Overview
The Collaboration pillar provides the multi-user, multi-organization infrastructure that enables teams to work together on automotive cybersecurity projects. It encompasses real-time collaborative editing, role-based access control for OEMs and tiered suppliers, tenant-isolated supplier portals, flexible report sharing, open API access for tool integration, and a comprehensive notification system.
Real-Time Collaborative Editing
Presence Tracking
- Every user’s editing activity is tracked with a 5-minute TTL (300-second expiry)
- Client-side heartbeat every 60 seconds with exponential backoff retry logic
- Visibility change detection pauses/resumes presence when users switch browser tabs
- Socket events:
editing:startandediting:stopbroadcast to all project members
Entity-Level Locking
- When a user begins editing an entity, other users see a presence indicator
- Optimistic locking prevents concurrent conflicting writes
- Version conflict detection surfaces resolution UI when conflicts occur
- Lock auto-releases on session expiry or explicit stop
Auto-Save & Undo/Redo
- Auto-save triggers after 2-second debounce period
- Undo/redo stack maintains 50 actions per session
- Graph structural changes broadcast to all viewers via
graph:updatedsocket event
Supported Collaboration Contexts
- System architecture graph (component placement, connections)
- Threat modeling graph (threat relationships, attack paths)
- Risk register (risk editing, treatment linking)
- All entity editors (goals, requirements, controls, claims, test cases)
Role-Based Access Control (RBAC)
Two-Tier Architecture
| Level | Scope | Purpose |
|---|---|---|
| Organization Roles | Platform-wide | Govern organization settings, documentation, catalog access |
| Project Roles | Per-project | Grant module-specific permissions within individual projects |
Organization Role Permissions
Org_Settings: Read / Write / Delete for organization-level administrationcanEditDocumentation: Boolean flag for documentation editing- System roles (non-deletable) vs. custom roles
Project Role Permissions
Each project role defines permissions per module:
| Module | Description |
|---|---|
| System_Modelling | E/E architecture editing |
| Threat_Modelling | Threat analysis access |
| Attack_Path_Analysis | Attack path creation (requires Threat_Modelling Read) |
| Risk_Assessment | Risk scoring and register |
| Risk_Treatment | Goals, requirements, controls, claims |
| SBOM | Software supply chain management |
| Monitoring_and_Incidents | Security events and incident response |
| Validation_and_Testing | Test case and campaign management |
| Compliance_Reporting | Compliance assessment and reports |
| Activity_Log | Project activity feed |
Permission Actions: Read, Write, Delete, Full_Access
RBAC Enforcement
- Middleware-based enforcement at every API endpoint
- Decorators:
@RequireRead(),@RequireWrite(),@RequireDelete(),@RequireFullAccess() @RequireProjectMembership()validates project-level access- Activity feeds are filtered based on the viewer’s module permissions
License Tier Gating
| Tier | User Limits | Module Access | Features |
|---|---|---|---|
| Team | Basic limit | Foundation modules | Core TARA, basic compliance |
| Professional | Extended limit | Foundation + TARA + SBOM | Full analysis, China GB standard |
| Enterprise | Unlimited | All modules | Full platform, blueprints, advanced governance |
License enforcement validates at both the API and UI layers, gating features, user counts, and module availability.
Multi-Tenant Supplier Portal
Tenant Isolation
- Each organization gets a dedicated database instance
- Database context is resolved dynamically from JWT tenant claims
- All API requests validate tenant isolation before data access
- Global control plane manages cross-tenant operations
Tenant Provisioning
- Organization creation webhook triggers provisioning
- Dedicated database created with encrypted connection credentials
- Default users, roles, and permissions seeded
- Catalogs seeded (SPDX licenses, risk methods, vulnerability sources, tool definitions)
- Feature flags configured based on license tier
- License validity dates and tier limits enforced
Supplier Access Model
- OEMs manage their own tenant with full platform access
- Tier-1 suppliers receive their own tenant with tier-appropriate features
- Cross-project sharing enables controlled collaboration between tenants
- Each supplier sees only their assigned projects and modules
Report Sharing
| Option | Values | Purpose |
|---|---|---|
| Link Type | Live / Snapshot | Real-time data vs. frozen point-in-time |
| Access Mode | Public / Authenticated / Password | Access control level |
| Commenting | Enabled / Disabled | Allow external comments |
| Expiration | Optional timestamp | Auto-revoke after date |
| Status | Active / Revoked | Manual access control |
Security features include unique URI generation, SHA256 password hashing, token rotation, and immediate link revocation.
Report Comments
- Threaded comment support on shared reports
- Permission middleware controls who can comment
- Comment deletion with permission checks
Open APIs & External Integration
API Key Management
- 256-bit entropy key generation with identifying prefix
- Project-scoped with read/write permission levels
- SHA256 hashing for secure storage
- Key lifecycle: Create, List, Revoke
- Last-visited tracking for usage analytics
Webhook Integration
- HMAC-SHA256 signature verification (
X-Uraeus-Signatureheader) - IP allowlisting for webhook sources
- Supported types: Organization provisioning, GitHub SBOM sync, SendGrid email events
- Correlation IDs for request tracking
OpenAPI Documentation
- Full OpenAPI 3.0.0 specification
- Three API server groups: Main API (
/api/v1), Webhooks (/webhooks/v1), Admin (/admin) - Security schemes: Bearer JWT, Session Token, Admin API Key
- 18 comprehensive documentation modules covering all platform endpoints
Integration Use Cases
- CI/CD pipeline SBOM uploads via API key
- VSOC event export (JSON, AUTOSAR, STIX, Custom)
- Threat intelligence feed import
- GitHub webhook-driven SBOM auto-sync
- External test bench agent registration
Notification System
Notification Categories
| Category | Triggers |
|---|---|
| Assignment | Risk, task, goal, control, or requirement assigned to user |
| Mention | @mention in comments or descriptions |
| Approval | Approval request created or decision made |
| Vulnerability | Critical/high CVE discovered in SBOM component |
| Escalation | Risk severity change or incident escalation |
| System | Project invite, role change, export completion |
Delivery Channels
- In-app: Real-time via Socket.IO with user-specific rooms
- Email: Conditional based on license tier and user preferences
- Fallback: 60-second polling for notification summary if WebSocket unavailable
Priority Levels: Critical, High, Medium, Low — affecting delivery urgency and channel selection.
User Preferences
- Per-category enable/disable
- Quiet hours configuration
- Project-level muting
- 90-day notification retention with automatic cleanup
Activity Tracking
All actions across the platform are logged in the project activity feed:
- Tracked modules: System Modeling, Threat Modeling, Risk Assessment, Compliance, SBOM, Analytics
- Recorded data: User, timestamp, module, action type, entity references, severity
- Permission filtering: Users see activities only from modules they have Read access to
- Organization-level view: Org_Settings Read permission grants access to all module activities
Integration with Other Pillars
| Direction | Pillar | Collaboration Feature |
|---|---|---|
| All | Design | Real-time co-editing of system architecture graph |
| All | TARA | Concurrent threat modeling with presence indicators |
| All | Testing | Shared campaign monitoring via WebSocket dashboards |
| All | Operations | Real-time security event notifications |
| All | Compliance | Report sharing with access control |
| All | SBOM | CI/CD pipeline integration via API keys |
| All | Governance | Audit trail of all collaborative actions |