Upload
hugo-mclaughlin
View
216
Download
2
Tags:
Embed Size (px)
Citation preview
Working Group #9CAP Implementation
September 12, 2012
Co-Chair Chris HomerCo-Chair Ed Czarnecki
2
Working Group #9 CAP Implementation
Description: The overall goal for Working Group 9 is provide recommendations and best practices to the FCC on CAP/EAS implementation progress through 2012. A specific near-term goal is to review the FCC’s Fifth Report & Order (released January 10, 2012) on CAP deployment.
Duration: First Report March 2012 Second Report June 2012 Third Report September 2012
CSRIC Working Group Structure
Communications Security, Reliability, and Interoperability Council (CSRIC) III
Working Group 5: DNSSEC
Implementation Practices for ISPs
Working Group 6: Secure BGP Deployment
Working Group 4: Network Security
Best Practices
Working Group 7: Botnet
Remediation
Working Group 3: E911 Location
Accuracy
Working Group 8:E911 Best Practices
Working Group 2: Next Generation
Alerting
Working Group 9: Legacy Broadcast
Alerting Issues
Working Group 1: Next Generation
911
Working Group 10:911 Prioritization
CSRIC Steering Committee
Co-ChairsWorking Group
1
Co-ChairsWorking Group
2
Co-ChairsWorking Group
3
Co-ChairsWorking Group
4
ChairWorking Group
5
Co-ChairsWorking Group
6
ChairWorking Group
7
ChairWorking Group
8
Co-ChairsWorking Group
9
Co-ChairsWorking Group
10
Working Group Deliverable Timeline
D = draft report to Steering Committee F = final report to CSRIC Members V = Vote by full CSRIC
Sept. 2011
Oct. 2011
Nov. 2011
Dec. 2011
Jan. 2012
Feb. 2012
Mar. 2012
Apr. 2012
May 2012
June 2012
July 2012
Aug. 2012
Sept. 2012
Oct. 2012
Nov. 2012
Dec. 2012
Jan. 2013
Feb. 2013
Mar. 2013
Working Group 1
Working Group 2
Working Group 3
Working Group 4
Working Group 5
Working Group 6
Working Group 8
Working Group 9
Working Group 10
Working Group 7
Deliverab
les: D=
2/6/13, F=
2/20/13, V =
3/6/13
Deliverab
les: D=
8/15/12, F=
8/29/12, V =
9/12/12
Deliverab
les: D=
11/7/12, F=
11/21/12, V =
12/5/12
Deliverab
les: D=
2/23/12, F=
3/8/12, V =
3/22/12
Deliverab
le s: D=
5/9/12, F=
5/23/12, V =
6/6/12
Deliverab
les: D=
12/5/11, F=
12/5/11, V =
12/8/11
Working Group 9 – 24 Team Members Al Kenyon FEMA Andy Scott, National Cable Television
Association (NCTA) Art Leisey, Trilithic Bill Marriott, ComLabs Bill Robertson, DAS Bob Sherry, Intrado Chris Homer, DirecTV (Chair) Clay Freinwald, Washington SECC Daryl Parker, TFT Donald Walker, GRM Doug Semon, Time Warner Cable Edward Czarnecki, Monroe Electronics
(Co-Chair) Gary Timm, Wisconsin SECC
5
Harold Price, Sage Alerting Systems
Jeb Benedict, CenturyLink Jeff Staigh, Univision Jim Gorman, Gorman-Redlich Kelly Williams, National
Association of Broadcasters Larry Estlack, Michigan
Association of Broadcasters Matthew Straeb, GSS Michael Hooker, T-Mobile Mike Nawrocki, Verizon Ron Boyer, Boyer Broadband Tim Dunn, T-Mobile Eric Ehrenreich, FCC
Working Group 9 - Executive Summary CSRIC Working Group 9 was established to provide
recommendations and best practices for the deployment of CAP. March 2012
Text to Speech Device Certification
June 2012 Audio File Security Audio File Format
September 2012 Case Study from Local and State use of CAP Best Practices Text Style Guide
6
Working Group # 9 – Case Study Analysis The Working Group reviewed four distinct case studies of
state and local CAP architectures, representing a diversity of technical approaches, using different background technologies. Washington State CAP Emergency Alert System Oklahoma State CAP Emergency Alert System Teton County Wyoming CAP Emergency Alert System Michigan State CAP Emergency Alert System
7
Working Group # 9 – Findings
Different Approaches Noted in Case Studies Implementation Top Down (Washington State) Grass Roots (Michigan State)
Distribution Internet Satellite Combination of Internet/Satellite
Architecture Local Standalone Server Hosted Service Combination of Local Server/Hosted Service
Authentication Reuse of IPAWS Digital Signature End-to-End Encryption None
8
Working Group # 9 – Findings
Challenges Noted Case Studies Early Adoption Earlier version of CAP 1.1 was adopted first Equipment had not been tested end-to-end
Gaining Consensus Gaining support from all emergency management groups
Training Need to train on new systems Need to provide consistency in message origination Lack of funding to provide proper training
9
Working Group # 9 – Recommendations
EAS CAP Best Practices Best Practice for Message Origination Complete the FEMA IPAWS Basic Course IS-247.a Have a FEMA Complaint/Conformant CAP Origination Tool Have proper credentials and digital signatures for the CAP aggregator for which you are originating Review your State’s FCC approved State Plan
Best Practice for Text to Speech Message Originators should bear in mind that the content they input for text-to-speech would also be viewed on screen via
TV and cable systems. Message originators should avoid excessive use of acronyms or jargon. Messages should optimally be succinct and to-the-point. If an alert message contains many words and characters,
originators should make use of punctuation such as periods and commas. This can better pace the synthetic speech rendering of the sentences and helps the message content flow evenly and properly.
As a general convention, entry of addresses or extensions with a large number of digits may necessitate use of a space between each number. For example, 32457 Safety Road should be entered in as 3 2 4 5 7 Safety Road.
Refer to the stylistic guidelines indicated in FEMA’s IS-247 training course (Lesson 2: Appropriate, Effective, and Accessible Alert and Warning Messages), as well as the style guide recommended by Appendix 6.1 of this report.
10
Working Group # 9 – Recommendations
EAS CAP Best Practices Best Practice for Audio CAP provides at least two methods for audio to be transported and inserted in a resultant EAS message. An audio file can be inserted as a resource block, or the audio can be converted with Text to Speech from
the description and instruction elements of the CAP info block. Although Text to Speech is an optional by current FCC Part 11 rules, the originator must realize that
without one of these two methods, no audio will be present in the resultant EAS message; all a listener will hear are the EAS header codes, the Attention Signal, and the End-of-Message signal. Note that IPAWS currently depends on Text-to-Speech conversion.
11
Working Group # 9 – Recommendations
EAS CAP Best Practices Best Practice for SSL Certificates CAP/EAS devices are, for the most part, unattended, headless, embedded processor type systems. User
maintenance interactions need to be limited and may not have Internet access for security reasons. CAP/EAS devices will have a set of common Root CA certificates that are updated slowly. They may not be
up to date with intermediate certificates. It has become a common practice for a web server to send the server certificate as well as the various chained intermediate certificates. Likewise, in the specialized environment of CAP/EAS device, sending the chain will allow the CAP/EAS device to verify the chain of trust with only information from the SSL connection alone, as long the device has the applicable Root CA certificate.
If a CAP server wants to use HTTPS/SSL access and support the widest range of CAP/EAS devices, it must send all of the chained certificates (not including the Root CA) for SSL connections.
A CAP/EAS device must provide a means for its users to update the store of Root CA certificates, either by a firmware update, or a special certificate update.
CAP server owners should be aware that a change to the Root CA for its certificate chain, especially when a new CA is used, might cause CAP/EAS devices to not be able to connect to their server until the device manufactures can issue an update.
Likewise, self-signed certificates may not work with all CAP/EAS devices, and should be avoided.
12
Working Group # 9 - Next Steps
Continue to report on current EAS CAP activities Look to the future of CAP EAS
Future benefits and challenges Divergence from legacy EAS Convergence with other/future alerting capabilities
13
2012
CSRIC MeetingFriday, 12/16/2011
AprFebJanDecNov Mar
Final CSRIC MeetingWednesday, March 6, 2013
CSRIC MeetingThurs, 3/8/2012WG-9 Report 1
CSRIC MeetingWeds, 6/6/2012
FCC CAP Deadline6/30/2012
CSRIC MeetingWeds, 9/12/2012
OctAugJulJunMay Sep JanDecNov
WG9 Implementation Report2 12/5/12
CSRIC MeetingFriday, 12/5/2012
2013
Tentative - Project Timeline
WG9 KickoffMeeting