ICE / ICA
Independent Checking Engineer (ICE)
What is an ICE mission?
The main role of the Independent Checking Engineer is to ensure that all client’s requirements have been complied with during Design, Manufacturing, Installation, Test & Commissioning activities. Such requirements can range from technical requirements derived from standards, local regulations or best practices, to specific contractual requirements binding our customer to its final customer.
The ICE mission can be performed on all, or part of, the Transportation System, including Civil Works, as long as specifications have to be complied with, and compliance with those specifications is required by the final customer.
Thus, this mission brings an additional insurance level for our client regarding its final customer, to ensure full compliance of applicable requirements.
CIVIL WORKS & BUILDINGS
For Civi Works & Buildings activities, CERTIFER assesses:
• Building’s solidity
• Compliance with regulatory rules in terms of fire protection
• Accessibility to persons with reduced mobility
• Acoustic & thermal isolation
MANAGEMENT REQUIREMENTS
We are able to help you to implementing efficient, reliable & optimised management requirements for any type of project.
OTHER
For other types of systems: Rolling Stock, Signaling, Control-Command…, CERTIFE stars its external technical control by assessing their respective safety, then their compliance with the client’s specifications.
What is the role of the ICE?
The mission is carried out according to the following process:
• Review of the applicable project’s requirements, coming from any project’s document (contract, technical / general specifications), to gain the assurance that all requirements have been appropriately considered so that Design activities can start on a sound basis
• Support our client in interpreting and refining subjective, and desirable, requirements
• Guide our client in initiating the Requirements Management process
• Assess the Requirements Compliance Matrix, through the iterative assessment of compliance evidences up to the matrix’s full closure
• Additionally, CERTIFER is able to deploy an Electronic Document Management System (EDMS) that can be used by all the project’s stakeholders, to facilitate sharing documents to maximize coordination, and harmonization.
Step 1
Validation of the requirements capture (identification/linsting)
Step 2
Requirement
Compliance Matrix
Construction
Step 3
Iterative closing of the requirements using evidences provided for each requirement
Step 4
Closing of the RCM, when all requirements are complied with
Our references
• External control on track layout on the Thine bridge (Tram of Strasburg)
• ICE mission on the Metro of Riyadh (Blue Line & Green Line)
• IC mission on the Metro of Sydney.
Independent Cybersecurity Assessment (ICA)
Whats is a Cybersecurity mission?
In an increasingly connected and digital world, the Railway and Urban Transportation industry relies on information and communication technologies. The security of the transportation systems can impact the operational safety and efficiency of the Railway industry in case of cyber threats. In this fluctuating context, Railway operators and also manufacturers need to have a global approach by taking into account these new risks. For this, they have to identify these cybersecurity risks and implement cyber security management systems in order to mitigate these risks, give confidence in the control of their vulnerability level and ensure a safe and reliable service.
Therefore as the railway market is changing from a traditional, mechanical and heavy industry to a more connected environment, they have to rely on new reference documents and standards. Although some texts from other countries and sectors such as the ISO 2700X, IEC 62443, or NIST (National Institute of Standards and Technology) publications exist, no unified reference documents (standards, …) is available to this day and that are fit to the railway sector.
CERTIFER has focused its efforts in defining the framework of independent cybersecurity assessment by referencing and analyzing the most acknowledged texts that are used in other sectors and some countries. From now on, CERTIFER is able to define a specific method that can fit any of our customer’s need, with tailor-made solutions.
As required by the standards containing also the human factors, the Independent Cybersecurity Assessment can be performed on any equipment or any part of the railway system, sending processing or receiving data to ensure such data has not been altered, corrupted or intercepted to be improperly used.
The ISO 27005 standard (Information technology – Security techniques – Information security risk management) is used as a major guideline to manage and mitigate risks to an acceptable level. CERTIFER is able to perform Cybersecurity service from the start of design activities (review of cyber security management plans, valuation of assets, incidents management,…) up to testing activities (assessment of white / grey / black box testing), review of attack scenarios and their consequences.
What is the role of the independent Cybersecurity Assessor?
Among others, CERTIFER is available to perform the following activities:
• Review of Cybersecurity management plans
• Review of incidents management policy
• Documentary reviews (technical specifications, architectural diagrams, texts specification and reports…)
• Assessment of counter measures and their impacts to mitigate risks
• …