OASIS Energy Interoperation TC Meeting Notes
July 29, 2009
TC Member Attendees in Bold: (Sorted by Company, First Name, and Last Name)
First Name
Last Name
Company
Ed
Koch
Akuacom Inc.
Mike
Truskowski
Cisco Systems, Inc.
Anto
Budiardjo*
Clasma Events, Inc.
William
Cox
Cox Software Architects LLC
Kyle
Meadors
Drummond Group Inc.
Rik
Drummond
Drummond Group Inc.
Timothy
Bennett
Drummond Group Inc.
Robert
Dolin
Echelon Corporation
Gale
Horst
Electric Power Research Institute (EPRI)
Matt
Wakefield
Electric Power Research Institute (EPRI)
Jane
Snowdon
IBM
Hans
Aanesen
Individual
Robert
Stayton
Individual
Girish
Ghatikar
Lawrence Berkeley National Laboratory
Mary Ann
Piette
Lawrence Berkeley National Laboratory
Ernst
Eder
LonMark International
Jeremy
Roberts
LonMark International
David
Holmberg
NIST
Evan
Wallace
NIST
Mary
McRae
OASIS
James Bryce
Clark
OASIS
Robin
Cover
OASIS
Francois
Jammes
Schneider Electric
Robert
Old
Siemens AG
Pornsak
Songkakul
Siemens AG
Pim van der
Eijk
Sonnenglanz Consulting
Oliver
Johnson
Tendril Networks, Inc.
Edward
Cazalet
The Cazalet Group
Larry
Lackey
TIBCO Software Inc.
David
Wilson
Trane
Sharon
Dinges
Trane
Craig
Gemmill
Tridium, Inc.
Jeffrey
Kegley
Tridium, Inc.
Michel
Kohanim
Universal Devices, Inc.
Toby
Considine
University of North Carolina at Chapel Hill
NOTE:
 Text chat during meeting: http://webconf.soaphub.org/conf/room/EnergyInterop (If you have not
saved a cookie previously, you will start out as "anonymous." Select Settings at the top, enter your
name. I suggest setting timestamps in the display, then save. Clicking on the hand on the lower right
"raises your hand" during discussions.)
 Full attendance is available online if maintained: Go to the event notice page on OASIS EI TC
website then click “Track Attendance” at the top
1/5
Agenda:
1. Call to Order
2. Roll Call (10 minutes)
3. Approve minutes of previous meeting (5 minutes) http://www.oasisopen.org/committees/download.php/33322/EnergyInterop%20Minutes%2020090708.doc
4. Action Item Review (5 minutes)
5. NIST Priority Action Plans as related to Energy Interop (David Holmberg)
a. DR+DER Signal Semants
b. Price and Product Definition
c. Schedule and Calendar
6. Fine-grained security in eBusiness (Bill Cox) (20 minutes) See (in advance) `
http://www.coxsoftwarearchitects.com/Resources/GridWeek2008/Cox_Fine_Grained_Security.pdf
And (from the OASIS Webinars page http://www.oasis-open.org/events/webinars/):
http://www.oasis-open.org/events/webinars/2008-06-20-soa-composition-architectural-alternatives.wmv
Slides at http://events.oasis-open.org/home/sites/events.oasis-open.org.home/files/OASIS-SOA-ArchSec.ppt
Eric Tiffany, Grid-Interop 2008 http://www.sessionview.com/data/2008/11/26/pdf/Eric-Tiffany-3739.pdf
7. Vote on Committee Draft 01 (Toby Considine)
8. Old Business (5 minutes)
9. Adjourn
Minutes:
1. Call to Order
David H: Called to order
2. Roll Call
Voting Members: 10 of 20 (50%)
David H and Rish: We do NOT have a quorum.
3. Approve minutes of previous meeting
NO QUORUM (next meeting)
4. Action Item Review (the ones in bold are completed)
 Rish G to post final meeting minutes
 David H or Bill C to send agenda for next meeting.
 David H to send security related sections of OpenADR to Annabelle Lee of Cyber Security
Group.
 Bill C to present the “fine-grained security eBusiness” at later TC meetings
 Bill C will post the copyrighted information and notes on NIST Smart Grid Twiki website.
 Continue with TC dialogue on NIST roadmap and section 4 use case diagrams; how can that be made
useful to our work.
 Bill C to look into the draft document comment and version control process.
 David H and Bill C to add the question on bidding process at the NIST SG workshop’s DR session
breakouts – if it needs to be included in the current process or part of a separate TC?
 Bill C to look at template issues that relates to line numbers restarting at every section as opposed to
sequential.
 Toby C to talk with Ed Cazalet to check on Section 4, which is not in the original document and
was dealt earlier.
2/5
 Ed K to take a swing at text language for section 3.4.* and coordinate with Toby for next draft.
 Ed Cazalet to start working on pricing concepts.
5. NIST Priority Action Plans as related to Energy Interop (David Holmberg)
a. DR+DER Signal Semantics
b. Price and Product Definition
c. Schedule and Calendar
David H: Long session yesterday afternoon for preparation for meetings next Monday and Tuesday next
week. Monday – pricing session and Tuesday – DR standards signaling breakout. Monday and Tuesday
meet and greet with people to involve organization.
David H: Started with discussions with pricing – person from JPM – Eric LeSalle from JP Morgan who
had a good discussion – Event based DR pricing model – instead of schedule – an event kicking off. Is
that a right way of characterizing it?
Ed K: OpenADR is event-based protocol – a focus on DR means a specific action by utility to accomplish
a goal – As we move ahead with pricing it’s not a event based – price has schedule based with them.
Bob Old: Heard about CA utilities talking about stage 1 and stage 2 events sent to residential – stage 1 is
where automatically thermostats are set by 4 degrees – this might be triggered when utilities got only 15%
of capability and stage 2 might happen when utilities have 5% of capabilities and residences can turn-off
more things – the idea is to do something here and starting to run out then – not sure how this would work
David H: Derek talked about events – he also talked about chaining events – one event triggering another
event – interesting thoughts and how this could be applied to OpenADR – vector ideas – with scheduling
as well.
Ed K: Some of the complicated tasks such as chaining are tied to tariffs and such – for me events are
something that happen and are not pre-planned – if we have prices – let’s say 24 hour prices that’s
coming every single day – that’s not an event and is coming on continuous basis – may be a special case,
which could be an event – it’s a subtle difference
Rish G: CA programs with pricing and emergency signaling – Pricing would be continuous and
emergency could be event based – either voluntary or contract based – may map to utility or ISO tariffs
and customer participation.
Ed C: Correctly distinguish between pricing and event based DR – there are lots of discussions from
financials organizations with vectors and prices and vectors and quantities – that’s more of an
implementation detail – we need to get the pricing definition right first
David H: Part of the meeting was for planning to cover foundational aspects and to socialize the events
we wanted to cover – folks from NAESB – Andy Furhman from OSCRE (real-estate industry and
standards related to DR as it happens in building – working on standards to have unique ID for building)
– BAE systems – FIATECH – Ed C from ISO perspective – JP Morgan on FIX (financial information
exchange) – Calendaring and scheduling – bunch of people from DR groups as well.
Rish: NIST pricing session on Monday is prior to the DR standards and signaling session on Tuesday –
There are obvious overlaps between these two breakout sessions – how will they be managed?
David H: Pricing that comes on Monday would be good on Tuesday for conversations.
6. Fine-grained security in eBusiness (Bill Cox)
Bill C: If we have open access, we have to control – the important of control is greater than access – the
standardized and standard eCommerce and eBusiness and bring them to energy markets – we’re looking
at distributed application, enterprise character, scalability, etc – it has to be accessible to right people –
security in general, we break them in chunks – these are aspects of security – includes authentication –
authorization – integrity – confidentiality – prefer terms over encryption as it’s one way of doing them –
audit and administrative aspects – policy based authorization and various policy-based controls
Bill C: Fire walls are not sufficient – SOA could be used in may access contexts – Software as service –
there are lot of areas there we will not get into details – we have to leverage technology experiences and
issues are extremely similar
3/5
Bill C: The key is OASIS is leader and Web services and standards including security – some of the
OASIS activities – Web services security, SAML, WS-Trust, biometric, etc – lots of work on OASIS area
that tie into security – the other part are composability – why composible specs are way to go.
Bill C: WS security is a tool-kit – XML, SOAP, WSDL, etc – WS profiles are for different things – many
security infrastructure types – passwords, X.509, Kerberos, etc. – some scalable deployable security is
better than those we do not deploy at all.
Bill C: On composability – WS secure conversation is similar to SSL between end points and two or
three-party – all that mentioned are OASIS security and is available free on the OASIS website – these
transfer well to grid – energy management – and energy interoperation – OASIS is the key place for such
activities – use these well-know and applied and reliable fine-grained security.
Toby C: There are reference implementation and source for the codes – reliance on tool-kits means that
every programmer doesn’t need to be a security expert
Bill C: One of the key things is – if we need experts – they are out there. Back in IEEE POSIX stage – the
person with real-time specs may need portable specs – by taking WS security tool-kit, we have broadclass of security programmers and architects who can understand these tool kits.
Toby C: One of things of security is – it’s not merely privacy, not merely message integrity – at right time
we have to make easy for people – security is more than locking the doors – security makes it easy for
people to do their jobs.
Rish: Perspective on how it could be applied to EI TC work?
Bill C: We need to focus on 3 things – semantics of signals, carrying of signals (series of steps), identify
the security and what needs to be secured against what and in what way – in reference, incorporate
applications of those – in essence WS in variety of ways will call a building to do something and that has
impact – can somebody sends false price streams – what if someone takes delegation. We can work on
protocols, focus on interoperation and separately on security requirements for those protocols – they may
not be completely prescriptive – if we want interoperability we need to be prescriptive
Gale H: Somewhere in the security, there are levels of security below any security that a building is still
responsible for.
Toby C: There are all levels of security levels – the composability will take core message from levels and
put them together –
Gale H: Along with that the device may have its own level of security.
Ed K: Some of the issues are more than composability – lots of them have to address the interactions
specifically – in original specification – people went through multiple channels to receive notifications –
such as e-mail or pager – a lot of larger facility.
Gale H: Those entities are responsible for their own security and this is all we require and more could be
done.
Bill C: How consistent is this with the ESI process? What extent we can determine the internal process?
Ed K: If someone wants to put the human in the loop, it’s up to them – some people could use other
channels if one of them gets hacked – in the current specifications there are automated notification and email.
Toby C: In automated notification there is a process that sends the message and there is another part
Ed K: This has to be part of specification and messaging.
Rish G: Multiple notifications were included in the message and OpenADR v1.0 specifications as they’re
needed, especially for customers such as Industrial – OpenADR allows e-mail notification – Pacific Gas
and Electric program in CA has pager, phone, fax, etc notification systems as part of DR messaging –
Notification has to be integrated with DR messages.
Bill C: This is interesting in aspects of security this is important – the question we need to address – by email would be best – a number of things could be dealt by is the message from automated system – there
are number of issues here and our terminologies and an e-mail discussion would be good.
Jane S: From the charts a good work has done – another channel is wireless and security and we should be
mindful for that –
Bill C: Will start this e-mail thread with TC list.
4/5
Bill C: It’s good to be mindful – and the end-to-end aspects – there are profiles within Zigbee 802.15.4 –
there are security aspects that exist – the nature of link is significant – may be less central to requirements
discussion
Toby C: I’d like to see another discussion on the list on what kind of profiles we need – there might be all
kinds – this may not be an exhaustive list and its characteristics – it will lead TC to common
understanding of what the profiles are a – Will start the discussion with TC list.
Jane S: Also thinking it from eBusiness perspective and when we’re doing eCommerce related business.
7. Vote on Committee Draft 01 (Toby Considine)
- DRAFT NOT READY AND NO QUORUM
(Toby C to send the draft version to TC for voting next week)
8. Adjourn
Bill: Motion to adjourn – adjourned at
Next meeting date
August 5, 2009 at 8 a.m. U.S. PDT
(Bill C: Most of the people are on their way home from NIST workshop – David may be able to.)
Action Items:
 Rish G to post final meeting minutes
 TC: Approve June 22 and 29 meeting minutes.
 David H or Bill C to send agenda for next meeting.
 Continue with TC dialogue on NIST roadmap and section 4 use case diagrams; how can that be made
useful to our work.
 Bill C will post the copyrighted information and notes on NIST Smart Grid Twiki website.
 Bill C to look into the draft document comment and version control process.
 David H and Bill C to adding the question on bidding process at the NIST SG workshop’s DR session
breakouts – if it needs to be included in the current process or part of a separate TC?
 Bill C to look at template issues that relates to line numbers restarting at every section as opposed to
sequential.
 Ed K to take a swing at text language for section 3.4.* and coordinate with Toby for next draft.
 Bill C to start e-mail thread with TC list on aspects of security and terminologies with DR messaging
content (e.g., DR event information, notification, etc.).
 Toby C to start conversation with TC list on the kinds of profiles necessary for EI and to have
common understanding.
Attachments:
None
5/5