Immense Simulations Ltd


Online (cloud-based) transport systems simulation as a service (SaaS) to predict the movement of people, goods and vehicles through the complete transport infrastructure, including road, rail and public transport systems.


  • Innovative cloud-based agent-based transport systems simulator.
  • Simulating people and vehicle mobility within metropolitan areas.
  • Detailed, persistent and predictive simulations.
  • Agnostic use of multiple data sources.
  • Simulations informed by mixed historic (static) and live data.
  • Preconfigured data configurations to simplify user interface.
  • Facilitates realistic mobility prediction scenarios.
  • Live or static data sources for mapping, demographic and traffic.
  • Datasets can be open, premium or proprietary.
  • Data privacy and security maintained.


  • No need to maintain corporate simulation environment.
  • Available 24/7 globally via browser to approved users.
  • Placing simulation in the hands of strategic planners.
  • Allows rapid what-if evaluation of mobility scenarios.
  • Expedites transport policy and operational decision-making.
  • Simplifies handling of complex real-world data.
  • Gaining competitive advantage from trained AI platform.
  • Developing personalised Mobility as a Service (MaaS) options.
  • Reduces ongoing simulation costs for all classes of user.
  • Benefits councils, regional transport authorities, and fleet operators.


£15000 to £250000 per unit

  • Education pricing available

Service documents

G-Cloud 10


Immense Simulations Ltd

David Kelsall

+44 7872073787

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints Main constraint is that users should use modern browsers.
System requirements
  • Internet connection
  • Modern internet browser

User support

User support
Email or online ticketing support Yes, at extra cost
Support response times 6, 12, 24 or 48 hours depending on level of service required.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels We provide two levels of support:
i) 1st tier - basic support concerned with the use of the application; and
ii) 2nd level - bespoke support - more akin to consultancy - to deal with more advanced issues.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide onsite training and user documentation.
Service documentation Yes
Documentation formats
  • HTML
  • Other
Other documentation formats Web Portal
End-of-contract data extraction Our product stores data in on-line databases. At the end of any project, users' data can be saved or stored or extracted into alternative data formats elsewhere providing the costs of transfer are born by the users.
End-of-contract process The scope of any contract is based on a proposal from us and agreed by all parties. Any specific end of project requirements must be agreed within the contract terms, otherwise will be the subject of negotiation.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Screen layout re-factored to suit small form factor device.
Accessibility standards None or don’t know
Description of accessibility We offer a bespoke cloud-based service accessible via a web browser. We offer the accessibility capabilities of the browser in which our application runs, e.g magnification, contrast and audio descriptors of text (but only if supported by the host browser).
Accessibility testing We are a young company developing a niche product for a relatively limited class of highly technical users. As an equal opportunities company, we committed to equality and diversity in the workplace and would be willing to work with affected potential users to improve accessibility should the situation arise.
Customisation available Yes
Description of customisation Yes, the entire user experience can be customised to meet specific customer requirements. We work with the end-user to make the necessary customisations. Users currently cannot undertake their own customisations.


Independence of resources Each users' company environment has its own web based resource stack hosted by an independent provider such as Amazon Web Services. We rely on Amazon to provide load balanced resources as requested by the session.


Service usage metrics Yes
Metrics types On request, web hosted cloud resource can be made visible to the user if required. This typically includes computational time, memory allocation and cost information.
Reporting types Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Encryption of all physical media
  • Other
Other data at rest protection approach We principally rely on 3rd party protection of data (e.g. Microsoft) as our data is stored on SharePoint and OneDrive.
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach By default, for data security our system does not normally allow the export of data. However users can extract or export data by writing custom database queries to extract data from proprietary databases.
Data export formats CSV
Data import formats
  • CSV
  • Other
Other data import formats Proprietary API calls

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability During any contractual engagement the availability SLA is agreed with the end-user and is appropriate for their usage requirements. Our level of service is dependent on services offered by others, such as Amazon.
Approach to resilience By using reputable independent 3rd party providers such as Amazon, Microsoft and Google, we rely on their infrastructure to provide a high level of resilience.
Outage reporting Currently we do not report outages.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels We use a role-based security model to manage access to management interfaces, storage areas and support channels.
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information No audit information available
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach We are working towards ISO 27001 accreditation.
Information security policies and processes As a young company, we are building out our business processes in a prioritised way. Currently we rely on 3rd parties to provide secure systems, and we are seeking ISO 27001 accreditation. Currently the CEO (board level) and Chief Engineer determine working practices from time to time, to reflect client and business needs. Our system is developed using Secured by Design principles and in accordance with Cyber Essentials guidance.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We operate to an agile methodology, and changes to our product are primarily managed by using Jira (to manage our change process), BitBucket (to manage our software), and Jenkins (to rebuild our software).

All our customers have separate siloed instances of our product. Access to those product instances and respective is controlled by username and password. We believe the potential security risks are low, however as the product develops this is under constant review.
Vulnerability management type Undisclosed
Vulnerability management approach We maintain active subscriptions with third party anti-virus and malware services. All our PCs are set to receive automatic updates of operating systems, security software, and other potentially vulnerable software applications (such as Microsoft Office). Our security policies and set by the company and enforced through Microsoft product and services.
Protective monitoring type Undisclosed
Protective monitoring approach We rely on 3rd party products to monitor all incoming emails and software. In the event that a security threat is identified (either by the software or an individual) this is escalated to the IT systems administrator and chief engineer. We respond promptly to such threats until the risk is mitigated.
Incident management type Undisclosed
Incident management approach As a start-up, we have no pre-defined processes for common threats. We maintain a specific email account where IT incidents and issues can be reported. Such emails are monitored, reviewed and appropriate actions taken.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £15000 to £250000 per unit
Discount for educational organisations Yes
Free trial available No


Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑