Skip to content

Commit

Permalink
🔧 Switch to headings
Browse files Browse the repository at this point in the history
  • Loading branch information
@jemrobinson
jemrobinson committed Aug 10, 2023
1 parent d2a0f68 commit a56c3ef
Show file tree
Hide file tree
Showing 4 changed files with 155 additions and 55 deletions.
52 changes: 39 additions & 13 deletions docs/source/pillars/computing_technology.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,9 @@ The required compute resources will vary according to the scale of data and comp

The ability of the TRE operator to provide and manage devices, workspaces, interfaces and applications used by researchers to interact with underlying systems and data.

**End user computing interfaces:** This group of {term}`application components <application component>` is a collection of systems and software that allows people to interact with the TRE.
### End user computing interfaces

This group of {term}`application components <application component>` is a collection of systems and software that allows people to interact with the TRE.
This may include desktop, command-line and/or code-submission interfaces.

```{list-table}
Expand Down Expand Up @@ -51,7 +53,9 @@ This may include desktop, command-line and/or code-submission interfaces.
- Optional
```

**Software tools:** This {term}`application component <application component>` is the tools used by researchers inside a TRE, such as programming languages, IDEs and desktop applications.
### Software tools

This {term}`application component <application component>` is the tools used by researchers inside a TRE, such as programming languages, IDEs and desktop applications.

```{list-table}
:header-rows: 1
Expand Down Expand Up @@ -93,7 +97,9 @@ This may include desktop, command-line and/or code-submission interfaces.
- Mandatory
```

**Code Version Control System:** This {term}`application component <application component>` is the systems and tools providing version control and collaboration features for code developed inside the TRE.
### Code Version Control System

This {term}`application component <application component>` is the systems and tools providing version control and collaboration features for code developed inside the TRE.

```{list-table}
:header-rows: 1
Expand All @@ -110,7 +116,9 @@ This may include desktop, command-line and/or code-submission interfaces.
- Recommended
```

**Artefact Management Application:** This {term}`application component <application component>` is a service that manages and organises third-party software artefacts such as packaged code libraries or containers.
### Artefact Management Application

This {term}`application component <application component>` is a service that manages and organises third-party software artefacts such as packaged code libraries or containers.

```{list-table}
:header-rows: 1
Expand All @@ -131,7 +139,9 @@ This may include desktop, command-line and/or code-submission interfaces.
- Optional
```

**Advanced or Cluster Computing System:** This {term}`application component <application component>` involves the use of advanced, powerful computer resources to solve complex problems and process large amounts of data, possibly using specialised hardware.
### Advanced or Cluster Computing System

This {term}`application component <application component>` involves the use of advanced, powerful computer resources to solve complex problems and process large amounts of data, possibly using specialised hardware.

```{list-table}
:header-rows: 1
Expand Down Expand Up @@ -174,7 +184,9 @@ This may include desktop, command-line and/or code-submission interfaces.

The ability of the TRE operator to deploy, change or remove physical or virtual infrastructure.

**Infrastructure Deployment Process:** This {term}`business process <business process>` involves setting up and configuring infrastructure components and resources to support applications or services.
### Infrastructure Deployment Process

This {term}`business process <business process>` involves setting up and configuring infrastructure components and resources to support applications or services.
This requires development, installation, configuration, and validation.

```{list-table}
Expand Down Expand Up @@ -209,7 +221,9 @@ This requires development, installation, configuration, and validation.
- Recommended
```

**Infrastructure Removal Process:** This {term}`business process <business process>` involves retiring or removing infrastructure assets that are no longer needed or outdated, ensuring proper data handling and disposal.
### Infrastructure Removal Process

This {term}`business process <business process>` involves retiring or removing infrastructure assets that are no longer needed or outdated, ensuring proper data handling and disposal.

```{list-table}
:header-rows: 1
Expand All @@ -225,7 +239,9 @@ This requires development, installation, configuration, and validation.
- Mandatory
```

**Availability Management Process:** This {term}`business process <business process>` involves ensuring all IT infrastructure meets the agreed levels of availability.
### Availability Management Process

This {term}`business process <business process>` involves ensuring all IT infrastructure meets the agreed levels of availability.

```{list-table}
:header-rows: 1
Expand All @@ -246,7 +262,9 @@ This requires development, installation, configuration, and validation.
- Recommended
```

**Network Management Application:** This {term}`application component <application component>` is an application used to manage network infrastructure, ensuring proper functioning, security, and performance.
### Network Management Application

This {term}`application component <application component>` is an application used to manage network infrastructure, ensuring proper functioning, security, and performance.

```{list-table}
:header-rows: 1
Expand Down Expand Up @@ -275,7 +293,9 @@ This requires development, installation, configuration, and validation.
- Mandatory
```

**Infrastructure analytics application:** This {term}`application component <application component>` is an application which enables the TRE operator to record and analyse data about the usage of the TRE.
### Infrastructure analytics application

This {term}`application component <application component>` is an application which enables the TRE operator to record and analyse data about the usage of the TRE.

```{list-table}
:header-rows: 1
Expand All @@ -301,7 +321,9 @@ This requires development, installation, configuration, and validation.

## Capacity management

**Capacity Planning Process:** This {term}`business process <business process>` involves forecasting and determining the resources required to meet the demands of an application or system, ensuring that adequate resources are available when needed.
### Capacity Planning Process

This {term}`business process <business process>` involves forecasting and determining the resources required to meet the demands of an application or system, ensuring that adequate resources are available when needed.

```{list-table}
:header-rows: 1
Expand All @@ -327,7 +349,9 @@ This requires development, installation, configuration, and validation.
- Mandatory
```

**Billing Process:** This {term}`business process <business process>` involves generating and managing invoices and bills for projects within the TRE.
### Billing Process

This {term}`business process <business process>` involves generating and managing invoices and bills for projects within the TRE.
It involves calculation, issuance, and recording of payments and receipts.

```{list-table}
Expand All @@ -347,7 +371,9 @@ It involves calculation, issuance, and recording of payments and receipts.

## Configuration management

**Configuration Management Process:** This {term}`business process <business process>` involves the TRE operator identifying, maintaining, and verifying information on IT assets and configurations in the TRE organisation.
### Configuration Management Process

This {term}`business process <business process>` involves the TRE operator identifying, maintaining, and verifying information on IT assets and configurations in the TRE organisation.

```{list-table}
:header-rows: 1
Expand Down
26 changes: 17 additions & 9 deletions docs/source/pillars/data_management.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ SATRE Pillars Capability Map

## Data lifecycle management

_The ability of the TRE operator to manage how and where data is stored, how it moves, changes and is removed._
The ability of the TRE operator to manage how and where data is stored, how it moves, changes and is removed.

```{list-table}
:header-rows: 1
Expand Down Expand Up @@ -83,7 +83,7 @@ _The ability of the TRE operator to manage how and where data is stored, how it

## Identity and access management

_The ability of the TRE operator to ensure the right people (identities) can only access the tools and data they need._
The ability of the TRE operator to ensure the right people (identities) can only access the tools and data they need.

```{list-table}
:header-rows: 1
Expand Down Expand Up @@ -127,7 +127,7 @@ _The ability of the TRE operator to ensure the right people (identities) can onl

## Output management

_The ability of the TRE operator to ensure outputs are safely published and shared._
The ability of the TRE operator to ensure outputs are safely published and shared.

```{list-table}
:header-rows: 1
Expand Down Expand Up @@ -155,7 +155,7 @@ _The ability of the TRE operator to ensure outputs are safely published and shar

## Information search and discovery

_The ability to query and browse the data within an environment at various levels of abstraction._
The ability to query and browse the data within an environment at various levels of abstraction.

```{list-table}
:header-rows: 1
Expand All @@ -176,7 +176,7 @@ _The ability to query and browse the data within an environment at various level

## Information security

_This capability relates to the ability of the TRE operator to protect against the unauthorised use of information, especially electronic data._
The ability of the TRE operator to protect against the unauthorised use of information, especially electronic data.

Measures taken to ensure information security can be further categorised into:

Expand All @@ -190,7 +190,9 @@ These measures include vulnerability management of TRE infrastructure (whether p

(vulnerability-management)=

**Vulnerability Management:** The ability of the TRE operator to identify, assess, report on, manage and remediate technical vulnerabilities across endpoints, workloads, and systems.
### Vulnerability Management

The ability of the TRE operator to identify, assess, report on, manage and remediate technical vulnerabilities across endpoints, workloads, and systems.

```{list-table}
:header-rows: 1
Expand Down Expand Up @@ -223,7 +225,9 @@ These measures include vulnerability management of TRE infrastructure (whether p

(security-testing)=

**Security testing:** Security testing enables the TRE operator to gain assurance in the security of a TRE by testing or attempting to breach some or all of that system's security.
### Security testing

Security testing enables the TRE operator to gain assurance in the security of a TRE by testing or attempting to breach some or all of that system's security.

```{list-table}
:header-rows: 1
Expand Down Expand Up @@ -257,7 +261,9 @@ These measures include vulnerability management of TRE infrastructure (whether p

(encryption)=

**Encryption:** The ability of the TRE operator to deploy and manage encryption to protect information assets, including data for TRE research projects.
### Encryption

The ability of the TRE operator to deploy and manage encryption to protect information assets, including data for TRE research projects.

Here we define 'project' data as the data brought in for work which is very likely to be sensitive and 'user' data, as the working files of a project which might hold copies of all or part of the project data or otherwise reveal sensitive data (_e.g._ through hard coded row/column names).

Expand Down Expand Up @@ -297,7 +303,9 @@ Here we define 'project' data as the data brought in for work which is very like

(physical-security)=

**Physical security:** The ability of the TRE operator to manage and protect physical assets from unauthorised access, damage or destruction.
### Physical security

The ability of the TRE operator to manage and protect physical assets from unauthorised access, damage or destruction.

Physical security controls can provide TREs using highly sensitive data an extra layer of security, even if technical controls are already in place for less sensitive data:

Expand Down
Loading

0 comments on commit a56c3ef

Please # to comment.