Green Vertex

Green Vertex Simulation Platform

The Green Vertex Simulation Platform provides an easy to use means of launching, hosting and orchestrating sweeps of simulations / digital twin studies. This allows you to explore "what if" scenarios, prove or disprove ideas, and quantify predictions, with strong simulation based evidence backing it up.

Features

• Cloud based - access anywhere, reliable, scalable
• Web interface for managing simulation sweeps
• Launch simulations by describing the input parameters to explore
• Leave the platform to manage distributed execution of your simulations
• View simulation sweep results
• Drill down into the details of a specific simulation

Benefits

• Fast - simulations are distributed across servers in the cloud
• Easy to use
• Reliable and resilient

£120 a licence a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@greenvertex.dev. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

109046646323491

Contact

Chris Brett
07901685688
info@greenvertex.dev

Service scope

• Service constraints: Simulations hosted on the platform must conform to a standard method of launching the simulations (with command line arguments specifying simulation inputs) and storing their results (in files). In some cases, a wrapper must be placed around your simulation to make it conform to this constraint.
• System requirements: An updated mainstream browser (e.g. Chrome, Firefox, Edge)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Typically within 2 hours for urgent matters, at most 3 working days
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Users are provided a link to a website for support chat.; Users can message our support staff and see responses.
• Web chat accessibility testing: We scan our site with the webaim.org WAVE Web Accessibility Evaluation Tool and correct errors.
• Onsite support: Yes, at extra cost
• Support levels: We provide 1 level of support to all users of the platform. We aim to respond within 2 hours. Our automated monitoring and alerting system will allow us to identify issues and start working to resolve them before our users. We provide a single point of contact for support.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide documentation and remote training
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: A data dump can be performed and the results downloaded.
• End-of-contract process: At the end of the contract, the customer will no longer be able to trigger new simulation sweeps. Their simulation results will be available to download for a grace period of 1 month.

Using the service

• Web browser interface: Yes
• Using the web interface: Through the Green Vertex Simulation Platform web interface, users can:; - Manage their account details; - Manage their simulation settings; - Trigger simulation sweeps by describing the input parameters they want to explore; - View and manage simulation sweeps; - View simulation sweep results; - Drill into what happened in specific simulations
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: We scan our site with the webaim.org WAVE Web Accessibility Evaluation Tool and correct errors.
• Web interface accessibility testing: We scan our site with the webaim.org WAVE Web Accessibility Evaluation Tool and correct errors.
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: The platform is based on a cloud native design. It inherits the underlying horizontal scalability characteristics of our cloud provider.
• Usage notifications: No

Analytics

• Infrastructure or application metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Simulation sweep definitions
  • Simulation results
• Backup controls: Users do not control back-ups - they are performed automatically
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: SLAs are negotiable on request. Typically we will provide 99.9% availability with a proportionate refund of service cost.
• Approach to resilience: The application has a cloud native design, spread over multiple data-centres. Data is stored in multiple locations. There are multiple end-points running at any given time to service requests. This is all backed by AWS's resilient technologies. More details available on request.
• Outage reporting: Users will receive email notification in the event of service outages.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Projects are assessed during the design phase to identify roles needed to fulfil them. Personnel are assigned to these roles. Role-based access control restricts access to management interfaces and support channels. When personnel working on a project change, roles are reassigned. As project requirements change, they are reassessed to identify changes to roles.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
• Devices users manage the service through:
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Security is managed through a proactive, standardised process.; The two core concepts of our approach are Principle of least privilege (users only have access to what they need to) and defence in depth (systems have multiple levels of protection).; Our risk management process covers identifying, triaging and managing risks. ; Our incident response process includes triggering an incident, escalating, incident roles, mitigating, communicating and resolving incidents.
• Information security policies and processes: All incidents and risks are reviewed by a director. New employees receive training on these policies. Employees have routine refresh training on our policies. ; Our data protection policy ensures that data is held and processed in compliance with the GDPR. ; Our risk management process covers identifying, triaging and managing risks. ; Our incident response process includes triggering an incident, escalating, incident roles, mitigating, communicating and resolving incidents.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Infrastructure and software changes are tracked through standard version control systems. All changes are peer reviewed and have automated security appropriate assessment tools run on them.; Changes are restricted to appropriate personnel, and records of changes stored in audit logs.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We assess threats to our services using a combination of automated scanning (using Amazon Inspector) and manual assessment.; Security patches are deployed within 14 days of them becoming available.; We are also subscribed to mailing lists for our software, which notify of security vulnerabilities.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We use automated inspection tooling (Amazon Inspector) to identify vulnerabilities and unusual behaviour of our infrastructure.; We follow our standard incident response process when identifying a compromise. This involves mitigating the issue, potentially by shutting down infrastructure, identifying a more permanent fix and communicating with stakeholders.; Our response time for severe incidents like this is 30 minutes.
• Incident management type: Supplier-defined controls
• Incident management approach: Users report incidents by email or our online support desk. 24/7 support is available by phone.; Incident reports are provided at our customer's requests and are in the form of a document.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: Amazon Web Services
• How shared infrastructure is kept separate: Different organisation's projects are run within different VMs. Where the solution uses "serverless" tools, AWS built-in separation is used between container instances.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: AWS Datacentres adhere to the EU code of conduct for energy-efficient datacentres. More information: https://aws.amazon.com/about-aws/sustainability/

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Wellbeing

  Fighting climate change

  Being a simulation platform, we can help run simulations exploring "what if" scenarios around climate change, as well as running simulations to identify optimal strategies to maximise climate change prevention metrics. For example, we have helped Apian optimise their drone delivery strategy, minimising the number of drones needed, reducing their carbon footprint. We also quantified their carbon saving against the current ground based delivery method.

  Tackling economic inequality

  Being a simulation platform, we can help run simulations exploring "what if" scenarios around economic inequality, as well as running simulations to identify optimal strategies to maximise income equality.

  Wellbeing

  Being a simulation platform, we can help run simulations exploring "what if" scenarios around wellbeing, as well as running simulations to identify optimal strategies to maximise wellbeing. This could take the form of simulating different configurations of industry or transport and predicting air pollution.

Pricing

• Price: £120 a licence a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@greenvertex.dev. Tell them what format you need. It will help if you say what assistive technology you use.