AutoDRM Version 2.1 User Guide
Contents
1. 2 1 1 Interface The Interface section defines the mail server and mail box characteristics It contains the parameters described in Table 2 1 Table 2 1 Interface Section Parameters Parameter Definition HostMailServer The host server used to relay email outbound using SMTP inbound using the protocol defined in MailBoxProtocol lt is identified by either its host name or its IP address expressed in dotted decimal format w x y z Permitted values a valid mail server name or IP address MailDomain The mail domain on the host mail server Permitted values a valid mail domain on the host mail server MailBoxProtocol The protocol used to receive email messages Permitted values POP3 or IMAPA MailBox The email recipient name for this program AutoDRM will only accept email addressed to MailBox MailDomain for example autodrm MailDomain Permitted values the name as an alphanumeric string that has been assigned to the email recipient MailBoxPassword The password required to access the AutoDRM recipient mail box Permitted values any alphanumeric string 2 1 2 Control The Control section defines the locations and characteristics of various input and output files It contains the parameters described in Table 2 2 Table 2 2 Control Section Parameters Parameter Definition StationFile The path and name of the NAQS station file2. START KEYPAIR Start using the specified key pair Include the certificate in the request Request CALIBRATE START Calibrate one or more channels The START TIME can be any valid date that is future dated a maximum of 31 days or post dated a maximum of 1 hour For more information see the Calibrate user guide Requires environment variables START TIME SENSOR TYPE lt Only one calibration can be running at any one time Any calibrations scheduled to start while another calibration is running will be rejected Request ENTER_MASS Centre mass on one or more elements Requires environment variable DURATION Request 7 ART CONTINUOUS Turn on primary station continuous data transmission Request 7 lr OP CONTINUOUS Turn off primary station continuous data transmission Request TOP Indicates the end of the message Format 26 of 47 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 Chapter 4 Using AutoDRM 4 3 5 Command Response Table 4 4 describes format environment and response lines for command response messages Table 4 4 Command Response Message Lines Line label Parameters Description Line type BEGIN ims2 0 Indicates the start of message and the Format message format version number MSG TYPE command response Indicates the type of message Format MSG ID MessageldPrefix Aut
3. 4 3 Message Line Descriptions 0 ce re 22 4 3 1 Help Request ues cr RRS EIN REPE COEUR XU RR OE RR XR 22 43 2 Data Request wis oec whan vida ee AR A A a Bhd edu 23 4 3 3 Data Hespornse onere RD E RR EX ie eee wee ea Ru uu teas BS 24 4 3 4 Command Request ooccccococcc ehh 24 4 3 5 Command Response 0 0 00 hh 27 Appendix A Configuration File Example A 1 General Structure oooocooccco lh 29 A 1 1 Data Order and Default Values ooococcooccoccononn ee 29 A 1 2 White Space and Comments 0 000 res 30 A 1 3 Configuration File Error Detection llle 30 A 2 Example AutoDRM Configuration File liie 30 Appendix B Message Syntax B 1 Appendix Conventions o ooccococoo emn 33 B 2 Help MessagesS oooooocrrr eee teens 33 B 3 Data Messages ede a ERR DERE ee da e wr RR EORR E RH 33 B 341 Dala Beguest s esu Ere Rs RO a te ba VR Ru bre oes 34 B 3 2 Data RESPONSE cead os ure sem ene edo os dee RARE A RUE ee e dul D ege et A 34 B 4 Command Messages 0000 hn 35 BAA Calibrate Statt obere tl Wet ad ERIS em x eoe aet Ael wee RO ena 35 B 4 1 1 Calibrate Start Request oooocccoococco eh 35 BAVA SMC a EA A A a A da RA 36 B 4 1 1 2 Pulse Example ues RE UR ee eee dd ee ee Rag 36 B 4 1 1 3 Random Example 25e ERE ep DRE RETE a 36 B 4 1 1 4 Sine Example oooooooccccococcn hh hr 37 B 4 1 2 Calibrate Confirmation Response 00 0c c
4. stop Example begin ims2 0 msg type command request msg id Example 3a e mail test nanometrics ca time stamp 2008 04 16 14 28 sta list STNO1 CF generate keypair stop B 4 3 2 Generate Keypair Response Key pairs are generated by the instruments and the Central Facility workstation For instruments if there is a critical error preventing this command from being processed at all a single error email will be sent out with the requested station list and channel list Otherwise a separate confirmation or error email will be sent out for each instrument as its key pair is generated The response to a successful execution of the command request will include a Certificate Request for the new key pair Similarly for CF workstations a confirmation or error email will be sent out as its key pair is generated The response to a successful request will include a Certificate Request for the new key pair Syntax BEGIN IMS2 0 MSG TYPE COMMAND RESPONSE MSG ID id string source REF ID ref str ref src TIME STAMP yyyy mm dd hh mm ss indiv response indiv error message overall error message STOP where indiv response STA LIST instrument or workstation name AUTH ID requested Keypair ID KEYPAIR GENERATED PEM certificate request indiv error message STA LIST instrument or workstation name AUTH ID requested Keypair ID COMMAND GENERATE KEYPAIR PROBLEM ENCOUNTERED problem descri
5. 1 About AutoDRM AutoDRM Version 2 1 supports IMS1 0 2 0 request and response message formats and uses email as the data return mechanism It supports the following message conventions Request lines e To select data types HELP STATION CHANNEL WAVEFORM RESPONSE and OUTAG El To issue commands e Operation change START CONTINUOUS STOP CONTINUOUS CALIBRATE START and CENTER MASS e Key management UPDATE CRL GENERATE KEYPAIR and START KEYPAIR Request control line to define the response message protocol E MAIL Request and response environment lines e To delimit the time and source of the requested data TIME CHAN LIST and STA LIST e To assign a time when the command request or response is issued TIME STAME To define other command or response specific constraints see Chapter 4 Datatype and command response lines see Chapter 4 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 DO Chapter 1 Getting Started 1 1 1 1 1 1 1 Typical Operation AutoDRM runs as an online service on the data acquisition network It requires a stand alone mail server with a mailbox for AutoDRM It is usually best for AutoDRM to run on the NAQS Server acquisition computer because it must access the NAQS configuration files and ringbuffers Various objects must be saved on the security token before d
6. 14830R4 2008 04 10 Chapter 4 Using AutoDRM Table 4 1 Data Request Message Lines Continued Line label Parameters Description Line type OUTAGE ims1 0 ims2 0 Retrieves information about data outages for one or Request more channels STOP Required Format Indicates the end of the message The IMS version must be the same as that used in the BEGIN Format line 4 3 3 Data Response Table 4 2 describes format and data type lines for data response messages Table 4 2 Data Response Message Lines Line label Parameters Description Line type BEGIN ims1 0 ims2 0 Indicates the start of message and the message format Format version number MSG TYPE data Indicates the type of message Format MSG ID MessageldPrefix AutoDRM assigns the two part identifier for the Format MessageldNumber message REF ID Request Msg ID part Identifies the original request message For multipart Format sequence information responses it includes part sequence information DATA TYPE requested type Identifies the type of data included in the message Data type ims1 0 ims2 0 followed by the data STOP Indicates the end of the message Format 4 3 4 Command Request Table 4 3 describes format control environment and request lines for command request messages Note Timestamp TIMI n T _STAMP and message ID MSG_ID values are checked for IMS2 0 command request mess
7. Information about the request and the requester is logged An acknowledgement or explanatory message is sent to the requester under some circumstances see Table 1 1 Table 1 1 Acknowledgement of Rejected Requests Response Sent Reason for Rejected Request to the Requester The requester cannot be verified No The certificate chain contained in the digital signature is not valid No The requester is not authorized to make the request No The authenticated IMS2 0 request is stale That is it was created before the time Yes period defined by the configuration file Message section RequestExpiry parameter The authenticated IMS2 0 request has a MSG_ID that is the same as that of atleast Yes one other message The cache will store MSG_IDs for as long as is defined in RequestExpiry up to a maximum of 1000 values 1 2 Summary of Inputs and Outputs To generate proper responses to request messages AutoDRM requires access to various input files These files must either be stored on the same computer as AutoDRM or be accessible over a LAN on a shared drive Once AutoDRM has been started it generates log and optional message copy files to directories as defined in the configuration file and maintains the message number file 1 2 1 Input Files AutoDRM ini This configuration file defines the operating characteristics for the AutoDRM program see Chapter 2 Configuring AutoDRM Nags stn The Nags stati
8. The PRB signal unit width in seconds Permitted values any positive value gt 0 PrbNfft 100 The number of samples used in each fast Fourier transform window during analysis Permitted values any positive integer gt 32 To optimize efficiency and accuracy you should specify a number with many small prime factors PrbDec 1 The factor by which the digitizer sample rate is decimated before analysis Permitted values 1 2 3 4 5 10 20 25 30 40 50 100 PulseDelay 60 The number of seconds after the pulse ends to include in analysis Permitted values any positive integer gt 0 PulseNfft 100 The number of samples used in each fast Fourier transform window during analysis Permitted values any positive integer gt 32 To optimize efficiency and accuracy you should specify a number with many small prime factors PulseDec 1 The factor by which the digitizer sample rate is decimated before analysis Permitted values 1 2 3 4 5 10 20 25 30 40 50 100 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 13 of 47 Chapter 2 Configuring AutoDRM 2 1 7 CalibrationStationDefaults The CalibrationStationDefaults section defines the default calibration settings for a specific station Use one section per station for an unlimited number of stations This section is optional and only the StationName parameter is required The rest of the parameters are optional This section contains
9. allowed values 1 2 3 4 5 10 20 25 30 40 500 100 decimation will default to nearest value if not one of the above PrbUnitWidth 2 0 seconds of minimum width PrbNfft 100 size of nFFT window in samples PrbDec I amount to decimate signal allowed values 1 2 3 4 5 10 20 25 30 40 50 100 PulseDelay 60 seconds after pulse to include in analysis PulseNfft 100 size of nFFT window in samples PulseDec 1 amount to decimate signal allowed values 1 2 3 4 5 10 20 25 30 40 50 100 AutoDRM Version 2 1 User Guide 31 of 47 14830R4 2008 04 10 Appendix A Configuration File Example CalibrationStationDefaults station specific defaults 1 sections per station no limit on number of stations StationName station Ton 300 calibration SwRamp 24 STNO1 0 SwNfft 100 SwDec 1 1 2 3 41 5 1 0 20 225 PrbUnitWidth 2 0 PrbNfft PrbDec 1 1 2 3 4 5 1 100 0 20 25 PulseDelay 60 PulseNfft 1 PulseDec 1 2 3 4 5 1 00 al 0 20 25 required the defaults in this section apply only to this seconds after calibration coil is engaged to wait to start seconds to ramp up and down to full amplitude signal duration size of nFFT window in samples amount to decimate signal allowed values 30 40 50 100 seconds of minimum width size of nFFT window in samples amount to decimate signal allowed values 30 40 50 100 sec
10. copy files Optionally you can set AutoDRM to save complete copies of incoming email request messages REO txt and outgoing email response messages MAIL_ txt The message copies are logged in directories specified in the Control section of the configuration file A Caution The output file MsgNum txt is used by the AutoDRM program Do not edit this file MsgNum txt The message number file is used to ensure the continuity of the message ID even if the AutoDRM program is stopped and restarted The number of the last message sent is stored in MsgNum t xt If this file is lost the message number is initialized to the configured default defined in the Message section MessageNumber parameter The MsgNum txt file is stored in the working directory typically nmx user 6 of 47 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 Chapter 1 Getting Started Scheduled items The directory defined in the configuration file Control section ScheduleDir parameter will contain a single file for each outstanding item for example CalibrationSchedl ser These files will be removed automatically by the system as the items are run 1 3 Dependencies Calibrations require NaqsServer and DataServer to be running 1 4 Software Requirements Before you install AutoDRM ensure that the installation computer meets the following software requirements Java Runtime Environment version 1 5 or lat
11. for CENTER MASS The duration of the mass centring signal Environment AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 25 of 47 Cha pter 4 Using AutoDRM Table 4 3 Command Request Message Lines Continued Line label Parameters Description Line type START TIME date time Required for CALIBRATE START and optional for Environment START KEYPAIR The default for START KEYPAIR is the time the request is received Format is yyyy mm dd hh mm ss SENSOR yes no Required for CALIBRATE START Environment Indicates whether the sensor should be included in the calibration TYPE pulse random Required for CALIBRATE START Environment sine The calibration signal will either be sine wave random pseudo random binary or pulse signal CALIB PARAM parameters 1 to N required for CALIBRATE START Environment The required parameters for the three different signal types are as follows pulse first signal pulse duration subsequent signal pulses duration delay random duration sine frequency duration The Amplitude parameter is optional for all three signal types UPDATE CRL Update the CRL stored at the CPCSS Include the updated CRL Request ENERATE KEYPAIR Generate a new key pair on digitiser or central facility workstation authentication units Optionally include the DSA parameters for the key pair Request
12. id Example 1 e mail test nanometrics ca time stamp 2008 04 22 17 28 stop continuous stop B 4 6 2 Stop Continuous response Syntax BEGIN IMS2 0 MSG TYPE COMMAND RESPONSE MSG ID id string source REF ID ref str ref src TIME STAMP yyyy mm dd hh mm ss CONTINUOUS STOPPED error message STOP where error message COMMAND STOP CONTINUOUS PROBLEM ENCOUNTERED problem description 44 of 47 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 Appendix B Message Syntax B 4 7 Update CRL The command request UPDATE CRL is issued to load a certificate revocation list onto the workstation security token The security token on the workstation running AutoDRM is automatically the target of this command B 4 7 1 Update CRL request Update CRL command processing will impose this restriction on submitted requests There must be a self signed certificate for the principal that issued the CRL already installed on the workstation security token Syntax EGIN IMS2 0 SG TYPE COMMAND R SG ID id string AIL address J STAMP time PDATE CRL EM X509 certificate revocation STOP EQUEST source where time Example begin ims2 0 msg type command request msg id Example 1 e mail test nanometrics ca time stamp 2008 04 28 13 28 update crl pies BEGIN X509 CRL MI IBHzCB3TALBgcqhk jOOAQDBQAwgY cOBhY
13. in megabytes of an email response message Responses larger than this limit will be sent as numbered parts in multiple email messages Permitted values any number from 0 4 to 2 Recommended maximum is 1 IDC 3 4 1 page 4 recommends a maximum email message size of 1 Mbyte RequestExpiry The maximum age of a request in hours before it is considered stale A stale request is rejected For more information see Section 1 1 1 6 Rejected Requests on page 5 Permitted values any positive integer AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 11 of 47 Chapter 2 Configuring AutoDRM 2 1 4 Stations The Stations section defines the station information It contains the parameters described in Table 2 4 Table 2 4 Stations Section Parameters Parameter Definition StationCode The array station name for this instance of AutoDRM You can specify this name in the STA LIST environment line to obtain information for all stations Permitted values any valid station code of 3 to 5 characters See also IDC 3 4 1 CFSiteName The Central Facility site name for example CF 01 01 If this parameter is missing from the file AutoDRM will use CF 01 01 by default StartDate The date the station started operating This is used to define the Start Date field in Station and Channel data Permitted values a date in format yyyy mm dd EndDate The projected date on which the station
14. the default PulseDelay value defined in the Aut oDRM ini file For example calib param 1 0 calib param 2 0 60 0 calib param 3 0 90 0 In the above example The delay between the first and second signal is 60 0 seconds The delay between the second and third signals is 90 0 seconds The delay after the last signal is the default value from AutoDRM ini 60 seconds AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 35 of 47 Appendix B Message Syntax B 4 1 1 1 Syntax BEGIN IMS2 0 MSG TYPE COMMAND REQUEST MSG ID id string source E MAIL address TIME STAMP time START TIME time STA LIST station code CHAN LIST channels SENSOR yes no pulse calibration random calibration CALIBRATE START STOP where time yyyy mm dd hh mm ss sss pulse calibration TYPE pulse CALIB PARAM duration seconds CALIB PARAM duration seconds random calibration YPE random 1 CALIB PARAM duration sine calibration YPE sine 1 CALIB PARAM frequency B 4 1 1 2 Pulse Example begin ims2 0 msg type command request msg id Example 1 e mail test nanometrics ca time stamp 2008 05 27 14 30 start time 2008 05 27 14 37 sta list Tr236 sensor yes type pulse calib param 1 0 calib param 2 0 60 0 calib param 3 0 90 0 calibrate start stop B 4 1 1 3 Random Example begin ims2 0 msg_type comma
15. the parameters and default settings described in Table 2 7 Note For more information on calibration settings see the Calibrate user guide Table 2 7 CalibrationStationDefaults Section Parameters Optional Default Parameter Setting Definition StationName STNO1 The station name as defined in the Station section of the Naqs stn file Permitted values any valid station code of 3 to 5 characters Ton 300 The number of seconds after the calibration coil is engaged to wait before starting calibration signal Permitted values any positive integer gt 0 SwRamp 240 The number of seconds for the sine wave to ramp up to full amplitude signal The number of seconds for the sine wave to ramp down from full amplitude signal Permitted values any positive integer gt 0 SwNfft 100 The number of samples used in each fast Fourier transform window during analysis Permitted values any positive integer gt 32 To optimize efficiency and accuracy you should specify a number with many small prime factors SwDec 1 The factor by which the digitizer sample rate is decimated before analysis Permitted values 1 2 3 4 5 10 20 25 30 40 50 100 PrbUnitWidth 2 0 The PRB signal unit width in seconds Permitted values any positive value gt 0 PrbNfft 100 The number of samples used in each fast Fourier transform window during analysis Permitted values any positive integ
16. with the configuration file Interface section AutoDRMLogDir parameter gt To set the verbosity of log messages on startup edit the Control section of the Auto DRM ini configuration file gt To change the verbosity of log messages while AutoDRM is running use the run time com mands AutoDRM Version 2 1 User Guide 16 of 47 14830R4 2008 04 10 Chapter 3 Running AutoDRM 3 5 Troubleshooting AutoDRM To set up AutoDRM for troubleshooting 1 Set the log verbosity to Verbose v to provide a detailed trace of AutoDRM activity 2 Toggle the mail debugger option v to show hide connection protocols 3 Toggle on the save to file option F With this option enabled AutoDRM will save complete copies of all incoming requests to timestamped files in the configured directories These files contain complete Internet headers and can be examined with any text editor to aid in solving mail problems For more information see Section 3 2 Using the Run Time Commands on page 16 3 5 1 AutoDRM Is Not Receiving Email If AutoDRM is not receiving email and there is no other message on the console window gt Check that the mail protocol is correct this is set with the Interface section MailBoxProtocol parameter and that the POP3 or IMAP4 service is running at the mail host 3 5 2 AutoDRM Cannot Verify Email If AutoDRM rejects a signed email because it cannot be verified it will print a log message indicating why the
17. 0 HELP constitutes a complete request message and does not require any other message lines Lines two and three must be Msc TvPE and usc 1p respectively These lines identify the type of message and the string used to identify the original message in the response The message identification MSG_1D contains a user assigned ID string code and optionally a source code These are separated by a space The fourth line should be the request control line E MAIL to identify the response protocol as email and to specify the destination email address for the response This line is optional if it is not included AutoDRM uses the email header information to determine the address for the response The fifth through nth lines are environment and request lines specific to the message type see Table 4 Data Request Message Lines on page 23 and Table 4 3 Command Request Message Lines on page 24 Environment lines define parameters of the request for example defining the source of requested data or the time at which to implement a calibration command Precision for time environment definitions is as defined in IDC 3 4 1 For more information see the message examples in Appendix B Request lines specify the type of data or command request for example WAVEFORM UPDATE CRL Some command requests include an enclosure between the request and stop for example a certificate request The last line of the message must be sto
18. 211LmNvbRcNMDMxM j list vyyyl mm dd hh mm ss sss MxCZAJBgNVBAYTAmNhMRAwDgYDVOOIEwdP bnRhomlvMQO8wDOYDVOOHEwZPdHRhd2EXDTALBgNVBAO ExMTCwMTIyWhcNMDOWMTEWwMTCWMTIyWjAgMBMCAiE1 B EF jbWUxEDAOBgNVBAST E2Fw YYbD FwOwMzEyMTExNjU5MzBaMBMCAi AAMwADAtAhRHsjCsbpX7xlEfUV ASOQ ND X509 CRL E B 4 7 2 Update CRL Response Syntax BEGIN IMS2 0 MSG TYPE COMMAND RESPONSE MSG ID id string source REF ID ref str ref src TIME STAMP yyyy mm dd hh mm ss CRL UPDATED error message OwMz 3TuEO08QIVAO3RhCnL3d507G2GCwa97R EyMT EXNzAwNDJaMAsGByqGSM44BAMF STOP where error message COMMAND UPDATE CR PROBLEM ENCOUNTER Kt ED problem description AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 45 of 47 Appendix B Message Syntax AutoDRM Version 2 1 User Guide 46 of 47 14830R4 2008 04 10 About Nanometrics Nanometrics leads the world in the development of digital technology and networks for seismological and environmental studies The award winning Canadian exporter was the first company to produce a fully integrated satellite system specially designed for studying and monitoring earthquakes Nanometrics has customers on every continent in more than 200 different countries Our customers have used our technology to establish and grow research networks acros
19. 4 2008 04 10 Chapter 1 Getting Started total number of parts n The maximum response message size is specified in the Message section ResponseSizeLimit parameter in the configuration file Future dated commands are answered with a confirmation email followed by additional responses when the action occurs 1 1 1 4 Message Authentication For typical installations AutoDRM will only accept request messages sent as email in Secure Multipurpose Internet Mail Extensions S MIME format addressed to the correct recipient as specified in the Interface section MailBox parameter and digitally signed by an authorized sender a sender whose identity and access level can be verified according to information stored on the security token If a request message cannot be verified or 1f the certificate chain contained in the digital signature is not valid AutoDRM rejects the request and does not send any acknowledgment to the originator of the message For installations in which clients do not have mail signing capability you can configure AutoDRM to accept unsigned email requests by setting the configuration file Control section parameter AcceptUnsigned to Yes Even if unsigned requests are accepted signed requests will still be verified and will be rejected if they cannot be verified AutoDRM will only send response email that has been signed using a private key stored on the security token The S MIME signature on outgoing messages will in
20. AutoDRM Version 2 1 User Guide qi Nanometrics Kanata Ontario Canada O 2004 2008 Nanometrics Inc All Rights Reserved AutoDRM Version 2 1 User Guide The information in this document has been carefully reviewed and is believed to be reliable Version 2 1 Nanometrics Inc reserves the right to make changes at any time without notice to improve the reliability and function of the product No part of this publication may be reproduced stored in a retrieval system or transmitted in any form or by any means electronic mechanical photocopying recording or otherwise without the prior written permission of Nanometrics Inc Nanometrics Inc 250 Herzberg Road Kanata Ontario Canada K2K 2A1 Tel 1 613 592 6776 Fax 1 613 592 5929 Email info Onanometrics ca www nanometrics ca Part number 14830R4 Release date 2008 04 10 About This User Guide Document Scope This user guide provides information for users who need to obtain data from or send commands to a Nanometrics data acquisition system and system administrators who need to install configure and maintain AutoDRM Chapter 1 Getting Started Installation instructions and an overview of the components and functionality of AutoDRM Chapter 2 Configuring AutoDRM Instructions on how to configure AutoDRM using the AutoDRM ini file Chapter 3 Running AutoDRM Information on stopping and starting AutoDRM using the run time commands and monitoring the ope
21. AutoDRMLogs AutoDRMResponses Response log path for current directory ScheduleDir nmx user autodrm scheduleItems Directory for storing Schedule items DO NOT MODIFY AcceptUnsigned Yes accept unsigned requests Verbosity VERBOSE DEBUG VERBOSE or INFO Message MessageldPrefix WS01 CAO01 the prefix of messageID string without space MessageNumber 0 Initial message number as the suffix of messageID int ResponseSizeLimit 1 0 response message size limit in Mbytes if specified Size is 2MB or 0 4 MB RequestExpiry 24 maximum age of a request before it is considered stale in hours Stations StationCode CA01 array station code for this AutoDRM StartDate 1970 01 01 start date for all stations EndDate 2050 01 01 end date for all stations Authentication TokenID any tokenID for the token you use any reads s n from token PIN CTBTO the pin code to login token KeyID 1 the ID to find the private key for signing authentication VerificationDepth 1 number of chained certificates received in E mail enough to verify the message CalibrationDefaults optional section each parameter is also optional Ton 30 seconds after calibration coil is engaged to wait to start calibration SwRamp 30 seconds to ramp up and down to full amplitude signal duration SwNfft 100 size of nFFT window in samples SwDec 1 amount to decimate signal
22. Nags stn AdaressFile The path and name of the Nags station address mapping file naqsaddr ini CalibrationFile The path and name of the Calibrate configuration file CD11File The path and name of the NmxToCD11 configuration file HelpFile The path and name for the help file to be sent in response to a HELP request typically stnhelp txt Edit the help file to provide accurate information about your installation StartContScript The file path and name of the set primary script which will start continuous data transmission when run StopContScript The file path and name of the set auxiliary script which will stop continuous data transmission when run RequestCache The file path and name for the cache for future dated request information AutoDRMLogDir The path for the AutoDRM log RequestLogDir The path for the request messages log directory ResponseLogDir The path for the response messages log directory ScheduleDir The path for the scheduled items directory 10 of 47 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 Chapter 2 Configuring AutoDRM Table 2 2 Control Section Parameters Continued Parameter Definition AcceptUnsigned This indicates whether or not unsigned data requests should be accepted It might be useful to accept unsigned requests on installations that do not have any security concerns to eliminate the need for all users to have mail signing capability Signed requests will still
23. OBgNV ZANBgNVBACTBk90daGF3YTENMASGAlUEChMEOWNtZ 29tMB4XDTAOMDOyNjE4MTkxOVOXDTA1MDOyN3E4 UEChMFOQ RIMquhI RpAQmA EOMAAG zESMBAGAlUEAxMJUHJl1C2IKkZW50MRwwGgYJKoZIhvcNAOkB kxOVow 1RCVE8xDDAKBgNVBASTAO 1NUZEOMAWGA1UEAXMFU1 cwHmcwJ8tVBTV85Z1ETZfUbg n zMs9iM3yOPfCc5 3b9AR gDOIEwWwIVANOACIOLIHFO9xsirDOMfjlBSPzt QuN3 jm7DGw2wems3DX 24 0o0Lym3qrDcfatvL660N33akfDw9eSdqDlec5O 3kkCImMYNjFZqLn4FEiJVqxZOl15IyllHNjNqGTZM 1JYCYojmaewOmHqib g4 iYaaU8Y XXYvcmGrOIQ1IvUIC 1zV3jGO6SPmE5cR6Y Kze MMAEneOCnnPMAsGByqGSM4 4BAMFAAMWADAtAh hSEoAIVAL7ORvHFUXYs11u87pRWAbylNMkU END C T RTIFICATE ROMZEx BrQ8A Ev9osu Exynqt xhAoGA HGA Z 99z12B D1b jW9Gd9m4j6GGN Ln6 ClDR7QBglmlWd4LN8xHm7nnnbXr2qwmD RHZ30S 42 of 47 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 Appendix B Message Syntax B 4 5 2 Start Keypair Confirmation Response If a key pair is scheduled to be made active at some future time this initial response is returned Note that when the start time is not confirmed there will be no subsequent results response Syntax BEGIN IMS2 0 MSG TYPE COMMAND RESPONSE MSG ID id string source REF ID ref str ref src TIME STAMP yyyy mm dd hh mm ss STA LIST station code CHAN LIST channels AUTH ID requested Keypair ID START TIME yyyy mm dd hh mm ss not confirmed KEY
24. PAIR CONFIRM error message STOP where error message COMMAND START KEYPAIR PROBLEM ENCOUNTERED problem description B 4 5 3 Start Keypair Results Response When a key pair is being made active this is the response that is sent This is either the response to the initial request if the request is not future dated or is created as a separate response when processing begins at the requested time Syntax BEGIN IMS2 0 MSG TYPE COMMAND RESPONSE MSG ID id string source REF ID ref str ref src TIME STAMP yyyy mm dd hh mm ss STA LIST station code CHAN LIST channels AUTH ID requested Keypair ID KEYPAIR STARTED error message STOP where lt error_message gt COMMAND START_KEYPAIR PROBLEM_ENCOUNTERED problem description AutoDRM Version 2 1 User Guide 43 of 47 14830R4 2008 04 10 oe Appendix B Message Syntax B 4 6 Stop Continuous The command request sTOP CONTINUOUS is issued to stop all CD1 x senders configured to execute on the workstation running AutoDRM B 4 6 1 Stop Continuous request Syntax BEGIN IMS2 0 MSG TYPE COMMAND REQUEST MSG ID id string source T MAIL address ME STAMP time STOP CONTINUOUS STOP El H where time yyyy mm dd hh mm ss sss Example begin ims2 0 msg type command request msg
25. a request message Onecommand request can be included in a request message More than one data request can be included in a request message Message lines must be left justified Message lines are not case sensitive AutoDRM Version 2 1 User Guide 19 of 47 14830R4 2008 04 10 Chapter 4 Using AutoDRM All messages except for HELP requests require standard messages lines to format the message and specify the request or response These include Message format lines BEGIN start of the message MSG TYPE the type of message for example request data command request command response e MSG_ID a two part identifier user defined for request messages and AutoDRM con structed for response messages REF ID used in response messages to identify the original request message using the value of MSG_1D from the request message STOP end of the message Request control line used in request messages to specify the response protocol as email Request environment lines specific by message type these define parameters of the request for example stations and timeframes Request lines to select one or more of the supported data types or to submit a command 4 2 1 Request Message Structure All messages except for HELP requests must have BEGIN as the first line of the message body This line is used to identify the message format version for example IMS1
26. ages and MSG ID is checked for data request messages specified as IMS2 0 Values that are invalid will cause AutoDRM to reject the request For more information see Section 1 1 1 6 on page 5 Table 4 3 Command Request Message Lines Line label Parameters Description Line type BEGIN ims2 0 Required Format Indicates the start of message and the message format version number If the version number is IMS1 0 the command request is rejected MSG TYPE command request Required Format Indicates the type of message 24 of 47 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 Chapter 4 Using AutoDRM Table 4 3 Command Request Message Lines Continued Line label Parameters Description Line type MSG_ID ID_string source Required The user defined two part identifier for the message The two parts are separated by a space It must include a unique JD string up to 20 alphanumeric characters and optionally can include a source code identifying the message source up to 16 alphanumeric characters for example the station network code Format E MAIL address Optional Specifies the response protocol as email and the destination address If an address is not specified the default is the sender address in the email message header Control TIME STAMP date time Required Assigns a date and time when the command request is issued A blank val
27. and parameters must precede the command keyword in the email The only item that can follow the keyword is an enclosure for example a certificate where appropriate for the command Enclosures must follow the command keyword and precede the stop keyword Errors encountered during parsing for example invalid date formatting will return an error log identical to those for data requests Problems occurring later in processing will be reported as described below B 4 1 Calibrate Start The command request CALIBRATE START is issued to calibrate IMS seismic hydro acoustic and infrasound stations It indicates the time of the calibration and details how the calibration should be conducted The command response is in two parts The first part confirms the calibration for example that it is scheduled the second part contains the calibration results B 4 1 1 Calibrate Start Request Calibration command parsing imposes this restriction on submitted requests The type declaration must precede the calibration parameters If only one pulse signal is specified the only required parameter is duration If multiple pulse signals are specified then each subsequent signal specified after the first signal requires a delay parameter The delay parameter specified for the second signal is applied to the first sig nal the delay parameter specified for the third signal is applied to the second signal and the delay value for the final signal is
28. be verified Permitted values Yes No Verbosity The severity level of the log messages displayed at startup You can change the setting for a particular session see Section 3 2 Using the Run Time Commands on page 16 Permitted values DEBUG VERBOSE and INFO Paths and file names must not contain spaces Locations must be accessible locally or through a TCP IP network connection Optionally use a period for the current directory 2 1 3 Message The Message section defines response message characteristics It contains the parameters described in Table 2 3 Table 2 3 Message Section Parameters Parameter Definition MessageldPrefix Each response message is identified by a message ID in the MSG_ID line in the form Prefix Number MessageldPrefix defines the prefix to be used in the value for the message ID Permitted values any alphanumeric string without spaces MessageNumber Each response message is identified by message ID in the MSG_ID line in the form Prefix Number MessageNumber defines the default initial response message number The message number is incremented for each response sent AutoDRM maintains a file MsgNum txt containing the current message number Section 1 2 2 on page 6 and normally uses the value from that file The MessageNumber value is used only if MsgNum txt cannot be read Permitted values any positive integer ResponseSizeLimit The maximum size
29. clude the public key email signing certificate corresponding to the signing key 1 1 1 4 1 S MIME Email Format AutoDRM will only exchange email messages using multipart signed S MIME format A multipart signed message has an email message header and a two part message body The first part of the body contains the message text and the second part contains the digital signature of the message and the digital certificate of the sender See RFC 1847 for S MIME standards and RFC 2633 for the standards for adding cryptographic services to MIME data 1 1 1 4 2 Digital Signatures and Digital Certificates AutoDRM uses a public key infrastructure PKI based system for message authentication A PKI relies on the use of a public private key pair generated from the same algorithm as the basic tool for message and sender verification A key pair holder keeps their private key private and typically has their public key posted in a public directory The private key is used by the key pair holder to digitally sign outgoing messages The public key is used by recipients of messages from the key pair holder to decrypt the message digital signature and thereby verify the authenticity of the message A digital signature can be generated for any outgoing message using the private key of the sender to encrypt a hash an efficient mathematical representation of the data derived using a hash function such as SHA 1 of the message The public key of the sender i
30. d 1 1 SAboutAutoDRM rump Rx A id PG XX AAA pete ok 1 11 1 Typical Operation es sreda crono Nora 2 1 1 1 1 Data Compression ssssssseesee e rn 2 1 1 1 2 Missing Waveform Data o ooocococcooc n 2 1 1 1 3 Message EXChange oooooccononnne ee ne 2 1 1 1 4 Message Authentication o ooooccococcneoo eR In 3 1 1 1 4 1 S MIME Email Format oo occccococccco eee 3 1 1 1 4 2 Digital Signatures and Digital Certificates llli 3 1 1 1 4 3 Certificate Verification Rules lisse meh 4 1 1 1 4 4 Certificate and CRL Caching ooooccooccco eee 4 1 1 1 4 5 Security TokeN ooococoocococoo ern 4 1 1 1 5 Command Authorization seses 0 000 eh 4 1 1 1 6 Rejected Requests ooooococconocc nne 5 1 2 Summary of Inputs and OutpuUtS ooococcoco eh 5 1 21 IMPOR NCS sts etorri quo Deb etude ao S bcne eae ees 5 1 2 2 Output Files eiia i a aa aira A e MR teed n A a 6 1 3 Dependencies 0 ee rne 7 1 4 Software Requirements ooooocooccco tenes 7 1 5 Installing AUtODRM 2 RR RH I ts 7 1 6 Additional References ooooooocoorroo enn 8 Chapter 2 Configuring AutoDRM 2 1 Definition of Configuration File Sections and Parameters 20000ee eee 9 24 1 lnterface eine rer iet mee e ie Tei dai 10 24 2 COMMON i ee on xc id ae Dee Be Ron as MUR RR ee i 10 2 1 3 Message dote dne n eene ets ates tke rrt de dod Sale tena 11 2 1 4 Stations ii
31. d Edit this text file to reflect the station characteristics The file name and path are defined in the Control section HelpFile parameter 1 2 2 Output Files AutoDRM yyyymmdd 1og The log files contain diagnostic messages generated by AutoDRM and provide a summary of the program operation The logs record all request attempts and the identity of the requester The log files are created daily in the directory specified in the Control section of the configuration file Each log message has an associated type ranked by severity Table 1 2 Log verbosity can be configured to show only messages at or above a specified severity level The verbosity of the log on startup is set in the Control section of the Aut oDRM ini file While AutoDRM is running you can set verbosity to a different level by using the run time commands Section 3 2 on page 16 Table 1 2 AutoDRM Log Message Types Label Description F Fatal errors Serious errors which cause immediate system shutdown E Errors Abnormal occurrences which will likely affect data integrity W Warnings Less serious abnormal occurrences l Informational messages Messages tracing the normal operation of the system Verbose messages Detailed informational messages tracing the normal operation of the System D Debug messages Additional verbose trace messages REQ yyyymmdd hh mm ss txt MAIL yyyyrumdd hh mm ss txt message
32. e 33 of 47 14830R4 2008 04 10 Appendix B Message Syntax B 3 1 Data Request Syntax BEGIN IMS1 0 MSG TYPE REQUEST MSG ID id string EMAIL address TIME IMS2 0 source time to time STA LIST station code CHAN LIST channels 1 request line STOP where request line CHANNEL ims format WAVEFORM ims format compression RESPONSE ims format OUTAGE ims format time yyyy mm dd hh mm ss sss Example begin ims1 0 msg type request msg id Example 2 e mail test nanometrics ca time 2008 04 05 10 00 00 000 to 2008 04 05 10 02 00 000 sta_list waveform ims1 0 outage stop B 3 2 Data Response Syntax BEGIN IMS1 0 MSG_TYPE DATA MSG_ID id_string REF_ID ref_str DATA_TYPE LOG IMS1 cm6 source ref src PART OF n 0 Original request information 1 requested data STOP or BEGIN IMS2 0 MSG TYPE DATA MSG ID id string REF ID ref str STOP where requested data source ref src PART OF n 1 requested data DATA TYPE formatted requested data type ims format data 34 of 47 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 Appendix B Message Syntax B 4 Command Messages Command parsing has these restrictions on submitted requests Only one command per request message is supported All of the comm
33. e for which the action has been scheduled or not confirmed if the requested action cannot be scheduled Response PROBLEM_ENCOUNTE description Response to a command request that did not execute as expected Response COMMAND name of command Part of an error response describing what command failed Response CALIBRATE_RESULT Second response to a successful CALIBRATE START request it includes the calibration result TN SPEC and optionally CALIB CALPER Response CALIB value Calibration factor Response AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 27 of 47 Chapter 4 Using AutoDRM Table 4 4 Command Response Message Lines Continued Line label Parameters Description Line type CALPER value Calibration period Response IN SPEC yes no Indicates whether the channel response Response is within specifications MASS CENTERED Response to CENTER MASS request Response CONTINUOUS STARTED Response to START CONTINUOUS Response request CONTINUOUS STOPPED Response to STOP CONTINUOUS Response request STOP Indicates the end of the message Format AutoDRM Version 2 1 User Guide 28 of 47 y i 14830R4 2008 04 10 Appendix A Configuration File Example A 1 A 1 1 General Structure The AutoDRM configuration file is structured as an
34. e wrong section it will not be rec ognized Duplicated names If a parameter name appears more than once only the first instance will be recognized A 2 Example AutoDRM Configuration File Interface HostMailServer localhost name or IP address for host email server MailDomain wsOl ca01 gci ctbto org mail domain MailBoxProtocol pop3 protocol for connection to mail box MailBox autodrm name of the mail box on the HostMailServer MailBoxPassword autodrm password for mail box login Control StationFile nmx user Nags stn Nags station file AddressFile nmx user nagsaddr ini Nags station address mapping file CalibrationFile nmx user autodrm Calibration ini Calibration configuration file DO NOT MODIFY CD11File nmx user NmxToCD11 ini CD1 1 configuration file HelpFile nmx user autodrm hlp AutoDRM help file StartContScript nmx bin set_primary Script to start continuous data transmission StopContScript nmx bin set_auxiliary Script to stop continuous data transmission RequestCache nmx user AutodrmRequests ser Cache for future dated request information AutoDRMLogDir nmx log AutoDRMLogs AutoDRM log path RequestLogDir nmx log AutoDRMLogs AutoDRMRequests Request log path for current directory AutoDRM Version 2 1 User Guide 30 of 47 14830R4 2008 04 10 Appendix A Configuration File Example ResponseLogDir nmx log
35. ece eee eee 37 B 4 1 3 Calibrate Results Response 2 00000 e eee eee 38 Bi4 2 Center MASS ss fives Sada sede paw Gee ed ee ee aA a GAA a A 38 B 4 2 1 Center Mass Request o ooocoocccoconcc tees 38 B 4 2 2 Center Mass Response 0 0 0 c eet nh 39 B 4 3 Generate Keypall ooooococooocc teens 39 B 4 3 1 Generate Keypair Request ses 39 B 4 3 2 Generate Keypair Response 0000 ses 40 B44 Start Continuous oss esed ua e pec aS eee entier ee ES a 41 B 4 4 1 Start Continuous request ooooccococo eh 41 B 4 4 2 Start Continuous response 0 00 eee 41 B 4 5 Start Keypalr is eso ione REIS AERE PAS Gg GR X E XR Rn RE ERROR 41 B 4 5 1 Start Keypair Request o ooococcococo en 42 B 4 5 2 Start Keypair Confirmation Response 0000 eee eee ee 43 B 4 5 3 Start Keypair Results Response 0000 e eee eee 43 B 4 6 Stop Continuous cscs asi nimaa aa a a a S a aai waa a E 44 B 4 6 1 Stop Continuous request o ocooooococco eee 44 AutoDRM Version 2 1 User Guide vi 2008 04 10 14830R4 Contents B 4 6 2 Stop Continuous response o ococooco eh 44 B 4 7 Update CRE cocer e ead ER DDR eec Meee Pd urs Ee 45 B 4 7 1 Update CRL request o oocoocooccooc en 45 B 4 7 2 Update CRL Response oocococoocccc en 45 AutoDRM Version 2 1 User Guide vil 2008 04 10 14830R4 Tables 1 1 Acknowledgement of Rejected Requests 0 0 0 5 1 2 AutoDRM Log M
36. er 1 5 Installing AutoDRM AutoDRM must be installed either on the NAQSServer computer or on a computer that has TCP IP access to the NAQSServer computer and network access to the NAQS ringbuffers It requires a stand alone mail server with a mailbox for AutoDRM Note Edit the file nmx user stnhelp txt to reflect the characteristics of your network The content of this file is sent in response to a HELP request gt See the installation instructions for the acquisition system workstation AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 7 of 47 Chapter 1 Getting Started 1 6 Additional References For more information see the following external references PKCS 11 RSA Laboratories December 1999 PKCS 11 v2 10 Cryptographic Token Interface Standard http www rsasecurity com rsalabs node asp id 2133 IDC 3 4 1 Science Applications International Corporation SAIC Pacific Sierra Research Corporation Rev 1 March 1999 Formats and Protocols for Messages IMS 1 0 http www rdss info Internet Engineering Task Force IETF http www ietf org rfc html for the following documents RFC 1847 Galvin J Crocker S Freed N and S Murphy Security Multiparts for MIME Multipart Signed and Multipart Encrypted RFC 1847 October 1995 RFC 1848 Crocker S Freed N Galvin J and S Murphy MIME Object Security Services RFC 1848 October 1995 RFC 2459 Housley R Fo
37. er gt 32 To optimize efficiency and accuracy you should specify a number with many small prime factors PrbDec 1 The factor by which the digitizer sample rate is decimated before analysis Permitted values 1 2 3 4 5 10 20 25 30 40 50 100 PulseDelay 60 The number of seconds after the pulse ends to include in analysis Permitted values any positive integer gt 0 PulseNfft 100 The number of samples used in each fast Fourier transform window during analysis Permitted values any positive integer gt 32 To optimize efficiency and accuracy you should specify a number with many small prime factors PulseDec 1 The factor by which the digitizer sample rate is decimated before analysis Permitted values 1 2 3 4 5 10 20 25 30 40 50 100 14 of 47 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 Chapter 3 Running AutoDRM This chapter provides information on starting and stopping AutoDRM using the run time commands and monitoring the operation of AutoDRM 3 1 Starting and Stopping AutoDRM You can start and stop AutoDRM locally or remotely via a telnet session 3 1 1 Starting and Stopping AutoDRM Locally In a typical network AutoDRM will be set up to start automatically using scripts on Solaris and Linux or the NmxWatchdog utility on Windows It can also be started manually from the command line AutoDRM must be shut down properly to release its system resources To star
38. essage Types ococccocccoc ete 6 2 1 Interface Section Parameters liliis 10 2 2 Control Section Parameters liliis 10 2 3 Message Section Parameters 00 00 eee ele 11 2 4 Stations Section Parameters ooooocooccccoocr seen 12 2 5 Authentication Section Parameters oooo oooooccooo eens 12 2 6 CalibrationDefaults Section Parameters Optional oooooococconooooo 13 2 CalibrationStationDefaults Section Parameters Optional llus 14 3 1 AutoDRM Run Time Commands 00 ccc res 16 4 1 Data Request Message Lines ooooccccoccco teas 23 4 2 Data Response Message LineS 0 eee 24 4 3 Command Request Message LineS 0 00 c eee eee eee 24 4 4 Command Response Message Lines 0 000 c cece eee eee 27 AutoDRM Version 2 1 User Guide viii 2008 04 10 14830R4 Chapter 1 Getting Started AutoDRM Version 2 1 is an Automatic Data Request Manager that allows authorized users to request data from a Nanometrics data acquisition system and to send command requests via email Nanometrics AutoDRM Version 2 1 message formats comply with International Monitoring System IMS International Data Centre IDC conventions for AutoDRM S H I station basic message exchange as defined in IDC 3 4 1 and command request extensions defined as IMS2 0 in Attachment 6 to the Technical Terms of Reference for IMS Equipment October 2003 1
39. f missing samples 1 1 1 3 Message Exchange AutoDRM can use either Post Office Protocol version 3 POP3 or Internet Message Access Protocol version 4 IMAP4 to receive email messages and uses a Simple Mail Transfer Protocol SMTP mail service to send response email messages The mail settings are specified with parameters in the Interface section of the configuration file A request message email can contain multiple request messages of more than one type Each of the IMS request message blocks bounded by BEGIN and sro within the email can contain one or more data requests or one command request As appropriate for each authorized request message AutoDRM creates a response message containing the data responses to each of the original data requests or executes the command and sends a response AutoDRM obtains data from the NAQS Server configuration or data files to generate the data responses and uses the appropriate application to execute commands Request and response messages must use specified formats See Chapter 4 Using AutoDRM Appendix B Message Syntax and IDC 3 4 1 AutoDRM sends each response message as one or more email messages Data segments exceeding the user defined maximum response message size are split into multiple parts each of which is sent as a separate email Each part is numbered part 1 part 2 part n the final part also contains the 2 of 47 AutoDRM Version 2 1 User Guide 14830R
40. he security token on an instrument or a Central Facility workstation A certificate for the key pair must be enclosed in the email AutoDRM Version 2 1 User Guide 41 of 47 14830R4 2008 04 10 d Appendix B Message Syntax B 4 5 1 Start Keypair Request Key pairs can be started immediately or at a future date Start Keypair command parsing will impose this restriction on submitted requests The station and channel list must resolve to a single instrument or workstation Syntax EGIN IMS2 TIME STAMP 0 B MSG TYPE COMMAND REQUEST MSG ID id E MAIL address string time START TIME time STA LIST station code CHAN LIST channels AUTH ID active keypair new id START KEYPAIR PEM X509 certificate STOP where source gt time yyyy mm dd hh mm ss sss Example begin ims2 0 msg_type command_request msg_id Example_6 e mail test nanometrics ca time_stamp 2008 04 27 14 28 sta_list S chan_list TN31 BHZ start_time 2008 04 27 15 26 start_keyp air CERTIE MIIC8zCCArACAiE5MASsGByqGSM44BAMFADCBgzELMAKGAlUEBhMCY2EXED BAgTBO09udGFyaW8xD AlUECxMHV2 lkz2VOc FglwcmVzQGFjbWUuY PDEOMAwGAI DDAKBgNVBACTAO5NWDCCAbcwggErBgcqhkjOOAQOBMIIBHgKBgOD87GGC6y NsDq2r lagwued70S8jy5TaZCWOf8nDxWXhddWkh2 Xc641SDtmL8B991 VWX9eYLiDC 2Yv7Bt w4d ICATE A
41. i Dc hee eos eon ee aeg e sc de a o a Mg a 12 2 1 5 Authentication ooooocoorcnrrrr nh 12 2 1 6 CalibrationDefaults llis RR IRR 13 2 1 7 CalibrationStationDefaults lille else 14 Chapter 3 Running AutoDRM 3 1 Starting and Stopping AutoDRM oococccocccoc ees 15 3 1 1 Starting and Stopping AutoDRM Locally 0 0 00 eee 15 3 1 2 Stopping and Restarting AutoDRM Remotely 0 000 cee eee 15 3 2 Using the Run Time Commands 0 0c cece eee en 16 3 8 Updating the Token Configuration 0000 cee 16 3 4 Monitoring the Operation of AUtODRM 0 000 eee 16 3 5 Troubleshooting AutoDRM 00 tee 17 3 5 1 AutoDRM Is Not Receiving Email 0 0 00 eee 17 3 5 2 AutoDRM Cannot Verify Email oooococccccoccco e 17 3 5 3 AutoDRM Cannot Find Data o ccoocococccocnoc e 17 AutoDRM Version 2 1 User Guide 2008 04 10 14830R4 Contents 3 5 4 AutoDRM Sends an Email but It Is Not Received oooocccccocccccoo o 17 3 5 5 AutoDRM Rejects Requests 0 0c eh 18 Chapter 4 Using AutoDRM 44 Message Typos essers dukra ki eae eed Ga vua Ru AA sU eius 19 4 2 Message Structure Overview o oooocoooooc nes 19 4 2 1 Request Message Structure es 20 4 2 1 1 Request Message Example o occocccocccc eh 21 4 2 2 Response Message Structure oooocoocooccoo lees 21 4 2 2 1 Response Message Example ooocccocccocc eae 21
42. igitally signed email messages can be exchanged see Section 1 1 1 4 Message Authentication on page 3 and the SMConsole manual To generate responses to request messages AutoDRM retrieves station and channel information from the Naqs stn file waveform and outage data from the NAQS ringbuffers and sensor and digitiser response characteristics from the rsp files specified for each channel defined in the Naqs stn file AutoDRM retrieves Help information from the station help text file if it has been installed All AutoDRM status information is shown in the console window and is also saved into daily log files AutoDRM optionally will log copies of request and response messages it creates a Message ID to track the message copies For more information see Section 1 2 Summary of Inputs and Outputs on page 5 AutoDRM uses the appropriate application to implement commands at the digitiser and at the security token for example CALIBRATE START is processed through NaqsServer Data Compression For any station wAvEFORM data for each channel can be sent in uncompressed format INT as ASCII or in CM6 compressed format CSF a signed compression scheme can be used for stations or digitisers sending authenticated data in CD1 1 format See IDC 3 4 1 for information about these data compression schemes 1 1 1 2 Missing Waveform Data For wAVEFORM data outages missing data are represented by an outage table giving the number o
43. ini file a format which is designed to be readable and editable in any text editor These files consist of a number of sections each containing several parameters Sections are identified by a name enclosed in square brackets for example Interface Each parameter is defined on a separate line following the section identifier The format for defining the parameter is as follows ParameterName Value The following example shows the section that defines the network connections for AutoDRM Interface HostMailServer 199 71 138 13 name or IP address for host email server MailDomain test nanometrics ca mail domain MailBoxProtocol pop3 protocol for connection to mail box MailBox autodrm name of the mail box on the HostMailServer MailBoxPassword autodrm password for mail box login Data Order and Default Values All parameters for a given section must be defined after the section identifier for that section and before any other section identifier AutoDRM does not provide any default settings for the parameters in the required sections Therefore you must fully define every parameter in each required section Parameters must be defined in the order that they are listed in the parameter description sections For more information see Chapter 2 AutoDRM does provide default settings for the parameters in the optional sections Therefore you do not have to define any of the parameters in those optional sectio
44. issued to centre the mass at IMS seismic or hydro acoustic stations Center Mass Request Syntax BEGIN IMS2 0 MSG TYPE COMMAND REQUEST MSG ID id string source E MAIL address TIME STAMP time STA LIST station code CHAN LIST channels DURATION seconds CENTER MASS STOP where time yyyy mm dd hh mm ss sss Example begin ims2 0 msg type command request msg id Example 2 e mail test nanometrics ca time stamp 2008 05 27 14 35 sta list Tr236 duration 1 center mass stop 38 of 47 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 Appendix B Message Syntax B 4 2 2 Center Mass Response Mass centring is done by station If there is a critical error preventing this command from being processed at all a single error email will be sent out with the requested station list and channel list Otherwise a separate confirmation or error email will be sent out for each station as it is centred The system will allow up to 20 seconds for the centring to complete after which time it will abort the attempt and issue an error email for that station Syntax BEGIN IMS2 0 MSG TYPE COMMAND RESPONSE MSG ID id string source REF ID ref str ref src TIME STAMP yyyy mm dd hh mm ss indiv response indiv error message overall error message STOP where lt indiv_response gt STA_LIST single statio
45. n_code CHAN_LIST requested channels for that station MASS_CENTERED lt indiv_error_message gt STA_LIST single station_code HAN_LIST requested channels for that station C COMMAND CENTER MASS E ROBLEM ENCOUNTERED problem description overall error message STA LIST requested station code CHAN LIST requested channels COMMAND CENTER MASS PROBLEM ENCOUNTERED problem description B 4 3 Generate Keypair Central Facility workstation security tokens only the CF workstation running AutoDRM can be updated by this command The DSA parameters can optionally be enclosed in the email otherwise default values will be used The command request GENERATE KEYPAIR is issued to generate new key pairs at instrument and B 4 3 1 Generate Keypair Request Syntax BEGIN IMS2 0 MSG TYPE COMMAND REQUEST MSG ID id string source E MAIL address IME STAMP time STA LIST station code CHAN LIST channels AUTH ID active keypair ID GENERATE KEYPAIR PEM DSA parameters STOP where time yyyy mm dd hh mm ss sss AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 39 of 47 Appendix B Message Syntax Example begin ims2 0 msg type command request msg id Example 3 e mail test nanometrics ca time stamp 2008 04 16 14 28 generate keypair
46. nd_request msg id Example 1 e mail test nanometrics ca time_stamp 2008 05 27 14 30 start_time 2008 05 27 14 37 sta_list Tr236 sensor yes type random calib_param 1 0 calibrate_start stop amplitude amplitude lt sine_calibration gt amplitude volts amplitude volts 36 of 47 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 Appendix B Message Syntax B 4 1 1 4 Sine Example begin ims2 0 msg type command request msg id Example 1 e mail test nanometrics ca time_stamp 2008 05 27 14 30 start_time 2008 05 27 14 37 sta_list Tr236 sensor yes type sine calib_param 5 1 0 calibrate_start stop B 4 1 2 Calibrate Confirmation Response Calibrations are scheduled by station If there is a critical error preventing this command from being processed at all a single error email will be sent out with the requested station list and channel list Otherwise a separate confirmation or critical error email will be sent out for each station as they are scheduled If the scheduler rejects a particular calibration it will have a start time of not confirmed All calibrations that did not have a critical error will subsequently generate a results response by channel even those that were rejected by the scheduler Syntax BEGIN IMS2 0 MSG_TYPE COMMAND_RESPONSE MSG_ID id_string source REF_ID ref_str ref_src TIME_STAMP yyyy mm dd hh mm ss lt indiv_response gt lt indiv_error_message gt lt overall_e
47. ns if you want to accept the default values Parameters must be defined in the order that they are listed in the parameter description sections For more information see Chapter 2 AutoDRM Version 2 1 User Guide 29 of 47 14830R4 2008 04 10 Appendix A Configuration File Example A 1 2 White Space and Comments The inifile reader ignores white space and blank lines so you can add white space anywhere within a configuration file to improve readability The double slash is a comment delimiter You can add comments anywhere in a file to add descriptive information and to remove parameters or sections temporarily from the file For example This is a full line comment Station a comment can follow a section header StationCode CA01 a comment can follow a parameter definition A 1 3 Configuration File Error Detection AutoDRM parses the configuration files on startup If it detects any errors unrecognized fields or illegal values it will print an error message and stop Illegal values are values which are undefined or out of range for a particular parameter For more information see Chapter 2 gt To resume fix the file using a text editor and then restart AutoDRM The most common cause of unrecognized fields are as follows Misspelled parameter names Check the spelling carefully and note that parameter names are case sensitive Missing names If a parameter appears out of order or in th
48. oDRM assigns the two part identifier Format MessageldNumber for the message REF ID Request Msg ID Identifies the original request message Format TIME STAMP date time Assigns a date and time when the command response is issued Environment STA LIST station code Defines the stations within the network to which the response applies The wildcard character is an asterisk Environment CHAN LIST channel code Defines the channels to which the response applies these are from the STA LIST stations The wildcard character is an asterisk Environment AUTH ID keypairlD Defines the authentication unit identified in the request Environment CRL UPDATED Response to UPDATE CRL request It confirms that the CRL is updated Response A EYPAIR GENERATE Response to GENERATE KEYPAIR request It confirms that a key pair has been generated and includes a certificate request for the new key pair Response A EYPAIR STARTED Response to START KEYPAIR request It indicates when the key pair was started and includes the certificate Response A EYPAIR CONFIRM First response to future dated START KEYPAIR requests Response CALIBRATI E CONFIRM First response to CALIBRATE START requests Response START TI E date time not confirmed Indicates either the actual tim
49. on file Naqs stn defines the station and channel configuration for the NaqsServer data acquisition program AutoDRM uses this file to determine which channels are available for data requests to locate the data ringbuffers and response files for those channels and as an information source to respond to STATION and CHANNEL requests Naqsaddr ini This file is created and managed by NaqsServer It contains address information for each of the digitisers and must be present for AutoDRM to process digitiser command requests NmxToCD11 ini The configuration file for the NmxToCD11 subsystem must be present if waveform data requests are to support CSF formatting Calibration ini The configuration file for the calibration subsystem must be present if calibration command requests are to be supported AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 5 of 47 Chapter 1 Getting Started Data files Naqsringbuffers AutoDRM obtains waveform data and outage information from the NAQS ringbuffers Instrument response rsp files AutoDRM obtains sensor and digitiser response data from the rsp files specified for each channel defined in the Naqs st n file For information on generating response files with the Response and Tresponse utilities see the Playback utilities manual helpfilename t xt AutoDRM retrieves Help information from the station help file for example stnhelp txt if it has been installe
50. on includes message line descriptions for supported message types See Appendix B for message syntax and examples Help Request A help request retrieves the content of the station HelpFile It does not require the basic message lines used for other types of requests just the word help in the message body Help request messages do not have to be signed For example From your email address To AutoDRM email address Subject NR MP EE message boundary 22 of 47 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 Chapter 4 Using AutoDRM 4 3 2 Data Request Table 4 1 describes format control environment and request lines for data request messages Table 4 1 Data Request Message Lines Line label Parameters Description Line type BEGIN ims1 0 ims2 0 Required Format Indicates the start of message and the message format version number If the version number is IMS2 0 the message MSG_ID is checked against previous ones for duplication MSG TYPE request Required Format Indicates the type of message MSG ID ID string source Required Format The user defined two part identifier for the message The two parts are separated by a space It must include a unique 7D string up to 20 alphanumeric characters and optionally can include a code identifying the message source up to 16 alphanumeric characters for example the station network code E MAIL address Optional Control Specifies
51. onds after pulse to include in analysis size of nFFT window in samples amount to decimate signal allowed values 30 40 50 100 32 of 47 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 Appendix B Message Syntax B 1 B 2 B 3 This section shows the syntax for each of the supported message types and examples of message formats For more detailed information on request message structure for example message line continuation refer to IDC3 4 1 Appendix Conventions The message syntax conventions for this Appendix are as follows Symbol Name Symbol Used to Indicate angle brackets lt gt A rule defined following the message syntax brackets An optional entry pipe Alternative elements asterisk T The possibility of many elements indicates zero to many 1 indicates one to many Help Messages A help request retrieves the content of the station help file HelpFile It does not require the basic message lines used for other types of requests just the word help in the message body For example From your email address To AutoDRM email address Subject message boundary help Data Messages More than one data request can be included in an email message Formats for the data output in data response messages comply with the specifications in IDC 3 4 1 Examples of all data output formats are provided in Appendix B of IDC 3 4 1 AutoDRM Version 2 1 User Guid
52. oved starting with version 2 01 AutoDRM will ignore it if it is included in the configuration file AutoDRM Version 2 1 User Guide 12 of 47 14830R4 2008 04 10 Chapter 2 Configuring AutoDRM 2 1 6 CalibrationDefaults The CalibrationDefaults section defines the default calibration settings for all stations This section is optional and each parameter is also optional This section contains the parameters and default settings described in Table 2 6 Note For more information on calibration settings see the Calibrate user guide Table 2 6 CalibrationDefaults Section Parameters Optional Default T Parameter Setting Definition Ton 30 The number of seconds after the calibration coil is engaged to wait before starting calibration signal Permitted values any positive integer gt 0 SwRamp 30 The number of seconds for the sine wave to ramp up to full amplitude signal The number of seconds for the sine wave to ramp down from full amplitude signal Permitted values any positive integer gt 0 SwNfft 100 The number of samples used in each fast Fourier transform window during analysis Permitted values any positive integer gt 32 To optimize efficiency and accuracy you should specify a number with many small prime factors SwDec 1 The factor by which the digitizer sample rate is decimated before analysis Permitted values 1 2 3 4 5 10 20 25 30 40 50 100 PrbUnitWidth 2 0
53. p AutoDRM ignores any information in a message following the first instance of stop so all requests must be bounded by one set of BEGIN and sroP commands AutoDRM Version 2 1 User Guide 20 of 47 14830R4 2008 04 10 Chapter 4 Using AutoDRM 4 2 1 1 4 2 2 4 2 2 1 Request Message Example From sender 9senderdomain Message ID message ID created automatically to track logged copies To autodrmO autodrmdomain Subject data request format example MIME Version 1 0 Content Type multipart signed protocol application x pkcs7 signature micalg shal boundary 145CF85120FDED29F5B4B42AC8DF7032 This is an S MIME signed message menm 145CF85120FDED29F5B4B42AC8DF7032 Content Type text plain begin ims1 0 msg type request msg id Example 1 e mail datarecipient recipientdomain time 2008 5 12 00 03 00 000 to 2008 5 12 00 15 sta list z waveform ims1 0 cm6 outage stop EHE 145CF85120FDED29F5B4B42AC8DF7032 Content Type application x pkcs7 signature name smime p7s Content Transfer Encoding base64 Content Disposition attachment filename smime p7s signature meg 145CF85120FDED29F5B4B42AC8DF7032 Response Message Structure Response messages follow essentially the same format as request messages The MSG_TYPE typically is either data or a command response Additional response message lines include REF_ID a reference number identifying the original request message and DATA_TYPE for a data req
54. ption overall error message STA LIST requested station code CHAN LIST requested channels AUTH ID requested Keypair ID COMMAND GENERATE KEYPAIR PROBLEM ENCOUN I I I I RED problem description AutoDRM Version 2 1 User Guide 40 of 47 14830R4 2008 04 10 Appendix B Message Syntax B 4 4 Start Continuous The command request START CONTINUOUS is issued to enable and start all CD1 x senders configured to execute on the workstation running AutoDRM B 4 4 1 Start Continuous request Syntax BEGIN IMS2 0 MSG TYPE COMMAND REQUEST MSG ID id string source T El E MAIL address ME_STAMP lt time gt START_CONTINUOUS STOP H where time yyyy mm dd hh mm ss sss Example begin ims2 0 msg type command request msg id Example 4 e mail test nanometrics ca time stamp 2008 04 22 17 28 start continuous stop B 4 4 2 Start Continuous response Syntax BEGIN IMS2 0 MSG TYPE COMMAND RESPONSE MSG ID id string source REF ID ref str ref src TIME STAMP yyyy mm dd hh mm ss CONTINUOUS STARTED error message STOP where error message COMMAND START CONTINUOUS PROBLEM ENCOUNTERED problem description B 4 5 Start Keypair The command request START KEYPAIR is issued to make a key pair active at t
55. ration of AutoDRM Chapter 4 Using AutoDRM A summary of AutoDRM message structure and message line descriptions Appendix A Configuration File Example An overview of the structure and an example of the AutoDRM ini file Appendix B Message Syntax An overview of the syntax for each of the supported message types and examples of message formats Document Conventions Essential and Supplementary Information A Caution is essential information that explains 1 a risk of damage to equipment DM Caution data or software where the recovery is likely to be troublesome and 2 preventive action A Note is an explanation or comment that is related to the main text but is not A Note essential information Links blue text An external link for example http www nanometrics ca A link to information within the document Text Conventions bold text Buttons on the graphical user interface GUI italic text Variables such as parameter names and value placeholders courier text File names and paths for example nmx user trident rsp courier bold Input commands shown exactly as they must be entered at the prompt text For example and then type mkdir SAPOLLO LOCATION config AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 About This User Guide AutoDRM Version 2 1 User Guide IV 14830R4 2008 04 10 Contents Ist on TaDle8 accep A CR OR ORC RC UR RU D RR a REOR RT s viii Chapter 1 Getting Starte
56. rd W Polk W and D Solo Internet X 509 Public Key Infrastructure Certificate and CRL Profile RFC 2459 January 1999 RFC 2632 Ramsdell B Editor S MIME Version 3 Certificate Handling RFC 2632 June 1999 RFC 2633 Ramsdell B Editor S MIME Version 3 Message Specification RFC 2633 June 1999 8 of 47 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 Chapter 2 Configuring AutoDRM Before running AutoDRM you must edit the configuration file Aut oDRM ini to provide network connection and file location information for the email server and receiver and to provide message structure and authentication parameters 2 1 Definition of Configuration File Sections and Parameters The Aut oDRM ini file contains five required sections and two optional sections for configuring the AutoDRM subsystems The parameters for the required sections are mandatory unless otherwise indicated Each required section must appear once in the following order Interface Control Message Stations Authentication The two optional sections if used must be included at the bottom of the Aut oDRM ini file CalibrationDefaults CalibrationStationDefaults An example AutoDRM ini file is shown in Appendix A If you edit the AutoDRM ini file you must restart AutoDRM for the change to take effect AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 9 of 47 Chapter 2 Configuring AutoDRM
57. rror_message gt STOP where lt indiv_response gt STA_LIST single station_code CHAN_LIST requested channels for that station START_TIME yyyy mm dd hh mm ss not_confirmed CALIBRATE_CONF IRM lt indiv_error_message gt STA_LIST single station_code CHAN_LIST requested channels for that station COMMAND CALIBRATE_START PROBLEM_ENCOUNTERED problem description lt overall_error_message gt STA_LIST requested station_code CHAN LIST requested channels COMMAND CALIBRATE START PROBLEM ENCOUNTERED problem description I AutoDRM Version 2 1 User Guide 37 of 47 14830R4 2008 04 10 Appendix B Message Syntax B 4 1 3 Calibrate Results Response B 4 2 B 4 2 1 When the calibration has completed a result email will be sent for each instrument channel that was calibrated Syntax BEGIN IMS2 0 MSG TYPE COMMAND RESPONSE MSG ID id string source REF ID ref str ref src TIME STAMP yyyy mm dd hh mm ss STA LIST single station name CHAN LIST single channel CALIBRATE RESULT E lt normal_response gt PROBLEM_ENCOUNTERED problem description STOP where individual values CALIB value CALPER value normal response IN SPEC yes no individual values system response in IMS2 0 Center Mass The command request CENTER MASS is
58. s every environment in the world from the frozen tundra of Canada s north to the arid deserts of the Middle East to the jungles of South America Many of these include mission critical national and regional networks that demand the highest possible data quality and availability Contacting Nanometrics Nanometrics Inc 250 Herzberg Road Kanata Ontario Canada K2K 2A1 Phone 1 613 592 6776 Fax 1 613 592 5929 Email info 9 nanometrics ca Web www nanometrics ca Contacting Technical Support If you need technical support please submit a request on the Nanometrics technical support site or by email or fax Include a full explanation of the problem and related information such as log files Support site http support nanometrics ca Email techsupportOnanometrics ca AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 SIBI
59. s used by the message recipient to decrypt the hash of the received message If the hashes match the signature and therefore the authenticity of the message is verified A PKI provides a level of sender verification through the use of digital certificates in addition to the message verification provided by the use of key pairs A trusted certificate authority CA will issue a digital certificate to an applicant whose identity has been verified The certificate contains the name of the applicant associated with a specific email address a serial number the period of time AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 3 of 47 Chapter 1 Getting Started for which the certificate is valid a copy of the public key of the applicant and a copy of the digital signature of the CA AutoDRM requires that a valid certificate be included in incoming signed messages see Section 1 1 1 4 3 1 1 1 4 3 Certificate Verification Rules AutoDRM requires that signed incoming emails contain a valid certificate A certificate must meet these conditions to be considered valid It follows X 509 PKI standards for version 3 certificates and for version 2 certificate revocation lists CRLs See also RFC 2459 Itis still active that is it must not have reached its expiry date and must not be present on the CRL of the CA It either matches a certificate already stored on the security token or is accessible through a certifica
60. t using the Subject Distinguished Name for the certificate There must be a user set up with this name in the authorization model using SMConsole Unsigned requests use the unsigned userid in the authorization model For more information see the SMConsole manual AutoDRM Version 2 1 User Guide 18 of 47 14830R4 2008 04 10 Chapter 4 Using AutoDRM 4 1 4 2 AutoDRM accepts data and command requests from authorized senders in the form of properly addressed email messages using S MIME multipart signed format For more information see Section 1 1 1 3 on page 2 To request data from or submit command requests to a Nanometrics data acquisition system through AutoDRM send a digitally signed properly structured email request message to the address of the server of the system you wish to query This chapter provides a summary of AutoDRM message structure and message line descriptions For more information see Appendix B Message Syntax Message Types AutoDRM Version 2 1 supports the following message types Request messages e Data request Help a special case of data request that does not require standard message lines Command request Response messages Data Command response Message Structure Overview More than one request message that is an IMS request message bounded by BEGIN and sro and more than one message type can be included in an email message One message type can be included in
61. t AutoDRM manually from the command line type autodrmconsole in any terminal window gt To stop AutoDRM type stop or quit in the AutoDRM terminal window To set AutoDRM to be started and monitored automatically on Windows by the NmxWatchdog utility add the following entry to the watchdog ini file WatchEntry n ProgramTitle AutoDRM ProgramPathname java cp c nmx bin AutoDRM jar ca nanometrics autodrm AutoDRM WorkingDirectory c nmx user ExitAction Restart PingsSemaphore tru StartDelay 6s 3 1 2 Stopping and Restarting AutoDRM Remotely You can stop and restart AutoDRM remotely via a telnet session This allows you to change the ini file and validate the changes by restarting AutoDRM On Linux and Solaris gt To stop AutoDRM remotely type Nmxkill nmx user AutoDRM To restart AutoDRM remotely type Nmxrestart nmx user AutoDRM On Windows gt To stop AutoDRM remotely type Nmxkill c nmx user AutoDRM gt To restart AutoDRM remotely type Nmxrestart c nmx user AutoDRM AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 15 of 47 Chapter 3 Running AutoDRM 3 2 3 3 3 4 Using the Run Time Commands AutoDRM supports a basic keyboard interface for entering run time commands with the options described in Table 3 1 The commands are case insensitive Table 3 1 AutoDRM Run Time Commands To Type Display all log messages in the log file D set
62. te chain not to exceed a specified length A certificate chain is an ordered list of certificates containing the certificate of the sender and some number of certificates through which a trusted certificate is eventually referenced Auto DRM searches certificate chains when attempting to verify the authenticity of a message The maximum length of the certificate chain is set by the configuration file VerificationDepth parameter see Section 2 1 5 Authentication on page 12 1 1 1 4 4 Certificate and CRL Caching AutoDRM caches certificates and CRLs for 10 minutes Any changes to these items made using SMConsole will not be seen by AutoDRM for that period of time unless AutoDRM is restarted If the CRL is updated by AutoDRM as the result of an IMS2 0 command AutoDRM will automatically clear the cache and use the new CRL 1 1 1 4 5 Security Token To verify request messages and to sign response messages AutoDRM uses security services stored on a cryptographic token conforming to Public Key Cryptography Standard 11 PKCS11 of RSA Laboratories Depending on its intended function a security token can be configured to generate and store public private key pairs to download and store trusted certificates and updated CRLs from CAs and to store an access control list or authorization model as a data object See the acquisition workstation installation instructions and the SMConsole manual for information on setting up and managing sec
63. the log verbosity to DEBUG Suppress debug messages in the log file V set the log verbosity to VERBOSE Suppress debug and verbose messages in the log file I set the log verbosity to INFO Toggle the mail debugger option to show hide connection protocols M Toggle to save or not save a copy of all request and response messages to file F These files are stored in the directory set in Control section R LogDir parameters Stop AutoDRM and exit Exit AutoDRM using either of these commands both QUIT ensure that all files are closed and system resources are released or STOP Updating the Token Configuration AutoDRM caches certificates and CRLs for 10 minutes and access control lists are cached indefinitely Any changes to these items made using SMConsole will not be seen by AutoDRM for that period of time unless AutoDRM is restarted gt Restart AutoDRM after making changes to certificates CRLs or the access control list authorization model to ensure that the cache reflects the current token configuration Monitoring the Operation of AutoDRM AutoDRM generates log messages that trace the operation of the program It displays these messages in the terminal window and writes them to the current Aut oDRM 1log file You can set the level of detail the verbosity of the information to be displayed and recorded gt To view the log open the file Aut oDRM_date log in a text editor The log file location is set
64. the response protocol as email and the destination address If an address is not specified the default is the sender address in the email message header TIME date time Required Environment Defines the period for which data are requested Not all fields need to be completed The default is the time the request message is sent Format is yyyy mm dd hh mm ss sss to yyyy mm dd hh mm ss sss STA LIST station code Optional Defines the stations within the network for which data are requested The wildcard character is an asterisk The default is all stations in the network Environment CHAN LIST channel code Optional Defines the channels for which data are requested these are from the STA LIST stations The wildcard character is an asterisk The default is the vertical channel for the defined stations z Environment STATION ims1 0 ims2 0 Retrieves station information for one or more stations Request CHANNEL ims1 0 ims2 0 Retrieves channel information for one or more data Request channels WAVEFORM ims1 0 ims2 0 Retrieves waveform data for one or more channels Request compression Supported data compression formats are uncompressed format INT the default CM6 and CSF for authenticated data in CD1 1 format RESPONSE ims1 0 ims2 0 Retrieves response characteristics for one or more Request data channels AutoDRM Version 2 1 User Guide 23 of 47
65. ue will cause the request to be rejected Format is yyyy mm dd hh mm ss sss Environment STA LIST station code Optional Defines the stations instruments and central facility workstation within the network for which the command is requested The wildcard character is an asterisk The default is all stations in the network including the central facility where applicable Environment CHAN LIST channel code Optional Defines the channels for which the command is requested these are from the STA LIST stations The wildcard character is an asterisk The default is the vertical channel for the defined stations z Environment AUTH ID active keypair ID Optional for GENERATE KEYPAIR and START KEYPAIR AUTH ID either specifies an authentication unit by its active key pair ID or redefines the currently active key pair ID depending on the command request For GENERATE KEYPAIR it specifies the authentication unit on which to run the com mand When this line is included the command will reject updates to any authentication units with an active key pair ID not matching the specified ID For START KEYPAIR it defines the new key ID to assign to the active key pair When this line is not included the newly started key pair will retain the ID of the previously active key pair Environment DURATION seconds Required
66. uest identifying the type of data listed in the section of the message immediately following Formats for the data output comply with the specifications in IDC 3 4 1 Response Message Example Message ID message ID created automatically to track logged copies Date Tue 15 April 2008 11 38 10 0400 EDT From autodrm autodrmdomain To datarecipient recipientdomain Mime Version 1 0 Content Type multipart signed protocol application x pkcs7 signature micalg shal boundary Part 5 3086625 1027956676305 vies Part 5 3086625 1027956676305 Content Type text plain charset us ascii Content Transfer Encoding 7bit begin ims1 0 msg type data msg id Response Ex 1 ref id Example 1 AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 dei Chapter 4 Using AutoDRM 4 3 4 3 1 data type LOG IMS1 0 begin ims1 0 msg type request msg id Example 1 e mail your email address time 2008 05 12 00 03 00 000 to 2008 5 12 00 15 sta list z waveform ims1 0 cm6 outage stop DATA TYPE WAVEFORM IMS1 0 CM6 compressed waveform data DATA TYPE OUTAGE IMS1 0 outage data stop Part 5 3086625 1027956676305 Content Type application x pkcs7 signature name smime p7s Content Transfer Encoding base64 Content Content signature Part 5 3086625 1027956676305 Disposition attachment filename smime p7s Description S MIME Cryptographic Signature Message Line Descriptions This secti
67. urity tokens PKCS 11 provides an overview of cryptographic tokens and details on this standard and the manufacturer can provide specifications for the Luna 2 PKCS11 token The number of key pairs on a token is restricted to 2 Therefore a successful GENERATE KEYPAIR command will cause the inactive key pair to be replaced with the newly generated one 1 1 1 5 Command Authorization Following message authentication AutoDRM evaluates whether the command request is authorized by checking the requester information against the authorization model that is stored on the workstation token For example with the default access permissions a user with the assigned AutoDRM Version 2 1 User Guide 4 of 47 14830R4 2008 04 10 Chapter 1 Getting Started role of Operator is authorized to request sroP CONTINUOUS but is not authorized to request GENERATE KEYPAIR For more information see the SMConsole manual If the request is authorized AutoDRM will accept and process the request If it is not authorized AutoDRM will reject the request no response is sent to the requester Future dated command requests START KEYPAIR and CALIBRATE START Will be reauthorized immediately before execution 1 1 1 6 Rejected Requests A request will be rejected 1fthe message does not pass the authentication check the requester is not valid or if it is not reasonable to respond for example to a stale request
68. verification failed If Mail is rejected because a valid certificate is not stored on the security token Install the necessary certificates on the token using the SMConsole program and ensure that the Authentication section VerificationDepth parameter is set to an appropriate value 3 5 3 AutoDRM Cannot Find Data If AutoDRM cannot find data gt Ensure that the path name in the Nags stn file matches the path and name of the ringbuffer file 3 5 4 AutoDRM Sends an Email but It Is Not Received If AutoDRM is sending email and there is no error message on the console window ensure that the Interface section HostMailServer parameter is specified properly gt Check that the server name or IP address is correct AutoDRM Version 2 1 User Guide 14830R4 2008 04 10 17 of 47 Chapter 3 Running AutoDRM 3 5 5 AutoDRM Rejects Requests If AutoDRM rejects requests ensure that the request message is formatted correctly and note request rejection conditions For more information see Section 1 1 1 6 Rejected Requests on page 5 Command requests must be specified as IMS2 0 Data requests can be sent as either IMS1 0 or IMS2 0 but IMS2 0 requests will have the sc 1p checked against previous ones the request will then be parsed as IMS1 0 For IMS2 0 command requests the TIME sTAMP and Msc 1p lines are checked The system will check the requester against the authorization model or access control lis
69. will be decommissioned Permitted values a date in format yyyy mm dd 2 1 5 Authentication The Authentication section defines token access characteristics It contains the parameters described in Table 2 5 For more information see the SMConsole manual Table 2 5 Authentication Section Parameters Parameter Definition TokenID The serial number of the PKCS11 token Permitted values the serial number or the word any If TokenID any AutoDRM will use the first token it finds it will not search all possible tokens PIN The user password needed to log in to the PKCS11 token user account For more information see the SMConsole manual Permitted values a valid PIN VerificationDepth The maximum permitted length of the chain of certificates that will be searched in order to authenticate the message In all cases the signing certificate must chain through to a self signed CA certificate stored on the token Permitted values the recommended value is 0 where 0 The certificate used to sign the email must be stored on the token 1 The certificate of the CA that issued the certificate used to sign the email must be stored on the token 2 The certificate used to sign the email can chain through any number of issu ing local CAs which must be included in the email or be present on the token as long as the final global CA in the chain is stored on the token The parameter KeyID has been rem
Download Pdf Manuals
Related Search