URBAN INTEGRATED LTD

Smart urban data platform for city and local authorities

The [ui!] UrbanPulse urban data platform integrates your city or Local Authority data from Internet of Things (IoT) devices and existing systems in real time using open API standards. Creating valuable insights and information for your residents and your city by turning your raw data into smart data.

Features

  • open urban data platform
  • visualisation dashboard
  • scalable cloud-based SaaS based on Microsoft Azure
  • data persistence and flexible data storage
  • complex event processing
  • big data and streaming analytics stack
  • real time communications with end-to-end security
  • open APIs with extensive device and system connectors library
  • supports open urban platform standards e.g. DIN 91357
  • rich data sharing with third party systems

Benefits

  • integration of multiple devices and systems data in one platform
  • real time visualisation of insights and information
  • providing analytics to show trends, patterns and forecasts
  • sharing enriched data with partner systems in real time
  • complex and key event detection
  • city-wide management dashboard
  • feedback control in real time

Pricing

£5,283.33 a licence a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at antony.page@ui-uk.city. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

2 7 2 5 5 7 7 4 0 2 1 8 0 0 9

Contact

URBAN INTEGRATED LTD Antony Page
Telephone: 07890547704
Email: antony.page@ui-uk.city

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints
[ui!]uk provides a cloud-based service designed to be available 24x7x365 with 99.5% reliability. Service and support hours are 8x5x365 from 09:00 to 17:00 (business hours).

Outside of these service hours the service may be interrupted for updates and maintenance. Where possible, notice will be provided of any planned service interruptions.

[ui!]uk retains the right to service and maintain the software during the following windows, if it so chooses, maintenance of the software may cause service unavailability during these periods.

Wednesday - Weekly - 20:00 – 07:00
System requirements
  • Access to internet browser
  • Internet connection
  • Access to data sources to be integrated

User support

Email or online ticketing support
Email or online ticketing
Support response times
A maximum response time of two business days is guaranteed.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Day-to-day [ui!] UrbanPulse product support is already included in all pricing options. To see a breakdown of the support we offer visit the "Support" section of our service definition document.

Additional services supporting open data, data sharing, data analytics and data visualisations are costed in the rate card.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Once a client has made an order, the client is provided with online documentation, Open API documentation (Swagger API) and a PDF description of the platform.

We can offer, at additional cost, training online for additional users. These will be planned in the implementation phase.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
We do carry out data extraction, but as your requirements will be specific to your project or purpose, we do not offer a standard price.
End-of-contract process
As part of the offboarding process we will agree with the buyer data retention and/or data extraction requirements. Data retention and data extraction are not included in the price of the contract as each buyer's requirements will be specific to their own need, quantity of data and future use plans.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
No
Service interface
No
API
Yes
What users can and can't do using the API
The [ui!] UrbanPulse management provides a set of REST APIs that allow users and applications to manage the whole platform including the configuration of sensors, connectors, users, and subscriptions for events. [ui!] UrbanPulse Management also exposes a Swagger description of its API.
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Authorised users can customise the platforms configuration via our Open API (Swagger) API interface.

Scaling

Independence of resources
Each client is provided with their own instance of [ui!] UrbanPulse. We use the latest server resource management tools, such as Kubernetes, as well as the highly stable Microsoft Azure server cloud, to ensure that each instance of [ui!] UrbanPulse can be run completely independently. Through this methodology high demand by one client does not have any effect on another.

Analytics

Service usage metrics
Yes
Metrics types
The [ui!] UrbanPulse management provides real time service health and monitoring, we can also generate reports on service up-time, data transfer and storage amounts over time. Reporting on bespoke KPIs can be explored with the buyer before platform set up.
Reporting types
  • API access
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Urban Software Institute GmbH

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
No
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
They can use our Open API to retrieve all the data from all the data sources. The data will be returned in JSON format.
Data export formats
Other
Other data export formats
JSON
Data import formats
  • CSV
  • Other
Other data import formats
  • JSON
  • CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
All data connections in [ui!] UrbanPulse are at least over TLS. In addition, several VPN configurations are supported to accommodate the customer's needs. Data can be optionally encrypted for increased privacy protection.

Availability and resilience

Guaranteed availability
[ui!] provides a Microsoft Azure cloud-based service designed to be available 24x7x365 with 99.5% reliability. Service and support hours are 8x5x365 from 09:00 to 17:00 (business hours).

Where [ui!]uk fail to meet the service levels, and where that failure is neither a material breach of the contract nor due to third-parties beyond our control, we work closely with the Buyer to understand the nature and impact. Where we are unable to remedy the service level failure within agreed time frames, we will offer the Buyer a discount equivalent to one twelfth of the annual cost at the next anniversary.
Approach to resilience
Our approach to resilience is comprehensive and formed over many years of delivering urban data platforms.

We utilise automatic recovery and failsafe methodologies to ensure that our service provides a high level of availability and resilience when interacting with third party systems. We have a culture of continuous quality, by utilising our strict quality assurance and continuous integration practices, we provide a high-quality stable data platform.

Further details are available on request.
Outage reporting
Through email alerts.

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
Access Management: our security scheme is based on Apache Shiro, an Open Source industry-standard application security that performs authentication, authorization, Cryptography and session management.
Authentication: LDAP, JDBC, Active Directory.
Authorisation: role-based and fine-grained permissions.
Access restriction testing frequency
At least once a year
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
We see security as an inseparable unit of secure development, product security, secure operation, and security incident management. Without such continuity and focus on the security of a software system, it is difficult to achieve and maintain the level of trust required for the continuous, secure operation of a city data platform over time. We call our approach “Concept of IT Security”, more information is available on request.

We are working towards security governance standard award at date of submission.
Information security policies and processes
Product risk assessment: this phase identifies and assesses the risks arising from the introduction of new functionality and what measures need to be taken to address them.

Advanced threat analysis: we have developed a system security analysis concept that combines the full use of IoT devices and access to infrastructure, with much of the software used operating in the cloud. In order to successfully meet the needs of both worlds, we combine two well-known threat modelling frameworks: TARA (Threat Agent Risk Assessment) and STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure (Privacy breach or Data Leak).

Secure development process: as soon as the implementation decision is made, we follow the premises of the Secure Development Process. It integrates security practices into the software development lifecycle to verify the security of developed applications before they are deployed.

Security awareness coding tools: as part of our continuous security audit infrastructure, we have integrated code-check tools and corresponding plugins into our development environments so that our engineers can solve potential problems and identify and correct developments.

Automated pen tests: our continuous security testing is an integral part of our Continuous Integration and Continuous Delivery processes, which focuses on OWASP ZAP.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All development work is tracked using Azure DevOps platform, and Continuous Integration Pipeline, this enables easy traceability of all product changes through the lifecycle of the product.

At each step of analysing and performing a change request, our Concept of IT Security approach is applied to assess for security issues. From risk assessments, threat analysis, secure development process, security focused automated testing of each code change as well as penetration testing of all components.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
The process depends heavily on the continuous, automated security validation we perform with our CI/CD infrastructure. Here we follow the industry standard process for dealing with vulnerabilities discovered in the context of automated pen tests (OWASP ZAP).

When vulnerabilities and threats are detected they are added to our development backlog and prioritised according to our impact assessment.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
A dedicated team of security specialists conducts security response measures. The security response process consists of the following activities: detecting, evaluating, diagnosing, stabilizing, and closing. The process depends heavily on the continuous, automated security validation we perform with our CI infrastructure. After a security incident, our team will perform an internal investigation of the event to identify possible technical or communicative defects, procedural errors, manual errors, process errors that may have caused the security. We will inform affected clients if services are compromised and keep them up to date with our efforts to remedy the situation.
Incident management type
Supplier-defined controls
Incident management approach
The process depends heavily on the continuous, automated security validation we perform with our CI/CD infrastructure. Here we follow the industry standard process for dealing with incidents. Users can report incidents via the Zendesk. When incidents and threats are detected they are added to our development backlog and prioritised according to our impact assessment. Incident reports are provided on request.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£5,283.33 a licence a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at antony.page@ui-uk.city. Tell them what format you need. It will help if you say what assistive technology you use.