| Status | ||
|---|---|---|
|
| Status | ||||
|---|---|---|---|---|
|
Req ID | Requirement | Layer | Topic | MoSCoW | User group | Functional/ non-functional |
1 | Supports auditing according to Health-RI auditing framework | minimal | Audit and monitoring | M | Data provider | non-functional |
2 | Provides the minimum level of access logging and monitoring (during all steps involving manipulation or processing of data) needed to inform data subjects about the use of their data | minimal | Audit and monitoring | M | Data subject | non-functional |
3 | Provides run time optimization to manage costs | use case | Cost management | M | Data user | functional |
4 | Provides auto-shutdown on a configurable idle time to manage costs | use case | Cost management | M | Data user | functional |
5 | Provides a user-friendly budgeting, cost management and payment system, compatible with funding sources | minimal | Cost management | M | Data user | functional |
64 | Provides transparancy Transparency about costs, including upfront cost estimates based on configuration choices and current user costs | minimal | Cost management | M | Data user | functional |
75 | Supports at least asynchronous continuous uploading of data (e.g. from wearable devices, repeated measurements or federated computations) | use case | Data governance | M | Data user | functional |
86 | Supports version management of datasets | minimal | Data governance | S | Data user | functional |
97 | Supports access to local institute data repositories and data lakes | use case | Data governance | S | Data user | functional |
108 | Provides a process for secure export of data and algorithms to trusted repositories for archiving and reproducibility | minimal | Data governance | M | Data user | functional |
119 | Supports domain and IP whitelisting (trusted data and algorithm repositories for archiving, reproducibility and using up-to-date software) | use case | Data governance | M | Data user | non-functional |
1210 | Supports workflow reproduction | use case | Data governance | M | Data user | functional |
1311 | Supports privacy-preserving data linkage | use case | Data governance | S | Data user | functional |
1412 | Provides automated secure geographically distinct data backup within the SPE | minimal | Data governance | M | Data user | non-functional |
1513 | Supports customization of SPE workflows to support data holder policies | minimal | Data security & privacy | M | Admin | non-functional |
1614 | Only allows downloading of results, data or algorithms after approval by workspace owner/ data holder | minimal | Data security & privacy | M | Data provider | functional |
1715 | Only allows access to specifically managed internet domains and locations | minimal | Data security & privacy | M | Data provider | non-functional |
1816 | Only allows uploading of data or algorithms after approval by workspace owner | minimal | Data security & privacy | M | Data provider | functional |
1917 | Provides a process to close the workspace and/or to retract the access to data after the data permit is expired or the data use agreement has ended | minimal | Data security & privacy | M | Data provider | functional |
2018 | Has sufficient data protection measures in place to process highly sensitive personal data | data classification | Data security & privacy | MS | Data provider | non-functional |
2119 | Has sufficient data protection measures in place to process pseudonymized data | data classification | Data security & privacy | CM | Data provider | non-functional |
2220 | Provides sufficient data protection (e.g. encryption) in transit | minimal | Data security & privacy | M | Data provider | non-functional |
2321 | Provides data encryption at rest | minimal | Data security & privacy | M | Data provider | non-functional |
2422 | Provides access control to enforce data access policies described in the data access agreements | minimal | Data security & privacy | M | Data provider | non-functional |
2523 | Complies with ISO 27001 | minimal | Data security & privacy | M | Data provider | non-functional |
2624 | Provides secure data import from data holder or Health-RI data exchange solution | minimal | Data security & privacy | M | Data provider | non-functional |
2725 | Provides an authorization mechanism for data use | minimal | Data security & privacy | M | Data provider | non-functional |
2826 | Provides lock-down process in case of security issues, data leaks, or other high-impact incidents or risks | minimal | Data security & privacy | M | Data provider | non-functional |
2927 | Provides data encryption in transit between workspaces within SPE | minimal | Data security & privacy | M | Data provider | non-functional |
3028 | Makes use of IAA solutions that ensure identity vetting | minimal | Data security & privacy | M | Data provider | non-functional |
3129 | Makes use of IAA solutions where IdP's enforce best practices for authentication (currently 2-factor authentication with number matching) | minimal | Data security & privacy | M | Data provider | non-functional |
3230 | Provides high-performance data transfer (import and export) | use case | Data security & privacy | M | Data user | functional |
3331 | Supports setting up federated data stations using Vantage6 | use case | Data Sharing and Collaboration | C | Data user | functional |
3432 | Makes use of IAA solutions that allow for collaboration with industry | use case | Data Sharing and Collaboration | C | Data user | functional |
3533 | Makes use of IAA solutions that allow for collaboration with international researchers | use case | Data Sharing and Collaboration | S | Data user | functional |
3634 | Supports API push and pull requests for automated FAIR data access and transfers | minimal | Data Sharing and Collaboration | C | Data user | functional |
3735 | Provides support for FAIR data points protocols (automated data access and transfers) | minimal | Interoperability & Standards | C | Data provider | non-functional |
3836 | Supports portability of workflows to and from other SPEs, HPC systems, and other workspaces within the SPE | use case | Interoperability & Standards | M | Data user | functional |
3937 | Provides scalable compute capacity: flexible starting and stopping of CPUs and GPUs | use case | Performance and Scalability | M | Data user | functional |
4038 | Provides scalable compute capacity: high-speed, API-triggered spin-up of 1000s of workspaces | use case | Performance and Scalability | C | Data user | non-functional |
4139 | Provides scalable compute capacity: secure scale-out to large scale HPC facility | use case | Performance and Scalability | S | Data user | functional |
4240 | Provides scalable, project-optimized storage capacity | use case | Performance and Scalability | S | Data user | functional |
4341 | Provides high-speed storage capacity | use case | Performance and Scalability | S | Data user | functional |
4442 | Provides access to (managed) Docker and/or Singularity container libraries | use case | Performance and Scalability | S | Data user | functional |
4543 | Provides sufficient network speed and RAM to run required software | use case | Performance and Scalability | S | Data user | functional |
4644 | Provides user support on the level of OS | minimal | Support | M | Data user | functional |
4745 | Provides user support on the level of applications specifically installers and license servers | minimal | Support | M | Data user | functional |
4846 | Provides sufficient documentation for user onboarding | minimal | Support | M | Data user | non-functional |
4947 | Provides support for license servers (outbound (whitelisting) and inbound connections). Including support of future co-development of cloud based license servers (microsoft, adobe and others) | use case | Support | M | Data user | non-functional |
5048 | Supports the use of data capturing tools to collect data directly in the SPE | use case | Tools | S | Data user | functional |
5149 | Allows for installation of open-source software | use case | Tools | M | Data user | functional |
5250 | Allows for installation of licenced applications through connection with license servers | use case | Tools | M | Data user | functional |
5351 | Provides a practice environment to experiment with settings | use case | Tools | C | Data user | functional |
5452 | Provides a process for secure installation of open source software, libraries, packages, and containers as well as custom code in the correct version | minimal | Tools | M | Data user | functional |
5553 | Provides user-friendly way to get access to the necessary open-source software, libraries, packages, and containers as well as custom code in the correct version | use case | Tools | M | Data user | functional |
5654 | Provides a process to ensure that software installed from open-source libraries is secure | data classification | Tools | M | Data user | functional |
5755 | Provides a dedicated test environment/workspace ("sandbox") | use case | Tools | C | Data user | non-functional |
5856 | Supports the use of Linux operating system | use case | Tools | C | Data user | non-functional |
5957 | Supports the use of Windows operating system | use case | Tools | C | Data user | non-functional |
6058 | Supports the use of Mac operating system | use case | Tools | C | Data user | non-functional |
6159 | Supports the use of institutional licenses for application use | use case | Tools | S | Data user | non-functional |
6260 | Provides licences for application use | use case | Tools | C | Data user | non-functional |
6361 | Supports version management of software linked to external repository (e.g. Github) for reproducibility | use case | Tools | M | Data user | non-functional |
6462 | Provides documentation on where the data resides with respect to (GDPR compliance) | minimal | TransparancyTransparency | M | Data provider | non-functional |
6563 | Security-level of every delivered SPE workspace is disclosed and guaranteed by the vendor | minimal | TransparancyTransparency | M | Data provider | non-functional |
6664 | Provides documentation on how to configure the SPE for technical and non-technical users | minimal | TransparancyTransparency | M | Data user | non-functional |
6765 | Provides documentation on the compute and storage capacity available for the SPE | minimal | TransparancyTransparency | M | Data user | non-functional |
6866 | Supports single sign-on | minimal | User-friendliness | M | Data user | non-functional |
6967 | Supports federated authentication | minimal | User-friendliness | S | Data user | non-functional |
7068 | Could provide a GUI | use case | User-friendliness | C | Data user | functional |
7169 | Could provide a command line interface | use case | User-friendliness | C | Data user | functional |
7270 | Allows for creation of workspace templates including settings and pre-installed software | use case | User-friendliness | C | Data user | functional |
7371 | Provides remote access | minimal | User-friendliness | M | Data user | non-functional |
7472 | Supports application workflows: Integration with external application- or dedicated workflows through API or message-based protocols | use case | User-friendliness | C | Data user | non-functional |
7573 | User rights/roles are set by default on the workspace level. All VM's VMs of a workspace have the same user rights depending on the role. | minimal | User management | M | Admin | non-functional |
7674 | Provides an option to manage user rights on the VM level. | use case | User management | M | Admin | non-functional |
7775 | Supports different user and admin roles that allow for implementation of the relevant data access policies (e.g. admin rights for data holder and data access rights for data user) | minimal | User management | M | Data provider | non-functional |