Category URS ref Feature
General requirements (G) URS-COR-G-001 Users have to login with a username and password
  URS-COR-G-003 Images can be added from multiple locations (root-directories)
  URS-COR-G-004 The software version can be consulted.
  URS-COR-G-005 End-users can notify Pathomation if there is an issue with the software
  URS-COR-G-106 The software must have a licensing scheme
  URS-COR-G-107 Provide support for HTTPS communication (in addition to HTTP)
  URS-COR-G-108 A webservice-based Application Programming Interface (API) is available
  URS-COR-G-2000 License management is handled online without (physical nor virtual) server access
  URS-COR-G-2001 A historical overview of license updates is available
  URS-COR-G-2002 Product owners are notified when the license expires
  URS-COR-G-2003 Images can reside on local (server-installed) hard disks
  URS-COR-G-2004 Images can reside on network-resources (unc path references)
  URS-COR-G-2005 Images can reside on S3-compliant storage (buckets)
  URS-COR-G-2006 Automatically link to external data sources without data duplication
  URS-COR-G-2007 Support email communication and arbitrary SMTP server configurations
File format Requirements (G) URS-COR-F-002 The software must support the “3DHistech” MRXS file format
  URS-COR-F-100 The software must support the “Hamamatsu NDPI ” file format
  URS-COR-F-101 The software must support the “Aperio LEICA SVS” file format
  URS-COR-F-102 The software must support the “Aperio LEICA SCN” file format
  URS-COR-F-103 The software must support the “Ventana Roche BIF (+TIFP)” file format
  URS-COR-F-104 The software must support the “Olympus VSI” file format
  URS-COR-F-105 The software must support the “Generic JPG ” file format
  URS-COR-F-200 The software must support the “Generic TIFF” file format
  URS-COR-F-201 The software must support the “Zeiss ZVI” file format
  URS-COR-F-202 The software must support the “Zeiss CZI” file format
  URS-COR-F-203 The software must support the “Nikon ND2” file format
  URS-COR-F-2000 Support the “Philips TIFF” file format
  URS-COR-F-2001 Support the “Ventana Roche BIF (-TIFP)” file format
  URS-COR-F-2002 Support the “Generic PNG” file format
  URS-COR-F-2003 Support the “Motic MDS” file format
  URS-COR-F-2004 Support the “Perkin Elmer QPTiff” file format
  URS-COR-F-2005 Support the (fluo) “3DHistech” MRXS file format
URS-COR-F-2006 Support the (fluo) “Hamamatsu NDPIS” file format
  URS-COR-F-2007 Support the (fluo) “Olympus VSI” file format
  URS-COR-F-2008 Support the (fluo) “Zeiss ZVI” file format
  URS-COR-F-2009 Support the (fluo) “Zeiss CZI” file format
  URS-COR-F-2010 Support the (fluo) “Nikon ND2” flle format
  URS-COR-F-2011 Support JPEG encoding
  URS-COR-F-2012 Support JPEG-2000 encoding
  URS-COR-F-2013 Support JPEG-XR encoding
  URS-COR-F-2014 Support lossless JPEG encoding
  URS-COR-F-2015 Support PNG encoding
On-slide graphical annotation requirements (A) URS-COR-N-2000 Support “native” MRXS annotations
  URS-COR-N-2001 Support “native” SVS annotations
  URS-COR-N-2002 Support “third party” Visiopharm MLD annotations
  URS-COR-N-2003 Support “third party” Indica Labs HALO ANNOTATION annotations
  URS-COR-N-2004 Support “third party” Definiens XML annotations
  URS-COR-N-2005 Support the creation and management of WKT-formatted annotations
  URS-COR-N-2006 Export annotations to WKT file format
  URS-COR-N-2007 Export annotations to CSV file format
  URS-COR-N-2008 Export annotations to MLD file format
  URS-COR-N-2009 Export annotations to ANNOTATION file format
  URS-COR-N-2010 Export annotations to (Aperio/Definiens) XML file format
Regulatory requirements (R) URS-COR-R-001 Data will be formatted to allow transfer to another system for long-term storage in a common portable format either during the life of the system or after the system is retired
  URS-COR-R-002 The system will contain detection mechanisms for invalid field entries, values out of range, and blank fields if entry is required
  URS-COR-R-003 It will be possible to provide regulatory agenties with both human-readable and electronic c opies of the records, including metadata. It will be possible to transfer data in a human readable format onto transportable media such as PDF, XML, SGML. The system must allow that the copying process produces copies that preserve the content and meaning of the records
  URS-COR-R-004 If it is important to system functionally that steps be performed in a specified order, the system will contain a mechanism to ensure that actions are performed in the correct sequence (in case of sequenced steps)
  URS-COR-R-005 The system will contain an automatically generated audit trail function for all process significant and GxP critical events and allow audit trails on tables and individual records
  URS-COR-R-006 The audit trail data will be read-only
  URS-COR-R-007 It will be impossible to disable the audit trail function
  URS-COR-R-008 The system will prevent the accidental or intentional modifications or deletion of audit trail files
  URS-COR-R-009 It will be possible to generate a report to view which data in the record has been modified
  URS-COR-R-010 A mechanism will be in place to detect and report any attempts of unauthorized use immediately to the customer
  URS-COR-R-011 The audit trail will record: user name, data and time (h/min/sec) of the event using local data and time of the host system, indication of the type of event: record creation/modification/deletion or approval, in case of modification/deletion: old value and new value, reason of change (if applicable)
  URS-COR-R-012 A specific link must be in place to trace the audit trail data to the associated electronic record(s) itself
  URS-COR-R-013 The system will not allow changes in date and time by the user
  URS-COR-R-014 The system date and time will be periodically checked and corrected. The system will support time synchronization
  URS-COR-R-015 The electronic audit trails will be readily available for review
  URS-COR-R-016 The system will be protected against unauthorized use
  URS-COR-R-017 Security will consist of at least two elements (e.g. login ID and password) in case of non-biometric security
  URS-COR-R-018 The system must enforce and automatic log-out after a defined period of no activity
  URS-COR-R-019 The system will allow the specification of different levels of access (e.g. user, administrator)
  URS-COR-R-020 The system will detect security violations and produce an alarm or warning message
  URS-COR-R-021 Controls will be in place to ensure that no two (2) individuals can have the same combination of identification code and password
  URS-COR-R-022 If a password is not issued privately (i.e. the password issuer knows the password), the user will immediately reset their password
Documentation requirements (D) URS-COR-D-001 A user guide (manual) is available
  URS-COR-D-100 User requirements are available
  URS-COR-D-101 Installation manual is available
  URS-COR-D-2001 Programming (API) documentation is available
URS-COR-R-002 The system will contain detection mechanisms for invalid field entries, values out of range, and blank fields if entry is required
URS-COR-R-003 It will be possible to provide regulatory agenties with both human-readable and electronic c opies of the records, including metadata. It will be possible to transfer data in a human readable format onto transportable media such as PDF, XML, SGML. The system must allow that the copying process produces copies that preserve the content and meaning of the records
URS-COR-R-004 If it is important to system functionally that steps be performed in a specified order, the system will contain a mechanism to ensure that actions are performed in the correct sequence (in case of sequenced steps)
URS-COR-R-005 The system will contain an automatically generated audit trail function for all process significant and GxP critical events and allow audit trails on tables and individual records
URS-COR-R-006 The audit trail data will be read-only
URS-COR-R-007 It will be impossible to disable the audit trail function
URS-COR-R-008 The system will prevent the accidental or intentional modifications or deletion of audit trail files
URS-COR-R-009 It will be possible to generate a report to view which data in the record has been modified
URS-COR-R-010 A mechanism will be in place to detect and report any attempts of unauthorized use immediately to the customer
URS-COR-R-011 The audit trail will record: user name, data and time (h/min/sec) of the event using local data and time of the host system, indication of the type of event: record creation/modification/deletion or approval, in case of modification/deletion: old value and new value, reason of change (if applicable)
URS-COR-R-012 A specific link must be in place to trace the audit trail data to the associated electronic record(s) itself
URS-COR-R-013 The system will not allow changes in date and time by the user
URS-COR-R-014 The system date and time will be periodically checked and corrected. The system will support time synchronization
URS-COR-R-015 The electronic audit trails will be readily available for review
URS-COR-R-016 The system will be protected against unauthorized use
URS-COR-R-017 Security will consist of at least two elements (e.g. login ID and password) in case of non-biometric security
URS-COR-R-018 The system must enforce and automatic log-out after a defined period of no activity
URS-COR-R-019 The system will allow the specification of different levels of access (e.g. user, administrator)
URS-COR-R-020 The system will detect security violations and produce an alarm or warning message
URS-COR-R-021 Controls will be in place to ensure that no two (2) individuals can have the same combination of identification code and password
URS-COR-R-022 If a password is not issued privately (i.e. the password issuer knows the password), the user will immediately reset their password
Documentation requirements URS-COR-D-001 A user guide (manual) is available
URS-COR-D-100 User requirements are available
URS-COR-D-101 Installation manual is available
URS-COR-D-2001 Programming (API) documentation is available
Training requirements URS-COR-T-2000 Self-guided tutorials are available to start using PMA.core
URS-COR-T-2001 Tutorials are available to connect to PMA.core from downstream applications
URS-COR-T-2002 Protected self-contained environments can be set up for experimentation and training
Hardware requirements (HW) URS-COR-HW-001 The CPU is at least a 2.2 GHz Quad Core or AMD equivalent
URS-COR-HW-002 The server computer has at least 8GB DDR3 RAM
URS-COR-HW-003 The hard disk is at least SATA II
URS-COR-HW-004 The network is at least 100 Mbs Ethernet
Software requirements (SW) URS-COR-SW-001 The operating system is at least Windows 2008 Server
URS-COR-SW-002 At least Web Server IIS 7.5 is installed
URS-COR-SW-003 At least .NET framework 4.5 is installed
URS-COR-SW-004 A HTML5-capable web browser is installed
Requirements for PMA.core URS-COR-001 It’s possible to view slides through the slide management module
URS-COR-003 It’s possible to add users
URS-COR-004 Only administrator users have access to the slide management module
URS-COR-005 An undeletable administrator account is configured
URS-COR-006 The following user information can be recorded: first name, last name, login name, password and e-mail
URS-COR-007 Users that are created in the slide management module get access to the viewing module
URS-COR-008 Users can be given administrator rights
URS-COR-009 Users can be suspended. As long as users are suspended, they do not have access to the software
URS-COR-010 Raw server log files can be consulted by administrators (read only)
URS-COR-011 A list of users currently logged in (active session) is available. Active sessions can be terminated.
URS-COR-012 Users can quickly access the user manual
URS-COR-013 Users can log out
URS-COR-100 Offer the option to store on-slide geometric annotations with slides (also cf. section 7.3 elsewhere in this document)
URS-COR-101 Offer the option to store form-based annotations with slides
URS-COR-102 Present a report with operating characteristics to assist in on-site installation troubleshooting
URS-COR-103 Enable content streaming in both lossy (JPEG) and lossless (PNG) compressed file formats (also cf. section 7.2 elsewhere in this document)
URS-COR-2000 Root-directories (cf. URS-COR-G-003) can be marked public so every registered PMA.user has access to it; they can also be marked private so only select users have access to it
URS-COR-2001 Access control lists can be applied to private root-directories (cf. URS-COR-2000)
URS-COR-2002 Form template definitions can be exported (cf. URS-COR-101)
URS-COR-2003 Form template definitions can be imported (cf. URS-COR-101)
Requirements for the API (A) URS-COR-A-250 identify the version / revision of PMA.core running
URS-COR-A-251 request licensing information from a distance
URS-COR-A-252 authenticate users and generate sessionID variables
URS-COR-A-253 de-authenticate an active sessionID
URS-COR-A-254 determine whether a user can make annotations
URS-COR-A-255 retrieve root-directories
URS-COR-A-256 check if the server is responsive. Typically this is done through a server “ping”, but in productions environments this service is often disabled to prevent opportunistic phishing attempts.
URS-COR-A-257 get an overview of all available root-directories
URS-COR-A-258 retrieve sub-directories from a parent directory
URS-COR-A-259 retrieve hosted slides in a specific directory
URS-COR-A-260 retrieve an anonymized string identification sequence representing a hosted slide
URS-COR-A-261 retrieve information about a hosted slide
URS-COR-A-262 retrieve on-slide annotations
URS-COR-A-263 manipulate on-slide annotations
URS-COR-A-264 obtain an on-slide annotation’s circumference (distance for 1D-objects)>/td>
URS-COR-A-265 obtain an on-slide annotation’s surface (only for 2D-objects)
URS-COR-A-266 query available form templates>/td>
URS-COR-A-267 retrieve slide-associated filled-out forms
URS-COR-A-268 manipulate slide-associated form data
URS-COR-A-269 change a (current) user’s password
URS-COR-A-2000 programmatically (and transaction-based) upload a slide
URS-COR-A-2001 programmatically (and transaction-based) download a slide
URS-COR-A-2002 obtain unique identifier (“fingerprint”) of a slide based on its contents
URS-COR-A-2003 search for slides
URS-COR-A-2004 reset a user’s password
URS-COR-A-2005 remind a user’s password via email
URS-COR-A-270 map a UID back to its real path reference
URS-COR-A-271 map a root-directory virtual path to its physical presence on the hard disk
URS-COR-A-2006 create new directories
URS-COR-A-2007 remove directories
URS-COR-A-2008 create new root-directories
URS-COR-A-2009 create new user accounts
URS-COR-A-2010 delete slides
URS-COR-A-2011 move slides
URS-COR-A-2012 rename slides
URS-COR-A-2013 rename directories
URS-COR-A-2014 reset any user’s password
URS-COR-A-2015 remind any user of their password
URS-COR-A-2016 list all users
URS-COR-A-2017 suspend a user (cf. URS-COR-009)
URS-COR-A-2018 obtain user information based on a current user’s SessionID