Archive for the ‘Uncategorized’ Category.

IPAWS version 3.08 in Test Environment.


IPAWS Operational Users and Developers,

IPAWS-OPEN version 3.08 has been deployed to the FEMA Test Environment (TDL) for initial testing and may be accessed now by IPAWS compatible Alert Origination System developers with current MOAs.  We expect to formally begin User Acceptance Testing (UAT) on March 12, 2015, with anticipated deployment to the FEMA Production Environment on April 15, 2015.  …..  Upon successful testing and acceptance, IPAWS will send the updated IPAWS-OPEN 3.08 Interface Design Guidance document to developers with current MOAs.

Primary changes in this version include improvements to response codes and re-alignment of validation to better match channel processing.  For most developers there will be little if any change to what has already been built.  It would be a good idea, however to test you current release against what is in TDL beginning March 12 and report any issues you may have to with subject line “IPAWS-OPEN 3.08 issue”.  It is likely that there will be no issues, but it is important to test your software to be certain.

Release notes are also available for developers with IPAWS MOA’s from the IPAWS mail box link above.

Six Computers – the grandpaham Server Farm

I now have six computers operating from my “place of business.”  Three of my own.  One belonging to IPAWS, and two belonging to SETI.  One of mine does independent monitoring of IPAWS Status and blogging of IPAWS alerts received.  Another will do the same for SETI.  The third is my “real” work computer. The SETI Boxes are demo and development boxes.  Finally, the IPAWS computer is a FEMA issued laptop  that I use to VPN to FEMA for FEMA e-mail and for any Government-only work/documentation.  Amazing how far I have come from the mailed punched paper tape I used 45 years ago in Alaska when I got my first “computer” job.

SETI – Open Standards, Securely Implemented

It is time to let everyone know or the exciting new work that I am pursuing.  While I still support FEMA’s IPAWS program, I am now also acting as Chief Architect for a new company named Secure Exchange Technology Innovations (SETI), Inc.   SETI focuses on providing the capability for managing and controlling standards-based information exchange using content and topic base routing.  Our software is designed to provide a way of getting information to and from organizations and systems of all kinds without having to face the infamous “n*(n-1)” conundrum.  We do content and topic based routing with controlled authorization and distribution permissions defined by our using systems.  For those of you who know IPAWS, it is sort of like IPAWS, but expanded to information of all types, and to industry beyondGovernment (yet including Government, if needed). And because each of our implementations can be separate, we can configure the security to be as tight, or as lax, as desired by our customer organizations.  Finally, we do not compete in creation, analysis, or display of content. We focus only on collection and distribution.  Because of this, we can act as a firewall for needed communication between otherwise competing systems and organizations.  Our customers control the permissions; we provide the implementation; all in a manner that dramatically reduces the inter-system dependency caused system-to-system communication requirements.

I Can Now Provide Customized IPAWS Dissemination to Social Media

I have a new offering for all who do alerting using the Common Alerting Protocol (CAP). I can create a combined blog, tweet and RSS functionality for your alerts as an IPAWS COG, or for any set of IPAWS Public Alerts. The capability works independently and also as an add-on to any IPAWS capable alert origination software. If you have an IPAWS COG, I can make it work without any special integration effort. If you have software that creates CAP alerts, I can build a connection to that software, depending on the interfaces it provides. If you have your own Facebook Page or Twitter Account, I can connect to that. If you have your own WordPress blog, I can use it for the connection. Or I can provide you with whatever you need. I can do it for messages you originate or, if you are an information consumer only, I can support that for any IPAWS Public alert. I can host the connection for you, or you can host and I will help you set up.

1. All recent Tornado Warnings and Flash Flood Warnings in the U.S can be found at and/or follow @ipawsweather on Twitter.

2. All recent IPAWS Public Alerts affecting Virginia’s First Congressional District can be found at and/or follow @VA_1st_IPAWS.

3. All production non-weather IPAWS Alerts can be found at and/or follow @ipawsalerts.

Please note: This is a offering and is separate from my support to IPAWS origination vendors. The IPAWS connection tech support is free (as I am paid for it by FEMA) to such vendors. This new capability will be priced according to the complexity of the solution to be provided. It can be inexpensive. Any time spent on customization will necessarily raise the price.

IPAWS Alert Twitter Feed Exceeded Allowed Number of Tweets

I had to stop the test blogging and tweeting through and @ipawsalerts yesterday. The blog was holding up, but the combined effect of a serious weather day (pray for the folks in Oklahoma) and some heavy use testing in TDL by some developers caused my processes to exceed the 1000 tweet per day limit on Twitter. So, I will need to do some breakup into multiple Twitter feeds (geography and/or message type based) before I restart it all. More later.

Website Cleaned Up Again

After letting it ride for some time I spent the day leaning up my site. The pictures work again. All the links are tested. So now you can re-read my cheesy poetry or check out the creed I use in my daily work effort, or whatever is interesting. Hopefully, more good things to come.

Direct Access Storage in 1983 vs 2013

I went back to re-read my master’s thesis from nearly thirty years ago.  The basic conclusion that there can be actual diseconomies of scale, as opposed to economies of scale, from centralized control of computing assets has not changed.  But the the base numbers are crazy different.  My statistics showed that the U.S. Marine Corps had less than 100 Gigabytes of Direct Access Storage spread across 6 different mainframe computer sites in 1983.  I bought 6 terabytes for my home last weekend for about $300 dollars.  Times have changed.  You can find my thesis here.

Web Services Security – A Link to a Really Good Non-Technical Description

Why you should attach security at the message level, not just use SSL.

I found the following today as a good explanation. It goes all the way back to 2005, but the metaphor still works. See: Naked Motorcycle Riding

The National EAS Test and IPAWS-OPEN

Funny thing about the national test held on Wednesday 9 November. It was a test of the old stuff; not the new. IPAWS-OPEN and the Common Alerting Protocol (CAP) were not even part of the test. It worked – with glitches – but it worked. The glitches seemed to be mostly about garbled messages and misinterpreted tones; things that the text and Internet-based IPAWS-OPEN solution are designed to prevent. I am confident that the next test, when it happens, will go MUCH better from that standpoint.

The comments about the national test that were most amusing were the ones that connected the National test with an attempt by the federal Government to “take over the airwaves and the Internet.” The internet was not even used. I am not going to comment on whether the Government wants to regulate (or over-regulate) the Internet. That may, or may not be, depending on your personal political perspective. What I can say his that FEMA’s IPAWS program is absolutely not involved in that sort of activity. Input can come from the president, but it can also come from local authorities at all levels of government using alert origination tools provided mostly by private industry. Dissemination is the same. It is primarily voluntary; using a Government provided query architecture that allows local agencies and information providers to weed out unwanted material, making it the very opposite of a Government forced content push. Finally, the “last mile distribution” is almost completely through commercial providers and/or a very wide variety local government controlled software from the commercial sector. So, while IPAWS is designed to provide a way for the president to get an emergency alert to as many people as possible at one time, its architecture is actually built with local alerting and local control at its very core. Check it out for yourself. I will be at the annual International Association of Emergency Managers (IAEM) convention in Las Vegas next week. Drop by the IPAWS booth to say “hi” and to get a live demonstration. Good stuff.

NIEM Compliant and Not Standards Conforming – Absolutely Possible

There have been at least two situations that I have heard of recently that claim NIEM Compliance and External Standards Conformance in the same breath. While it can be done, neither actually did so. In one case, NIEM elements were mixed into non-NIEM schemas, but the NIEM attributes were removed. This is clearly not the correct approach (although at least NIEM concept re-use was achieved). In another approach, external standard concepts were “NEIMified” in a tool and mixed with NIEM elements in a combined IEPD without the use of adapters. This approach is NIEM conforming, but NOT standards conforming. This approach can claim to use input from existing standards but cannot claim to actually use those standards. Especially, this approach cannot claim to conform to them. I firmly believe in NEIM as a methodology and as an excellent model for concept re-use, but building a NIEM conforming schema is not the same as building a standard. A standard involves acceptance of the exchange schema by a formal standards body or by a wide body of users as a reusable exchange. When you build a NIEM complient IEPD you have 3 options:

1. Build it as a NIEM IEPD and ignore other standards.
2. Build an IEPD and use pieces of external standards but ignore validation or conformance to the the standards that are reused.
3. Build an IEPD with standards conforming components in adapters and add any other needed data using NIEM want list methods or current NIEM elements .

In all three cases, the result is not a standard until it is recognized as one, either de facto or through a recognized standards body. So, the IEPD is just the beginning. Before it becomes a standard, it must be recognized, either by a formal standards body, or through industry dominant re-use.

Bottom line: If you choose path 2, you should not advertise it as standards conforming. While you can claim NIEM Conformance, you cannot honestly claim conformance to the external standards used as input in any way whatsoever.