Market Participant Client Platform

Similar documents
Meter Trouble Report PUBLIC. A Guide for Market Participants. Issue 6.0 IMP_GDE_0098

Government of Ontario IT Standard (GO-ITS) Number 30.2 OPS Middleware Software for Java Platform

Exchange Network Schema Conformance Report Preparation and Review Process

Consideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 January 23, 2015

Standard CIP 007 4a Cyber Security Systems Security Management

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective.

Unofficial Comment Form Project Modifications to CIP Standards Requirements for Transient Cyber Assets CIP-003-7(i)

Notes for authors preparing technical guidelines for the IPCC Task Group on Data and Scenario Support for Impact and Climate Analysis (TGICA)

McAfee Corporate Products End of Life Policy

Standard Development Timeline

Digital Services. Supported Browser categories. 1 P a g e

Information Security Controls Policy

AUTHORITY FOR ELECTRICITY REGULATION

Standard CIP 007 3a Cyber Security Systems Security Management

Government of Ontario IT Standard (GO-ITS) GO-ITS Number 30.7 OPS Backup & Restore Software Suite. Version #: 1.0 Status: Approved

FedRAMP: Understanding Agency and Cloud Provider Responsibilities

Request for Comments (RFC) Process Guide

Security Annex for Firewalls Additional Terms for Firewall Service

Solution Pack. Managed Services Virtual Private Cloud Managed Database Service Selections and Prerequisites

Hazelcast SSP_SLA - Effective November 13, 2017

CYBER SECURITY POLICY REVISION: 12

Service & Support. Signal Transfer from SIPLUS CMS4000 X-Tools to the SIMATIC PCS 7 Maintenance Station via TCP/IP. SIPLUS CMS4000 X-Tools

Number: DI-SESS Approval Date:

TOP-010-1(i) Real-time Reliability Monitoring and Analysis Capabilities

HITSP/T16. October 15, 2007 Version 1.1. Healthcare Information Technology Standards Panel. Security and Privacy Technical Committee.

Government of Ontario IT Standard (GO ITS) GO-ITS Number 56.3 Information Modeling Standard

Therapy Provider Portal. User Guide

Threat and Vulnerability Assessment Tool

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

Consideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 June 2, 2014

An unofficial translation, in case of any discrepancies between the English version and the original Swedish version the latter will prevail.

Request for Proposal - Computer Equipment. Proposal Deadline: 3/31/17-2:00 pm EST Bid Opening: 3/31/17-2:00 pm EST

CIP V5 Updates Midwest Energy Association Electrical Operations Conference

Government of Ontario IT Standard (GO ITS)

Appendix 12 Risk Assessment Plan

Protection Profile for Virtualization Extended Package Client Virtualization. Version: National Information Assurance Partnership

The Project Charter. Date of Issue Author Description. Revision Number. Version 0.9 October 27 th, 2014 Moe Yousof Initial Draft

LONG-RANGE IDENTIFICATION AND TRACKING SYSTEM TECHNICAL DOCUMENTATION (PART II)

Oracle Business Intelligence Publisher. 1 Oracle Business Intelligence Publisher Certification. Certification Information 10g Release 3 (

Critical Cyber Asset Identification Security Management Controls

Avaya Meeting Exchange Web Portal 5.0 Release Notes

Unified Infrastructure Management Compatibility Matrix September 05, 2017

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines

Limitations and Workarounds Supplement

LVTS RULE 11 CHANGE MANAGEMENT, TESTING AND CERTIFICATION 2018 CANADIAN PAYMENTS ASSOCIATION

On Premise. Service Pack

CIP Cyber Security Configuration Management and Vulnerability Assessments

The IDN Variant TLD Program: Updated Program Plan 23 August 2012

Unofficial Comment Form Project Operating Personnel Communications Protocols COM-002-4

Juniper Networks EX3200 and EX4200 Switches running JUNOS 9.3R2

Policy. London School of Economics & Political Science. Patch Management. Jethro Perkins IMT. Information Security Manager.

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

Avaya Aura Contact Center Documentation Roadmap

Agency Guide for FedRAMP Authorizations

Critical Infrastructure Protection (CIP) Version 5 Revisions. Standard Drafting Team Update Industry Webinar September 19, 2014

EA-ISP Business Continuity Management and Planning Policy

SAP PartnerEdge Program Guide for Authorized Resellers

Upgrading to Clarity v12. Michael Hoefer VP and Chief Architect, Clarity PPM

Request for Proposal for Technical Consulting Services

CIP Cyber Security Systems Security Management

Contents Introduction... 5 Installation Instructions... 6 Uninstall the Unifier File Transfer Utility... 9 For More Information...

Appendix 12 Risk Assessment Plan

Eclipse Upgrade Procedures. Release 9.0

FedRAMP Security Assessment Plan (SAP) Training

Online SHQ Compliance Checklist Final Version October 1, 2009

HPE 3PAR Remote Copy Extension Software Suite Implementation Service

C22: SAS 70 Practices and Developments Todd Bishop, PricewaterhouseCoopers

Cyber Security Reliability Standards CIP V5 Transition Guidance:

Table of Contents. Policy Patch Management Version Control

SAP Business One Upgrade Strategy Overview

Appendix 2B. Supply Chain Risk Management Plan

STANDARD (PAY AS YOU GO) PRE-PAID SUPPORT PACKAGE SERVICE LEVEL AGREEMENT

Oracle Hospitality Materials Control Server Sizing Guide Release 8.31 E February 2017

Chapter 8: SDLC Reviews and Audit Learning objectives Introduction Role of IS Auditor in SDLC

PPM Essentials Accelerator Product Guide - On Premise. Service Pack

HPE 3PAR Performance and Capacity Trending Service

Policy. Business Resilience MB2010.P.119

PEFC N 04 Requirements for certification bodies and accreditation bodies

ISO/IEC :2015 IMPACT ON THE CERTIFIED CLIENT

STCP Amendment Proposal Form

CERTIFICATION GUIDELINES FOR MANAGEMENT SYSTEM

INAB CAB Portal User Guide

Standard CIP Cyber Security Systems Security Management

Oracle Utilities Mobile Workforce Management

Service Description: CNS Federal High Touch Technical Support

HPE Data Replication Solution Service for HPE Business Copy for P9000 XP Disk Array Family

STCP 18-3 Issue 006 TEC Changes

Compliance Verification Program Governance Guide

Standards Authorization Request Form

Protection Profile for Virtualization Extended Package Server Virtualization. Version: National Information Assurance Partnership

CC and CEM addenda. Exact Conformance, Selection-Based SFRs, Optional SFRs. May Version 0.5. CCDB xxx

USER GUIDANCE ON THE SHIP FUEL OIL CONSUMPTION GISIS MODULE (IMO SHIP FUEL OIL CONSUMPTION DATABASE) CONTENTS

Reporting Contracts in the LBB Contracts Database

Symantec ediscovery Platform

Joint Office of Gas Transporters xxxx: <Introduction of a Discretionary Release Mechanism for Non-Obligated Annual NTS Exit (Flat) Capacity>

Juniper Networks EX3200 and EX4200 Switches running JUNOS 9.3R2

Request For Proposal ONWAA Website & E-Learn Portal

Information Technology Procedure IT 3.4 IT Configuration Management

Oracle Real-Time Scheduler

Transcription:

PUBLIC IESO_ISTD_0017 Market Participant Client Platform Information Technology Standard Issue 2.0 This document is intended to clearly and concisely present the standards and guidelines for the upgrade of the Market Participant Client Platform Public

Disclaimer The posting of documents on this Web site is done for the convenience of market participants and other interested visitors to the IESO Web site. Please be advised that, while the IESO attempts to have all posted documents conform to the original, changes can result from the original, including changes resulting from the programs used to format the documents for posting on the Web site as well as from the programs used by the viewer to download and read the documents. The IESO makes no representation or warranty, express or implied, that the documents on this Web site are exact reproductions of the original documents listed. In addition, the documents and information posted on this Web site are subject to change. The IESO may revise, withdraw or make final these materials at any time at its sole discretion without further notice. It is solely your responsibility to ensure that you are using up-to-date documents and information. This document may contain a summary of a particular market rule. Where provided, the summary has been used because of the length of the market rule itself. The reader should be aware, however, that where a market rule is applicable, the obligation that needs to be met is as stated in the Market Rules. To the extent of any discrepancy or inconsistency between the provisions of a particular market rule and the summary, the provision of the market rule shall govern. Document ID IESO_ISTD_0017 Document Name Market Participant Client Platform Issue Issue 2.0 Reason for Issue Revised for Baseline 19.0 Effective Date March 5, 2007

Market Participant Client Platform Document Change History Document Change History Issue Reason for Issue Date 1.0 First Issue December 7, 2005 2.0 Revised for Baseline 19.0 March 5, 2007 Related Documents Document ID Document Title Issue 2.0 March 5, 2007 Public

Document Control IESO_ISTD_0017 Public Issue 2.0 March 5, 2007

Market Participant Client Platform Table of Contents Table of Contents Table of Contents... i List of Figures... ii List of Tables... iii Table of Changes... iv 1. Introduction... 1 1.1 Purpose... 1 1.2 Scope... 1 1.2.1 In Scope...1 1.2.2 Not In Scope...1 1.3 Who Should Use This Document... 2 1.4 Assumptions and Limitations... 2 1.5 Conventions... 2 1.6 Application of Standard... 3 2. Standards & Guidelines... 5 2.1 Applicability of the Standard... 5 2.1.1 Standard Client Platform Technology...5 2.1.2 Standard Supported Versions...5 2.1.3 Guideline Supported Versions of the Java Runtime Environment (JRE)...6 2.1.4 Standard Introduction of Security Patches...6 2.1.5 Standard Introduction of Full Release and Service Packs...6 2.1.6 Guideline Timing for the support of new Client Platform Releases...6 2.1.7 Standard Communication regarding the need and timing to move to the next Service Pack or Full Release...7 Appendix A: Known Contraventions...A 1 References... 1 Issue 2.0 March 5, 2007 Public i

List of Figures IESO_ISTD_0017 List of Figures None ii Public Issue 2.0 March 5, 2007

Market Participant Client Platform List of Tables List of Tables None Issue 2.0 March 5, 2007 Public iii

Table of Changes IESO_ISTD_0017 Table of Changes Reference (Section and Paragraph) Section 1.2.1 Section 1.2.2 Section 1.5 paragraph 11 Section 2.1.1 Section 2.1.2 Section 2.1.3 Section 2.1.6 Description of Change Modified scope section to include the Java runtime Environment (JRE) into the Client Platform Minor edit to text Updated definition to include the JRE Updated paragraph to include reference to Sun JRE & Remove the approved Exemption now that Netscape is no longer supported. Added paragraph to include reference to JRE. Added Guideline for Supported Versions of the JRE. Split the Guideline Timing for the support of new Client Platform Releases into Operating System and Browser and Java Runtime Environment to reflect different timing needs. iv Public Issue 2.0 March 5, 2007

Market Participant Client Platform 1. Introduction 1. Introduction 1.1 Purpose 1 The purpose of this document is to clearly and concisely present the standards and guidelines for the upgrade of the Market Participant Client Platform as defined in section 1.2. 2 At a high level, the following are some of the objectives that the IESO hopes to achieve as part of this Standard: Mitigate Information Security risk to the marketplace by introducing critical security patches quickly with timing being dependent on the assessed risk of the vulnerability; Minimize work for market participant and IESO resources in regression testing; Where feasible, align upgrades to IESO s release cycle (either market facing or internal release schedule); Upgrades will be performed to address significant defects in current platform; Move to a new service pack when we have to in order to maintain vendor support or address critical defects or security vulnerabilities, rather than maintain the latest version because it is available ; and Provide support for technical problems for the current platform plus the appropriate number of previous platform versions. 1.2 Scope 1.2.1 In Scope 3 This document includes the IESO standards and guidelines for the upgrade of the operating system, Java Runtime Environments (JRE) and internet browser (collectively referred to as the Client Platform or Platform ) for interfacing with IESO s market systems. 4 This document includes standards around the technology of the Platform, update frequencies for software Releases, Service Packs and Security Patches and length of support for older Platform versions. 1.2.2 Not In Scope 5 The following are not included in the scope of this Standard: Issue 2.0 March 5, 2007 Public 1

1. Introduction IESO_ISTD_0017 Hardware standards Minimum hardware standards are specified in the Participant Technical Reference Manual (PTRM). These minimum standards will become less important as we move towards thin clients for future applications; and Office Systems including desktop and laptop computers. 1.3 Who Should Use This Document 6 This document is intended for IESO IT&I staff and vendors associated with the support of the Client Platform and responsible for the maintenance of IESO s market systems. 7 This document should also be read by market participants responsible for the maintenance and upgrade of their Client Platform so that they may understand the Standards being employed by the IESO. Market Participants are not obligated to follow these Standards but should understand how not following the Standards may impact them. 1.4 Assumptions and Limitations 8 TBD 1.5 Conventions 9 While this document is an IESO standard, the document also contains guidelines and suggestions which do not have to be followed. The differentiation followed for this document is as follows: The word 'shall' denotes a mandatory requirement or standard; and The word may or should denotes an optional requirement or guideline. 10 The standard conventions followed for this document are as follows: Quotation marks are used to highlight process or component names; and Italics are used to highlight publication, titles of procedures, letters and forms. 11 The definitions followed for this document are as follows: Full Release A large scale upgrade to the platform to introduce significant functionality and/or security fixes (example: Windows 2000 to XP or IE 5.5 to 6.0 or JRE 1.5 to 1.6) Service Pack A significant upgrade to the platform to introduce new functionality and/or security fixes (example: Windows XP SP1 to SP2 or IE 6.0 to IE 6.0SP1) Security Patch A inter service pack upgrade specifically to address security vulnerabilities. Assessed by Microsoft as Critical, Moderate or Important 2 Public Issue 2.0 March 5, 2007

Market Participant Client Platform 1. Introduction 1.6 Application of Standard 12 No exceptions shall be permitted to the standards herein without written authorization of IESO s IT&I Architecture Team. Exemptions may be sought from IESO s IT&I Architecture Team for each contravention of standard on a per instance basis. End of Section Issue 2.0 March 5, 2007 Public 3

1. Introduction IESO_ISTD_0017 4 Public Issue 2.0 March 5, 2007

Market Participant Client Platform 2. Standards & Guidelines 2. Standards & Guidelines 2.1 Applicability of the Standard 13 The Standards and Guidelines outlined in this section are required due to the close integration of the user interface with the back end applications that are currently in place at the IESO. With the introduction of the Market Portal this will allow the IESO to decouple the user interfaces (and hence their technologies) from the back end application. Once all market systems are integrated within the Market Portal (over the coming 3 5 years) the need for this standard will be re-addressed. 2.1.1 Standard Client Platform Technology 14 Microsoft s Windows Operating System, Internet Explorer (IE) and Sun s Java Runtime Environment shall be the standard technologies supported by the IESO for its Client Platform. Approved Exemptions 15 None 2.1.2 Standard Supported Versions 16 The IESO shall verify its market systems against the current version of the operating system and browser plus the previous version of each under the condition that the previous version is still supported by the software vendor. Support in this context means that the vendor is still issuing security patches to address security vulnerabilities. The IESO cannot reasonably support Operating Systems and browsers not supported by the software vendor. 17 The IESO shall verify its market systems against specific versions of JRE required to support IESO applications. 18 Verification is the regression testing and/or high level checks of the application (depending on the type of patch or release applied) to ensure that it operates satisfactorily with the Client Platform. 19 The IESO shall post, to the Technical Interface Page, the versions of the Client Platform currently supported by the IESO. Approved Exemptions 20 At their own risk, market participant s may proceed to upgrade their client platform prior to the Client Platform becoming an IESO supported version. Issue 2.0 March 5, 2007 Public 5

2. Standards & Guidelines IESO_ISTD_0017 2.1.3 Guideline Supported Versions of the Java Runtime Environment (JRE) 21 The IESO should endeavour to maintain a single supported JRE for all market facing systems. 2.1.4 Standard Introduction of Security Patches 22 Security patches assessed as Critical by IESO s Information Security and Risk Management (ISRM) group shall be implemented as soon as possible from the time that the patch is available. 23 Security patches assessed as High by IESO s ISRM group shall be implemented as part of the next available internal IESO release. There are 8 internal releases each year. 24 Security patches assessed as Medium or lower shall be scheduled appropriately as part of a future internal IESO release. 25 Market participants shall ensure that they keep up to date with the latest critical Microsoft and Sun security patches. Approved Exemptions 26 No exemptions are approved. 2.1.5 Standard Introduction of Full Release and Service Packs 27 Full Releases and Service Packs for the Client Platform shall be introduced as part of Market Facing (Category 2 or 3) Releases and details of the upgrade shall be documented as part of the Release Plan. Approved Exemptions 28 No exemptions are approved. 2.1.6 Guideline Timing for the support of new Client Platform Releases Operating System and Browser 29 The IESO should support the introduction of new Service Packs to the Client Platform within six months of the date of release by the software vendor. This timing may not be achievable based on the release of the software by the vendor and could be as long as 7 or 8 months depending on the Release Note Submission deadline. 6 Public Issue 2.0 March 5, 2007

Market Participant Client Platform 2. Standards & Guidelines 30 The IESO should support the introduction of a Full Release of the Client Platform within twelve months of the date of release by the software vendor. This target may be amended depending on other priorities. Java Runtime Environment (JRE) The IESO will support the introduction of a new Full Release or minor version upgrade to the JRE as required to address either security vulnerabilities functionality requirements for the IESO applications or IESO Architectural Standards. Approved Exemptions 31 None 2.1.7 Standard Communication regarding the need and timing to move to the next Service Pack or Full Release 32 IESO s intent to support the introduction of new Service Packs or Full Releases shall be communicated to market participants via the Release Management Process (I.e. included in the Market Facing Release Plan) and discussed at the first available IT Standing Committee meeting. Approved Exemptions 33 No exemptions are approved. End of Section Issue 2.0 March 5, 2007 Public 7

Market Participant Client Platform Appendix A: Known Contraventions Appendix A: Known Contraventions None noted at this time End of Section Issue 2.0 March 5, 2007 Public A 1

Appendix A: Known Contraventions IESO_ISTD_0017 A 2 Public Issue 2.0 March 5, 2007

Market Participant Client Platform References References Document Name Market Manual 6: Participant Technical Reference Manual Document ID IMO_MAN_0024 End of Document Issue 2.0 March 5, 2007 Public References 1

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback