Custom Data Management & Automation Web Platform

Project Context:

This platform [Web] shall facilitate the help to researchers, lab technicians, and scientists manage and
automate their workflows, from designing projects to analyzing data in real time. The platform will
provide the real-time data visualization, track project progress, and automatically generate reports. The
platform shall be MVP in this phase of development. There shall be no revenue model & payment
gateway and lab machine integration as of now in this phase of development.

Scope of Work:

To manage the full development of the requirements, Brainium defines the following key activities for
Web Platform & Admin Panel:

Deliverable:

Sr. No. Items

1 Design of the Web application.

2 Development of the Web application.

3 Delivery & Deployment of the Web application in the Live server.

User Roles:

Type of User User Details Platform Access

Organization as a User; Shall register on the portal and access

Organization as a
the platform as well as manage the Staff/Team as per the Web Platform
User
scope applicable.

Staff/Team of
Staff/Team of Organization as a User; Shall access the
Organization as a Web Platform
platform as per the scope applicable.
User

Super Admin as a Super Admin is the one who owns the full control on the
Web Admin Panel
User platform and can manage the users & data.

Feature List Organization Oriented Features

Description of Features
User shall have option to register themselves on the platform. Registration
Registration/Signup screen/form shall have the fields like "first name, last name, email, profile photo,
mobile number, password, confirm password"
User shall have option to Login into application using the registered Email ID &
Password. (Forget Password: User shall have option to reset password using the
verification link; provided on the registered email id.)
Login
1 - Login with Email & Password
2 - Reset Password
 User shall have option to Profile Setting /Account Management as below:

Profile Setting 1 - Manage profile/account details (Such as; Profile Photo, First Name, Last Name,
/Account Phone & Email, Address/Location)
Management 2 - Reset the phone number
3 - Delete Account
4 - Logout
1 - Shall have navigations to; Create Experiments, Tracking, Instruments,
Home Visualize Data, ELN Reports & History
Page/Dashboard 2 - Profile Icon
3 - Logout Icon

Organization as a User shall have options to:

A - Manage Staff/Team
1 - Can View Staff/Team list as Created; Table with Action
(View/Active/Inactive/Delete);
1.1 - Can filter the list based on; Location, Date & Date Range, Keywords,
Department
1.2 - Can sort the list based on Latest & Oldest
1.3 - Can view particular Staff/Team in detail (Profile Data, Experiments Created,
Reports)
Manage Staff/Team 2 - Active/Inactive the Staff/Team
& Department 3 - Delete the Staff/Team
4 - Create/Update the Staff/Team
4.1 - Name, Department, Role, Email, Phone, DoB/Age, Location
4.2 - User Access Type: View Only, Can Edit
4.3 - Create password
4.4 - Publish the Staff/Team (Shall get the email to login)

B - Manage Department
1 - Can view/create/update/delete the Department (Name)
2 - Can view the list of Staff/Team under each department
3 - Assign Experiments (Optional)

1 - Add Overview; ID, Title, Objective, Notes & Remarks

2 - Set-up: Number of Configurations, Vessel ID, Select Vessel Type, Select Media,
Select Cell Line, Select Instruments, Initial Culture Volume, Final Culture Volume,
Initial Seeding Density, Incubator Type, Agitation/Shaker Speed
3 - Can Schedule on calander
4 - Set preferred temperatures for your vessels and Data Visualisation Preferences
(Plot available data on preset graphs for Protien Production experiment -
Create Experiments checkbox)
4.1 - Preferences for bioreactor & conditions
4.1.1 - Set points for condition (pH, DO, etc)
4.1.2 - Mention of chemicals (base, antifoam)
4.1.3 - Set point maintenance
4.1.4 - PID setups (proportional integral derivatives) – (Manual - no calculations
required)
Note: Pop-up shall come up to feed the value
5 - Assign Staff/Team (Optional)
Replicate 1 - Can view the list of Experiments created
Experiments 2 - Can select & replicate the selected Experiments
1 - Can view the list of Experiments created with calendar view
2 - Can select & view any partiular Experiment
2.1 - Can view Predictions and Suggestions based on the previous data (if any)
Tracking
2.2 - Can customize workflow (Reschedule/Update Schedule)
2.3 - Can view the Gantt Chart of available data
2.4 - Can add additional information
 1 - Can view the list of Instruments created
Instruments 2 - Can create/update the instrument; Name, Image, Description
Note: In this phase it shall be infromational only and no integration.

This shall help to visualize data in the form of Charts & Graphs
1 - Can view the list of Experiments created
2 - Can select & view any partiular Experiment
2.1 - Can view different Charts & Graphs
2.2 - Can select any Charts & Graphs
Visualize Data 2.2.1 - Can view dimensions and update; the Charts & Graphs shall be updated
accordingly
2.2.2 - Title, Mark Type (Bar, Line, Area etc.), X Axis Title, X Field, X Type
(Nominal, Ordinal, Temoral, Quantitative), Y Axis Title, Y Field, Y Type (Nominal,
Ordinal, Temoral, Quantitative), Tooltip 1 Field, Tooltip 2 Field, Tooltip 3 Field,
Tooltip 4 Field, Tooltip 5 Field, Tooltip 6 Field, Tooltip 7 Field, Tooltip 8 Field
3 - Reflect on experiment summary as a separate bioreactor table

Can view the Auto-generated Reports for each experiment including: Experiment
ID, Experiment Chain, Started By, Team, Department, Start Date, End Date,
ELN Reports
Experiment Title, Experiment Objective, Observations, Raw Data (Tables), Graphs
and Plots, Conclusion
1 - Can view the list of past Experiments
History 2 - Can select & view any particular Experiment
2.1 -Can view the reports

Feature List Staff/Team Oriented Features

Description of Features
User shall have option to Login into application using the registered Email ID &
Password. (Forget Password: User shall have option to reset password using the
verification link; provided on the registered email id.)
Login
1 - Login with Email & Password
2 - Reset Password
User shall have option to Profile Setting /Account Management as below:
Profile Setting
/Account 1 - Manage (view only) profile/account details (Such as; Profile Photo, First Name,
Management Last Name, Phone & Email, Address/Location, Department)
2 - Logout
1 - Shall have navigations to; Create Experiments, Tracking, Instruments,
Home Visualize Data, ELN Reports & History
Page/Dashboard 2 - Profile Icon
3 - Logout Icon

1 - Add Overview; ID, Title, Objective, Notes & Remarks

2 - Set-up: Number of Configurations, Vessel ID, Select Vessel Type, Select Media,
Select Cell Line, Select Instruments, Initial Culture Volume, Final Culture Volume,
Initial Seeding Density, Incubator Type, Agitation/Shaker Speed
3 - Can Schedule on calander
4 - Set preferred temperatures for your vessels and Data Visualisation Preferences
(Plot available data on preset graphs for Protien Production experiment -
Create
checkbox)
Experiments
4.1 - Preferences for bioreactor & conditions
4.1.1 - Set points for condition (pH, DO, etc)
4.1.2 - Mention of chemicals (base, antifoam)
4.1.3 - Set point maintenance
4.1.4 - PID setups (proportional integral derivatives) – (Manual - no calculations
required)
Note: Pop-up shall come up to feed the value

Tracking 1 - Can view the list of Experiments created with calendar view
 2 - Can select & view any partiular Experiment
2.1 - Can view Predictions and Suggestions based on the previous data (if any)
2.2 - Can customize workflow (Reschedule/Update Schedule)
2.3 - Can view the Gantt Chart of available data
2.4 - Can add additional information
1 - Can view the list of Instruments created
Instruments 2 - Can create/update the instrument; Name, Image, Description
Note: In this phase it shall be infromational only and no integration.

This shall help to visualize data in the form of Charts & Graphs
1 - Can view the list of Experiments created
2 - Can select & view any partiular Experiment
2.1 - Can view different Charts & Graphs
2.2 - Can select any Charts & Graphs
Visualize Data 2.2.1 - Can view dimensions and update; the Charts & Graphs shall be updated
accordingly
2.2.2 - Title, Mark Type (Bar, Line, Area etc.), X Axis Title, X Field, X Type
(Nominal, Ordinal, Temoral, Quantitative), Y Axis Title, Y Field, Y Type (Nominal,
Ordinal, Temoral, Quantitative), Tooltip 1 Field, Tooltip 2 Field, Tooltip 3 Field,
Tooltip 4 Field, Tooltip 5 Field, Tooltip 6 Field, Tooltip 7 Field, Tooltip 8 Field
3 - Reflect on experiment summary as a separate bioreactor table

Can view the Auto-generated Reports for each experiment including: Experiment
ID, Experiment Chain, Started By, Team, Department, Start Date, End Date,
ELN Reports
Experiment Title, Experiment Objective, Observations, Raw Data (Tables), Graphs
and Plots, Conclusion

1 - Can view the list of past Experiments

History 2 - Can select & view any particular Experiment
2.1 -Can view the reports

Super Admin
Feature List Oriented Features of Features
Description
Super Admin shall have option to Login into admin panel using the registered Email
Login ID & Password. (Admin shall have option to reset password using the OTP/Link;
provided on the registered email ID.)

The dashboard shall have different Navigations to Organization (Customer)

Management, Account/Profile and Notifications.
Dashboard
> Dashboard shall have Analytics and other related information:
1 - New Customer Registration (Daily/Weekly/Monthly/Yearly)

Super 1 - Update email id

Admin/Account 2 - Reset password
Setting 3 - Logout

Super Admin shall have options to:

1 - Can View Customer list as registered; Created Table with Action

User/Customer (View/Active/Inactive/Delete);
(Organization) 1.1 - Can filter the list based on; Location, Date & Date Range, Keywords
Management 1.2 - Can sort the list based on Latest & Oldest
1.3 - Can view particular Customer in detail (Profile Data, Staff/Team)
2 - Active/Inactive the Customer
3 - Delete the Customer

> The Admin shall receive notifications for various actions performed such as:
Notification
1 - New Organization Registration
Technology Stack

1. Frontend:

 Framework: React.js (for a highly responsive, modular, and scalable frontend)

 Libraries:
 Material-UI or Ant Design for creating a modern and clean UI.
 D3.js or Chart.js for advanced data visualization (used for graphs and charts).

State Management: Redux (for handling complex data states such as managing experiments, tracking,
and visualizing data).

2. Backend:

 Framework: Node.js with Express or Python’s Django

 Django (Python) would be an alternative if Python is preferred for data-heavy operations.
 API: RESTful or GraphQL APIs to manage interactions between the front end and back end,
particularly useful for managing complex workflows like data management and experiment
tracking.

3. Database: PostgreSQL or MySQL: Both are relational databases well-suited for handling structured
data like experiment details, tracking history, and reports.

4. Data Visualization & Reporting:

 D3.js or Plotly for creating real-time, interactive data visualizations in charts and graphs.
 ELN Reports and data visualizations could be handled using a custom library integrated with the
backend.

5. Authentication & User Management:

 Auth0 or Firebase Authentication: To handle user registration, login, and role-based access (Admins,
Organization users, etc.).
 OAuth 2.0 for secure authentication across the web and mobile interfaces.

6. Cloud Hosting & Infrastructure:

 AWS or Azure: These platforms offer scalability, security, and a wide range of services (RDS for
databases, Lambda for serverless functions, S3 for storage, and EC2 for hosting).
 Docker and Kubernetes: For containerization and orchestration, ensuring the platform can scale
efficiently.

7. Data Analytics & Tracking:

 Google Analytics for tracking user behavior and generating insights on the platform's usage.
 Custom analytics using Elastic Stack (ELK) for deeper insights into data generated through
experiments and workflows.

8. Real-time Data & Event Management: Socket.io (for Node.js) or WebSockets for real-time data
updates in workflows, tracking progress, and providing notifications.

9. Security & Compliance:

 OAuth 2.0 for user authorization.

 SSL/TLS for secure communication.
 GDPR Compliance: Ensuring the platform adheres to data privacy regulations.

11 .Version Control & Project Management: Git with GitHub or GitLab for version control.
Data Security & Encryption

 Layered architecture – application server will be separate from DB server. Only application server
will have access to the DB server. Access restricted by IP.

 Encryption in Transit - To ensure the security and integrity of data transmitted between the
frontend (web application) and backend services, we will implement the following measures:

SSL/TLS Encryption: All network communications will be secured using SSL/TLS protocols (version
1.2 or higher). This encryption will safeguard the data exchanged between web clients, mobile
applications, and backend servers, ensuring that it remains confidential and protected from
unauthorized interception.

End-to-End Encryption: For highly sensitive data, such as experiment results, end-to-end
encryption will be applied. This ensures that the data remains encrypted throughout the entire
transmission process, and only the designated recipient, such as specific labs or authorized staff,
will be able to decrypt and access the information. This measure guarantees that sensitive
communications are not vulnerable to tampering or interception at any point in their journey.

 Ensuring protection from vulnerabilities like XSS, XSRF, SQL Injection, Data Disclosures.

 Keeping all softwares updated. This is very important.

 Access control - another very important and the premise of any security implementation. Server
and DB access should be kept with utmost secrecy. If someone unauthorised gains access to the DB
and Codes then whatever encryption implemented will fail. The person can get access to the DB,
Encryption keys and the Encryption algorithms.

 Encryption of data stored

The raw data or one organisation’s data will not be retrievable by other organisation or super-admin.

 The data kept will be tagged with the organisation’s id (auto generated by the system).
 Additionally the data will be encrypted using an Encryption key that is also auto-generated per
organization and stored in the system. This key cannot be viewed by anyone through the
website/admin portal.
 The organization’s admin will be able to give permissions as to which data can be viewed by
which sub-admin/user of the system (for example who can view the Users, who can view the
experiments results etc)
 Once a user logs in, the system identifies which organisation the user belongs to from the user’s
details stored in DB.
 After determining the organisation, the system will check what permissions this user has.
 Once that is determined it will store/fetch data and encrypt/decrypt the data using the
Encryption key of the organisation.

Now suppose user of one organisation gets access to data of another organisation, they will not
be able to do anything unless they get access to the encryption key of the other organisation.
Even if an user gets access to raw data of the organisation, they will not be able to view the data
without the encryption key which will be stored in the system and separately from the DB.

 Key Rotation or Re-generation

This key can be re-generated by super admin if wished (re-generation can make the organisation’s
data unavailable for a while as all data will be re-encrypted using the new key. The duration of
unavailability will depend on the amount of data).
The key can be auto-changed also but the organisation admin will need to determine the time very
carefully as the organisations data will not be available when the data is re-encrypted. We can give
provisions in admin for setting the date and time of auto-rotation (say like 15 th of every month at
2:00 AM).

 Logging. All logins to the system, regeneration of keys, password resets can be logged. The server
inherently will log all URL accesses (date, IP)

 Realtime monitoring – system can be setup to alert admin in case of multiple consequent login
 failure, multiple consequent 403 and 401 errors.

 Backup Security – All database backups and sensitive files will be encrypted using AES-256 to
ensure data protection, with regular testing conducted to verify that these encrypted backups can
be restored securely without compromising data integrity. The backups will contain the encrypted
data hence inherently secured. But once again the backup system access need to be protected.

One additional layer of security we can implement is password protect the backups. The super
admin can set the password. Please note – if the password is changed only new backups will be
protected with the new password. All old backups will need to be decrypted with the password with
which they were protected while creation.

 Authentication and Authorization - Role-Based Access Control (RBAC) will be strictly

implemented to limit access based on user roles, ensuring only authorized lab staff can decrypt and
view sensitive data, while higher-level roles like super admins or other labs will have no access to
this information.

Security Practices to be followed by users and admin and business owner

1 Gaining access to encryption key, encryption algorithm, data will be possible only if the user
gains access to server and DB. Which is why access control is very important.
2 Also the user’s of the system need to follow safety and security. Security of any particular
organisation can get compromised through Phishing links, user’s computer infected with
malicious softwares or viruses, malicious browser extensions.
3 Another thing needs mention is, for showing graphs and charts in the browser, the data will need
to be decrypted in the client end. And hence the data will be available to the user’s browser. If
there are malicious softwares in the user’s computer or browser then those data can be at risk of
getting stolen.