sla management

Document Sample
sla management Powered By Docstoc
					         Hit Count Received Disposed

OV-1
OV-2
OV-3
OV-5
OV-6c
OV-7
SV-1 AS-IS
SV-1 TO-BE
SV-2 AS-IS
SV-2 TO-BE
SV-4
TV-1
                                               NAS EA DRAFT SV-4 DOCUMENT REVIEW COMMENT CONSOLIDATION LOG                                               June, 2009




                                                     SV-4 Consolidated Comment Dispostion Log
                                                          July 6 2009 (comments to June 30)
#               Comment Originator   Location in Document                 Comment                              Comment             Disposition Details          Reviewer
                 Org/Phone/Email                                                                           Disposition (Concur,
                                                                                                            Nonconcur, Concur w/
                                                                                                               comment, Hold)

    1   NCOIC                        General             Recommend providing a reference to
                                                         mapping the expected business requirements
                                                         to the NAS capabilities that drive this
                                                         functional description. In this context,
                                                         business requirements will be Functional
                                                         Mission Capabilities the NAS will be expected
                                                         to support in 2025. Recommend this mapping
                                                         show the relationship mapping between
                                                         Mission Applications and Mission Services.

    2   NCOIC                        General             Recommend this document include or
                                                         reference a OV-4 functional descriptions of
                                                         integrations between the NAS and external
                                                         systems. Civilian Air Traffic Management is a
                                                         subset of an overall Aviation Ecosystem,
                                                         which is, in turn, a subset of other ecosystems
                                                         such as Commercial Transportation, National
                                                         Defense, Law Enforcement,
                                                         Emergency/Disaster Response, etc. NAS
                                                         maybe increasingly integrated with
                                                         Automation Systems in each of these
                                                         ecosystems.
    3   NCOIC                        General             Recommend an illustration of how the
                                                         standards in the NAS 2025 TV-1 correlate
                                                         with the Systems described in the SV-4.
    4   NCOIC                        General             Consider placing more emphasis on peering
                                                         between autonomous systems. We should
                                                         assume there is a peering arrangement
                                                         between systems which would allow for
                                                         political/organizational boundaries and allow
                                                         more flexible scaling. By 2025, there will be
                                                         extremely powerful (and small) processing
                                                         systems. At that time, it might make sense to
                                                         divide geographical coverage into much
                                                         smaller areas, and provide for peering
                                                         between them. Peering will also be
                                                         necessary between terrestrial flight and orbit
                                                         insertion control systems, between countries,
                                                         and between military and civilian control
                                                         systems. It should be noted that peering is
                                                         covered in SV 1 as an SOA architecture. SV 1
                                                         is all about peering and how subsystem
                                                         information between supplier and
                                                         processor/subscriber /operator are isolated,
                                                         vs. which ones are available via netcentricity.
                                                         We assume the net centric data bus means
                                                         universal connectivity and bidirectional
                                                         data/voice flow/acquisition where appropriate,
                                                         and unidirectional to all bus subscribers
                                                         where appropriate.

    5   NCOIC                        General             Consider clarifying the definition of boxes
                                                         touching each other in figure 9. Arrows which
                                                         touch the perimeter of a box that contains
                                                         multiple functions imply that all functions in
                                                         that box are connected to the associated
                                                         network.




                                                                                                                                                            2 of 13
                                                NAS EA DRAFT SV-4 DOCUMENT REVIEW COMMENT CONSOLIDATION LOG                                                   June, 2009




#                Comment Originator   Location in Document                      Comment                             Comment             Disposition Details          Reviewer
                  Org/Phone/Email                                                                               Disposition (Concur,
                                                                                                                 Nonconcur, Concur w/
                                                                                                                    comment, Hold)

    6    NCOIC                        General                Consider augmenting Services Provisioning
                                                             Management to include additional capability
                                                             for testing, simulation, isolation, and modeling
                                                             in the system. In such a complex system with
                                                             so many moving parts, it will be difficult to
                                                             model using off-line tools. There is currently
                                                             research in the academic community on
                                                             methods to isolate (redundant) modules and
                                                             test them “in situ” in a live system. Such an
                                                             approach would not be advisable in today's
                                                             networks, however over time, it may be
                                                             possible to test new logic modules in a live
                                                             network with sufficient safeguards to prevent
                                                             disruptions, perhaps monitored by artificial
                                                             intelligence and expert systems. Such a test
                                                             system would also support logic to isolate and
                                                             mitigate disruptions in the working system as
                                                             well. Coincident with this requirement will be
                                                             datatypes to be marked “test-only” so that
                                                             adjacent modules and services can ignore
                                                             them. Today, testing, simulation and modeling
                                                             is traditionally on external test systems that
                                                             do not affect live operations in the NAS. If
                                                             such a plan to migrate to live testing is
                                                             considered, it much be carefully engineered
                                                             with appropriate caution.
    7    NCOIC                        General                Consider a provision for a statistical analysis
                                                             and data mining tool as a service. This could
                                                             be used to judge the overall effectiveness of
                                                             the routing and control systems against
                                                             criteria such as econometrics (i.e. fuel
                                                             economy) and resource utilization (i.e. ground
                                                             systems). Analysis at both local and system-
                                                             wide level could be performed and the results
                                                             used to drive real-time policy and
                                                             management decisions automatically.

    8    NCOIC                        General                Consider that the architecture should be
                                                             designed to mitigate internal attacks launched
                                                             by compromised nodes in the network.
                                                             Although the network will operate as a
                                                             private, self contained network, the complexity
                                                             and reliance on standard protocols may still
                                                             make it a target for cyber attack. A defense-in-
                                                             depth strategy is suggested, with dual
                                                             authentication between communicating
                                                             nodes, non-repudiation of information, and
                                                             sophisticated intrusion detection. In addition,
                                                             such an architecture will require multiple
                                                             levels of trust (from non-trusted, to semi-
                                                             trusted, to fully trusted) for each node and
                                                             each message as well as revocation lists and
                                                             proxy services.

    9    NCOIC                        General                Consider including that, the event normal
                                                             communications paths are degraded, a
                                                             constellation of active nodes can provide a
                                                             limited backup. In 2025, UA and other
                                                             airborne platforms will also serve as
                                                             communication nodes in a Mobile Ad-hoc
                                                             Network (MANET) to provide beyond-line-of-
                                                             sight transmissions to boost the situational
                                                             awareness of all aircraft and ground nodes on
                                                             the network. Not only will these nodes
                                                             increase overall Situational Awareness, they
                                                             will feed critical information to the decision-
                                                             makers.
    10   NCOIC                        General                Consider that performance and uptime
                                                             requirements might preclude .NET and Java
                                                             providers due to SLA and performance
                                                             constraints
                                                              Most application servers/service buses are
                                                             only rated to 4 9s (5 9s for telecomm gear)
                                                             which would likely not suffice for this
                                                             application
                                                             o Recommend increasing the information to
                                                             include the status of the current system
                                                             (implemented, proposed, etc) and if it will
                                                             require replacement as part of this effort.




                                                                                                                                                                 3 of 13
                                               NAS EA DRAFT SV-4 DOCUMENT REVIEW COMMENT CONSOLIDATION LOG                                                   June, 2009




#                Comment Originator   Location in Document                     Comment                             Comment             Disposition Details          Reviewer
                  Org/Phone/Email                                                                              Disposition (Concur,
                                                                                                                Nonconcur, Concur w/
                                                                                                                   comment, Hold)

    11   NCOIC                        Page 2                 Consider renaming the "Mission Services"
                                                             layer to "Mission Applications and Services."
                                                             Not all of these application offer an SOA
                                                             service interface that will be used by other
                                                             applications or services.
    12   NCOIC                        Page 2                 Consider renaming the "Support Services"
                                                             layer to "Distribution Services" or perhaps
                                                             "Application Services" for clarity. The term
                                                             "support" is often used for offline tools
                                                             supporting online automation (i.e. support
                                                             complex).
    13   NCOIC                        Page 3                 Recommend the two Collaboration Services
                                                             mentioned serve as examples of likely a
                                                             larger number of Collaboration Service
                                                             capabilities. Unless there are specific NAS
                                                             business requirements that drive the choice of
                                                             two specific Collaboration Services mentioned
                                                             (Instance Messaging and Whiteboard), the
                                                             numerous others (presence, email, VOIP,
                                                             Web Conferencing tools, wikis, blogs,
                                                             mashups, etc) could be mentioned as well.

    14   NCOIC                        Page 3                 Recommend this document address legacy
                                                             Systems/Programs or qualify this document to
                                                             exclude legacy Systems/Programs. This
                                                             document appears to inclusively address the
                                                             entire, “National Airspace System”, “System
                                                             Functionality Description.” It does not appear
                                                             to address legacy NAS systems and programs
                                                             that might include other technologies.


    15   NCOIC                        Page 3                 Clarify whether "Data Comm in the lower right
                                                             of the ""Technical Infrastructure Services" box
                                                             represents general data communication, or is
                                                             focused on the "Data Comm" program.
                                                             Recommend providing rationale for this
                                                             placement.
    16   NCOIC                        Page 3                 Consider merging boundary protection,
                                                             transport level protection terrestrial wan and
                                                             data comm into a single "network comm"
                                                             function. Determine whether the security
                                                             oriented functions should be part of security
                                                             services in SOA core services.
    17   NCOIC                        Page 3                 Consider merging reliable messaging into
                                                             message transport. Determine whether
                                                             message confidentiality should be part of
                                                             security services.
    18   NCOIC                        Page 3                 Consider renaming Mediation as "Enterprise
                                                             Patterns" if it serves as the FMR (camel)
                                                             function.
    19   NCOIC                        Page 3                 Consider splitting request/response from
                                                             publish/subscribe. The first is SOAP
                                                             implemented by CXF the second is JMS
                                                             implemented by ActiveMQ. Regardless, these
                                                             two services are distinct and separate
                                                             products.
    20   NCOIC                        Page 3                 Define whether the message routing function
                                                             is IP routing or perhaps JMS or something
                                                             else.
    21   NCOIC                        Page 3                 Define whether message confidentiality
                                                             (encryption) should be part of security
                                                             services.
    22   NCOIC                        Page 3                 It appears that a service for the ESB container
                                                             (JBI or OSGI) is missing.
    23   NCOIC                        Page 3                 Indicate whether NAS SOA Core services are
                                                             aligned on the DoD NCES. If so, this could
                                                             ease future interoperability with the military.

    24   NCOIC                        Page 3                 Consider defining the relationship between
                                                             SWIM and NAS SOA Core services.
                                                             In SESAR, SWIM points out the backbone
                                                             where the ATM stakeholders (ATC centers,
                                                             aircrafts etc..) are connected to exchange
                                                             services.
    25   NCOIC                        Page 3                 Assure that Security is accurately displayed
                                                             as part of the SOA core services, and it is
                                                             also distributed over other functions.




                                                                                                                                                                4 of 13
                                               NAS EA DRAFT SV-4 DOCUMENT REVIEW COMMENT CONSOLIDATION LOG                                                   June, 2009




#                Comment Originator   Location in Document                     Comment                             Comment             Disposition Details          Reviewer
                  Org/Phone/Email                                                                              Disposition (Concur,
                                                                                                                Nonconcur, Concur w/
                                                                                                                   comment, Hold)

    26   NCOIC                        Page 3                 The SWIM technical architecture includes
                                                             layers/functions for transport, messaging,
                                                             data representation, interface management,
                                                             QoS (reliability and security) and enterprise
                                                             service management. Recommend ensuring
                                                             that each of these are included in the SV-4.
                                                             Data representation or ESM don't appear to
                                                             be in SOA core services.
    27   NCOIC                        Page 3                 Determine whether Content Discovery
                                                             duplicates Service Discovery from interface
                                                             management, and whether it is necessary at
                                                             the higher level.
    28   NCOIC                        Page 3                 Determine whether there should be a data
                                                             acquisition function for each content
                                                             manager. Consider merging acquisition into
                                                             content management. Consider adding
                                                             surveillance data management. Consider
                                                             adding flight data acquisition.
    29   NCOIC                        Page 3                 Consider merging flow contingency, short
                                                             term capacity and long term capacity
                                                             functions into "capacity management."
    30   NCOIC                        Page 3                 Define whether Flight & State Data
                                                             Management overlap or use flight data
                                                             management. Consider renaming to "Flight
                                                             Plan Management". Define whether
                                                             Trajectory Management should be a support
                                                             service, and/or include route expansion and
                                                             conversion.
    31   NCOIC                        Page 3                 Consider renaming "System and Service
                                                             Analysis" to "Service Management."
    32   NCOIC                        Page 3                 Consider describing the intent, if any, to
                                                             ensure at what stage the mission services
                                                             defined are aligned with those of SESAR, and
                                                             are at the same depth. It appears that there
                                                             are discrepancies between services of
                                                             SESAR and of NextGen.
    33   NCOIC                        Page 3                 Consider the inclusion of services that appear
                                                             to be missing: Airspace Management,
                                                             Demand & Capacity Balancing, Runway
                                                             Management, Airport Surface Management,
                                                             Aerodrome Management, Search & Rescue.

    34   NCOIC                        Page 3                 Consider expanding "client" into separate
                                                             functions for ATC enroute, terminal and
                                                             surface GUI clients. Browser does not seem
                                                             necessary as a separate function. Determine
                                                             whether it should be provided by a lower
                                                             layer, such as Collaboration Services.

    35   NCOIC                        Page 3                 Consider merging portal and admin portal.
    36   NCOIC                        Page 3                 Consider providing notification and alerts
                                                             through the mission application/services,
                                                             rather than as a separate function.
    37   NCOIC                        Page 3                 Consider adding functions for certificate
                                                             management and key management.
    38   NCOIC                        Page 3                 Consider adding Environmental Data.
    39   NCOIC                        Page 3                 Define who will take care of the information
                                                             management topics such as charging, liability,
                                                             IPR, copyright and others.
    40   NCOIC                        Page 3                 Consider more detailed definition between
                                                             Civil/Military/Governmental aspects.
    41   NCOIC                        Page 3                 Describe the purpose of the Enterprise
                                                             Messaging Bus, as compared to the
                                                             Messaging Services.
    42   NCOIC                        Page 3                 Recommend replacing "Boundary Protection"
                                                             [sic] and "Transport-level Protection" objects
                                                             with "Cyber Security" object. This would
                                                             include Data At Rest (DAR), insider threat,
                                                             malware, containment, continuity of
                                                             operations, and safety of flight issues related
                                                             to cyber threat beyond the firewall (boundary)
                                                             and secure data transport services.




                                                                                                                                                                5 of 13
                                                NAS EA DRAFT SV-4 DOCUMENT REVIEW COMMENT CONSOLIDATION LOG                                                   June, 2009




#                Comment Originator   Location in Document                      Comment                             Comment             Disposition Details          Reviewer
                  Org/Phone/Email                                                                               Disposition (Concur,
                                                                                                                 Nonconcur, Concur w/
                                                                                                                    comment, Hold)

    43   NCOIC                        Page 3                 Recommend Service Desk and Support be
                                                             removed from this diagram and “IT Support
                                                             Systems” be included in its place. Service
                                                             Desk systems would be part of a larger NAS
                                                             support infrastructure, which would include
                                                             systems such as Configuration Management
                                                             Databases (CMDB), Process Manage
                                                             Systems and Asset Management Systems, as
                                                             well as Service DeskSystems. These support
                                                             systems should be design to support ITIL
                                                             conformantSupport Process.

    44   NCOIC                        Page 3                 Recommend adding Run-Time Infrastructure
                                                             Monitoring function to the Enterprise
                                                             Governance box. This functions acts as
                                                             traditional Network Operations Center and
                                                             performs real-time status monitoring.

    45   NCOIC                        Page 3                 Recommend the SV-4 Functional
                                                             Decomposition Diagram of System Functions
                                                             described in SV1p maps with the SV-1
                                                             functionalities.
    46   NCOIC                        Pages 3, 8, 12         Clarify "Administrative Services" collection
                                                             from the standpoint of security, such as
                                                             managing security keys, setting up security
                                                             accounts, etc, unless this function is to be
                                                             covered by Security Services Data Access
                                                             Management function.
    47   NCOIC                        Pages 3, 9             Suggest a new "email" function. It is not
                                                             necessary to limit to real-time collaboration.
    48   NCOIC                        Pages 3, 12            Suggest changing "Database Admin" to "Data
                                                             Storage Admin" to allow for function to cover
                                                             emerging persistent storage technologies like
                                                             Distributed Object Caching.

    49   NCOIC                        Page 4                 Suggest that "testing" and 'training" are key
                                                             elements of Aministrative services, and
                                                             should be called out in the top level.
    50   NCOIC                        Page 7                 Recommend changing "Service Adapter" to
                                                             "Service Adaptation."
    51   NCOIC                        Page 7                 Service adapter is called service adaptation
                                                             on page 3. For the description, this function is
                                                             not adaptation (i.e. configuration) data
                                                             management, but rather SOA adapters.
                                                             Recommend that this function be provided by
                                                             the mission application/service rather than as
                                                             a generic service. Suggest a more robust
                                                             description of the application service.
    52   NCOIC                        Page 9                  Recommend detail need/(or not) of services
                                                             for ftp, Http, Sms, Mms, Voip.
    53   NCOIC                        Page 9                 Recommend that this view does not comply
                                                             with the SV4 as described in NASEAF V2.
                                                             Recommend clarifying whether an upgrade of
                                                             the NASEAF is planned on the basis of the
                                                             DoDAF V2. Recommend expanding the
                                                             service map to a system functionality
                                                             description.
    54   NCOIC                        Page 9                 Use of the Service-Orientation Pattern is an
                                                             effective way to successfully build the NAS
                                                             architecture. Recommend that the services be
                                                             considered from engineering which is
                                                             dependent on the level of service interaction
                                                             (between organisation or systems).
    55   NCOIC                        Page 9                 Recommend an upgrade of the NASEAF on
                                                             the basis of DoDAF V2 describing services
                                                             with the dedicated views, if service orientation
                                                             is a major driver of the NAS Architecture.

    56   NCOIC                        Page 10                Rename "Services SLA Auditing" to Service
                                                             SLA Auditing"
    57   NCOIC                        Page 11                Recommend renaming "Service Design
                                                             Governance" to "Service Design-time
                                                             Governance"
    58   NCOIC                        Page 13                Recommend including a description for the
                                                             "Training Support" function identified on page
                                                             3.
    59   NCOIC                        Page 3                 Recommend defining "Interaction Services."
    60   NCOIC                        Page 3                 Recommend defining " Mission Services."
    61   NCOIC                        Page 3                 Recommend defining all "Support Services."
    62   NCOIC                        Page 3                 Recommend defining all "Technical
                                                             Infrastructure Services."




                                                                                                                                                                 6 of 13
                                                  NAS EA DRAFT SV-4 DOCUMENT REVIEW COMMENT CONSOLIDATION LOG                                                  June, 2009




#                Comment Originator   Location in Document                      Comment                              Comment             Disposition Details          Reviewer
                  Org/Phone/Email                                                                                Disposition (Concur,
                                                                                                                  Nonconcur, Concur w/
                                                                                                                     comment, Hold)

    63   NCOIC                        Page 3                 Include functional descriptions within
                                                             Interaction Services (Presentation /
                                                             Notification and Alerts)
    64   NCOIC                        Page 3                 Consider inclusion of functional descriptions
                                                             within Support Services (Content
                                                             Management Services / Data Acquisition
                                                             Services)
    65   NCOIC                        Page 3                 Consider inclusion of functional descriptions
                                                             within Mission Services
    66   NCOIC                        Page 3                 Consider inclusion of functional descriptions
                                                             within Technical Infrastructure Services

    67   NCOIC                        Page 10 +              Top left matrix element should be "Core
                                                             Services" - the current entry "Run-time
                                                             Management (Vertical)" should be in the next
                                                             space down, consistent with previous pages
                                                             title format. Run-time Management should be
                                                             core services, as well. The rest of the pages
                                                             after this should be fixed the same way - all
                                                             these things should be core services.

    68   NCOIC                        Page 3                 Recommend harmonizing the language
                                                             between this view and SV-1 between
                                                             Interaction Services (anything involving a
                                                             human), and mission services. In SV-1p,
                                                             Flow contingency management is in a box
                                                             with net-centric and voice connections, but no
                                                             direct comm data connection, whereas in SV-
                                                             4, it's in mission services. Define whether
                                                             there are intended to be only netcentric data
                                                             flow for this function. In SV-4 indicates Flow
                                                             constraint notification in the interaction
                                                             services box, but no identification of that as a
                                                             separate function in SV-1p. Is it part of flow
                                                             contingency management, or trajectory
                                                             management in SV-1p?

    69   NCOIC                        Page 4                 Recommend clarifying who decides what is
                                                             stored and for how long. In Support Services,
                                                             "content management" is described for
                                                             mission services, and in "technical
                                                             infrastructure services storage systems is
                                                             included as one of the responsibilities of that
                                                             function. The other descriptions, and the
                                                             greater detail in subsequent pages seem to
                                                             assume someone else is taking care of this
                                                             aspect.
    70   NCOIC                        Page 3                 Recommend changing the name of "Services
                                                             Testing" to "Service Provisioning
                                                             Management." On-going testing for service
                                                             verification and validation should also be
                                                             included. Additionally, service testing should
                                                             include simulation and virtualization
                                                             capabilities.
    71   NCOIC                        Page 3                 Recommend including a view of Service
                                                             Administration to enable users to register
                                                             services.
    72   NCOIC                        Page 3                 Suggest that Notifications and Alerts should
                                                             be at SOA Core Services level in Messaging
                                                             Service.
    73   NCOIC                        Page 3                 Best practices for security and information
                                                             assurance suggests a defensive, in-depth,
                                                             layered security architecture. The "Boundary
                                                             Protection" at the Technical Infrastructure
                                                             Services level should include "Infrastructure
                                                             Security". System Security is called out at the
                                                             SOA Core Services level, and the Support &
                                                             Mission Services would include the use of
                                                             Identify Management included in the
                                                             "Administrative Services".

    74   NCOIC                        Page 3                 Suggest that the Admin Portal shouldn’t be
                                                             called out at the top level of the architecture.
                                                             Recommend that it should be introduced as a
                                                             specialization of the Portal at the next level of
                                                             architecture decomposition.

    75   NCOIC                        Page 3                 Suggest that Service SLA Auditing (part of
                                                             Run Time SOA Management) & Services
                                                             Auditing (part of Service Provisioning
                                                             Management) be combined and placed in Run
                                                             Time SOA Management only.




                                                                                                                                                                  7 of 13
                                                 NAS EA DRAFT SV-4 DOCUMENT REVIEW COMMENT CONSOLIDATION LOG                                                   June, 2009




#                Comment Originator   Location in Document                      Comment                              Comment             Disposition Details          Reviewer
                  Org/Phone/Email                                                                                Disposition (Concur,
                                                                                                                  Nonconcur, Concur w/
                                                                                                                     comment, Hold)

    76   NCOIC                        Page 3                 Suggest that Reliable Messaging be called
                                                             Messaging QOS, based on its description.
    77   NCOIC                        Page 3                 Runtime Management Support appears to
                                                             duplicate Security Policy Enforcement.
    78   NCOIC                        Page 3                 Suggest that LDAP should be a subset of
                                                             Identity Management, and not called out
                                                             separately.
    79   NCOIC                        Page 3                 Suggest eliminating the distinction between
                                                             SOA Governance & Run-time Governance
                                                             and make it Enterprise Governance.
                                      Continuation of         It is also clear that not a lot of time has gone
                                      previous comment       into the completion of the "as is" portion of the
                                                             architecture. We were told over the past
                                                             couple of years that the "as is" would be
                                                             developed out of artifacts brought to the table
                                                             by program offices entering JRC activities. It
                                                             would seem that more data would have been
                                                             available from those submissions.

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44   AJE                          General                The following "Core                             Concur                                               Josh Hung
                                                             Service/Function/Description" tables were
                                                             missing:
                                                             1. Interaction Services
                                                                - Presentation
                                                                - Notifications and Alerts
                                                             2. Mission Services
                                                             3. Support Services
                                                                - Content Management Services
                                                                - Data Acquisition Services
                                                             4. Technical Infrastructure Services
                                                             5. Administration Services
                                                                - Training Support
    45   AJE                          Title page, etc.       Title of this document is "System Functionality Concur                                               Josh Hung
                                                             Description" but the content concentrates on
                                                             services; Would a more accurate title, using
                                                             the DoDAF guidelines (V1.5), be "Services
                                                             Functionalilty Description" (SV-4b)?




                                                                                                                                                                  8 of 13
                                                     NAS EA DRAFT SV-4 DOCUMENT REVIEW COMMENT CONSOLIDATION LOG                                                                  June, 2009




#              Comment Originator          Location in Document                       Comment                            Comment                        Disposition Details              Reviewer
                Org/Phone/Email                                                                                      Disposition (Concur,
                                                                                                                      Nonconcur, Concur w/
                                                                                                                         comment, Hold)

    46   Deniz Akkor/SETA II/202-646-    SV-4 SOA Interaction,      The NASEA SV-4 "to-be" does not list the         Concur                  See comment 5                           Mike Hritz
         5817/deniz.akkor@baesystems.com Mission and Support        functions of the Interaction, Mission and
                                         Service Functions List     Support Services Layers. These enterprise
                                         and descriptions           level service functions (even the draft version)
                                                                    will help us to develop the project level
                                                                    NASEA to-be products
    47   Denny Mathew/SETA-II/202-646-   Page 3 / Diagram           In the bottom layer (Technical Infrastructure    Concur                  Will attempt to avoid                   Mike Hritz
         5865/denny.mathew@baesystems.co                            Services) you mention some technologies (ex.                             technologies/standards on the SV-4
         m                                                          Java, .NET). These might be better suited for
                                                                    the TV-1, since the SV-4 should be
                                                                    technology independent.
    48   Duncan Thomson/MITRE/703-983-     Figure 5, Enterprise     Remove Security Auditing function.               Concur                                                          Josh Hung
         7337/duncant@mitre.org            Governance column,
                                           and related tables       Rationale: This function is better included
                                                                    under Administrative Services in the right-
                                                                    hand vertical column. This function could be
                                                                    included, for example, under the Incident
                                                                    Detection and Response function that we
                                                                    have proposed be added.
    49   Duncan Thomson/MITRE/703-983-     Figure 5,                Within the "Data/Network Support Services"       Concur                                                          Josh Hung
         7337/duncant@mitre.org            Administrative           area, replace the functions titled "LDAP
                                           Services area, and       Services" and "Identity Management" with a
                                           related tables.          function titled "ISS Support Management".

                                                                    This function would be defined as follows:
                                                                    "Manage information system security (ISS)
                                                                    support infrastructure, including managing
                                                                    identities, keys, and access control
                                                                    infrastructure used throughout the NAS."

                                                                    Rationale: LDAP and Identity Management
                                                                    are too specific, and leave out other things
                                                                    such as managing keys and access control.

                                                                    Note that this represents
                                                                    management/operations support services.
                                                                    The actual LDAP and other ISS support
                                                                    functions themselves is not included here, but
                                                                    would go under Technical Infrastructure
                                                                    Services.


    50   Duncan Thomson/MITRE/703-983-     Figure 5,                Within the "Data/Network Support Services"       Concur                                                          Josh Hung
         7337/duncant@mitre.org            Administrative           area, add a function "Incident Detection and
                                           Services area, and       Response Services".
                                           related tables.
                                                                    Rationale: This important ISS function was
                                                                    missing.
    51   Duncan Thomson/MITRE/703-983-     Figure 5, Technical      Replace ".NET SOA Platforms" and "Java           Concur                                                          Josh Hung
         7337/duncant@mitre.org            Infrastructure Services, SOA Platforms" functions with a single
                                           and related tables       function "SOA Platforms"

                                                                    Rationale: .NET and Java are specific
                                                                    technologies that do not need to be identified
                                                                    here. More appropriate to generalize and
                                                                    combine.
    52   Duncan Thomson/MITRE/703-983-     Figure 5, Technical      Delete "Transport-level Protection" function.Concur                                                              Josh Hung
         7337/duncant@mitre.org            Infrastructure Services,
                                           and related tables       Rationale: Network layer security mechanisms
                                                                    are included within the Terrestrial Network
                                                                    Communications function, and message level
                                                                    mechanisms are included within Messaging
                                                                    Services. Therefore, it would be redundant
                                                                    and confusing to call this out as a separate
                                                                    function.

    53   Duncan Thomson/MITRE/703-983-     Figure 5, Technical      Replace "Data Communications" with               Concur                                                          Josh Hung
         7337/duncant@mitre.org            Infrastructure Services, "Air/Ground Data Communications"
                                           and related tables
                                                                    Rationale: Clarity
    54   Duncan Thomson/MITRE/703-983-     Figure 5, Technical      Add a function for "Information System           Concur                                                          Josh Hung
         7337/duncant@mitre.org            Infrastructure Services, Security Infrastructure". This function would
                                           and related tables       include such things as key infrastructure,
                                                                    identity management infrastructure (e.g.
                                                                    LDAP directories), and infrastructure to
                                                                    support authentication and authorization (e.g.
                                                                    Single Sign-On capabilities).

                                                                    Rationale: This important functionality was
                                                                    missing. (Some of it was under Administrative
                                                                    Services, but is more logically categorized
                                                                    under Infrastructure.)




                                                                                                                                                                                     9 of 13
                                                   NAS EA DRAFT SV-4 DOCUMENT REVIEW COMMENT CONSOLIDATION LOG                                                  June, 2009




#              Comment Originator        Location in Document                         Comment                         Comment             Disposition Details          Reviewer
                Org/Phone/Email                                                                                   Disposition (Concur,
                                                                                                                   Nonconcur, Concur w/
                                                                                                                      comment, Hold)

    55   Duncan Thomson/MITRE/703-983-   Figure 5, Technical      Change "Terrestrial Network/WAN                 Concur                                           Josh Hung
         7337/duncant@mitre.org          Infrastructure Services, Communications" to simply "Terrestrial
                                         and related tables       Network Communications"

                                                                 Rationale: The function should include not
                                                                 just the WAN, but also LAN. Also, associated
                                                                 functions necessary for a network should be
                                                                 included, such as DNS and NTP.

    56   Duncan Thomson/MITRE/703-983-   Figure 5, SOA Core      Within the Security Services area, replace the Concur                                             Josh Hung
         7337/duncant@mitre.org          Services, and related   Security Policy Enforcement and Data Access
                                         tables                  Management functions with a single function
                                                                 titled "Security Policy Enforcement and
                                                                 Access Management"

                                                                 Rationale: These are related functions that
                                                                 can be grouped in order to keep the number
                                                                 of boxes on the figure manageable.
    57   Duncan Thomson/MITRE/703-983-   Figure 5, SOA Core      In Security Services, changed name to            Concur                                           Josh Hung
         7337/duncant@mitre.org          Services, and related   Service Security Monitoring from Security
                                         tables                  Monitoring.

                                                                 Rationale: The SOA core service is related
                                                                 only to security monitoring of services. Other
                                                                 security monitoring (e.g. network sensors) are
                                                                 not included here.
    58   Duncan Thomson/MITRE/703-983-   Figure 5; SOA Core      Delete Service Adaptation function from        Concur                                             Josh Hung
         7337/duncant@mitre.org          Services area, and      Interface Management area.
                                         related tables.
                                                                 Rationale: The interface management area
                                                                 relates to managing information about service
                                                                 interfaces, and making this information
                                                                 available to potential users. Service
                                                                 adaptation relates to run-time functionality
                                                                 that connects/converts legacy interfaces to
                                                                 new SOA standards. This does not fit well
                                                                 into the Interface Management area - it is
                                                                 better included within an area such as
                                                                 Messaging or Service Construction Capability.

    59   Duncan Thomson/MITRE/703-983-   Figure 5; SOA Core      In Messaging area, delete Orchestration:         Concur                                           Josh Hung
         7337/duncant@mitre.org          Services area, and
                                         related tables          Rationale : added to new Service
                                                                 Construction category
    60   Duncan Thomson/MITRE/703-983-   Figure 5: "NextGen      Under "Enterprise Service Management",           Concur                                           Josh Hung
         7337/duncant@mitre.org          NAS SV-4                replace the "SLA Compliance" function with
                                         Framework"; SOA         "SLA Compliance and Metrics Collection"
                                         Core Services layer
                                                                 Rationale: Clarity
    61   Duncan Thomson/MITRE/703-983-   Figure 5: "NextGen      Under "Enterprise Service Management",           Concur                                           Josh Hung
         7337/duncant@mitre.org          NAS SV-4                replace the "Fault Reporting" function with
                                         Framework"; SOA         "Fault Monitoring and Reporting"
                                         Core Services layer
                                                                 Rationale: Clarity
    62   Duncan Thomson/MITRE/703-983-   Figure 5: "NextGen      Under "Data/Network/Services Ops Support"        Concur                                           Josh Hung
         7337/duncant@mitre.org          NAS SV-4                replace the function "Network Admin
                                         Framework";             Services" with "Network Support Services"
                                         Administrative
                                         Services column         Rationale: Clarity

    63   Duncan Thomson/MITRE/703-983-   Figure 5: "NextGen      Under "Data/Network/Services Ops Support"        Concur                                           Josh Hung
         7337/duncant@mitre.org          NAS SV-4                replace the function "Service Desk Support"
                                         Framework";             with "Help Desk".
                                         Administrative
                                         Services column         Rationale: The Help Desk represents overall
                                                                 help desk operations which includes support
                                                                 for networks, systems, and
                                                                 applications/services.
    64   Duncan Thomson/MITRE/703-983-   Figure 5: "NextGen      Under "Services Provisioning Management"         Concur                                           Josh Hung
         7337/duncant@mitre.org          NAS SV-4                replace the function "Services Testing" with
                                         Framework";             "Services Integration and Testing"
                                         Administrative
                                         Services column         Rationale: Service Integration is an essential
                                                                 function that should be highlighted.

    65   Duncan Thomson/MITRE/703-983-   Figure 5: "NextGen      Under "Data/Network/Services Ops Support"        Concur                                           Josh Hung
         7337/duncant@mitre.org          NAS SV-4                remove the function "Services Auditing"
                                         Framework";
                                         Administrative
                                         Services column




                                                                                                                                                                  10 of 13
                                                   NAS EA DRAFT SV-4 DOCUMENT REVIEW COMMENT CONSOLIDATION LOG                                                                     June, 2009




#              Comment Originator         Location in Document                      Comment                            Comment                        Disposition Details                 Reviewer
                Org/Phone/Email                                                                                    Disposition (Concur,
                                                                                                                    Nonconcur, Concur w/
                                                                                                                       comment, Hold)

    66   Duncan Thomson/MITRE/703-983-    Figure 5: "NextGen      Under "Data/Network/Services Ops Support"        Concur                                                             Josh Hung
         7337/duncant@mitre.org           NAS SV-4                add a function "Certified Software
                                          Framework";             Management". This function would provide
                                          Administrative          for testing/validation of software changes and
                                          Services column         patches, and secure mechanisms for
                                                                  distribution of this software throughout the
                                                                  NAS as needed.

                                                                  Rationale: This is an important function
                                                                  needed for NAS security.
    67   Duncan Thomson/MITRE/703-983-    Figure 5: "NextGen      Under "Data/Network/Services Ops Support" Concur                                                                    Josh Hung
         7337/duncant@mitre.org           NAS SV-4                move the "Training" box to be under "Services
                                          Framework";             Provisioning Management"
                                          Administrative
                                          Services column
    68   Duncan Thomson/MITRE/703-983-    Figure 5: "NextGen      Under "Enterprise Governance" replace the      Concur                                                               Josh Hung
         7337/duncant@mitre.org           NAS SV-4                function "Service SLA Auditing" with "Services
                                          Framework";             SLA Management"
                                          Enterprise Governance
                                          column                  Rationale: Management includes auditing, as
                                                                  well as other necessary functions.
    69   Duncan Thomson/MITRE/703-983-    Figure 5: "NextGen      Under "Enterprise Governance" remove the         Concur                                                             Josh Hung
         7337/duncant@mitre.org           NAS SV-4                function "Run-time Management Support"
                                          Framework";
                                          Enterprise Governance Rationale: This is already covered via
                                          column                functions under Enterprise Service
                                                                Management (SOA Services Layer)
    70   Duncan Thomson/MITRE/703-983-    Figure 5: "NextGen    Under "Enterprise Governance" replace the          Concur                                                             Josh Hung
         7337/duncant@mitre.org           NAS SV-4              function label "Service Design-Time
                                          Framework";           Governance" with "Service Design
                                          Enterprise Governance Governance"
                                          column
                                                                Rationale: Clarity
    71   Duncan Thomson/MITRE/703-983-    Figure 5: "NextGen    Under "Enterprise Governance" replace the          Concur                                                             Josh Hung
         7337/duncant@mitre.org           NAS SV-4              function label "Runtime and Operational
                                          Framework";           Governance" with "Run-time and Operations
                                          Enterprise Governance Governance"
                                          column
                                                                Rationale: Clarity
    72   Duncan Thomson/MITRE/703-983-    Figure 5: "NextGen    Under "Enterprise Governance" remove the           Concur                                                             Josh Hung
         7337/duncant@mitre.org           NAS SV-4              function "Security Audit"
                                          Framework";
                                          Enterprise Governance Rationale: Security Audit is included under
                                          column                the Incident Detection and Response area.
    73   Jay                               Short Term Capacity SV-1 systems/system functions appear in the         Concur                  SV-1 and SV-4 will be made consistent      Mike Hritz
         Merkle/JPDO/jay.merkle@faa.gov        Management       SV-4; however the function name "Short Term
                                                                Capacity Management" in the SV-4 does not
                                                                directly match with the function name
                                                                "Capacity Management (Short Term)" in To-
                                                                Be SV-1. Need to decide which term to use
                                                                and then use that terminology for both.

    74   Jay                               Long Term Capacity     SV-1 systems/system functions appear in the Concur                       SV-1 and SV-4 will be made consistent      Mike Hritz
         Merkle/JPDO/jay.merkle@faa.gov       Management          SV-4; however the function name "Long Term
                                                                  Capacity Management" in the SV-4 does not
                                                                  directly match with the function name
                                                                  "Capacity Management (Long Term)" in To-
                                                                  Be SV-1. Need to decide which term to use
                                                                  and then use that terminology for both.

    75   Jay                               Safety Management      SV-1 systems/system functions appear in the Concur                       SV-1 and SV-4 will be made consistent      Mike Hritz
         Merkle/JPDO/jay.merkle@faa.gov          Services         SV-4; however the function name "Safety
                                                                  Management Services" in the SV-4 does not
                                                                  directly match with the function name "Safety
                                                                  Management" in To-Be SV-1. Need to decide
                                                                  which term to use and then use that
                                                                  terminology for both.
    76   Jay                                 Data Acquisition     SV-1 systems/system functions appear in the Concur                       SV-1 and SV-4 will be made consistent      Mike Hritz
         Merkle/JPDO/jay.merkle@faa.gov          Services         SV-4; however the function name "Data
                                                                  Management Services" in the SV-4 does not
                                                                  directly match with the function name "Data
                                                                  Management" in To-Be SV-1. Need to decide
                                                                  which term to use and then use that
                                                                  terminology for both.
    77   Jay                              Services Provisioning   SV-1 systems/system functions appear in the Concur                       SV-1 and SV-4 will be made consistent      Mike Hritz
         Merkle/JPDO/jay.merkle@faa.gov       Management          SV-4 ; however the function name "Services
                                                                  Provisioning Management" in the SV-4 does
                                                                  not directly match with the function name
                                                                  "Services Provisioning" in To-Be SV-1. Need
                                                                  to decide which term to use and then use that
                                                                  terminology for both.




                                                                                                                                                                                     11 of 13
                                                    NAS EA DRAFT SV-4 DOCUMENT REVIEW COMMENT CONSOLIDATION LOG                                                                   June, 2009




#              Comment Originator         Location in Document                      Comment                           Comment                        Disposition Details                 Reviewer
                Org/Phone/Email                                                                                   Disposition (Concur,
                                                                                                                   Nonconcur, Concur w/
                                                                                                                      comment, Hold)

    78   Jay                                  Weather Data        Systems functions from the SV-1 appear on       Concur                  SV-1 and SV-4 will be made consistent      Mike Hritz
         Merkle/JPDO/jay.merkle@faa.gov        Collection         the SV-4; however, Weather Data Collection
                                                                  is contained in the SV-1 as a system function
                                                                  but not on the SV-4. If this was left out
                                                                  intentionally an explanation would be helpful

    79   Jay                                Surveillance Data     Systems functions from the SV-1 appear on       Concur                  SV-1 and SV-4 will be made consistent      Mike Hritz
         Merkle/JPDO/jay.merkle@faa.gov         Collection        the SV-4; however, Surveillance Data
                                                                  Collection is contained in the SV-1 as a
                                                                  system function but not on the SV-4. If this
                                                                  was left out intentionally an explanation would
                                                                  be helpful
    80   Jay                              Flight Planning Service Systems functions from the SV-1 appear on       Concur                  SV-1 and SV-4 will be made consistent      Mike Hritz
         Merkle/JPDO/jay.merkle@faa.gov                           the SV-4; however, Flight Planning Service is
                                                                  contained in the SV-1 as a system function
                                                                  but not on the SV-4. If this was left out
                                                                  intentionally an explanation would be helpful

    81   Jay                                Flight Management     Systems functions from the SV-1 appear on       Concur                  SV-1 and SV-4 will be made consistent      Mike Hritz
         Merkle/JPDO/jay.merkle@faa.gov                           the SV-4; however, Flight Management is
                                                                  contained in the SV-1 as a system function
                                                                  but not on the SV-4. If this was left out
                                                                  intentionally an explanation would be helpful

    82   Rich Newcomb                                             The Interaction Services layer seems a little   Concur                                                             Josh Hung
                                                                  unbalance. The Presentation portion identifies
                                                                  very general technologies / architectural
                                                                  approaches, while the Notification & Alerts
                                                                  section identifies specific mission areas that
                                                                  may have notification capabilities. Also, the
                                                                  breakout of Weather & Flow Constraint
                                                                  notifications seems almost arbitrary, given the
                                                                  scope of mission services. For balance, the
                                                                  Notifications and Alerts could be made more
                                                                  general -- Syndication Feeds, Event Delivery,
                                                                  etc, -- OR, specific mission-focused groups
                                                                  could be added to "Presentation" For
                                                                  example, are there are specific information
                                                                  portals or client applications groups that will
                                          pg #3 - Notifications   exist?
                                          and Alerts
    83   Rich Newcomb                                             Remove Message Transport. This is not a         Concur                                                             Josh Hung
                                                                  separate service area. It is part of general
                                          pg #3 - Messaging       messaging capability, and is covered by IT
                                          Services                capabilities in lower layers.
    84   Rich Newcomb                                             Recommend changing "Data Access                 Concur                                                             Josh Hung
                                                                  Management" into "Access Management"
                                                                  Any type of request-based security control
                                                                  should be covered here -- not just data
                                                                  access requests. Even requests for behavior
                                          pg #3 - Service         should have an AuthZ-based security
                                          Security                enforcemetn point.
    85   Rich Newcomb                                             Remove LDAP. LDAP may be used for the           Concur                                                             Josh Hung
                                          pg #3 - Data/Network    Identity Management and Directory Services.
                                          Support Services
    86   Rich Newcomb                                             Service Auditing seems to be very closely       Concur                                                             Josh Hung
                                                                  related to Service SLA Auditing and SLA
                                                                  Compliance. These should probably be
                                          pg #3 - Services        condensed and contained in the ESM
                                          Provisioning            category. Perhaps change to SLA Auditing,
                                          Management              and SLA Enforcement.
    87   Rich Newcomb                                             The Strategic SOA Governance category           Concur                                                             Josh Hung
                                                                  needs better definition. The functional
                                                                  descriptions of these services describe the
                                                                  business purpose or business activity of
                                          pg #3 - SOA             governance, instead of describing high-level
                                          Governance              service capabilities.
    88   Rich Newcomb                     pg #3 - Run-time        Service Management Support and Run-time         Concur                                                             Josh Hung
                                          Management and          Management Support seem to be (or could
                                          Provisioning            be) the same thing.
                                          Management
    89   Rich Newcomb                                             Service Diagnostics and Services Auditing       Concur                                                             Josh Hung
                                          pg #3 - Services        seem to be the same thing. Recommend
                                          Provisioning            changing the descriptions to de-conflict, or
                                          Management              combining into one capability.
    90   Rich Newcomb                                             Security Auditing & Security Monitoring seem    Concur                                                             Josh Hung
                                          pg #3 - Run-Time        to be the same thing. Recommend changing
                                          Management and          the descriptions to de-conflict, or combining
                                          Security Services       into one capability.




                                                                                                                                                                                    12 of 13
                                                        NAS EA DRAFT SV-4 DOCUMENT REVIEW COMMENT CONSOLIDATION LOG                                                               June, 2009




#               Comment Originator            Location in Document                      Comment                           Comment                           Disposition Details          Reviewer
                 Org/Phone/Email                                                                                      Disposition (Concur,
                                                                                                                       Nonconcur, Concur w/
                                                                                                                          comment, Hold)

    91   Rich Newcomb                                                 It seems unlikely that specific services related Concur                                                        Josh Hung
                                                                      to general Service Adaption will be created. It
                                                                      is more likely that façades will be built that
                                                                      accept / return different message formats or
                                                                      content as necessary. Adaption and
                                                                      mediation will exist functionally -- just not as a
                                              pg #3 - Interface       general service category.
                                              Management
    92   Rich Newcomb                                                 Replace the .NET and Java SOA Platform          Concur                  Already fix                            Josh Hung
                                                                      boxes with "Service Frameworks &
                                                                      Containers." The description is missing, but
                                                                      should include application servers, Web
                                              pg #3 - Technical       application containers, and SOAP processing
                                              Infrasturcture Services frameworks as examples.
    93   Rich Newcomb                                                 Remove Reliable Messaging, Message              Concur                                                         Josh Hung
                                                                      Confidentiality, Message Integrity. These are
                                              pg #3 - Messaging       messaging characteristics - not separate
                                              Services                service groups.
    94   Rich Newcomb                                                 Every box on pg3 should have a detailed         Concur                                                         Josh Hung
         Progress Software / 703.926.6986 /                           description on following pages. Some of the
         rnewcomb@progress.com                General                 broad categories are missing descriptions.




                                                                                                                                                                                    13 of 13