1 / 5

TDTWG Review of RMGRR042 Data Transport

TDTWG Review of RMGRR042 Data Transport. TDTWG Analysis. TDTWG has reviewed the three data transport options included in RMGRR042. To ensure the most successful implementation of an option, TDTWG has defined minimum technical requirements

koonsm
Download Presentation

TDTWG Review of RMGRR042 Data Transport

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. TDTWG Review of RMGRR042 Data Transport

  2. TDTWG Analysis • TDTWG has reviewed the three data transport options included in RMGRR042. • To ensure the most successful implementation of an option, TDTWG has defined minimum technical requirements • While some technical requirements are being provided for each option, certain options may carry risk which may not be mitigated within the technical requirements • This information should not be interpreted as TDTWG’s endorsement of all three options

  3. NAESB EDM v1.6 • Scope: NAESB EDM v1.6 • See: NAESB EDM v1.6 Standards • Update: TDTWG NAESB EDM v1.6 • Use of FF content type • Use of payload mime content header Application/EDI-Consent • Create test scripts, Market certification

  4. Secure FTP • Define standards for design, test, certification and implementation for ERCOT server side • Market Interoperability and implementation guidelines and testing • Dedicated Redundant Production Servers • Test and Certification Environments • Implement Processes for maintenance, Real-time monitoring & log management • Disaster recovery • Implement Receipt Acknowledgement (note: outside of the SFTP protocol) • SSH v2 protocol only SFTP Extensions to SSH protocol (no SCP) • SSH key for authentication (no static passwords) • Dedicated identity management process for SSH: • User Create/Update/Delete • Key management – create, expire, revoke • Identity/credential verification and audit • Define data expiration in queue (inbound, outbound) • Payload encryption process development (pgp vs gpg) • Deterministic audit plan for both market and internal audits • Defined availability requirements that can accommodate regular maintenance • Identify support resources to handle outages, interruptions, incidents, and maintenance • Regular external security assessments

  5. CD • CD or DVD ROM Not RW • Payload must be encrypted: Payload encryption process development (pgp vs gpg) • Ship 2 (reliable delivery) • Verification of integrity of data prior to shipment and upon receipt • Validated handling procedures for receiving and transmission to processing servers • Validated destruction procedures (CD will not be returned) • Handling procedures or filing, storage before processing • Labeling process for CD • Create test scripts, Market certification

More Related