The IBI DATEX II Publisher allows organisation to publish various different types of transport data in a DATEX II format (version 2.3 CEN standard). This includes all supported types of traffic information including incidents, roadworks, journey time and all types of both static and dynamic data.
- Uses DATEX II standards for information exchange
- Runs unattended in the Cloud once set up
- Configured to convert Buyer's source data to DATEX II format
- Can read source data from any RDBMS
- Includes automatic error and service availability monitoring
- Standard HTML interface to publications list
- RESTful API
- Subscriber user management included as standard
- Proven technology, in use since DATEX II version 1.0
- The Buyer determines who can subscribe and access publications
- Allows for data sharing with other agencies and local authorities
- Allows for data sharing with European partners
- Allows for data sharing with technology companies
- No requirement for source data to be in DATEXII format
£2500 per licence per year
IBI Group UK Ltd
0141 331 4500
|Software add-on or extension||No|
|Cloud deployment model||Hybrid cloud|
|Service constraints||Users will be informed of any downtime/maintenance in advance, and all maintenance activities that could result in service degradation or unavailability will be undertaken outside of the normal working day, 8:30am-5:30pm. The service will be operable outside of these hours, when maintenance is not taking place.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Critical fault; within 1hr. Non critical fault, no workaround; 8hrs. With workaround; 24hrs. Minor defect; 48hrs.
Response times do not include weekend support.
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Support levels||Email and telephone support is provided during office hours. Issues are generally triaged by a maintenance manager who will ensure that they are reported to the correct team for resolution. A technical account manager oversees customer support as standard.|
|Support available to third parties||No|
Onboarding and offboarding
The onboarding process should be completed within six weeks, depending on how many publications the buyer wishes to produce.
The process will begin with a service initiation meeting with the customer to confirm the various elements of configuration that will be required
and to review the customer's data and available interfaces.
Should the customer wish to move storage of the source data to the Cloud, this can be accommodated. No personal data, other than the login data necessary to access the service will be stored. Password data will be encrypted.
|End-of-contract data extraction||
If storage of customer data sets in the cloud has been requested these data sets will be made available to the customer within one month of the notification that the subscription will not be renewed and up to three months following the end of the subscription period.
Data will be provided on hard drive(s) back to the customer after which IBI Group will purge and destroy all customer data from its systems including any logs and archives that have built up with use.
Customer and subscriber access to the DATEX II Publisher will be rescinded at the end of the contract. It will be the responsibility of the Customer to inform subscribers to their DATEX II Publications that the service has ended.
If storage of customer data sets in the cloud has been requested these data sets will be made available to the customer within one month of the notification that the subscription will not be renewed and up to three months following the end of the subscription period as previously indicated. There will be no additional costs to the customer for data cleansing.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||No|
|Accessibility standards||WCAG 2.0 AAA|
|Accessibility testing||Interface testing has been undertaken in-house. The DATEX Publications list page that is made available to subscribers is plain HTML.|
|What users can and can't do using the API||The Datex Publications are provided by means of a RESTful API via XML over HTTP.|
|API documentation formats|
|API sandbox or test environment||No|
|Description of customisation||Database access (i.e. where the Publisher should retrieve the source data) , DATE-specific view on the source data and the types of publications that are required are all configurable.|
|Independence of resources||Each client has their own DATEX II Publisher hosted in a separate cloud environment. Subscriber users connect to this instance to access DATEX II publications. Users generally have a DATEX Receiver application which only downloads publications when changes have been made.|
|Service usage metrics||Yes|
|Metrics types||Service usage statistics.|
|Reporting types||Reports on request|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||In-house|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||DATEX II Publications are provided in XML format to authorised subscribers by the Buyer/Customer.|
|Data export formats||Other|
|Other data export formats||Users receive DATEX II Publications in XMl format|
|Data import formats||Other|
|Other data import formats||DATEX-configured views connect to source data.|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||IPsec or TLS VPN gateway|
Availability and resilience
|Guaranteed availability||99.9% up time is guaranteed during office hours. There is no standard SLA for the DATEX II Publisher service, but one can be agreed with the customer if required.|
|Approach to resilience||DATEX II services run in the Cloud on Virtual Instances. Data centre suppliers used, such as Azure are committed to resilience and up-time via SLAs.|
|Outage reporting||The IBI DATEX II Publisher includes a Log File Monitor application that emails the support team if there are any application exceptions thrown or application outages.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||There is no user access to management interfaces.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||No audit information available|
|Access to supplier activity audit information||No audit information available|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||No|
|Security governance certified||No|
|Security governance approach||
A security procedural hierarchy is place from the on call engineer up to the security specialist.
Various systems, including firewalls, produce real time alerts which are emailed to the on-call engineer or directly to security personnel.
|Information security policies and processes||Data protection processes are always followed. Personal information is encrypted if stored. Module access is restricted by specific roles so that users can only view data that they have been authorised for.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||Changes to components are tracked via a ticketing system. Only product owners can create the tickets and assign them to the development teams. Tickets can only be closed off after changes have undergone rigorous quality management checks in a dedicated test environment and have passed a series of functional and security checks within the staging environment.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
On a monthly basis a large cross section of device and daemon logs are processed in depth using both automated tools and extensive direct human analysis. Each of the major systems are tracked for upstream security notices using normal mechanisms.
On top of this key staff monitor the general CVE security feeds for points of interest along with summaries from other contacts (e.g. Qualsys security roundup).
Non-aggressive high level pen testing is performed twice annually and proactive security testing of new assets is a key stage of any deployment.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Daily analysis of server (System, security etc.) and firewall logs is performed. Dedicated support personnel are trained to identify potential compromises and when these are identified they are thoroughly investigated.
As a general principal a security in-depth policy is adopted where the seriousness of the security incidents is treated as critical until such time as it is proven otherwise.
|Incident management type||Supplier-defined controls|
|Incident management approach||
Daily system maintenance checks are carried out. Service availability monitored by a third party service and email and text alerts sent out when services are unresponsive.
Incidents are reported by email or phone and recorded in our ticketing system.
If requested monthly performance reports can be provided.
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£2500 per licence per year|
|Discount for educational organisations||No|
|Free trial available||No|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|