backend department in order to identify vulnerabilities, close them and assess risks, which these risks can lead to. Today, the Chief Engineering Officer, who also leads the product team, sets the task for this division, and she, in turn, communicates with the client and understands what is now needed in order to comply with all cyber security standards. All this is included in the release plan, vulnerabilities are closed, certificates are obtained and, in general, the security gap is eliminated.

    After the functionality has been worked out by the engineering and evaluated by the security department, its specification goes to the product development team, where the working group decomposes the functions according to the components of the system - what relates to the backend, what to the device, what the mobile application should be able to do. Product development team and HW engineering team agree on cooperation, everything comes down to a joint plan and disagrees on teams.

    How do we deploy

    At the end of development, the collected result undergoes integration testing and rollout to the release on the cloud platform. On the cloud platform where we host (Azure), hosted environments for customers. The environment is responsible for the operating team in which the engineers, DevOps and support work.

    Comment from Vladimir Glazkov, Senior DevOps Engineer:

    Our entire infrastructure is described in code form. We make all changes only through the code. This approach reduces the risk of the human factor during updates. It also allows you to quickly deploy an additional instance of the environment for some temporary urgent needs. In the event of a computing power failure (VM / VMSS), you can quickly deploy a new instance.

    About CI / CD - at the moment we use a bunch of TeamCity / Octopus Deploy. TeamCity is in the process of assembling .net projects, Unit tests are launched, after which a release is created in Octopus and deployed to the appropriate targets (VM / VMSS / K8S). After a successful deployment, acceptance tests are launched. If any of the tests crashes, the development team will be notified.

    Initially, for each business project, separate sets of resources were created, including CI / CD tools. Quickly enough, the realization came that with an increase in the number of projects, this approach is doomed to failure - it is simply impossible to administer such a zoo effectively. Two years ago, a unification project was launched, which ended 4 months later. In its process, the core components of the system were allocated, for them the assembly and deployment process is the same for all environments. The ability to add an assembly / deployment of additional components specific to a particular business project was also described and implemented. When creating new environments, individual instances of TeamCity & Octopus are no longer required. Scripts were written that, through the API, create and configure all the things necessary for assembly and deployment.

    We came to the following use of environments: for development, each team uses two environments:

    • the first for, in fact, the development of new functionality, verification of features by the author, etc .;
    • the second is for stabilization.

    There can be many such sets of environments; servicing them is quite simple in view of the unification carried out.

    There is also an environment for acceptance of the release by the team responsible for the combat environment. It passes the final test before the release in production.

    We have an agreement with developers about the device for transforming configuration files. In each project, there is a file that contains a set of parameters that have different meanings on different environments. Developers fill out the file with the necessary parameters (database connection strings, connection keys, etc.), the values ​​of these parameters are variables. For each environment, the values ​​of these variables are individual. With this approach, developers do not interfere with collecting locally and checking for themselves. Variables are stored in Octopus Deploy.

    For monitoring, we use Azure Monitor, Application Insights and Log Analytics. Zabbix is ​​living out its time, probably in the future it will be assigned the honorable role of external checks.

    When I joined the company, creating a new environment took three weeks. There were almost no instructions, changes were made manually and were not recorded anywhere. Our journey to IaaC began with simple automation, which reduced the process to 1 week. Now creating a new environment takes 4 hours. Automated about 95% of the actions.

    Our backend is written in .net (4.6 / 4.7 and core), the front is JS. For hosting we use Virtual Machine Scale Sets and K8S. Accordingly, it is very easy to scale under load changes.

    How the system works inside

    Says Ivan Stolet, Head of Platform Development Bright Box:

    You can always find a diagram of the current architecture on the site .

    All data in the system is stored distributed. There are separate databases for the storage of personal data with reference to the region and organized in accordance with local legislation. There are databases in which the content part of customer retention services, storage of news, applications, data from various integration systems of dealers and car manufacturers is accumulated. Separately, processed telemetry information is collected, as well as settings and other data necessary to ensure the operability of Remoto services and our devices. We collect cold telemetry data separately using databases designed to store huge amounts of information. Aside, separate data warehouses have been built that provide the ability to operate Remoto AI systems.

    Data collection from devices is carried out using Microsoft's IoT solution. Devices are connected to the platform, the platform collects all telemetry and puts it in an intermediate temporary data storage event hub. Our workers are already connected to event hubs, process telemetry, record cold data and processed data, such as routes and traffic events, and execute commands. A separate service can request diagnostic data from the device, analyze the condition of the car and build custom reports.

    For custom mobile applications, an API is implemented, with which the user gets access to the processed telemetry, as well as the ability to execute commands for the device installed in the car. The same API is used to gain access to customer retention service data, a user receives news, special offers from dealers and car manufacturers in his mobile application, has the opportunity to use services, for example, fill out an application for a test drive or a loan. Through the mobile application, the user can set the settings for the device, activate telematic services, such as push about shock, speeding or leaving the zone, as well as configure automatic engine start according to schedule or temperature.

    Dealers, in turn, using the provided portals have the opportunity to run diagnostics on the user's device, block remote engine start, for example, for technical work or after-sales service, form a special personal offer, and also process user requests. Communication with the user in such cases is most often carried out using push notifications.

    The dealer also has the opportunity to customize the mobile application, the dealer or the automaker can paint the application in the colors of his brand, change key icons, determine the set of functions available in the application and some other cosmetic functions, a separate portal has been created for this.

    To provide customer support, there is a technical portal in which you can validate the current settings of users and their devices, diagnose the device’s operability, if necessary, the data can be adjusted at the request of the client, for example, if the user chose another car model during the configuration, the support specialist can fix it. The portal also provides the possibility of FOTA (firmware over the air) updating the firmware of a device or group of devices in the event of a new version of the firmware with new functions or bug fixes.

    And a few words about security

    Comment by Artem Nerob, CISO:

    Today, the company's security team is in active dialogue with business.

    We strive to comply with legal requirements: personal data law and GDPR. It is more important than ever to establish a safe development cycle process, i.e. adding some control points to the current development procedures in the form of code verification before the application is released, additional third-party code analysis, raising the awareness of developers in terms of how to write safe code initially. World practices and standards highly recommend concern for safety during development, and not after it. Because after the release, the cost of fixing the vulnerability is 30% higher. We periodically check product safety by customers, i.e. penetration tests. Given the strengthening of information security, we are now passing these tests quite successfully,

    Today we have a team for conducting penetration tests, and we consider it as a team that will help us in the development process to do some review of code security to be taken into account in future releases. These will not be full penetration tests, but simply a review that will be built into our development business process, which is extremely correct from the point of view of a safe code development cycle.

    In addition, we have confirmed the certificate of ISO 27001 , the standard for information security management according to an audit by BSI.

    How do we live and what's next?

    Here at Bright Box, we are constantly looking for ways to develop Remoto's Connected Car platform.
    And our technologies have already helped manufacturers, regional offices, importers and large dealer networks not only increase revenue, but also significantly improve customer retention and, most importantly, reduce operating costs. Over the past two years, companies such as Honda, Motor Car, MINI have become our customers. At the end of 2017, the company itself became part of the Zurich insurance group.

    Employees of the company joke that Bright Box works in an "atmosphere of bullying and envy." Of course, this is not so. But those who do not work with us as a team have some reasons for envy:

    Flexible social package: each employee has the right to choose what to spend the budget allocated for this in the amount of his salary, but not exceeding the average salary in the company.

    Here we provide ample opportunity to choose the type of "cafeteria":

    • VHI (any medical expenses from one-time visits to doctors to medicines and medications), life insurance, dentistry (including implantology);
    • Any sports activities (from climbing to yoga);
    • CTP / CASCO, parking in the territory of the business park;
    • Learning any foreign languages;
    • Co-financing of personal travels (visas / tours / tickets / hotels);
    • Kindergarten.

    It is worth noting that company employees can use the social package for members of their family, whether it is medicine, fitness or vacation.

    Flexible start time and long work days?

    Many companies seem to provide flexible work hours, but this is far from the case.
    We do not limit our engineers and developers to the allocated number of days of remote work per year, but provide every week on Tuesdays and Thursdays the opportunity to work remotely. We are familiar with the concept of work-life balance and we won’t be prevented from picking up a child from kindergarten or visiting school on September 1st, just as we will not interfere with visits to exhibitions and other events. Employees can complete urgent tasks from home.

    Travel around the world and work in the company's offices in Dubai, Budapest, Zurich, New York at will.

    Projects are launched quite often, and our engineers and developers go on business trips around the globe. And if the position does not involve business trips, you can ask your manager for remote work in one of the company’s offices.

    Many people dream of spending the cold season in a warm climate - at your service is the opportunity to leave for Dubai and work remotely from the Dubai office.
    Want to live in Europe? No question, coordinate the remote work from the Budapest office.

    Relocation to Budapest

    For those wishing to work in Europe or at the call of service, we find a place in our office in Budapest, we help with paperwork for employees and families, moving and finding housing. This is a fairly lengthy process, which takes an average of 3 months. So be patient.


    Company employees are divided into three types, based on their tasks. Each of them has its own bonus system:

    Creators are those who create the product. The Creators have a decent level of salary in the IT market, so in their case bonuses can be for "over" the result. And this is determined by the immediate supervisor, who works closely with each of the employees and can evaluate the work done.

    Vikings are those who conquer new territories and make a profit for the company. There are Vikings who are involved in product implementation - they participate in the bonus pool, which is determined individually for each project, depending on complexity. There are Vikings who are engaged in sales - they receive bonuses in the amount of 1-2% of the cost of the implemented project.

    Farmers are those who serve the Creators and the Vikings. Their bonuses amount to a maximum of 1 salary per quarter, and the total amount is calculated based on personal achievements and team goals.

    So if you always wanted to be a Viking, but with time and the country did not work out - maybe you should try to become one within our company.

    Future parents

    On the occasion of the employee’s birth, the company provides a pleasant bonus in the form of a gift for a pram or in the form of a cash payment.

    And if you are ready to leave the decree earlier than it should be, then you can safely count on a bonus surcharge to your salary, which is established by the company’s policy.

    Bright Box is in search of talent. If it seemed close to you that you read, and you love cars and artificial intelligence, come .

    You can subscribe to regular news, articles and analytics from the world of Connected Cars here . There is also an official Driving to the future blog on Medium .

    Also popular now: