BRUHATI SOLUTIONS LTD

Bruhati offering of Software AG Cumulocity IoT Platform

Software AG Cumulocity IoT Platform gives fast visibility and control over your IoT assets. Cumulocity On-Premise or Cloud based service with library of APIs supports devices and software libraries to connect remote assets into the cloud. Device management, data visualization and remote control functionality allows rapid customisation with business rules.

Features

• IoT Device Management
• Visualisation and remote device control
• Software libraries
• Mobile networking support
• Device connectivity
• Customisation and APIs
• Realtime & predictive Analytics
• Smart Rules and Alerts
• Artificial Intelligence and Machine Learning
• LoRaWAN, Narrow Band IoT, 5G, LTE, Bluetooth support

Benefits

• Smart Hospitals Solutions
• Remote Refrigerator Monitoring
• Remote Air Quality Monitoring
• Remote Asset Monitoring & Tracking
• Smart Building Solutions
• Smart Cities Solutions
• Remote Space & People Monitoring
• Smart Farming Solutions
• Reduce costs, carbon emissions & energy utilisation
• Better the quality of life

£100 an instance

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@bruhati.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

957678500706381

Contact

Manuel Di Toma
07554871926
sales@bruhati.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Bruhati's offering of Software AG Cumulocity IoT is based on OSGi stack and Web standards and runs on MS-Azure, Amazon AWS and Alibaba Cloud IaaS.; ; Depending on the type of Operational SLAs required- Service Provider or Enterprise Editions are available for Customers.
• System requirements:
  • Software AG Cumulocity license
  • Apache Karaf as OSGI container for the core webservices,
  • Mongo DB as document oriented database
  • APAMA streaming analytics engine.
  • Kubernetes cluster for Microservice hosting

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response Times vary depending on the urgency/severity of the support required. The response time can be between 30 minutes to 2 working days. In case of Standard Cloud Hosted Enterprise Customers, support is provided Mon to Friday 9 am to 5pm. ; For Cumulocity On Premise or High Value Govt Customers , the Response Times can be uplifted after performing feasibility study and pricing per mutual agreement e.g. 24*7
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Ensured the keyboard is accessible and text-to-speech is reader-friendly. We’ve made all the default colour settings WCAG 2.1 AA compliant by default.
• Onsite support: Yes, at extra cost
• Support levels: With standard support offerings, we provide 4 Support levels termed as Critical Priority, High Priority, Medium Priority and Low Priority - all of which have target response times detailed in the SLA. Standard Support comes with the product for a standard fee. ; ; For Cumulocity in the Cloud, ; SLA 1 : Critical Incidents, Initial Response Goal : 4 Business Hours, ; SLA 2 : Major Incidents, Initial Response Goal : 2 Business Days, ; SLA 3 : Minor Incidents : 2 Business Days. ; Support Available : 08:00 - 18:00 UK Time ; For more tailored support, clients can selects a Managed Service option whereby the SLA’s and response times are configured in accordance with their requests. This service can include aspects such as Technical Account Manager, Capacity Management and any other service the client might want to add. The fee for the managed service is determined by the service required.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: https://cumulocity.com/training/ ; Module 1- Basics of the Internet of Things and Cumulocity ; Module 2- Cumulocity IoT Platform Power User ; Module 3- Cumulocity Developer ; Module 4- Internet of Things Challenges and Cumulocity Solutions ; Module 5- Cumulocity Operations
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: For Public Cloud Hosting in AWS (or equivalent) Access to the Cumulocity Hosting Services will be removed upon termination of the Agreement. ; Customer will be able to download a final backup of their Data within 90 days’ after termination of the Agreement (the “Exit Period”). ; After the Exit Period, the Customer's environment/tenant and Data will be deleted following industry-standard practices.
• End-of-contract process: At end of contract - customer typically decide to continue with the service. The date for end of the Contract will be based on sufficient notice by providing notification from either party and the procedure will be by mutual consent and as documented. Due to the specific needs of Govt organisations, this end-of-contract activity will be documented mutually at the time of drafting the Contract so that there is accountability on both sides for completing tasks and progressing towards graceful closure of the Contract including extraction of Data owned by the Customer. The commercials for this part of the Contract will have to be pre agreed prior to commencement of the project.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Cumulocity Supports HTML5, rendering done by Browser "Cumulocity visualises your sensor data centrally and graphically through its modern web user interface. The user interface automatically adapts itself to the devices you connect, no configuration required. Being responsive, it also adapts itself to the web browser that you use. For example, if you use a mobile phone or tablet with limited screen size, it will change user interface controls to use less screen estate."
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Cumulocity exposes its complete functionality through programming interfaces (APIs). This means that all of Cumulocity’s functionality is available to use in different contexts outside of what Cumulocity directly provides – in your own applications, in your own devices. In contrast to many other M2M and IoT platforms, Cumulocity uses the same APIs and the same interface technology for all use cases. As a consequence, you have a wider range of choices in putting intelligence into your IoT devices, depending on how powerful they are. You also have to use only one set of APIs and one technology to build a complete solution from device to application on your own. ; ; Cumulocity uses HTTP and REST which is today the most widely used interfacing technology and which works on any Internet-connected device ranging from small embedded microcontrollers up to desktop PCs. The secure variant, HTTPS, is used for the most security; critical applications and will give you the best possible security. The plugin concept of Cumulocity enables you to write new user interface functionality that will seamlessly extend the existing Cumulocity application http://cumulocity.com/guides/reference/rest-implementation/ ; In addition, a Microservice API is providedfor developing and deploying Microservices to Cumulocity IoT.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Cumulocity is based on W3C Web Standards and supports Open Source. Cumulocity allows extensibility of the IoT Device management functionality through implementing customised Microervices. ; The Web user Interface can be customised using widgets and HTML5, Angular Java Script. ; The Cumulocity functionality already provides a wide range of device management, visualisation and control options. ; Furthermore it produces custom visualisation, new control widgets and custom business logic. ; Cumulocity has extensive customisation options, for example: ; *Write alarm rules to reprioritize or suppress alarms and to define your SLA parameters. ; *Use real-time to implement real-time business rules.For example, get an email when critical events happen, or trigger automated actions on devices in that case. ; *Set up a graphical dashboard with your most important KPIs. ; * Subscribe to plugins that contribute new functionality to the Cumulocity application

Scaling

• Independence of resources: Most relevant Cumulocity scaling variables are: ; Transaction per seconds ; Less relevant: “Aways-on” (device push) concurrently connected devices Number and complexity of CEP rules ; Even less relevant: Number of tenants (unless < few hundreds) Number of devices Number of users ; ; Cumulocity Scales horizontally by instantiating more nodes High-Availability uses load balancer and NoSQL features All external traffic inbound terminates on Load balancer, Client affinity required Cumulocity Application Tier is mostly stateless. Database Tier uses sharding where the Sharding is based on device id.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics types http://status.cumulocity.com/ ; Cumulocity API Response ; Cumulocity MQTT Response
• Reporting types:
  • API access
  • Real-time dashboards

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Software AG

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: Cumulocity from Software AG is a telcom grade / service provider IoT platform and has been designed, developed and deployed following Industry Best practices and Supplier-defined controls. As the requirements of Govt are Specific to each project, Software AG is happy to provide details upon request to meet compliance for bespoke solutions.
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: With Cumulocity's open REST API, data can be easily exported for data analysis or monitoring
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: Networking is outside of scope of Bruhati deliveries. Cumulocity is a telcom grade service provider IoT platform and has been designed, developed and deployed following Industry Best practices and Supplier-defined controls. As requirements of Govt are Specific to each project, Bruhati & Software AG are happy to provide details upon request to meet compliance to protect Data.; Bruhati & Software AG are a software engineering company and so secure networking requirements are to be designed and implemented by the Customer / Govt agencies to ensure protection to their standards, as networking is outside the scope of Bruhati & Software AG.
• Data protection within supplier network: Other
• Other protection within supplier network: Networking is outside of scope of Bruhati deliveries. Cumulocity is a telcom grade service provider IoT platform and has been designed, developed and deployed following Industry Best practices and Supplier-defined controls. As requirements of Govt are Specific to each project, Bruhati & Software AG are happy to provide details upon request to meet compliance to protect Data. Bruhati & Software AG are a software engineering company and so secure networking requirements are to be designed and implemented by the Customer / Govt agencies to ensure protection to their standards, as networking is outside the scope of Bruhati & Software AG.

Availability and resilience

• Guaranteed availability: Service Availability 99.90% based on Web Services availability measured over 5 minute intervals per calendar month (excluding standard scheduled maintenance). This excludes the Availability of the underlying Cloud /AWS Infrastructure Option for Users to be refunded may be feasible if a separate agreement had been exclusively drawn up mutually for a Bespoke Uplifted Service. This is when the Cumulocity IoT platform - could not meet the mutually agreed guaranteed levels of availability of Cumulocity software due to unforeseen circumstances.
• Approach to resilience: Cumulocity runs on AWS, Azure and Alibaba as cloud providers. Cumulocity IoT installs only on virtual machines, Cumulocity support VMWare and OpenStack and the service is designed to be resilient. More details available on request. Cumulocity can be deployed with bespoke High Availability architectures and Geographic Resiliency- as required for specific projects by Govt Customers
• Outage reporting: Service report ( outages) ; * Planned outages for maintenance are informed in advance to Customers. Operational Details of day-to-day running status of Cumulocity is published on the web / public dashboard - http://status.cumulocity.com/

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Authentication is required and is implemented access cloud accounts and account activities are logged using AWS Cloud Trail services. In addition, the cloud product permits the configuration of a connection to customer's Single Sign On Services through an Identity Federation Capability via SAML2. In addition, the AWS Identity and Access Management (IAM) service provides identity federation to the AWS Management Console. Multi-factor authentication is an optional feature that a customer can utilize. A certification based authentication is not required.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Bruhati has IASME Governance
  • Software AG ISO/IEC 27001:2013, ISO/IEC 27017:2015, and ISO/IEC 27018:2019
  • Software AG Complies with SOC 2 standards

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Software AG Security testing and policies, ; (SOC) Type II, independent third-party auditor certification,; AICPA Trust Services,; Implement and maintain a standards based ISMS, ; Comply with (IaaS) provider, ; Amazon Web Services security policy,; Cloud Security Alliance (CSA),; CSA Consensus Assessment Initiative Questionnaire (CAIQ),; Security testing type,; Penetration testing,; IT Health Checks,; Risk analysis; Cumulocity ensures that Customer data stays confidential and cannot be; tampered with through an end-to-end implementation of HTTPS from devices to applications. It uses up-to-date encryption technology that has been independently rated "A" by SSLlabs (https://www.ssllabs.com/). Any communication with Cumulocity is subject to individual authentication and authorization All functionality of Cumulocity is coherently implemented with the same set of publicly documented, sessionless REST APIs. This means that none of the popular "session stealing" techniques will work with Cumulocity. To capture security-relevant events, Cumulocity offers an auditing interface which enables applications and agents to write audit logs, which are persistently stored and cannot be externally modified after being written. Cumulocity also writes own audit records related to login and device control operations.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Cumulocity is a telco grade IoT platform and has been designed, developed and deployed following Industry Best practices and Supplier-defined controls. As the requirements of Govt are Specific to each project, Bruhati & Software AG is happy to provide details upon request to meet compliance.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: As part of the Software AG Cloud Information Security Program and in compliance with the Technical Vulnerability Management Policy, we have developed a high-level Vulnerability Management process which aims to outline the main activities performed related to identification, evaluation, remediation and prevention of system vulnerabilities. Further details available upon request from the Software AG Cloud Security Operations team.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Software AG supplier-defined controls have been used for protective monitoring processes. These include the required procedures to address protective monitoring. Cumulocity is a telco grade IoT platform and has been designed, developed and deployed following Industry Best practices and Supplier-defined controls. As the requirements of Govt are Specific to each project, Bruhati & Software AG are happy to provide details upon request to meet compliance.
• Incident management type: Supplier-defined controls
• Incident management approach: All Cloud Products are covered by Bruhati's & Software AG's Standard Support Agreement. Bruhati raises support issues through Software AG’s customer service portal, Empower, which is available 24x7. Three levels of support are available, with standard support offering 24x7 access to the support portal, 9 to 5 telephone support for standard and critical incidents and 24x7 support service for crisis incidents.; ; As the requirements of Govt are Specific to each project, Bruhati & Software AG are happy to provide details upon request to meet compliance for bespoke projects for Incident Management.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Bruhati Solutions Ltd recognises that it has a responsibility to the environment beyond legal and regulatory requirements. We are committed to reducing our environmental impact and continually improving our environmental performance as an integral part of our business strategy and operating methods. We endeavour to: • Comply with all relevant regulatory requirements. • Continually improve and monitor environmental performance. • Continually improve and reduce environmental impacts. • Incorporate environmental factors into business decisions. • Increase employee awareness and training.
• Covid-19 recovery:

  Covid-19 recovery

  It’s critical that we make it possible for our clients to continue operations and help respond to the unique demands that are being faced during these times. Bruhati has been doing the mission-critical work that keeps every organisation – especially those in the public sector – operational and successful. During these challenging times, you can count on Bruhati to support your organisation. Everyone’s health and welfare are a priority, as most Bruhati employees are working from home. We have extensive online collaboration capabilities to help ensure business continuity and we’re working tirelessly to help everyone stay safe while at the same time continuing to serve our clients. Bruhati aims to: ● Create employment, re-training and other return to work opportunities for those left unemployed by COVID-19, particularly new opportunities in high growth sectors. ● Support organisations and businesses to manage and recover from the impacts of COVID-19, including where new ways of working are needed to deliver services. ● Support the physical and mental health of people affected by COVID-19, including reducing the demand on health and care services.
• Tackling economic inequality:

  Tackling economic inequality

  Social purpose is a priority for Bruhati, from creating new businesses and new employment opportunities, to improving education and training, Bruhati is committed to tackling economic inequality at root. Our overriding vision is to help lower the unequal distribution of income and opportunity between different groups in society. ● Create employment and training opportunities, particularly for people in industries with known skills shortages or in high growth sectors. ● Support educational attainment relevant to the contract, including training schemes that address skills gaps and result in recognised qualifications. ● Influence staff, suppliers, customers and communities through the delivery of the contract to support employment and skills opportunities in high growth sectors.
• Equal opportunity:

  Equal opportunity

  Bruhati Solutions Ltd recognises that discrimination and victimisation is unacceptable and that it is in the interests of Bruhati and its employees to utilise the skills of the total workforce. It is the aim of Bruhati to ensure that no employee or job applicant receives less favourable facilities or treatment (either directly or indirectly) in recruitment or employment on grounds of age, disability, gender / gender reassignment, marriage / civil partnership, pregnancy / maternity, race, religion or belief, sex, or sexual orientation (the protected characteristics). Our aim is that our workforce will be truly representative of all sections of society and each employee feels respected and able to give of their best. We oppose all forms of unlawful and unfair discrimination or victimisation. To that end the purpose of the Bruhati policy is to provide equality and fairness for all in our employment. All employees, whether part-time, full-time or temporary, will be treated fairly and with respect. Selection for employment, promotion, training or any other benefit will be on the basis of aptitude and ability. All employees will be helped and encouraged to develop their full potential and the talents and resources of the workforce will be fully utilised to maximise the efficiency of the organisation. Our staff will not discriminate directly or indirectly, or harass customers or clients because of age, disability, gender reassignment, pregnancy and maternity, race, religion or belief, sex, and sexual orientation in the provision of Bruhati’s goods and services. All employment policies and arrangements have a bearing on equality of opportunity. Bruhati policies are reviewed regularly.
• Wellbeing:

  Wellbeing

  Bruhati Solutions Ltd is committed to the protection and promotion of the mental health and wellbeing of all staff to provide a working environment that promotes and supports the mental health and wellbeing of all employees. Bruhati shall continuously strive to improve the mental health environment and culture of the organisation by identifying, eliminating, or minimising all harmful processes, procedures and behaviours that may cause psychological harm or illness to its employees. Bruhati shall promote mental health throughout the organisation by establishing and maintaining processes that enhance mental health and wellbeing. Bruhati aims to: ● Reduce discrimination and stigma by increasing awareness and understanding. ● Complete an employee survey to identify mental health needs. ● Give employees information on and increase their awareness of mental wellbeing. ● Include information about the mental health policy in the staff induction programme. ● Provide opportunities for employees to look after their mental wellbeing, for example through physical activity, stress reducing activities and social events. ● Provide systems that encourage predictable working hours, reasonable workloads and flexible working practices where appropriate. ● Ensure all staff have clearly defined job descriptions, objectives and responsibilities and provide them with good management support, appropriate training and adequate resources to do their job. ● Manage conflict effectively and ensure the workplace is free from bullying and harassment, discrimination and racism. ● Establish good two-way communication to ensure staff involvement, particularly during periods of organisational change. ● Ensure that employees have a clearly defined role within the organisation and a sense of control over the way their work is organised. ● Ensure that job design is appropriate to the individual, with relevant training, supervision and support provided as required. ● Ensure a physical environment that is supportive of mental health and wellbeing.

Pricing

• Price: £100 an instance
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A free trial offering full functionality for testing is available for a period of 30 days
• Link to free trial: https://signup.softwareag.cloud/#/?product=cumulocity

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@bruhati.com. Tell them what format you need. It will help if you say what assistive technology you use.