Guidance for Improving Workforce Health & Safety on AWS

Overview

This Guidance shows how to use AWS services to address workforce health and safety concerns in high-risk industrial environments. It enables virtual training of new and existing employees on standard operating procedures, reducing onboarding risks and associated hazards. It can also help prevent accidents through real-time monitoring, breach detection, and instant alerting. Computer vision and artificial intelligence models can be configured to ensure adherence to environmental, health, and safety protocols by identifying violations like improper protective gear usage or access to restricted areas. Interactive dashboards and 3D visualizations provide insights into risk patterns, historical trends, and compliance metrics. Additionally, natural language processing capabilities can summarize relevant information and recommend training based on the identified hazards.

How it works

Overview

This architecture diagram consists of three integrated modules that address key stages of workforce safety and compliance. This diagram provides a conceptual overview of each module and its interdependencies.

Download the architecture diagram Overview Step 1
The edge location represents the on-premises or operational site where data is collected from various sources, such as Internet of Things (IoT) devices (gas leak detectors), video streams (entrance monitoring cameras), Programmable Logic Controllers (PLCs), and on-site documents (health and safety observations). This location also provides edge computing capabilities, including machine learning models for computer vision to detect health and safety hazards from video feeds. Additionally, it facilitates the management and control of on-site robotic systems used for inspection and monitoring tasks.
Step 2
The data stream module ingests real-time data from industrial equipment, on-site video streams, and IoT device shadows.
Step 3
The data lake establishes a centralized, secure data repository for storing and curating all workforce health and safety data. It acts as a scalable and durable storage solution, enabling efficient data preparation and analysis within days.
Step 4
The metrics and data visualization module presents workforce health and safety metrics, including safety violations and risk mapping, through dashboards and 3D visualizations. It enables direct analysis of data from the centralized data lake.
Step 5
The artificial intelligence and machine learning (AI/ML) module utilizes computer vision models for video analysis. It also develops risk prediction and inference models from IoT and document data using foundation models, uses large language models (LLMs) to summarize content, and provides training recommendations for improving workforce health and safety.
Step 6
End users interact with this solution through a conversational chatbot interface. They also receive notifications and alerts across various devices.
Data ingestion

This architecture diagram displays an edge location component that represents the on-site operational environment. It enables data ingestion from IoT devices, video streams, PLCs, and documents.

Download the architecture diagram Data ingestion Step 1
At the edge location, various telemetry data and video streams are collected from on-site sensors and cameras. This includes equipment status data, entrance surveillance videos, video feeds for personal protective equipment (PPE) detection, vehicle collision detection, and data for controlling robotic systems.
Step 2
Use AWS IoT Greengrass Core to establish secure connectivity and facilitate data exchange with IoT devices running on FreeRTOS and other operating systems. It uses the open-standard message queuing telemetry transport (MQTT) protocol for publishing and subscribing to telemetry data streams from these devices.
Step 3
IoT Greengrass facilitates machine learning inferences locally on devices using models that are created, trained, and optimized in the cloud, enabling health and safety risk prediction.
Step 4
With the Amazon Kinesis Video Streams Edge Agent, you can locally record and store video from the cameras. You can also stream videos to the cloud on a customer-defined schedule for long-term storage, playback, and analytical processing.
Step 5
AWS IoT SiteWise Edge allows you to collect, organize, process, and monitor equipment data on-premises. Local applications that use data from SiteWise Edge will continue to work even during intermittent cloud connectivity.
Step 6
Local documents, such as health and safety records, are stored on edge servers and streamed to the cloud for further processing and analysis.
Data streaming & processing

This architecture diagram displays how data from the edge location is processed and ingested to a data lake.

Download the architecture diagram Data streaming & processing Step 1
Use AWS IoT Core to maintain device shadows (digital twins) for all connected IoT devices, enabling secure cloud connectivity, device management, over-the-air (OTA) updates, and robust security for the device fleet.
Step 2
Use AWS IoT SiteWise to unlock real-time data from industrial equipment, delivering an organized view of live and historical health and safety insights.
Step 3
Use Amazon Kinesis Data Streams and Amazon Kinesis Data Firehose to stream health and safety data to capture, process, and store data streams at any scale.
Step 4
Amazon Kinesis Video Streams securely ingests video feeds from edge devices using the Kinesis Video Stream Edge Agent, enabling video analytics, machine learning, and processing for health and safety monitoring.
Step 5
Amazon Textract, a machine learning service, is utilized to automatically extract text, handwriting, layout elements, and data from scanned on-site documents, such as health and safety observation reports.
Step 6
A health and safety data lake is built in Amazon Simple Storage Service (Amazon S3) to store raw data. It also stores curated, processed datasets, enabling efficient storage and access for analysis and reporting.
Step 7
AWS Glue and AWS Lake Formation are utilized for data discovery, governance, and management within the Amazon S3 data lake. AWS Glue enables data transformation and enrichment tasks, ensuring the data is properly prepared for analysis and reporting purposes.
Step 8
Curated and processed datasets are created and stored in Amazon S3, enabling centralized access to the refined health and safety data for downstream analysis and reporting tasks.
Step 9
Amazon S3 Glacier Deep Archive provides secure, cost-effective long-term archival storage for large volumes of infrequently accessed raw health and safety data.
Step 10
Amazon SageMaker Ground Truth enables building accurate training datasets by guiding you through structured workflows for labeling images, audio, text, and other data types.
Step 11
Amazon SageMaker is utilized to build, train, and deploy risk prediction and inference models based on IoT data and document repositories. These models can optionally be deployed at the edge on IoT Greengrass Core devices for localized inference and decision-making.
Step 12
Amazon Rekognition can detect the presence and usage of PPE in images and video feeds from the operational environment. This enables monitoring and enforcing proper PPE practices.
Step 13
LLMs on Amazon Bedrock summarize and query health and safety content, enabling natural language information retrieval.
Step 14
Amazon OpenSearch Service and Amazon Kendra serve as the backend for Retrieval Augmented Generation (RAG), enabling efficient retrieval and integration of relevant information from health and safety data repositories. This enhances the responses and outputs generated by the LLMs.
Data visualization & notifications

This architecture diagram shows how data is ingested and used for dashboards, 3D visualizations, and risk mapping.

Download the architecture diagram Data visualization & notifications Step 1
Use Amazon Athena and Amazon QuickSight for analytics. For one-time requirements, publish the data catalog and use Athena for direct analysis using the data lake.
Step 2
Use AWS IoT TwinMaker to create digital twins, which are virtual representations of the physical operational environment. This enables mapping risk levels and other health and safety metrics to 3D asset models, providing an immersive and intuitive visualization of potential hazards and areas of concern.
Step 3
Use Amazon Managed Grafana to create a dashboard for the visualization of the digital twin.
Step 4
Build a real-time health and safety dashboard using microservices and AWS AppSync. Deliver alerts to multiple channels using Amazon Pinpoint.

Well-Architected Pillars

The architecture diagram above is an example of a Solution created with Well-Architected best practices in mind. To be fully Well-Architected, you should follow as many Well-Architected best practices as possible.

Operational Excellence

AWS IoT Core enables seamless onboarding of devices through just-in-time provisioning, registration, and multi-account support. This service empowers efficient changes, impacts forecasting before implementation, and maintains operational excellence throughout the workforce health and safety lifecycle.

Devices can be associated with metadata using the device registry and the AWS IoT Device Shadow service.

Lastly, integration with Amazon CloudWatch allows for monitoring of incoming data streams and alerting on potential issues. By understanding service metrics, you can optimize event workflows and ensure scalability.

Read the Operational Excellence whitepaper

Security

By using AWS Identity and Access Management (IAM) and AWS IoT Core policies, this Guidance prioritizes data protection, system security, and asset integrity, aligning with best practices and improving your overall security posture. These policies enable granular access control, limiting permissions to only the necessary level. Specifically, AWS IoT Core policies regulate which devices can send data to specific MQTT topics and how they can interact with the cloud. This approach prevents unauthorized access, mitigating potential security risks such as accruing unintended charges or devices being compromised to send malicious commands.

We recommend enabling encryption at rest for all data destinations in the cloud, a feature supported by both Amazon S3 and AWS IoT SiteWise, to further safeguard sensitive information.

Read the Security whitepaper

Reliability

Through multi-Availability Zone (multi-AZ) deployments, throttling limits, and managed services like Amazon Managed Grafana, this Guidance helps to ensure continuous operation and minimal downtime for critical workloads. Specifically, AWS IoT SiteWise and AWS IoT TwinMaker implement throttling limits for data ingress and egress, ensuring continued operation even during periods of high traffic or load.

Furthermore, the Amazon Managed Grafana console provides a reliable workspace for visualizing and analyzing metrics, logs, and traces without the need for hardware or infrastructure management. It automatically provisions, configures, and manages the workspace while handling automatic version upgrades and auto-scaling to meet dynamic usage demands. This auto-scaling capability is crucial for handling peak usage during site operations or shift changes in industrial environments.

Read the Reliability whitepaper

Performance Efficiency

By utilizing the capabilities of AWS IoT SiteWise to manage throttling, as well as the automatic scaling of both AWS IoT SiteWise and Amazon S3, this Guidance can ingest, process, and store data efficiently, even during periods of high data influx. This automatic scaling eliminates the need for manual capacity planning and resource provisioning, enabling optimal performance while minimizing operational overhead.

Read the Performance Efficiency whitepaper

Cost Optimization

Cost savings for this Guidance are primarily realized through reduced on-site operational efforts, regulatory compliance costs, and human resource expenses. AWS IoT SiteWise and AWS IoT TwinMaker are cost-optimized, managed services that provide digital twin capabilities at a low price point. Their pay-as-you-go pricing model ensures you are only charged for the data ingested, stored, and queried.

AWS IoT SiteWise also offers optimized storage settings, enabling data to be moved from a hot tier to a cold tier in Amazon S3, further reducing storage costs.

Read the Cost Optimization whitepaper

Sustainability

The services in this Guidance use the elastic and scalable infrastructure of AWS, which scales compute resources up and down based on usage demands. This prevents overprovisioning and minimizes excess compute capacity, reducing unintended carbon emissions. You can monitor your CO2 emissions using the Customer Carbon Footprint Tool. Additionally, the agility provided by technologies like digital twins (AWS IoT TwinMaker), event-based automation, and AI/ML-based insights empowers engineering teams to optimize on-site operations, increasing efficiency and minimizing emissions from industrial processes.

This Guidance also promotes efficient data storage by utilizing the Apache Parquet format in the AWS IoT SiteWise cold tier on Amazon S3, an open-source, column-oriented data file format designed for efficient data storage and retrieval, reducing storage overhead and associated emissions. Furthermore, by using data visualization and natural language processing generative AI through Amazon Bedrock, this Guidance can identify unknown areas of risk based on collected historical data, allowing you to assess the effectiveness of interventions and further optimize on-site operations for increased efficiency and reduced emissions.

Read the Sustainability whitepaper

Read usage guidelines