SIMPLIFAI SYSTEMS LIMITED

Simplifai AI Traffic Management

Simplifai Artificial Intelligence ( AI ) Traffic Management Service integrates with Urban Traffic Control and Management systems for the goal centred management and optimisation of road networks for air quality management, congestion management (recurrent and non recurrent) , event management, incident management, road works management and other goals.

Features

• Patent pending Artificial Intelligence solution solving key traffic network problems
• Goal orientated traffic control generating dynamic UTC traffic signal timings
• Automated artificial intelligence for dynamic mobility challenges adapting traffic management
• Real time resolution of mobility, bus and/or active travel conflicts
• Bus priority optimisation using Authority Bus Open Data (BODS data)
• Manage traffic impacts of sports, leisure, planned and unplanned events
• Analysis and visualisation of network constraints and real time operation
• Operating through existing UTC and UTMC systems to optimise networks
• Access controlled, secure web interface, hosted AI application
• Management of Roadworks including creating plans for temporary traffic signals

Benefits

• Improve mobility flow, maximising utilisation of existing systems and infrastructure
• Reduction of road traffic congestion
• More reliable transportation networks by optimising response to congestion conflicts
• Improved air quality by adapting network flow to smooth movements
• Reduce manual interventions through implementation of approved proven automated responses
• Implement bus priority and smoother journeys without extensive infrastructure outlay
• Automated UTC site calibration and identification of inductive loop issues
• Improved visualisation of transport management issues through AI data analysis
• Transform current data into standardised actionable insights and visualisations
• Improved management of road network during period of roadworks

£5,000 to £100,000 a unit a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at keith.mccabe@simplifaisystems.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

854893951426779

Contact

Keith McCabe
07812721181
keith.mccabe@simplifaisystems.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Urban Traffic Control (UTC) and Urban Traffic Management and Control (UTMC). Smart City management systems.
• Cloud deployment model: Private cloud
• Service constraints: Clients will be informed of planned maintenance in advance. The buyers will need to have an existing Urban traffic control system that is capable of connecting to cloud based Traffic Management Artificial Intelligence Systems.
• System requirements:
  • Client computers and internet access agreed in advance
  • Secure communications to the Cloud based AI System.
  • Access to customer data, data sources and data volumes
  • A modern standards compliant web browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 24 hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Email and phone support to technical account manager
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Initially there is a user requirement capture process which is undertaken using online questionnaires and conference call workshops.; There is an online user training support.; There is also a configuration repository for the capture and modification to user requirements.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The transport data is returned to the local authority at the end of the contract apart from the data that is needed to be retained to meet legal requirements.
• End-of-contract process: Decommissioning the system is included in the contract.

Using the service

• Web browser interface: Yes
• Supported browsers: Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: Yes
• What users can and can't do using the API: To transfer outputs from the system into a third party system.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: What can be customised:; -Configuration of user display; - Goals for system; - Forms of data analytics; - Performance measurement; How do users customise; -Initially through the agile development of the systems; -Once installed it is through the user interface; Who can customise; -Different levels of users will have different customisation settings

Scaling

• Independence of resources: The systems is designed to be used by a single local authority for the management of its traffic control systems. There number of simultaneous operations of the AI Systems needed for each authority area will be agreed in advance as part of the scoping of the service requirement for the deployment.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics are provided on levels of congestion on the impacts of the congestion. There are options to convert these metrics indirectly or directly into the economic costs to society for use in business case analysis.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users can either export their data as common separated variable files for selected variables and data sets or export the entire database of the users data.
• Data export formats: CSV
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Text files
  • SQL database

Data-in-transit protection

• Data protection between buyer and supplier networks: IPsec or TLS VPN gateway
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Service is available for a minimum of 99% of the time. If the service level drops below 99% measured over the period of a month a refund of the % below 99% time the % of the system unavailable for that time is used to calculate the % refund of monthly fee.
• Approach to resilience: Available on request
• Outage reporting: Email alert and public dashboard.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: User access is controlled using roles and security groups. Access can also be restricted by IP address.
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: (1) The board of directors is accountable for security governance.; (2) The Senior Information Risk Officer is responsible for information security management and is a member of the board of directors.; (3) There is a clear information security policy.; (4) Information security is regularly assessed and if necessary improved.; (5) There is a clear reporting structure for security events and corrective action is swiftly taken.; (6) We adopt a risk-based approach.; (7) The importance of information security is regularly communicated.
• Information security policies and processes: (1) The Senior Information Risk Officer (SIRO) is responsible for information security and is a member of the board of directors.; (2) Information security policies and processes are reviewed annually.; (3) All information security events are reported to the SIRO, investigated and then a corrective and/or preventative action plan is enacted.; (4) Our policy covers information risk assessment, endpoint protection, encryption, identity and access management, remote access, protection from malicious software, asset (including network) and data security, vulnerability scanning, minimum levels of application security, password compliance, appropriate use, change management, joiners/leavers, disposal of equipment, data backup/archiving/recover, training and awareness.; (5) Points of information ingress and egress are protected by physical, technical and organisational controls as necessary.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: (1) Software configuration is controlled using a configuration management tool, incorporating version management and change history.; (2) Deployment uses a combination of versioned containerisation and CI/CD tools.; (3) Documentation is version controlled and stored in a cloud-based information management system; (4) Environments and infrastructure use versioned snapshots and containerisation.; (5) Changes are assessed by a Change Advisory Board, which takes a risk-based approach to change control.; (6) Changes must have an assigned owner and be thoroughly documented, including an implementation plan, risk and impact assessment, evidence that changes have been tested and that there is a rollback plan.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: (1) We use third party cloud hosting services approved to ISO27001, including continuous vulnerability assessment and up-to-date patching of all components according to a defined patching schedule. Critical patches are applied immediately.; (2) We perform annual penetration testing, including application-level vulnerability assessment.; (3) We deploy malware/virus detection and prevention tools.; (4) We monitor publicly available threat assessment sources (e.g. US-CERT, FBI, Internet Storm Centre, @abuse.ch, NCSC)
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: (1) Our cloud infrastructure provider is ISO27001 compliant and provides a monitoring service with alerts that are actively monitored by us.; (2) Our applications include access, audit and performance logs that are actively monitored using log monitoring services, with alerts.; (3) Potential and confirmed compromises are raised as a critical incident and managed through our incident response protocol.; (4) Security incidents are overseen by a member of the board of directors.; (5) Customer impact is assessed and communicated honestly and transparently, as quickly as possible
• Incident management type: Supplier-defined controls
• Incident management approach: (1) Incidents are reported through our incident management tool, in accordance with our pre-defined incident response protocols (email or telephone).; (2) Security incidents are overseen by a member of the board of directors.; (3) Customer impacts are reported honestly and transparently, as quickly as possible and in the most expedient manner (telephone or email).; (4) A full incident report is made available to customers, including the source of compromise, impact and risk assessment, corrective and protective action plan, etc.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Other
• Other public sector networks:
  • Urban Traffic control systems
  • Data systems connected to urban traffic control systems

Social Value

• Fighting climate change:

  Fighting climate change

  Optimise traffic flows to reduce CO2 emissions and manage networks to improve climate change resilience. Supporting communities to deliver on environmental protection and improvement.
• Covid-19 recovery:

  Covid-19 recovery

  Better predict where organisations are in the recovery cycle from COVID 19 through traffic management monitoring; and helping the health service to deal with the backlog of appointments from COVID 19. Assessing the impacts of health, air quality and transport in the backlog recovery.
• Tackling economic inequality:

  Tackling economic inequality

  As a company conscious decision to be based in the North to help with the levelling up agenda. And support equal opportunities for the broader population.
• Equal opportunity:

  Equal opportunity

  Supporting equal opportunities for the broader population through location in the North.
• Wellbeing:

  Wellbeing

  From 1st April 2022 Simplifai have reduced the working week to 35 hours and increased staff annual holidays; this is to reduce the impacts of lockdown and the effects of social isolation to aid the return to post pandemic working. These are also seen to attract staff through providing a good work-life balance.; Efficient transport management enables communities to develop socially and economically. Locations with the worst air pollution are frequently next to roads with highest emissions - our solution manages and optimises traffic to improve health.

Pricing

• Price: £5,000 to £100,000 a unit a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at keith.mccabe@simplifaisystems.com. Tell them what format you need. It will help if you say what assistive technology you use.