1249   Extent model of LLN0, CSWI, ATCC, YLTC for check the orIdent

Created: 27 Apr 2014

Status: Future Improvement

Part: Part 7-4 (2010; Edition 2)

Links:

Page:

Clause:

Paragraph:

Category: Issue for edition 3 of this part

Issue


The current model doesn't allow to set, check and control switching authorities/orIdent.

The received orIdent (from the control request) should be tested against pre-configured strings for switching authorities.
If more than one instance of switching authority is modelled, the priority goes in the order of the instances, i.e. the first instance has the highest priority of the switching authority.

By a controlable data object, it can be activated that a number of alternative switching authorities can be the allowed originators. Then one of the preconfigured strings for switching authorities should match the OrIdent.


The check of orIdents should be possible for LD or for individual LNs.

Proposal

Include in LN LLN0, CSWI , ATCC and YLTC new data objects.
SwAuthId (VSG) Omulti --> Preconfigurable switching authority strings
SwAuthEna (SPC) Omulti --> if present: enabling the SwAuthId for the check; only the highest enabled SwAuthID will be checked; this data object allows remote activation of switch authorities when the SwAuthId is preconfigured; if missing in the model: the SwAuthId is only configurable by setting services and all SwAuthId are prioritized in their order;
MltAuth (SPG) O --> Multiple switching authorities; true=all SwAuthId has the same priority and therefore can be actived at the same time; false = only the highest, enabled (by SwAuthEna=true) SwAuthId is active and should be matched by OrIdent

Discussion Created Status
Changed to "on hold" 18 Dec 14 Future Improvement
The discussion should be continued within editon 3 of this part. Change the category to edition 3.
10 Sep 14 Discussion (red)
The discussion should be continued within editon 3 of this part. Change the category to edition 3.
10 Sep 14 Discussion (red)
I suggest to separate security issues from priority levels for control by enhancing the LocSta mechanism from station level and higher to arbitrary levels. For this we need a DO Prtylev: INC in parallel or instead of LocSta, allowing to set an arbitrary level between a 'low' (high priority) value and some higher (lower priority) values. The command orCat needs to be enhanced with this levels (as current levels are mapped to UINT8 0..8, e.g. starting with 10 up to 127 should supply suficient levels without endangering protocol level interoperability. A system has then to choose between current station/NCC implementation or multilevel implementation. 15 Jul 14 Discussion (red)
This has a lot to do with security. If these data is made publicly accessable, security can be compromised. Therefore I would leave this open to be discussed with security and access rights in general, e.g. for Edition 3. I suggest this to be an Ed3 issue or put on hold. 29 Apr 14 Discussion (red)
Good point. I would support this. It should be decided what DOs belong to the switch authority check and how to assign these controlable DOs to SwAuth** DOs?
One addition: the negative response (if authority check fails) should be "No-access-authority".
28 Apr 14 Discussion (red)
If the proposal above accepted in principle:

In addition to LLN0, shouldn't the proposed new DOs be added to those abstract classes that have Loc, LocSta and LocKey (ControllingLN, SwitchingEquipmentLN and NonProcessControllingEquipmentInterface)?

In this way all the concepts that model controlling would be uniformly modelled (and new LNs could consistently inherit what they need), and not only the proposed CSWI, ATCC and YLTC.
28 Apr 14 Triage

 

Privacy | Contact | Disclaimer

Tissue DB v. 23.12.13.1