I just completed the on-line #NIEM (National Information Exchange Model) courses from niem.gov. Yes, all 7 of them in one weekend. It is doable if you know some UML and XML Schema. I also have some background in NIEM from previous work that made it a lot easier. It was actually a very good presentation of concepts. Got me “all caught up” which the concepts. Will be doing some more work in the NIEM model, so I needed the refresher for background.
Archive for the ‘NIEM’ Category.
Why you should attach security at the message level, not just use SSL.
I found the following today as a good explanation. It goes all the way back to 2005, but the metaphor still works. See: Naked Motorcycle Riding
I wrote the following Comment on a LinkedIn NIEM Thread and thought it might be worth sharing:
In my opinion (perhaps not so humble :-)) NIEM is very good if you use it right. But, if you think of NIEM as a standard by itself, it is NOT GOOD. Too much stuff. Hard to keep organized. It is actually incredible how well organized it is given its volume, but as a standard by itself, it is just too BIG to be anything but unwieldy.
Now, as a model for building standard exchanges, it has TREMENDOUS value. It is like a mine. You have to refine the ore through an appropriate standards development process. (The IEPD process works for this.) But the ore is super high quality when compared with building standards from scratch, because the NEIM model has been preprocessed in the sense that most definition and relationships are well defined and understood. Even so, you still have to refine NIEM input using the IEPD process to actually create a usable exchange or a useable standard exchange.
Bottom line, if you expect NIEM to be “auto-reusable,” you will be disappointed. But, If you use NIEM appropriately, it has a lot to offer in the way of documented data structure and definition.
There have been at least two situations that I have heard of recently that claim NIEM Compliance and External Standards Conformance in the same breath. While it can be done, neither actually did so. In one case, NIEM elements were mixed into non-NIEM schemas, but the NIEM attributes were removed. This is clearly not the correct approach (although at least NIEM concept re-use was achieved). In another approach, external standard concepts were “NEIMified” in a tool and mixed with NIEM elements in a combined IEPD without the use of adapters. This approach is NIEM conforming, but NOT standards conforming. This approach can claim to use input from existing standards but cannot claim to actually use those standards. Especially, this approach cannot claim to conform to them. I firmly believe in NEIM as a methodology and as an excellent model for concept re-use, but building a NIEM conforming schema is not the same as building a standard. A standard involves acceptance of the exchange schema by a formal standards body or by a wide body of users as a reusable exchange. When you build a NIEM complient IEPD you have 3 options:
1. Build it as a NIEM IEPD and ignore other standards.
2. Build an IEPD and use pieces of external standards but ignore validation or conformance to the the standards that are reused.
3. Build an IEPD with standards conforming components in adapters and add any other needed data using NIEM want list methods or current NIEM elements .
In all three cases, the result is not a standard until it is recognized as one, either de facto or through a recognized standards body. So, the IEPD is just the beginning. Before it becomes a standard, it must be recognized, either by a formal standards body, or through industry dominant re-use.
Bottom line: If you choose path 2, you should not advertise it as standards conforming. While you can claim NIEM Conformance, you cannot honestly claim conformance to the external standards used as input in any way whatsoever.
If you work with the National Information Exchange Model (NIEM) as well as with other standards, you often run into issues related to how your overall work should incorporate (or not incorporate) NIEM. The rules for NIEM allow you to use recognized external standards independently. FEMA’s Integrated Public Alert and Warning System (IPAWS) does this with it implementation of the Common Alerting Protocol (CAP). You can also use components from an external Standard within a NIEM conforming schema, but only if you use the formally defined NIEM “Adapter” approach. You can also use NIEM inside an externally defined standard wrapper as shown in the graphic below.
My talk at the NIEM National Training Event (NTE) in Philadelphia this August will discuss using an OASIS Emergency Data Exchange Language – Distribution Element (EDXL-DE) as a wrapper as shown, but it will go beyond that. It will show how NIEM conforming data structures can be used within the EDXL-DE wrapper itself as DE conforming metadata to describe the content and desired distribution of the Information Exchange Package (IEP). The goal is to show an innovative use of NIEM that is actually made possible by the (also) innovative structure designed into the EDXL-DE standard. The actual content of the IEP will be an IPAW Profile conforming CAP message. The wrapping DE will use NIEM conforming metadata to define IPAWS distribution and content identification needs.
I have been chosen to present a new twist on the reuse of data definitions at the National Information Exchange Model – National Training Event (NIEM NTE) in August. Data definition reuse questions that have been asked before include:
1. Is it OK to Use an External Standard without using NIEM?
2. How do I (or is it allowable to) encapsulate the use of an External Standard inside a NIEM conforming schema?
3. What is the best way to (or should I) bring concepts from external schemas into NIEM (to “NIEMify” them)?
These question have answers, although not everyone agrees on all of them.
My question is different. What if there was a way to reuse NIEM conforming structures inside an external standard? I plan to show an example of how it could work, using NIEM enumerated values (facets, codelists, and schema subsets if necessary) to populate EDXL-DE metadata around an IPAWS Profile CAP message and/or a NIEM IEPD for Amber alerting.
It ought to be an interesting discussion.
The Fiscal Year 2010 “Interoperable Communications Grant Program, Guidance and Application Toolkit” has just been published. My first question on seeing the grant language was, Did they mandate real interoperable data standards for software purchased using grant money?
They did. From Page 20:
Grant-funded systems, developmental activities, or services related to emergency response information sharing should conform as much as possible with the OASIS Emergency Data Exchange Language (EDXL) suite of data messaging standards and National Incident Management System (NIMS) guidelines. Additional information on data messaging standards and their applicability may be found at www.oasis-open.org. The NIMS Supporting Technology Evaluation Program (NIMS STEP) provides objective evaluations of commercial software and hardware products, and reports on product conformity to standards and NIMS guidelines. Findings from evaluations may be accessed through the Responder Knowledge Base (RKB) website to assist grantees in making purchases. More information on the NIMS STEP can be found at https://www.rkb.us/contentdetail.cfm?content_id=219711.
And Again from page 28 under Technology:
National Information Exchange Model (NIEM). FEMA requires all grantees to use the latest NIEM specifications and guidelines regarding the use of Extensible Markup Language (XML) for all grant awards. Further information about the required use of NIEM specifications and guidelines is available at http://www.niem.gov.
NIEM is XML. EDXL is XML. What gives? Who has precedence? Why is EDXL mentioned in the Funding Restrictions section and NIEM in the Administrative Requirements section?
In reality, you can ignore the apparent confusion. The requirements are valid and complimentary. For the most part, EDXL standards are accepted by NIEM as “approved external standards.” So you do not violate the NIEM requirements by using them, provided you use them as-is, in their entirety. If you use use individual elements (or a subset of elements) from an EDXL schema) in a way that does not validate against one of the schema standards, you are actually violating both EDXL and NIEM unless you document the use of those elements using the formal NIEM Information Exchange Package Documentation (IEPD) methodology as defined at niem.gov. So if you want to use a system that uses EDXL-Common Alerting Protocol (CAP), EDXL- Distribution Element (EDXL-DE), EDXL-Resource Messaging (EDXL-RM), and/or EDXL-Hospital Availability (EDXL-HAVE), go ahead. You are within the terms of the grant language. But if you modify (aka “improve”) the standards in any way, you must go through a formal IEPD process.
If, however you have requirements for information exchange that are not met by existing standards, NIEM offers you the opportunity to reuse existing NIEM IEPDs, build a new IEPD from existing NIEM data definition resources, or build an IEPD from a combination of data definition resources. It is a well-defined process that is designed to maximize reuse and minimize redundancy in data structure definitions supporting emergency management dat exchange requirements.
So, to summarize, if the software you are considering for purchase/development with your grant money reuses EDXL Exchange Standards and/or NIEM IEPDs, you are home free. If not, the system needs to define its exchanges with other systems following NIEM IEPD development rules as found at NIEM.gov
The link below is to a blog entry by Rick Wimberly concerning all of the alerting systems shown at the IAEM conference in Orlando this week.
The basic premise is that there is no “best” alerting system and that the best alerting system is system of systems for alerting purposes that each have different traits and capabilities. I AGREE WHOLEHEARTEDLY. In fact, the activity where I currently work, FEMA’s Disaster Management Open Platform for Emergency Networks (DM-OPEN), is designed to allow communication between different alerting systems, such that they work together as a system of systems. At the IAEM conference, 10 different systems were using DM-OPEN to share the alerting function and it worked well because all were using the OASIS Common Alerting Protocol as a basis for exchange.
DM-OPEN also showed the ability of multiple systems to share OASIS Emergency Data Exchange Language Distribution Element (EDXL-DE) wrapped content. This content included NIEM IEPD Content (Amber Alerts) and OASIS Hospital Availability, but could also have included any defined data structure known to parties on at least two ends of the exchange. So, does this make DM-OPEN the best emergency information network? I might want to think so, but my thoughts are actually similar to Rick’s. I believe that no single network solution can legitimately call itself the best. Instead, it takes a constantly improving “network of networks” in combination to provide emergency managers with the best information available. In this arena, DM-OPEN does have a place. Because DM-OPEN connectivity is based on publicly available standards, it can connect network to network, as well as system to system as long as those systems are open to standards-based connectivity. So, DM-OPEN is not THE network or THE system. But if anyone else tells you theirs is THE solution, I would say they are blowing smoke, and that they need to learn to work with others.
Gary “Grandpa” Ham
Attended combined NIEM National Training Event and Oasis Interoperability Summit in Baltimore last week. What a week!!
- All of the following Items are from that event:
- Participated in live demonstrations of interoperability by 11 separate commercial vendors, all using the DM-OPEN Backbone. Messages included Common Alerting Protocol sent from an actual Chorine sensor, NWS Tornado Warnings in CAP with the full polygon showing on maps used by multiple vendors, EDXL-DE wrapped Hospital Availability Messages, and EDXL-DE wrapped NIEM Amber Alert Messages, with accompanying Style sheet and reference base-64 encoded picture data used in full display. A professional videographer filmed the demonstration activities and interviewed key players. The edited video will be made available by OASIS. I will post the link when it is available.
- Moderated NIEM NTE panel titled “Coordinating the Development and Adoption of Emergency Data Standards With the Ongoing Development of NIEM.” A format of 5 separate questions with short answer to each question by all panel members in turn was well received, both by the panel and the audience. Answers were lively and interesting. There were many audience questions as well. The NIEM organization recorded all panel sessions, so this panel will be available for review in its entirety.
- Acted as a panel member in a second NIEM NTE panel titled: “Playing Well With Others”—NIEM and External Standards. This was a half session panel that stirred lots of interest and did not afford adequate time for all audience questions. Its recording will also be made available by the NIEM organization. Both panels made is clear that there is real cooperation between standards bodies and progress is being made to ensure that the value of all standards is recognized as a federation real capabilities. While some technical and “turf” issues need to be understood better, the folks involved look forward to the future with a positive attitude and a real belief in success.
Special Thanks to Donna Roy (NIEM Director) and her crew for a great event, and to Bill Kalin (Contractor to DHS Science and Tecnology) and Jane Harnad (OASIS) for organizing a superb demonstration and to all of the vendors for showing real interoperability in action. Standards do work!!!
The following announcement (copied from the FEMA Disaster Management Program govdelivery message stream) will be of interest to all who want to know how to use the Distribution Element properly: (NIEM users take note. This is one external Standard that makes IEP transport both easier and more effective, especially if your IEPD includes an XSLT in its documentation.)
OASIS EDXL Distribution Element Primer
Wednesday September 16, 12:00 Noon Eastern
In follow up to last month’s DM-OPEN SIG program, this month’s program will feature a new publication from OASIS, designed to provide developers with the A-B-Cs of the EDXL Distribution Element (EDXL-DE). “The Distribution Element: The Basic Steps to Package and Address Your Emergency Information,” is a white paper intended to function as an introduction–not as a comprehensive technical explanation.
Our guests will include Elysa Jones, Warning Systems Inc. and Chair of the OASIS Emergency Management Technical Committee (EM-TC). She will be joined by other members of the committee to provide an overview and respond to questions. We also plan to provide further information about the upcoming OASIS Interoperability Summit, and general status of DM-OPEN development efforts.
This program is intended primarily for software application developers, especially those new to EDXL-DE. Please make plans to join us via conference bridge and Live Meeting.
IMPORTANT: If you have not logged into Live Meeting before, check out the following connection instructions and participant guidelines prior to next week’s meeting:
(1) Login to MS Live Meeting for visuals: The following login link can only be used 30 minutes prior to the scheduled meeting time: https://www.livemeeting.com/cc/eiip/join?id=DMprogram&role=attend
(2) Call into the Conference Bridge number as follows: 1 (800)366-7242 PIN 3647 6736#.
If you are unable to attend this month’s meeting due to other commitments, a recording will be accessible from the DM-OPEN SIG Presentations Archive at http://www.disasterhelp.gov/disastermanagement/library/archive/open-presentations.shtm