 I'm Steve Nunn, president and CEO of the Open Group. Welcome to Toolkit Tuesday, where we highlight the various components and leading experts of the Architects Toolkit, a collated portfolio of the most pertinent technology standards for enterprise architects. During the series, I'll be calling on a number of recognized experts who will bring their particular insights on how to most effectively use the various tools in the Architects Toolkit. We'll have a mix of interviews, panel sessions, and pre-recorded presentations along the way. While all standards of the Open Group are designed so they can be adopted independently of one another, the greatest value for an organization can be derived when they're used in unison, that some of the parts should be greater than the whole. In the Architects Toolkit, we have collated a portfolio of the most pertinent ones for architects together, all in one place. For most of these tools, certification from the Open Group is also available, so practitioners can demonstrate that they have the skills required, and recruiters can take the guesswork out of the recruitment process, all backed up by our Open Badges program. So, unlike in the Alanis Morissette song in which she describes various things as ironic where none of them actually asked, sorry Alanis, rain on your wedding day isn't irony. I am finding plenty of irony in the fact that Gen AI, which can generate new content for us as humans, thereby saving us all the effort, has in fact created a whole load of new viewpoints, documents, and look what I made with AI type posts from humans. Even worse, this saving of that effort has in practice increased the amount of reading and or filtering the effort I'm putting in as a human to all of this newly generated Gen AI and humans talking about Gen AI output. So, what architecturally? Well, we're generating material we won't consume ever. That's poor process design and a business architecture concern. And just like that aforementioned song, we as humans often don't share a common understanding of something. If we place that into an AI model, that is information architecture concern. And now, I've created even more content without Gen AI, about Gen AI, that has generated more work for us. Isn't that ironic? Don't you think? Thank you Paul. Welcome everybody to Toolkit Tuesday. Great thought provoking minute there from Paul Holman of IBM. Those of you who are regulars on Toolkit Tuesday will be familiar with Paul's face and his thoughts. And a great one there to have us all thinking. So, thank you very much, Paul. And thank you all for joining us wherever you are in the world. It's great to have you with us. We love the fact that you take time out of your day and some of you may be actually listening to a recording of this, which is great too. Whatever is convenient for you, but we'd love to be able to share the content that we have here at Toolkit Tuesday with you all. So, for those of you who are joining us live, just one housekeeping item. If you have a question for today's speaker, or speakers, we do have a second speaker joining us later in the session, then do please ask those through the Q&A channel rather than the chat channel. The Q&A channel you can find in the... If you click on the three dots in the bottom right-hand corner of your screen, that'll give you the chance to click on Q&A and please ask questions there. But please do use the chat channel for communicating with other attendees here at the event. And in particular, please do share where you're joining us from today. Where in the world are you joining us from? Our speakers today are joining us from India, so it's a very different time zone where they are than where I am here in California, but we tend to span a lot of time zones and a lot of geographies. So, let us know where you are. We'd love to hear that. Without further ado, we'll move to today's main event. And to set a little context, we'll hear a bit more about them later, and the open group has an awards presentation each year for the last couple of years. In fact, we've done several now. I lose track, but very high quality submissions. And my colleague, Palab Sahar, would tell us more about that later. But one of the key submissions this year is from India Railways, which is a very large organization, the largest civil employer in India. And it's an organization which we'll hear about, has really adopted an enterprise architecture approach and boundaryless information flow. Our vision here at the open group is very relevant to it. So, to tell us more about the Pravar API Gateway here at Indian Railways, we're joined today by Mr. Sharath Mathur, who is the general manager for the Centre for Railway Information Systems. And he is an IT specialist with extensive experience of working in railway logistics and the manufacturing sector, skilled in enterprise architecture, IT strategy, business process improvement, and IT and supply chain management. So, a warm welcome to Toolkit Tuesday, please, for Mr. Sharath Mathur. Over to you, sir. Thank you very much for that kind introduction. And I'm privileged to be here in front of such a diverse audience. Good morning, good afternoon, good evening. Without much ado, I will just share my screen. I would like to tell you about our enterprise architecture effort. And in particular, our API Gateway that we call Pravar. Pravar means flow in Hindi. And we call it Pravar because it provides us with the means to have boundary-less information flow across our large organization as well as the ecosystem in which the Indian Railways is embedded. As had been mentioned, Indian Railways is a large organization. It is one of the largest railways in the world. 68,000 kilometres route length, which is quite large. 7,300 stations. We run many passenger trains. We run a large number of freight trains too. We are a mixed railway. We have many rail vehicles, locomotives, passenger coaches, and freight wagons. We carry a lot of passenger traffic. Typically, before pre-COVID, the year before COVID, we carried almost 8,500 million passengers. That means individual passenger journeys, which was, as you can see, even more than the population of the whole planet. So this was people who travel regularly by train, and many of them travel every day of their lives on the Indian Railway system. We carry about 1,500 million tonnes of freight also. And our annual revenue is approximately 2.2 million rupees, which translates into around 27.5 billion USD. And it is approximately the size a little bit more than what BNSF Railway in the United States is. So it is approximately that size. We are a very manpower intensive operation. So we have almost 1.2 million employees. So it's a large organisation in all respects. As I had mentioned, so there is a large number of operations also. I mean, it is a vertically integrated, horizontally integrated enterprise right now, because apart from the service element, the passenger services and the freight services, and managing passenger and freight terminals, that is the passenger stations, and freight loading and unloading facilities. Then we also run the trains, the core train operations. As I said, it's a mixed train operation. So freight and passenger both share the same tracks, and therefore the operation is a little complex, because they are passenger trains which are run to a schedule, and there are freight trains which run when there are paths available to them. There is fixed infrastructure to manage. Rolling stock refers to the rail vehicles. And at the bottom, as you can see human resources, the financial part, and all the materials that are required to make it run. So there are a large number of interrelated operations to make this whole elephant dance, so to say. So why did we go in for an enterprise architecture? The reason was that our IT environment, our IT landscape had become very complex. It was difficult to ensure that interrelated operations, interrelated processes were properly automated, and it was almost impossible to manage without information systems in place, because of the increasing traffic and the room for any, the cushion to run the system was becoming less. And so we had come up with a very large number of IT applications, and the purpose of this whole enterprise architecture exercise was to align the IT with the business priorities. So therefore the process, which is the standard process we followed, we followed the TOGAP standard. India has developed its own India Enterprise Architecture framework, which is based on TOGAP, extends the TOGAP framework with reference models, which are related to integration, to security, to performance. So it is an extended TOGAP standard, but the process, the architecture development method is similar. So we did our best to tailor the architecture to our needs, and then to follow the ADM standards, the steps, so that we had a very cohesive and coordinated approach to developing our enterprise architecture. We are still on the way. We have completed some part of it. We are still on the way to completing the rest of the enterprise architecture effort, and as we all know, it is a never-ending story. It never ends. You have to manage and govern the architecture. So to align IT with business priorities, and then of course to envision our future requirements, create the target state, ascertain the current state of the enterprise, and identify gaps in information systems, and then to ensure that we get a practical realization, we create a set of work packages to move from this standard state to the target state, and the work packages we inject into our existing project management system. That has been our endeavor in this effort. So if you look at the priorities that Indian Railways has today, there are around five drivers. So there are five drivers that we have identified, growth and sustainability, safer and more secure travel, participation in the national logistics and travel ecosystem. This has emerged recently as one of the very, very critical needs of the railways to be able to participate in the ecosystems so that especially the logistics ecosystem, because bringing down the cost of logistics is about the aim of the government because it brings in efficiencies into all processes, improves the way you function, and of course a better customer experience and efficient operations. So now I am just going to concentrate on the participation in national logistics and travel ecosystems. That was one of the drivers of this whole effort. And now we are partnering, increasingly we find that there has to be boundary less information flow across organizational boundaries. And so we have started to overtly engage our partner organizations and our partner organizations are customers, as you can see here on this screen, you can see some of what goes for our partners. They are aggregators, surface transporters, warehouses, companies who are managing warehouses on the trackside. Terminals, we also allow private and other organizations to own wagons. And these partners are all, now we want to serve them through information systems and interchanging information with them where they don't have to put in any effort on their side. Their IT systems can talk to our IT system. That is the same in the partner space. The partner space, I mean passenger travel. So transporters like airlines, bus services, metro systems, hospitality industry, travel facilitators, online travel porters, travel agents, and of course government tourism ministry, health ministry, security agencies. With all of these we increasingly have a tie up for interchange of information. And we had envisaged that this would be part of our enabling infrastructure for our enterprise architecture when we want to realize the architecture that we reach. So this was an enabling system that we wanted to set up, put in place so that when our architecture got developed to a certain extent and we were ready for interchanging information with our partner organizations, we would have the means to do so. And we wouldn't start at that time. So we built our API management system and API gateway to ensure that we were able to meet that need. So we have put in Prava. Prava is an API gateway and management system. Benefits for Indian railways, seamless flow of information with our partners. So for us it is beneficial. And transactions are secure. We know who is logging into or who is transacting with our systems. We can manage transaction volumes. This was a problem. What used to happen was when we were ticketing. Then at that time there were some peak times at peak times our systems used to get bogged down because there was so many transactions and at lean times they were idling. So once you put an API gateway in place, you can control the transactions that are moving to the back end. So we use that extensively for rate limiting and throttling. And of course our partners get a standardized interface. We are able to offer standardized APIs for our partners and the partners can consume them. And we also increasingly are mobile apps. We decouple the front end from the back end by putting the transactions running them through the API gateway. Partners of course benefit. They get easy to understand API logic. The user interface is decoupled from the back end. They can make their own front ends if they so desire. Their IT systems can connect to our IT systems. And slowly a third party develop ecosystem will also emerge. We are expecting that to happen soon as soon as we move a little bit down the down this line. So how does it work? Indian Railways, Chris, that is the Center for Railway Information Systems, which is us the IT arms of IT arm of the Indian Railways. We have our back end systems and we publish APIs through our API management system. Our partners can come through IoT devices. They can have apps. They can have web applications. They can have mobile apps. And all of them can connect to the API management system. So it is a controlled environment in which the information flows. Our benefit is that we offer our services. And our customers can selectively select the services that they want to access. And then by consuming those particular APIs, they can access the services. We started in August 21. And by now we are running about 13 million API calls per month. This has been the level of transactions for the last few months, around 12 to 13 million. Now, this month we have also added a couple of more front end applications. We what we call a 139 service. We have a single telephone number. So there is a 139 service on that 139 service. Now we also have a mobile app. We also have web applications coming in. So that recently we have connected and that has gone live a couple of days back. So with that, perhaps the number of API calls will increase even more. And as you can see, 141 published APIs are being accessed. Government of India has a citizen portal mobile app that allows them to access all different government of India services. So that Oomang app is also integrated. The good part was through the API gateway we could do it in less than a month. So in summary, APIs are a powerful catalyst for digital transformation. There are powerful catalysts for ensuring boundary less information flow across ecosystems like we are trying to create in India, the logistics and travel ecosystems. It encourages API providers and consumers to collaborate. Customers get rich customer experiences and new digital channels come up. Internal external for data sharing, enabling mobile applications, perhaps even monetizing the information and data. We haven't started doing that. But at some point of time, perhaps we will be able to use those opportunities. And the API management system provides us the setup to manage APIs and ensure that we keep improving our services since we can measure what we are offering. Thank you very much. That is how we are managing and that is how our API system is running right now. I'd like to thank you all very much for taking the patience for listening to me. Thank you. Charlotte, thank you very much indeed. That's an awful lot of work described in a small number of minutes. So great summary. Thank you. I've got a question or two for you, which I'll ask shortly. I mentioned at the introduction to this session today that this was in the context. We were doing this in the context of the Open Group India awards which are coming up. So just to say a few words about those, I'd like to introduce or reintroduce to many of you my colleague, Dr. Palab Sirhaus, the general manager for India for the Open Group. And he is a Mayorty NEGD Senior Lead Expert in Enterprise Architecture and Visiting Professor of Digital Architecture at the Indian Institute of Management. And he advises various ministries and states on matters pertaining to government-wide architecture initiatives. So welcome back, Palab. Please tell us a little more about the awards. Steve, good day to all of you. And first of all, I'd like to thank Sharath for taking us briefly, taking us through this wonderful journey of a very large and complex organization, Indian Railways, and how it forms backbone for the country, right? So that's very important from an architecture point of view. Now, as Steve was alluding to, this is, I would say, this project was one of the nominations that we received in the India Awards 2022. So we have an annual award which is called the Open Group India Awards for Innovation and Excellence, where we encourage organizations to use open standards and open source, right? And as you saw in this presentation today, this is based on the adoption of India Enterprise Architecture Framework, which is based on TOGAF. Today, Sharath did not show, but I'm aware of this project for a fairly long period of time, and Indian Railways can also be classified as a power user of Archimate, one of our other standards. And you will see the wonderful Archimate models they use to manage the entire specification, the entire blueprint, if you will, and all the models that they create. So the India Awards is something that we run every year. This year, the award ceremony is scheduled on 27th of July, 5 p.m. India time. It is going to be an online ceremony. And we do have multiple categories for the India Awards. And the most important one, of course, comes in terms of the number of nominations we receive pertains to enterprise architecture. So that's one of the categories. The other categories we have is IT for IT, which focuses on IT planning and management. Then we have a category covering cybersecurity, supply chain security, trusted provider standards, which aligns to the OTTPS. Then we have another one for zero trust architecture. Then we have a category covering for the energy industry, which is the open source software data platform. Finally, this year we have introduced a new category, which is women enterprise architects. We would like to encourage women architects. And I know that in the industry, we don't have too many women architects. So one of our endeavor in this 2023 edition of the award is to identify and honor organizations who have put together programs to nurture and groom women architects. So in a nutshell, what I'd like to do is invite all of you to watch the, you know, the award ceremony and see who the winners are because all of the winners will tell you how they have adopted our standards in improving and bringing transformation in their respective organizations. So look forward to your participation and over to you, Steve. Thank you very much, Pat. That's a great, great summary. I'm looking forward to seeing some of the, well, seeing the award ceremony, but hearing more in detail about some of the awards. I know there's been quite a review going on so far. And last year, I remember being, being really quite struck by some of the great, the great ways in which our standards were being used to really make a difference across all sorts of industries and expect the same again here. And obviously today we heard an example of that in Indian Railways. So if I can switch back to, to use a question, when you, that's come in here, when you obviously put a gateway in to so much, gateways could potentially be a restrictor for the flow of information rather than an enabler. So have you found, have you ever found that, that the capacity isn't there, for example, or has this overall just, just helped you? You did mention throttling and et cetera and cloud based activities. So has it been, has it ever been an impediment rather than an enabler? Well, this, this question haunts us continuously. Because, you know, if the enabler becomes an impediment, then you are in real trouble. So, well, so far it hasn't, we were, it was a little difficult to size this gateway. But so far, after going through a number of cycles, we decided upon a figure of 1000 transactions per second. And so far we have not hit that. However, there are a couple of caveats because some of our very high value, I mean, high transaction, you know, interactions where the transactions are very picky. For example, for our ticketing, when tickets open, we have a 180 day window for tickets. So in some very popular trains during holidays, there's a certain spike in ticketing. So for those transactions, actually we have not brought them on to the, only that one or two transactions, we have not brought them on to the API gateway. Although now we are screwing up the courage to do that. But we feel that perhaps we'll be able to manage those also. However, we have made the scalable so that in case there is a, we find the restriction that we can quickly scale up. We can buy additional licenses very quickly under the same agreement and then scale it up. So, so far, we are just hoping that we can do it in a planned way. So far, so good, great, great. And the second and last question I'll ask you. It's almost the flip side of that coin in the sense of security, obviously with such a valuable gateway and such a lot of information resting behind it. Has that been, has that been an issue or can you speak to some of the general approach to security that you've taken in connection with the gateway? Well, of course, that is a very pertinent question because these API gateways and management systems are magnets for all types of malicious code. And they are a very large attack surface for malicious players again. Because they know that all the transactions are going if they compromise the gateway, then then they have a large number of back ends under their control. What we have done is that we have tried to be as careful as possible during the installation and implementation process. So what we so only are public facing part of the gateway where the request land, those are in our DMZ in our demilitarized zone. But the key manager, the actual proper gateway part, the actually the gateway manager part, all that is in the militarized zone so that it is kept secure. And we have our security team constantly doing security reviews and ensuring but there is another thing that can that happens here is that the transactions that go through this. We have to always keep talking to the back end system, system administrators and their developers to ensure that their transactions are inherently secure. Otherwise, with the best security on the gateway, if the transactions if the back end systems are poorly written, then malicious software can even then get through. So you have to be a little careful. Of course, of course, and I do have we are we are out of time but I do have a couple of questions that just come in that you may or may not be able to answer and don't feel pressure to if it's inappropriate. But one is what is your API gateway software and the other is do you have the liberty to share what database management system you're using. Yes, I mean, we are API management system is based on WSO2 and at the back end we are using a standard RDBMS. So, and we have installed it right now on our own setup in our own we have a private cloud so we have installed it in the private cloud. But we are looking for ways to migrate it to the public cloud at some point of time. Great. Thank you for taking those and thank you for coming here and sharing today and and for your words about the awards as well palp so a big thank you please to share my tour and Dr palp Sahar. Thank you. Thank you. That is it for today's topic but please join us in two weeks time. Which is Tuesday, July the 11th where we will have a presentation on something that's dear to my heart and probably many of you the benefits of the TOGF standard from Rita Sundari and Samuel Bandaru of architects so please join us in two weeks time at Toolkit Tuesday. Meanwhile, wherever you are in the world, please keep safe and well and thank you for your time today. I'm Steve Nunn. This was Toolkit Tuesday.