A National Effort on Emergency Data Distribution

David E. Ellis

Information Management Architect

(505) 844-6697, dellis@sandia.gov

What is NAWS

• A National Alerting and Warning System (NAWS) is an emerging Family of Service Oriented Architecture (SOA) Capabilities which would accomplish National Alerting and Warning needs by combining the capabilities of various Family/System of Systems.

• NAWS is based on delivering information (Push) about:– Changes in the real world environment (Alerting).– Response guidance from appropriate decision authority

(Warning).

• The OASIS Emergency Management Technical Committee is developing standards which provide the basis for NAWS delivery (EDXL-DE) and content (CAP, EDXL-RM, etc.) for these SOA based communications.

Initial NAWS Evaluation• Alerting and warning concepts were evaluated at Coalition Warrior

Interoperability Demonstration (CWID) 2005.

• CAP 1.0 was the basis for all messaging interoperability– Only approved OASIS standard available.– Demonstrated CAP 1.0 was not suitable for delivery of sensor data.– Evaluation used the Nuparadigm Foundation software.

• Evaluation also exposed semantics engagement issues– Information model for various vendors was tailored to their application/functionality

(e.g. parameter element tag usage).

• Sandia Sensor System used limited distribution filtering based on event location

– No real attempt to use SOA capabilities-to-needs matching.

• CWID 2005 emphasized the need for creation of ad hoc sensor distribution capabilities based on real world incident dynamics.

• The following two slides represent chlorine incident scenarios– CWID 2005 depicts integration of various civil sector systems.– A Semantic Interoperability Architecture Pilot represents the flow

of alerting/warning information.

Exchange alerts containing links to situation awareness artifacts using the Common Alerting Protocol (CAP) Standard

CWID ’05 “The Real McCoy’s” Collaborating Trials

4.26 DMIS Interoperability Backbone

E Team

Blue 292

CAPWIN

DMIS Tools

Civil Sector

3.70 Boeing MI2

Military Unclassified

App

GCCSAlerts/Tracks

SWARM

ChatImageryWeather Air Tracks Surface TracksGround Tracks

ISR Tracks Network Stats/Alerts

FBI Investigator’sWeb Services

2.77 InfoBridge

2.58 FRCTS

Sandia Sensor SystemAlerting Framework

Semantic Interoperability

NAWS Development

• OASIS CAP 1.1 standard approved and in use.• EDXL-DE created to allow a true SOA approach

to alerting and warning system integration. • Semantic Interoperability Architecture pilot is

continuing to work on CAP taxonomy and ontology issues.

• EDXL-DE is currently in ballot at OASIS and expects standard release in April 2006.

• Numerous OASIS EDXL/CAP capable systems will be available this calendar year for deployments.

National Communications InfrastructureInternet, Satellite, Radio

National Communications InfrastructureInternet, Satellite, Radio

NAWS Exchange Architecture

Sending ApplicationInformation Taxonomy(e.g. Alerting, Warning)

Receiving ApplicationInformation Taxonomy

(e.g. DSS, Visualization)

Message XML Document

(e.g. EDXL SS, CAP)

Delivery MetadataEDXL DE- Publish

(e.g. direct, registry)

Delivery MetadataEDXL DE-Subscribe(e.g. direct, registry)

MessageXML Document

(e.g. EDXL SS, CAP)

XML Document Object RoutingNuparadigm Foundation

(e.g. content filters, sensitivity enforcement,MOU instantiation by execution Context)

Information Exchange Requirement

EDXL Distribution Element (DE)

EDXLDistributiondistributionIDsenderIDdateTimeSentdistributionStatusdistributionTypecombinedConfidentialitysenderRole *recipientRole *keyword *distributionReference *explicitAddress *

targetAreacircle *polygon *country *subdivision *locCodeUN *

nonXMLContentmimeTypesizedigesturicontentData

xmlContentkeyXMLContentembeddedXMLContent

ORcontentObject contentDescriptioncontentKeyword *incidentIdentifierincidentDescriptionoriginatorRole *consumerRole *confidentiality

0..1

0..*

SpecificMessage Content

- CAP 1.0- CAP 1.1- ASOCC- FPCON- Sensor- EDXLResourceMessaging- IMPP- DSEL- etc.

0..*

EDXLContentCAP 1.1

Structure

alertMessage ID (identifier)Sender ID (sender)Sent Date/Time (sent)Status (status)Scope (scope)Type (msgType)Operator/Device ID (source)Restriction (restriction)Addresses (addresses)Handling Code * (codes)Note (note)Reference ID (references)Incident IDs (incidents)

infoEvent Type (event)Response Type (responseType)Urgency (urgency)Severity (severity)Certainty (certainty)Event Category * (category) Language (language)Audience (audience)Targeting Code * (eventCode)Effective Date/Time (effective)Onset Date/Time (onset)Expiration Date/Time (expires)Sender Name (senderName)Headline (headline)Event Description (description)Instructions (instruction)Information URL (web)Contact Info (contact)Parameter * (parameter)

resourceDescription (resourceDesc)MIME Type (mimeType)Size (size)URI (uri)Dereferenced URI (derefUri)Digest (digest)

areaArea Description (areaDesc)Area Polygon * (polygon)Area Point-and-Radius * (circle)Geographic Code * (geocode)Altitude (altitude)Ceiling (ceiling)

Elements in bold are mandatory; those in italics are optional; asterisk (*) indicates multiple instances permitted

Notional EDXL Routing Grid

EDXL Router

EDXL Router

EDXL Router

EDXL Router

EDXL Router

Central Region

Southwest RegionSoutheast Region

Northwest Region

Northeast Region

Warning ValueListUrn

DMIS

Response/Warning

SMEAnalysis

DataFusion

OperatorStation

OperationCenter

Alerting

NC-JOCDHS-HSOC

National Commandand Control

PlumeAnalysis

Sensor Node+ Camera

EDXL + CAP

EDXL Proxy

EDXL + Rad Spectrum

NC2 ValueListUrn

Alerting ValueListUrn

Capability Decomposition

WSDL Distribution Path

Sensor Node+ Camera

DMIS

Router Router

Router Router

OperatorStation

PlumeAnalysis

OperatorStation

Southwest RegionNortheast Region

CA MD

Default WSDL, Secondary WSDL, WSDLs of Last Resort in routing Configuration File

valueListUrn Strategy• Prefix for Encoding Schema of valueListUrn

– NIEM-L-DoDAF– Others

• Possible use of Geographical Location Distribution Mask– US:SE:CA:– locCodeUN

• Topic or Functional Area grouping of Activities (OV1, FEA, others)– Alerting– Warning

• Potential valueListUrn schema combinations for XPath evaluation– NIEM-L-DoDAF:US:SE:CA:OV1:Alerting– Example

• <senderRole>– <valueListUrn> NIEM-L-DoDAF:US:SE:CA:OV1:Alerting </valueListUrn>– <value>Operator Station</value>

• </sendorRole>• <recipientRole>

– <valueListUrn>Alerting </valueListUrn>– <value>SME Analysis</value>– <value>Operation Center</value>

• <recipientRole>

SouthwestRegion

SoutheastRegion

EDXL-DERouter

EDXL-DERouter

Edge Message Replication

Surveillance Camera

HighLow Medium

XML Content Object

Non-XMLContent Object

Security

MPEG, JPEG,Etc.

CAP, SWE,ANSI N42.42,

Etc.

WSDL or file

WSDL or file

Encryption,Decryption,

Signing, Verification

EDXLConstructor

User InterfaceFor Local

Configuration

EDXLRouter

Via XSLT

Edge EDXL Proxy Service

Adversary

Weapon

MotiveTargetList

CurrentLocation

StartTime

FinishTime

Pre AttackMeasurable

Characteristic

R, ECharacteristic

Sensor

Attack

Area ofImmediate

Effect

Area ofProgressive

Effect

MeteorologicalEnvironment

Post AttackMeasurable

Characteristic

SurveillanceDevices

MeteorologicalSensor

SensorConcentrator

DetectionTime

C, B, RCharacteristic

Sensor

DetectionTime

StartTime

FinishTime

Location

Location

Has a

Has a

Has a

Has a

Has aHas aHas a

Has aHas a

Has a

Has a

Detectsat a

Detectsat a

Has aHas a

Has a

Has a

Detects

Detects

Has aUses

Observe a

Observe a

Has a

Measures

Reports to

Reports to

Reports to

Reports to

Has aHas a

Has a

Has a

Triggers

Triggers

Launches

Has aHas a

Reports to the SensorManagement System via EDXL

Read fromtail of arrowto head

CBRNE Sensor Detection Ontology

Have a

CBRN-Sensor-Type

MeasurableCharacteristic

PhysicalCharacteristic

Chemical

Biological

Radiological - Alpha - Neutron - Gamma -- Gross -- Spectrum

Power Source - External - Internal

Form Factor - Self Contained - Integrated - Has Handle

Characteristics - Weight - Dimensions

Fixed

Mobile

HandHeld

Geospatial Deployment

Less Than 5 Pounds

Sensor Characteristic Decomposition

Publish Subscribe Registration

Publish Type of contentObject being sent

oSpecific schemasoSpecific mime types

Restrict usage of content keyword tables Register keyword tables for originator roles Ability to add new schemas, keyword tables, originator roles, and mime types

Subscribe Type of contentObject to recieve

oSpecific schemasoSpecific mime types

Restrict the consumer role tables and the values within the consumer role table Restrict the keyword tables and the values within the keyword table Evaluate all explicit addresses from all explicit address schemas

oDMIS Cog/#215oEmail/jon@me.org

Type of distribution elementoSpecific keyword tables and valuesoSpecific consumer role tables and values

Type of distribution elementoSpecific keyword table and valuesoSpecific sender role tables and values

Certificates will be issued to any system which registers with thedistribution system. Certificates will be used to create encryptedTunnels and to Encrypt and Sign contentObjects.

Conclusion

• EDXL-DE delivers arbitrary information:– Other sensor standards can be distributed (based on roles)– System capabilities are tailored to consumer needs by using

appropriate standards (Management versus Alerting) – Ability to protect content is included– Provides for Post before processing (Tactical storage)– Architecture allows SOA document distribution– Allows for architectural level replication strategies– Model is shaped by DoD AF methodologies (can use DRM)– Improves on messaging and presence strategies– Allows for multiple sensitivity security message exchanges

• Now is the time for joint standard interoperability pilots– Obtain representative National use cases for CBRN– Access to sensors and sensor networks for pilots– Forum for joint experimentation needs to be funded