attachment a technical specifications. 5. produce a library of graphic ... interfaces. l. the system...

ATTACHMENT A

TECHNICAL SPECIFICATIONS

ATTACHMENT A: TECHNICAL SPECIFICATIONS

MBCS Technical Specification Massport Information Technology Standard Specifications a. Massport IT System Standards b. Part A: HP Server Hardware Standard c. Part B: Enterasys Networking Hardware d. Part C: Microsoft Windows Server Operating System Standards e. Part D: Microsoft SQL Server Database Software Standard f. Part E: EMC/HP Storage Standards g. Part F: VMware ESX Virtualization Software Standard h. Part G: Desktop & Mobile Device Standards • i. Appendix G: IT Technical Environment Matrix

RFP Requires that the MBCS Integrator fill out the Appendix G Matrix and submit with Proposal.

j. Appendix K: Information System Security General Standards

MBCS Technical Specifications

MASTER BUILDING CONTROL SYSTEM – TECHNICAL SPECIFICATION

MPA L1227 Page 1 of 33 December 2013

MASTER BUILDING CONTROL SYSTEM

PART 1 - GENERAL

1.1 RELATED DOCUMENTS

A. Request for Proposal (RFP) for Systems Integration Services Master Building Control System for HVAC - Provision and Implementation & Maintenance MPA No. L1227.

1.2 SUMMARY

A. This Section includes control equipment and software for interfacing to new and legacy BAS control systems onto a new BACnet platform.

1.3 DEFINITIONS

A. BACnet: Building Automation and Control Network

B. BAS: Building Automation System

C. BIBB: BACnet Interoperability Building Block.

D. BMA: BACnet Manufacturers Association.

E. BTL: BACnet Testing Laboratory

F. DDC: Direct-Digital Controls.

G. DHCP: Dynamic Host Configuration Protocol

H. GUI: Graphical User Interface.

I. ICD: Interface Control Document

J. IP: Internet Protocol.

K. LAN: Local Area Network.

L. LEED: Leadership in Energy and Environmental Design

M. MBCS: Master Building Control System.

N. MPA: Massachusetts Port Authority

O. MS/TP: Master-Slave/Token-Passing.

P. PICS: Protocol Implementation Conformance Statement

Q. RFP: Request for Proposal

R. TEC: Terminal Equipment Controller

S. UDP: User Datagram Protocol.

T. VFD: Variable Frequency Drive



U. VLAN: Virtual Local Area Network.

1.4 SYSTEM DESCRIPTION

A. The MBCS shall provide a BACnet software platform to access, adjust and monitor legacy and in the future new BAS (sub-systems) across the Airport.

B. The MBCS shall provide graphics populated with selected data points from sub-systems to provide an operational management tool for the Airport. This shall include but not be limited to adjustment of time schedules, overrides and setpoints. Functionality available to the user shall be controlled by log-on. The MBCS shall provide web access to sub-system graphics via URL link for more detailed view of sub-system operation.

C. The MBCS shall manage all sub-system alarms.

D. The MBCS shall provide the functionality as detailed in this specification which can be summarized as follows:

1. Acquire the data from sub-systems in BACnet format. 2. Where sub-systems do not provide data in BACnet format provide protocol

converter/driver to convert this data into BACnet. 3. Transport data collected via TCP/IP to central system servers using the MPA IT

infrastructure. 4. Central servers shall contain appropriate software to allow viewing of the data from

the disparate sub-systems. 5. Central server software shall contain applications for a MBCS client and associated

services as defined in the specification.

E. The MBCS Integrator shall be fully responsible for ensuring that all selected sub-systems interface to the MBCS.

F. Integration with the following existing BAS in buildings across the airport:

1. Carrier i-Vu 2. Automated Logic WebCTRL 3. Schneider Electric Continuum / StruxureWare 4. Carrier CCN

G. The selected buildings, plant and points to be integrated shall be as detailed in the RFP.

H. The MBCS shall include the following:

1. 2 No. front-end MBCS workstations 2. 2 No. laptops 3. Graphics to manage sub-systems 4. Software links to existing sub-system graphics 5. Remote alarm notification system (via email and cell phone text messaging) 6. Software links to existing O&M documentation 7. ½ hour rated UPS for all MBCS supplied network equipment (if required for MBCS),

including fiber converters, Ethernet switches, gateways and routers. 8. Final connection of power wiring to any field equipment (if required for MBCS) from

power outlets provided by MPA Electrical. 9. Final connection of IP wiring from any field equipment (if required for MBCS) to data

outlets provided by MPA IT.

I. Server hardware will be provided by MPA, located at LOC data center.

J. Virtualization of server software will be undertaken by MPA.



K. The MBCS Integrator’s scope of works shall incorporate the following as a minimum and shall include all requirements detailed within this specification:

1. Produce a detailed programme of works for the project. This shall include all off site engineering and demonstration stages, Integrated System installation and commissioning, plantroom installation and commissioning, training and production of Operation & Maintenance manuals. The programme of works shall require the approval of Massport prior to proceeding.

2. Determine the required system architecture, network installation and small power requirements. All such designs shall be submitted for review by Massport/Engineer in accordance with the requirements of this specification.

3. Produce a schedule of all points, time zones, alarms and configuration data required to enable the system to be integrated.

4. Produce a template for the Interface Control Document (ICD) for each integrated sub-system.

5. Produce a library of graphic component plant symbols. Coordinate requirements with Massport/Engineer.

6. Produce a library of graphic plant templates. Coordinate requirements with Massport/Engineer.

7. Manage and maintain the development of the interfaces to the sub-systems using the Interface Control Documents (ICD).

8. The MBCS Integrator shall be responsible for populating the ICD with data from the sub-systems and the MBCS.

9. Determine the system configuration. Utilizing this and the approved schedules described and ICDs, engineer all system graphics, alarm schedules, reports and logs and submit these to Massport/Engineer for review before installation and commissioning.

10. Liaise with all sub-system vendors and Massport/Engineer in the development of the interfaces.

L. The system shall be modular in nature and permit expansion of both capacity and functionality through the addition of further network and operator devices.

M. The system shall operate with an input voltage rated at 120 Volts, 60 Hertz. All units shall be grounded in accordance with the local Electrical Code and the NEC. All units shall be supplied with filtered power, if required, to preclude noise generation.

N. The system shall be programmed to automatically detect critical alarms, which require paging, create an action statement for each page, and select the person to receive the page.

O. All control products provided for this project shall be comprised of a BACnet network. Communications involving control components (all types of controllers and operator interfaces) shall conform to ANSI/ASHRAE Standard 135-2012 BACnet.

P. Workstation information access shall use the BACnet protocol. Communications shall use the ISO 8802-3 (Ethernet) Data Link/ Physical layer protocol.

Q. The control system shall be a high-speed BACnet network and a web based operator interface. All schedules, set points, trends and alarms specified shall be BACnet objects.

1.5 SYSTEM PERFORMANCE

A. Comply with the following response times and performance requirements:

1. Graphic Display: Display graphic with minimum 20 dynamic points with current dynamic data within 15 seconds.

2. Graphic Refresh: Update graphic with minimum 20 dynamic points with current dynamic data within 8 seconds.



3. Object Command: Reaction time of less than two seconds between operator command of a binary object and device reaction.

4. Object Scan: Transmit change of state and change of analog values to control units or workstation within six seconds.

5. Alarm Response Time: Annunciate alarm at workstation within 15 seconds. Multiple workstations must receive alarms within 5 seconds of each other.

1.6 SHOP DRAWING SUBMITTALS

A. Provide original file copies only, scanned file copies are not acceptable. All control submittals shall be submitted in hardcopy and editable electronic format.

B. Product Data: Include manufacturer's technical literature for each control device. Indicate dimensions, capacities, performance characteristics, electrical characteristics, finishes for materials, and installation and startup instructions for each type of product indicated.

C. Shop Drawings: Provide the following:

1. Complete system architectural drawing showing all control panels, front end equipment and integrated systems, interfaces and communication with Massport IT network. All components shall include all tagging and locations.

2. Points for each integrated system that includes, for each physical or logical point, name, description, display units, alarm limits and definitions along with the BACnet object description, object ID and the associated device ID. The list shall also indicate whether Trend Log or Schedule objects have been established for the point. List of time schedules.

3. Documentation for any non-standard BACnet objects, properties, or enumerations utilized detailing their structure, data types, and any associated lists of enumerated values.

4. Interface control documents to manage the interface to each sub-system. 5. PICS files indicating BACnet functionality and configuration of each object and device

device. 6. Documentation on submitted products that have been tested and listed by the BTL or

a letter on manufacturer’s company letterhead indicating the anticipated date by which testing is expected to be complete. If for any reason, BTL testing and listing has not been completed, a written commitment shall be provided to upgrade installed controls to a version that meets BTL testing and listing requirements should deficiencies be found during BTL testing.

7. BACnet MS/TP trunk cable schematic showing programmable control unit locations and trunk data conductors if required

8. Listing of connected data points, including connected control unit and input device. 9. Library of plant graphic symbols. 10. Library of plant graphic templates. 11. Complete System color ‘snapshots’ of MBCS graphic pages, indicating monitored

systems, data (connected and calculated) point addresses, and operator notations for all integrated mechanical, electrical and plumbing systems, floor plans and networks.

12. System configuration showing peripheral devices, batteries, power supplies, diagrams, modems, and interconnections.

13. Bill of materials of equipment indicating quantity, manufacturer, model number. Include technical data for operating system software, operator workstation, interface equipment, servers etc.

14. Control system software including technical data for operating system software, color graphics, and any third party applications.

15. Shop Drawings of detail equipment assemblies and indicate dimensions, weights, loads, required clearances, method of field assembly, components, and location and size of each field connection.

16. Wiring Diagrams for controls enclosures indicating power, signal and control wiring. Differentiate between manufacturer installed and field installed wiring.

17. Details of control panel facias including labeling.



D. Interface Control Documents

1. Interface control documents (ICD) shall be provided for each sub-system to be integrated to the MBCS. The ICD shall provide a means of documenting the requirements, functionality and implementation of each interface, and shall be a tool to manage and monitor the development of each interface during the contract, and for the on-going support and development following the successful completion of the system testing and verification, as approved by the Massport Project Manager.

2. The content of each ICD shall be agreed with Massport/Engineer before being developed. Each ICD shall:

a. Document each interface including any constraints and assumptions. b. Detail functional requirements of each interface. c. Each ICD shall show the complete interface architecture including:

1) Physical interface, network configuration and protocol used 2) Software or message components used 3) Information flow during normal operation 4) Detailed designations of all data transactions 5) Interface field definitions 6) Housekeeping, record keeping and archiving components 7) Mechanism by which interface availability is monitored 8) Mechanism by which the interface recovers following a failure

E. Library of Plant Graphic Symbols.

1. Provide symbols for all components to ensure standardization. Each component shall include measured variable, setpoint, alarm limits and functionality as required. Requirements for graphics are provided in section 2.11. Coordinate symbol and template library with Massport/Engineer.

F. Library of Plant Graphic Templates

1. Provide templates for all plant and floor plans to ensure standardization. Each template shall include measured variable, setpoint, alarm limits and functionality as required. Requirements for graphics are provided in section 2.11. Coordinate template library with Massport/Engineer.

G. Software and Firmware Operational Documentation: Include the following:

1. Software operating and upgrade manuals. 2. Program Software Backup: On a magnetic media or compact disc, complete with

data files. 3. Device address list. 4. Printout of software application and graphic screens. 5. Software license required by and installed for MBCS workstations and control

systems. 6. Firmware and software versions.

H. Field Test Reports: Indicate and interpret test results for compliance with performance requirements.

I. Maintenance Data: Include the following:

1. Maintenance instructions and lists of spare parts for each type of control device. 2. Interconnection wiring diagrams with identified and numbered system components

and devices. 3. Keyboard illustrations and step-by-step procedures indexed for each operator

function.



4. Inspection period, cleaning methods, cleaning materials recommended, and calibration tolerances.

5. List of setpoints.

J. Qualification Data: Provide information in accordance with the RFP.

K. Project Record Documents: Record actual locations of MBCS devices and wiring. Revise Shop Drawings to reflect actual installation and operating sequences.

1.7 QUALITY ASSURANCE

A. A minimum of ten (10) years of demonstrated technical expertise and experience in systems integration, installation and maintenance of MBCS similar in size and complexity to this project, and of working in a ‘live’ environment.

B. A maintained service organization consisting of at least twenty five (25) competent servicemen, within 25 miles of the project site, for a period of not less than 10 years.

C. The MBCS Integrator shall be the single source responsible for the complete installation and operation of MBCS and shall include debugging and set-up of each component in the entire system.

D. All work shall conform to the following Codes and Standards, where applicable:

1. National Fire Protection Association (NFPA) Standards, as specified. 2. Massachusetts / National Electrical Code (NEC) and applicable local Electrical Code. 3. Underwriters’ Laboratories (UL) listing and labels, as specified. 4. Factory Mutual (FM). 5. American National Standards Institute (ANSI). 6. National Electric Manufacturers’ Association (NEMA). 7. Institute of Electrical and Electronic Engineers (IEEE). 8. American Standard Code for Information Interchange (ASCII). 9. Electronics Industries Association (EIA). 10. Occupational Safety and Health Administration (OSHA). 11. American Society for Testing and Materials (ASTM). 12. NFPA 92 13. ASHRAE standard 135-2012: BACnet – A Data Communications Protocol for Building

Automation and Control Networks. 14. Massport Design and Construction Standards. 15. Massachusetts and City of Boston local codes.

E. Electrical Components, Devices and Accessories: Listed and labeled as defined in NFPA 70, Article 100, by a testing agency acceptable to authorities having jurisdiction and marked for intended use.

1.8 DELIVERY, STORAGE, AND HANDLING

A. MBCS supplier shall maintain responsibility for devices throughout the Contract.

1.9 WARRANTY

A. General

1. Following the successful completion of the system testing and verification, as approved by the Massport Project Manager, the MBCS Integrator shall begin a three (3) month installation warranty period of user technical support in which Massport users, via a designated Massport contact person, may pose questions or raise concerns about the functioning of the system. Upon receiving a request for support, the Integrator shall, within a reasonable period of time not to exceed 24 hours,



provide a detailed answer to the posed question or concern. If the question results in the determination that the system must be reconfigured or readjusted to meet the specifications of the Integrator’s design, then the Integrator shall provide the resources for such a reconfiguration or readjustment at no additional cost to Massport.

2. Following the three month installation warranty period, the Integrator shall provide periodic system maintenance and support services on all Integrator-installed system hardware and software

B. Hardware and Software Warranty

1. Following the successful commissioning and test acceptance, the system shall operate for 30 consecutive days without error before the warranty period begins. The Integrator shall provide a one-year warranty for all components provided. This warranty will include but not be limited to:

a. All computer based equipment provided to include converters/drivers, servers (if provided by MBCS Integrator), workstations and monitors

b. Software applications to include the operating system, data base management and all necessary MBCS applications as required by the design to properly operate and maintain the system.

C. 3-Year Maintenance and Support

1. Following the three month installation warranty period, the MBCS Integrator shall provide periodic system maintenance and support services on all Integrator-installed system hardware and software for a three-year period, in accordance with the requirements of this specification and as follows:

a. Manufacturer’s recommended preventive maintenance on all Integrator-installed equipment.

b. Software upgrades as released by vendor and tested as reliably bug-free by the Integrator.

c. Repair and remediation as needed to maintain the intended functionality of the installed MBCS and Integrator-programmed points and graphics.

d. All corrective software modification made during the warranty service period shall be updated on all user documentation and on user and manufacturer archived software disks.

D. On-site Support

1. The MBCS Integrator shall provide a minimum of one (1) MBCS-certified technician trained on the current applications deployed, on site at Logan International Airport “24x7x365”. In addition to providing direct support to any reported outage, technical issue or application issue, the technician will twice daily inspect and report the real time status of the system to a designated Massport Manager. The Integrator will report to the Authority on a weekly basis a detailed summary of all requests for service and scheduled maintenance. A schedule of service will be developed and approved by the designated Massport Facilities Manager.

2. In the event of a failure of service, the MBCS Integrator shall provide all necessary hardware and software required to return the system to normal operation. Hardware and software will be limited to those provided as a part of the procurement of the MBCS system. The on-site technician will provide direct coordination and support to Massport and its contractors in all efforts necessary to resolve technical issues, regardless of primary responsibility of other for such systems as:

a. Massport IT network services b. Massport provided storage devices



c. Massport Facilities electrical, HVAC and building services

E. Service levels

1. A four (4) hour response time to service issues is guaranteed for on-site personnel.

F. Response Times

1. The MBCS Integrator shall resolve Integrator-related hardware issues within four (4) hours and the Integrator-related software issues within six (6) hours, contingent upon cooperation of the Authority’s maintenance personnel and coordination with other contractors during problem isolation and diagnostics. “Integrator-related” refers to all hardware and software provided by the MBCS Integrator and its sub-contractors.

G. Equipment Malfunctions

1. This service encompasses hardware and software repairs. Software service is limited to controller reloads and repair incidents that relate to maintenance software. Changes to or altering software logic is not included in this proposal. Changes and alterations to software follow a strict alpha/beta process and cannot be performed by service technicians. Service repairs/malfunctions shall be performed and managed by the Integrator service technicians and the Integrator management. Proper troubleshooting documentation, training and system familiarization shall be the sole responsibility of the MBCS Integrator.

H. Preventative Maintenance

1. The MBCS Integrator shall perform Preventative Maintenance for all service equipment as per the mutually agreed upon Preventative Maintenance program outlined below. For new equipment, the MBCS Integrator shall generate the proper preventative tasks and incorporate them into the present Preventative Maintenance program. Modifications to the Preventative Maintenance program shall be submitted in writing to the Massport System Manager for approval.

2. The Preventative Maintenance program should include the following functions:

a. Semi-annual performance of all Preventative Maintenance functions and reporting.

b. Monitoring and checking MBCS equipment for proper programing, alarm indications, server operations, cleanliness and environmental conditions.

c. Provision of the proper maintenance documentation indicating all Preventative Maintenance functions performed with associated dates.

1.10 TRAINING

A. Provide a minimum of 42 days of owner training on site coordinated with the Owner.

B. Provide on-site System Administrator training for 2 Massport staff, and Operator training classroom sessions (on-site) for up to 120 operators in MPA’s own computer training classroom that accommodates a class size of 12 students. There shall be two such “rounds” of this training; an Initial Training session and Refresher Training session approximately one month following the initial training. Refresher training would be approximately 50% of the time taken for initial training.

C. User groups requiring training will include programmers, administrators, building control supervisors, field mechanics and energy managers.

D. Thus for the minimum periods given below, there would be the following sessions:



1. Operators – 10 sessions of 2 days duration (initial) plus 10 sessions of 1 day duration (refresher)

2. System Administrators – 1 session of 8 days duration (initial) plus 1 session of 4 day duration (refresher)

E. Prior to completion of commissioning, a formal training proposal defining scope and objectives and training schedule shall be submitted by the MBCS Integrator. The training program shall utilize components, hardware, software and documentation customized for the Massport project.

F. Formal proposal should include;

1. Course title 2. Summary of course scope and objectives 3. Recommended attendees 4. Maximum number of attendees per session 5. Number and duration of sessions

G. The MBCS Integrator shall provide instructors to give full instructions to designated personnel in the adjustment, operation, and maintenance of the system installed. Instructors shall be thoroughly familiar with all aspects of the subject matter they are to teach. Training shall utilize the actual system hardware and software.

H. All training shall be held during the normal work hours of 07:00 am to 3:00 pm weekdays.

I. Provide a syllabus of training material and a list of attendees on each day.

J. The training shall be scheduled in coordination with the Massport PM and Facilities Manager after submission and approval of formal training plans.

K. Training manuals shall be provided for each training course specific to the course level. The following courses shall be provided as a minimum;

1. Operator training (minimum 2 days) covering the following topics;

a. General System Architecture b. Monitor and supervisory control functions c. Operator commands d. Operator diagnostics e. Report selection and interpretation f. Alarm handling interpretation and acknowledgment g. System security logon and log off procedures h. System safeguards i. Sequence of operation j. Explanation and navigation of all color graphics.

2. Equipment and instrumentation maintenance training (minimum 1/2 days) covering the following topics;

a. Trouble shooting b. Calibration and adjustment c. Periodic and Preventative and maintenance procedures

3. System maintenance training (1/2 days) covering the following topics;

a. Fault diagnostics b. Fault recovery procedures c. Module removal and replacement d. Download procedures



4. Main Server, applications and software training (minimum 2 days) covering the following topics:

a. Creating custom color graphics screens b. Creating trends c. Creating custom reports d. Adding new point groups e. Data base management and alarm handling f. Loop tuning g. BACnet protocol

5. DDC software training (minimum 1 days) covering the following topics:

a. BACnet protocol and object configuration b. Adding new I/O c. Adding new control loops and algorithms d. Maintaining DDC software e. DDC software backup and restore procedures f. On-line software monitoring and diagnostics g. DDC programming h. BACnet Module i. Systems Modifications Module j. Administrative Module

6. MBCS administration and software management training (minimum 2 days) covering the following topics:

a. General System overview and theory of operation b. System security and password assignment c. Database management d. Alarm reporting and assignment e. Changing user-configurable parameters f. Management reports g. System graphics h. Basic troubleshooting and System diagnostics i. Archiving and purging data j. Start-up, failure, recovery and re-initialization k. Disk backup and restore procedures l. Disk file and directory management

L. All training sessions shall be video recorded and provided to the client on DVD.

PART 2 - PRODUCTS

2.1 MANUFACTURERS

A. Manufacturers: Subject to compliance with requirements, provide products by one of the following:

1. Automated Logic Corporation (734 Forest Street, Suite 200, Marlborough MA 01752) 2. Honeywell (Tridium) (TEC Systems Inc., 47-25 34th Street, Long Island City, NY

11101) 3. Schneider StruxureWare (One High Street, North Andover, MA 01845)

2.2 ENVIRONMENT

A. All equipment detailed in this specification or other equipment associated with the MBCS, shall be capable of operation in environmental conditions were equipment is located.



2.3 INTEGRATION

A. General

1. The MBCS shall be seamlessly integrated with the legacy Building Automation Systems defined in the RFP.

2. The MBCS Integrator shall determine the most appropriate method to integrate each system in terms of simplicity, reliability, scalability and speed of use.

3. The MBCS shall utilize and be compatible with standard integration protocols (BACnet and Modbus) for subsystem integration. Coordinate integration protocols with subsystem manufacturer.

4. BACnet shall be the preferred protocol for interfacing to the sub-systems. 5. The MBCS shall use and be compatible with BACnet (protocol based integration

platform) when specified. The BACnet network interface will be fully ANSI / EIA 709.1 compliant. A native BACnet architecture consisting of a BACnet compliant HMI communicating on a TCP-IP media connected via a BACnet router.

6. The MBCS shall use and be compatible with Modbus (a client/server protocol based integration platform) when specified. MBCS Integrator shall coordinate, evaluate and configure vendors equipment function codes and standard parameter information such as data bits, stop bits, baud rate and parity to ensure communication is achieved at the highest speed.

B. Points to be integrated to MBCS

1. Each legacy BAS shall provide and display the following to the MBCS:

a. All hardware data points b. All alarms c. All time schedules d. All setpoints

2. Each legacy BAS shall provide this data by BACnet and all data points shall be provided at the MBCS server. All BACnet software shall conform to ANSI/ASHRAE Standard 135-2012 BACnet, incorporating all addenda. Any software or products which are not compliant shall be highlighted in the tender return. The MBCS Integrator shall indicate in the tender return how the BACnet interface shall be implemented.

3. All MBCS graphics shall be available for display via web browser. 4. The integrated points list, documented in the ICD, shall be maintained throughout the

project.

C. Interface to MPA IT Network

1. All MBCS and sub-system interface and integration shall be achieved over the building TCP/IP network. CAT6A structured cabling requirements and active equipment requirements will be provided by the MPA IT Contractor.

2. It is envisaged that integration will be performed at server to server level using the existing MPA IT network. If this is not possible, then an interface at field level shall be put forward for review.

3. MBCS Integrator shall provide MPA with drawings and schedules showing where and when IT outlets are to be provided.

4. 2 no. IT outlets are required at each interface point. One for permanent connection and one spare or local connect point for service engineer.

5. Allow to provide and install color coded CAT6A patch cables to connect the BAS into the MPA IT network. Coordinate with the MPA IT contractor for specific IT requirements.

6. To support MBCS peer to peer communications and traffic segregation, the MBCS and all connected sub-systems shall share the same broadcast domain. The MBCS and connected sub-systems shall be on the same VLAN across all MPA buildings.



7. Additional interface with MPA IT services include:

a. Network time server (NTP) b. Central Domain Controller (CDC) c. Backup Server/Storage Area Network (SAN).

2.4 SYSTEM CONFIGURATION

A. Virtual Server Hardware Configuration

1. MPA IT will provide server hardware, configure and build the virtual Windows servers. 2. MBCS Integrator shall provide a detailed specification of hardware and software

requirements to support the proposed system.

B. Network Addressing

1. It is preferred that all devices being attached to the IT Network shall be DHCP enabled.

2. A network addressing schedule shall be created, in conjunction with MPA IT and shall include device name, location, MAC address, IP address, subnet mask, DHCP range, specific port addresses required for router configuration and connected switch reference.

C. IP Version Support

1. All devices being attached to an existing IP network or a common IP infrastructure provided by others, shall provide support for both IPv4 and IPv6.

D. IP Device Communication Requirements

1. As a minimum, all devices shall comply with the following:

a. Fully configurable in terms of IP address, subnet mask and default gateway settings.

b. Fully TCP/IP compliant c. If wireless, shall comply with IEEE 802.11g and 802.11n d. Use a standard RJ45 or LC Fibre Optic connectors e. If supporting multiple speeds (e.g. 10 and 100 Mbps), shall support auto

sensing for both speed and duplex settings.

E. Master Timeclock Function

1. The MBCS system shall support a master time clock function. The master time clock shall be based on an external NTP (Network Time Protocol) time server.

2. The master time clock shall be used to synchronize all other real-time clocks on PCs, servers and controllers that make up the MBCS. The master time clock shall automatically change times and dates throughout the system for changes due to daylight savings, leap years and any other global calendar/time adjustments.

F. Active Directory

1. The MBCS shall support Active Directory technology for groups and users within its application. The MBCS Integrator shall coordinate with MPA the required groups and the user access levels to be able to access the MBCS Servers and software.

G. Web Server Functionality

1. The MBCS shall be provided with web server functionality which will enable remote access anywhere. The web server shall support Internet Explorer or any of the



browser equivalents. The web server shall have the facility to support a minimum of 20 concurrent client terminals at any one time and via any standard internet explorer package. The access shall include both text and graphical forms of information required. The system shall be configured to allow users/operators differing levels of access through passwords. Critical alarm configurations shall also be included to operate in the same manner as remote alarm printers.

2. The system shall use encrypted passwords and shall use these from active directories if connected to the client’s IP network.The supplied system shall be provided with licenses to support a minimum of 30 concurrent users who are able to log onto the system at any one time (via the Operators Station, Intranet or Internet). The system shall be capable of being upgraded to support more concurrent users at a later date. The MBCS Integrator shall indicate the maximum number of concurrent users and explain the limitations in the tender return.

H. Web Clients

1. Desktop PCs shall access the system as a thin clients utilizing Internet Explorer or equivalent. These clients shall be able to select the required reports and be able to manipulate data into personalized reports.

I. Virtualization

1. Backup for data and web servers will be provided by MPA IT.

J. Microsoft Server 2008 R2

1. The MBCS shall be capable of running on Microsoft Server 2008 R2 platform or equivalent.

2. The MBCS Integrator shall identify any specific requirements associated with automatic installation of hot fixes and service pack updates to the server.

3. Any MBCS software that is virtualized is not required to support Microsoft Server 2008 R2 platform.

K. Data/Web Servers

1. A fully automatic backup facility shall be provided, with the ability to also backup the system manually. It shall be possible to load selected files from this storage facility back on to the operator's station.

2. The MBCS servers shall contain sufficient hard disk capacity for all database and software requirements described within this Specification plus sufficient hard disk capacity for all graphic displays, historical records and trends as described below:

a. Historical Records 1,000,000 events b. Trends 10,000,000 samples

L. Server Duty/Hot Standby Functionality

1. Automatic redundancy shall be provided for the MBCS servers. Server status shall be monitored and displayed on the graphics, and in the event of the duty server failing an alarm shall be raised at the MBCS and control changed over seamlessly to the standby server. Reset of a software switch shall be required to reinstate control back to the duty server.

M. Laptop

1. Where specified a laptop shall be:

a. Used to interrogate the MBCS.



b. Supplied with a case, power supply and all necessary software to allow for local interrogation and programming, whether it be a copy of the head-end software, a dedicated programming/interrogation program or else a terminal emulation program. This software shall be password protected.

c. Able to either be plugged into any networked controller, or else plugged into a network connection point and once connected to the network, shall be able to access all control devices on the associated network.

2.5 BACnet Requirements

A. System Design and Implementation

1. Because the MBCS is integrating with legacy BAS from different manufacturers it is of vital importance that the BACnet elements of the system are implemented in a considered and fully documented manner.

2. The BACnet elements of the MBCS system shall be designed and implemented in accordance with the specification and the recommendations of the following documents

a. NISTIR 6392 “GSA Guide to Specifying Interoperable Building Automation and Control Systems Using ANSI/ASHRAE Standard 135-1995, BACnet”

b. “ASHRAE Guideline 13-2007 – specifying DDC Control Systems”.

3. The full set of BIBBs for each type of BACnet device shall be provided.

B. System Networking

1. If additional networks are required for the MBCS to interface to the legacy BAS, then the following networking requirements shall be followed.

2. BACnet shall be used throughout the DDC building automation and control internetwork at all levels.

3. The internetwork shall be configured such that if three or more networks are involved with different performance characteristics, then the faster networks shall be used to interconnect the slower ones.

4. Main plant and monitoring DDC controllers shall communicate over the provided converged Ethernet TCP/IP network using BACnet over IP. Network connections will support 10/100/1000Mbps connections, while the main network backbone consists of multiple 1Gbps and 10Gbps links.

5. A minimum of two network connection points will be provided at each DDC control panel location; one for connection of the DDC controller and one spare network point. Where there are VFDs associated with the DDC control panel, then another network point will be provided to allow connection of a BACnet IP to MS/TP router. A minimum of one DDC control panel in a plantroom will contain another network connection point to allow connection of a laptop computer for engineering purposes.

6. BACnet MS/TP networks shall be used to connect unitary/TEC controllers to each other and back to BACnet IP to MS/TP routers or DDC controllers with integral MS/TP ports. BACnet MS/TP network segments shall operate at 76Kbps.

7. BACnet MS/TP network segments shall generally be designed to incorporate a maximum of 32 devices per segment. In some instances where it is physically convenient to go beyond this number, approval shall first be obtained to do so, but the maximum permitted number of devices per segment is 40. Above this, two or more separate network segments shall be created.

8. VFDs shall be connected via BACnet MS/TP. Each system with VFDs shall have its own MS/TP network segment for its respective VFDs, e.g. an AHU’s supply and exhaust fan VFDs or a set of pumps, shall have their own network segment. Networks connecting VFDs from different systems are not permitted. These network segments shall be connected to a BACnet IP to MS/TP router or the associated DDC controller (if it has in-built MS/TP ports) within the associated system’s DDC panel.



C. Data Sharing

1. Data transmission

a. The following “read” data shall be available for transmission across the BACnet network for display at the Operator’s Workstation:

1) The value of each and every binary input, binary output, analog input and analog output.

2) Every setpoint. 3) Every calculated setpoint. 4) Every calculated value specified in the system narratives e.g. enthalpy

or air moisture content. 5) Every time schedule and calendar. 6) All readable information associated with optimum start programs e.g.

time of start, predicted start time, time setpoint achieved, maximum pre-start time etc.

7) All analogue and binary software points representing system status information e.g. duty selection, number of pumps required, normal or smoke clearance mode.

8) All plant hours run operation. 9) All adjustable alarm limits.

b. It shall be possible to read and display the value of any property (required, supported and proprietary) of every object of networked device.

c. The following “write” data shall be available for transmission across the BACnet network for adjustment from the Operator’s Workstation:

1) Every setpoint. 2) Every time schedule and calendar. 3) All writable information associated with optimum start programs e.g.

heating and cooling temperature setpoints, maximum pre-start time etc. 4) All writable analogue and binary software points representing operator

adjustable information e.g. pump or fan duty selection, plant auto/manual on/manual off modes

5) All adjustable alarm limits.

2. Global and Peer-to-Peer data exchange values

a. General global information for slow changing variables (such as the outside air temperature, humidity and enthalpy, plus any cooling demand signals) shall be transmitted at a minimum period of once a minute. Alternatively they may be transmitted on suitable change of values (COV) which are acceptable to MPA.

b. Global information passed between DDC controllers that forms part of the control strategy e.g. a common fan speed signal for AHUs in parallel, a failure signal from a duty AHU to a standby AHU or a water differential pressure sensor connected to a DDC controller remote from that controlling pump speed, shall be transmitted on change of value (COV). Binary values shall be transmitted immediately upon change. Analog values shall be transmitted once the value has changed since the last transmission at adjustable values suitable for the system, medium and normally sensed range of values.

c. Default COV difference values would be:

1) Chilled Water: 0.2 deg F 2) AHU and room temperatures: 0.5 deg F 3) Water temperature 0.5 deg F



4) Airflow 1/100 of setpoint or normal value. e.g. 10 cfm for a setpoint of 1000 cfm.

5) Humidity 1% 6) CO2 5ppm 7) Water flow 1/100 of setpoint or normal value. e.g. 10 gpm for a setpoint

of 1000 gpm. 8) Ductwork static pressure: 1/100 of setpoint or normal value. e.g. 0.01 in

WG for a setpoint of 1 in WG. 9) Pipework differential pressure: 1/100 of setpoint or normal value. e.g.

0.1 in WG for a setpoint of 10 in WG.

d. The above does not preclude the setting of COV difference values to lesser or higher values to optimise control loop performance.

e. TEC units shall be capable of Peer-to-Peer data exchange to allow the master/slave operation of FCUs, VAV boxes and chilled beams via the sharing of such data as temperature setpoints, required fan speeds, required valve positions, required airflows etc.

3. Alarm And Event Management

a. Operators shall have the ability to change alarm routing for each alarm including the destination for each alarm and alarm priority, the day of week and time of day.

b. Alarms generated in the legacy BAS sub-system which can automatically return to normal, i.e. space low temperature, shall be transmitted to the MBCS per the RFP. The alarm will be acknowledged at the legacy BAS, where part of the existing BAS functionality, and also at the MBCS.

c. Alarms generated in the legacy BAS sub-system which are additionally latched in the legacy BAS software, i.e. freeze condition, shall be transmitted to the MBCS per the RFP. If once the alarm is acknowledged and returned to normal at the BAS and the plant then requires a software reset at the BAS to restart the plant, then this software reset function shall be replicated at the MBCS to allow the MBCS operator to also restart the plant.

4. Scheduling

a. All calendar entries and time schedules shall be viewable and modifiable from the MBCS Operators Workstation.

5. Data Exchange

a. Data exchange software shall be provided. b. The MBCS shall provide functionality such that upon receipt of an input signal

from one legacy sub-system it shall provide an output signal to another legacy sub-system. The software shall support control logic to manipulate data.

6. Trending

a. The system shall be capable of both real-time plotting of data on the workstation screen and also the long-term historical storage of trend logs. Both analog and binary values shall be capable of being plotted on real-time and long-term trends of at least 5 years.

b. Scaling of axes for graphical trends shall be adjusted automatically or manually to suit the measured ranges.

7. Device And Network Management



a. An operator shall be capable of displaying the operational status of any device on the BACnet network.

b. An operator shall be capable of displaying any property of any BACnet object and shall be able to display property values of objects grouped by object type, object location, building etc.

c. An operator shall be able to force a field device to stop transmitting event or alarm information until an operator then gives a command to resume transmission.

d. An operator shall be able to set the time and date in any device on the BACnet network that supports time-of-day functionality. This capability shall be independent of any BACnet time master device that performs automatic time synchronization.

e. An operator shall have the ability to issue re-initialize commands to any device that supports re-initialization.

f. An operator shall have the ability to backup and restore all BACnet devices on the network that support this functionality.

g. An operator shall have the ability to display and modify the routing table entries in all provided BACnet half-routers and routers.

8. BACnet Objects

a. BACnet object name properties, in those devices where the object name is configurable, shall have the capability of being at least 50 characters long. Where applicable, the names uses shall be those given in the point descriptions within the equipment schedules. All object names shall be user configurable.

b. BACnet object names shall be at least 50 characters long. Where applicable, the names uses shall be those given in the point descriptions within the equipment schedules. This name shall be the one used to describe the point in all occurrences at the workstation including graphics, trend logs, alarms etc.

c. The Out_Of_Service property for all Analog, Binary, Multi-state, loop and Program objects shall be adjustable using BACnet services.

d. Each device object shall have a Description property and that the length available for the Description properties of other implemented object types shall be provided in the “Property Range Restrictions” portion of the device’s PICS.

e. All analog objects (Input, Output and Value) shall have the capability of using the change of value reporting mechanism and the COV_Increment property shall be writable using BACnet services.

f. The state text used for Binary Input, Output and Value objects (Inactive_Text and Active_Text) shall be configurable and appropriate for the object e.g. ‘Normal’ and ‘High Limit’ for a high limit thermostat.

g. Where ‘hours run’ is required for a point, the Elapsed_Active_Time and Time_Of_Active_Time_Reset properties shall be available. The Elapsed_Active_Time properties shall be writable so that the run time can be reset.

h. Controllers providing scheduling functions shall also provide at least one Calendar object with a capacity of at least 10 entries. It shall be possible to view all Calendar objects and make modifications from any BACnet workstation on the network.

i. If the Calendar’s Date_List property is writable using BACnet services, then all calendar entry data types shall be supported.

j. Proportional, Proportional plus Integral and Proportional plus Integral plus Derivative control loops shall be represented by Loop objects and that the tuning constant properties shall be writable. This shall include Update_Interval, Setpoint, Proportional_Constant, Integral Constant, Derivative Constant and Bias as a minimum.

k. All Loop objects shall have the capability of using the Change of Value reporting mechanism and that the COV_Increment property shall be writable using BACnet services.



l. Each multi-state Input, Output and Value object shall have its own representative text description for each state value and each object shall have the capability of using the Change of Value reporting mechanism and that the COV_Increment property shall be writable using BACnet services.

m. Schedule objects shall be provided as required by the Sequence of Operations. Schedule objects shall be assignable to single or multiple systems and it shall be possible to modify all schedule entries from a BACnet workstation.

n. It shall be possible to dynamically create instances of Averaging, Calendar, Event Enrollment Group, Notification Class, Schedule and Trend Log objects.

9. BACnet Services

a. Any Command Priority Schemes that require the use of assignable priority levels shall follow the operational priorities as required by the Sequence of Operations.

b. Workstation software shall have the capability of subscribing to COV notifications for all the BACnet Object types that support it.

c. Changes of value of globally shared data shall be distributed by means of Unconfirmed COV Notifications.

d. The main MBCS operator’s workstation shall act as the system Time Master and shall synchronise the MBCS systems using the local time value.

10. BTL Testing

a. All BACnet devices connected to the building network shall be BTL tested and listed.

11. PICS Statements

a. All BACnet devices connected to the building network shall have a PICS statement confirming that the device conforms to the relevant requirements of this specification.

b. At a minimum, the PICS shall demonstrate the device's BACnet capability by listing the following items

1) BACnet Standard Application Services Supported - This table confirms the BACnet services supported by the device. Refer to Annex A for detailed descriptions of these services.

2) Standard Object Types Supported - This table lists the device's supported object types as listed in Section 4.2 of the Standard. It also indicates if the object is dynamically creatable, dynamically deletable, optional supported properties, and writable properties.

3) Data Link Layer Options - Describes the network types supported for communications, e.g., Ethernet or MS/TP.

4) Special Functionality - Describes any special exceptions the device may have to the BACnet protocol in order to perform any specific function.

5) Property Range Restrictions - Indicates, among other things, the number of characters allowed for the various text properties, such as Object_Name and Description.

12. BACNet over I/P

a. BACnet MS/TP devices shall be connected to the IP network via BACnet Tunneling Routers conforming to Annex H of the Standard.

b. DDC controllers and other BACnet devices communicating via IP shall conform to Addendum 135a, BACnet/IP. For broadcast distribution, BBMDs shall also be provided or else appropriate arrangements made for the use of IP multicasting.



13. Routers

a. It shall be the MBCS Integrator’s responsibility to configure each router using the network numbering scheme agreed for the project.

b. Each router shall be configured such that all network layer error messages shall be directed to the Operator’s Workstation using the BACnet ConfirmedTextMessage service.

c. It shall be the MBCS Integrator’s responsibility to initially configure each router with routing tables containing all network numbers that are part of the project's network.

d. Routers shall be able to receive messages at each port of any length that is valid for the LAN technology connected to that port, and to forward the message to any directly-connected network that can convey a message of that size.

e. BACnet/IP addressing shall follow ISO 8802-3, f. Router shall support foreign device registration to allow temporary workstation

connect to the network. g. Router shall support BBMD to allow broadcast messages to be relayed across

the BACnet/IP network.

14. Message Segmentation

a. All BACnet devices shall support the reception of messages up to the largest size permitted by the LAN technology or support reception of segmented messages.

b. All BACnet devices shall support the transmission of messages up to the largest size permitted by the LAN technology or support transmission of segmented messages.

c. All workstations shall support both segmented message transmission and segmented message reception.

d. All BACnet Building Controllers shall support both segmented message transmission and segmented message reception.

15. (B-GW) BACnet Gateways

a. The system shall support gateways that allow communications between BACnet and non-BACnet devices.

b. Gateways shall be available to allow communication between BACnet and proprietary protocol systems through the use of industry developed and tested and proven drivers.

c. Gateways shall support BACnet/IP and Change of Value (COV). d. Gateways shall be capable of bi-directional communications and be capable of

both read-only and read/write operation. e. Gateways shall support the trending of non-BACnet point data by BACnet

devices. f. Refer to the system sequences of operation and the point schedules for further

details of points to be monitored and/or controlled. g. At the BACnet protocol level, the B-GW shall act as a BACnet server. h. B-GWs shall support Change Of Value (COV). i. B-GW shall support the following BACnet interoperability areas from Annex K

of the BACnet standard [8], Data Sharing, Alarm and event management, Scheduling, Trending, Device network management.

j. B-GW shall support all BACnet object types.

2.6 POINT NAMING CONVENTIONS

A. Point names shall have the following information:



1. Site Id /Building Id / System Id / Space Type / Point Type□□□□ □□□□ -□□□□- -□□□□ -□□□□

a. Site Id: shall be provided using 1 character identifier ( L=Logan, H=Hanscom, M=Martime, W=Worcester)

b. Building Id: shall be provided using a 4 character identifier. (EXAMPLE Bldg # 2 = 0002)

c. System Id: category (air distribution, plant, process, spaces, utilities) d. Space type: (e.g., floor, room, zone) e. Point Type: (e.g., zone temperature, signal, power)

2. Point names shall be applied consistently on all systems. Point type descriptions shall be in accordance with the RFP. The MBCS Integrator shall make allowance for changing all point names when transferring data from legacy BAS to MBCS in order to ensure future consistency.

2.7 SYSTEM ARCHITECTURE

A. The MBCS Integrator shall propose the system architecture which will utilize BACnet/IP over Ethernet.

B. If integration of a sub-system cannot be implemented utilizing BACnet/IP over Ethernet then the MBCS Integrator shall propose an alternative method.

2.8 ALARM PROCESSING

A. Alarm management shall be developed to meet MPA’s requirements.

B. Alarms shall be classified by their alarm type. Each alarm shall be provided with a parameter for enabling and disabling on the system.

C. Once generated, the alarm shall be processed by its associated alarm type as follows:

1. General Mismatch 2. Critical Mismatch 3. General Binary 4. Critical Binary 5. General Analog 6. Critical Analog

2.9 CONFIGURATION

A. Configuration data shall be stored in the DDC Controllers or the Terminal Unit Controllers. Configuration data shall include but not be limited to the following:

1. The unit applicable (degF, CFM, psi, etc.) 2. The point identifier (minimum of 12 characters). 3. The point alarm message if applicable (minimum of 80 characters). 4. The point descriptor (minimum of 32 characters).

2.10 Data Historian

A. Data historian software shall be provided.

B. The software application shall have the ability to historically log data from any accessible data over a pre-defined time period.



C. The historian software shall have the ability to store the data in an easily accessible format, the preferred format being MS SQL Server. The historian should have the ability to display the data in either tabular format or via a graph.

D. The historian shall have the ability to export the stored data to a number of different software applications for use by the Client, and these should include no less than MS Excel and an SQL database. The software should have the ability to export the data automatically on a pre-defined time period basis.

2.11 MBCS WORKSTATION COLORGRAPHICS

A. General

1. The workstation graphic user interface (GUI) shall minimize operator training through the use of English language prompting and point identification with on-line help and industry standard PC application software. Web based colorgraphics.

2. MBCS workstation shall be provided with a web server computer with web page presentation, data acquisition and storage functionality. The Web server shall be configured in such a way that there is no software imposed limit to the number of simultaneous users. Web server to include:

a. Data Sharing: Presentation of data (user definable reports and graphics, ability to monitor and display the values of all BACnet object types, including all required and optional properties, ability to modify setpoints and parameters.

b. Alarm and Event Management: Operator notification and presentation of event notification, Alarm acknowledgement by operators, alarm summarization, adjustment of alarm limits, adjustment of alarm routing.

c. Scheduling: modification of schedules, display of the start-stop times (schedule) of scheduled devices.

d. Trending: Modification of the parameters of a trend log, display and archive of trend log.

e. Device and Network Management: display of information about the status of any device on the BACnet internet work. Ability to silence a device on the network that is transmitting erroneous data, ability to cause a remote device to reinitialize itself, ability to backup and restore the configuration of devices on the local BACnet network and the ability to query and change the configuration of local BACnet routers.

3. The software shall provide a multi-tasking Microsoft Windows environment that allows the user to run several applications simultaneously.

4. Provide a GUI which shall minimize the use of a typewriter style keyboard through the use of a mouse or similar pointing device and “point and click” approach to menu selection. Users shall be able to start and stop equipment or change setpoints from graphical displays through the use of a mouse or a similar pointing device. Provide functionality such that all operations can be performed using keyboard as a back-up interface device.

5. The software shall provide a multi-tasking Windows environment that allows the user to run several applications simultaneously. Other Windows applications shall run simultaneously with the MBCS software including Word and Excel. Provide functionality such that any of the following can be run simultaneously, and in any combination, via user sized windows. The operator shall be able to drag and drop information between applications (e.g. click on any point in the alarm screen and drag it into the dynamic trend graph screen to initiate a dynamic trend).

6. Operator specific password access protection shall allow the user to limit workstation control, display, and data base manipulation capabilities for each object in the system. An object shall be defined as any input or output point, setpoint, system program, etc. Operators shall only be able to perform only those commands on the objects available based on their respective passwords. Menu selection displayed



shall be limited to only those items defined for the access level of the password used to log-on.

7. An audit trail report to track system object changes, accounting for operator initiated actions, changes made by a particular person or change made to a specific piece of equipment. The operator activity tracking data shall be stored in a tamper proof buffer.

8. Software shall allow the operator to perform commands including, but not limited to start-up or shutdown of equipment, adjust setpoints, time programming, enable/disable process execution, lock/unlock alarm reporting, enable/disable totalization, enable/disable trending, override PID setpoints, enter temporary override schedules, define holiday schedule, change time/date, enter/modify analog warning and alarm limits, view limits.

9. Reports shall be generated and directed to either display, printers or disk. As a minimum, the system shall allow the user to easily obtain the following types of reports: A general listing of all points in the system, list of all points currently in alarm, list of all points currently in override status, list of all disabled points, list of all points currently locked out, list of all weekly schedules, DDC controller point module status report, summaries, etc.

10. Provide a custom reporting package that allows the operator to select, modify, or create custom reports. Each report shall be definable as to data content, format, interval and data. Report data shall be archived on hard disk for historical reporting. Spreadsheet packages which require off-line execution or manual translation of data files from one program format to another are not acceptable.

11. Provide a graphical spreadsheet-type format for simplification of time of day scheduling and overrides of building operations.

12. Provide trending capabilities that allow the operator to easily monitor and preserve records of system activity over an extended period of time. All MBCS and integrated system points may be trended automatically (at the same time) at time-based intervals or changes of value, both of which shall be user-definable. Trend data may be stored on hard disk for future diagnostics and reporting. MBCS server shall be capable of storing all temperature, humidity, CO2, kWh, kW, , recording in 15 minute intervals for 2 years before storage. Data trend report graphics shall be provided to allow the user to view all trended point data. Reports may be customized to include individual points or pre-defined groups of at least 15 points. Provide additional functionality that allows any trended data to be transferred to an off the shelf spreadsheet package such as Excel.

13. Provide animated color graphic floor plan displays and system schematic for each piece of mechanical equipment, including AHU’s, chilled water systems, etc. to facilitate and optimize system performance analysis and speed alarm recognition. The operator interface shall allow users access to various system schematics and floor plans via a graphical penetration scheme, menu selection or text based commands. Dynamic temperature, humidity, pressure and status indication shall be shown in their actual respective locations on schematics and floor plans to represent current condition without operator intervention. The windowing environment of the workstation shall allow the user to simultaneously view several graphics at a time to analyze total building operation or to allow the display of a graphic associated with an alarm to be viewed without interrupting work in progress. Graphic generation shall software shall be provided to allow the user to add, modify, or delete graphic displays via an off the shelf graphics package. Provide an automatically updated, dynamic display of the site specific BAS architecture indicating the status of all controllers and workstations.

14. The workstation colorgraphics (schematics and floorplans) shall be set-up with dynamic data. MBCS Integrator shall coordinate colorgraphic requirements with MPA.

15. Example Graphics scheme shall be as follows:

a. The colour graphics shall incorporate automatic updating of real time field data that shall spell out in plain English any current condition, value, or action.

b. Each graphic shall incorporate up to 40 freely assigned connected or calculated points.



c. All plant symbols shall be drawn in a fashion so as to represent plant items and control devices shall be of a similar format to those shown under ‘Sample Graphics’. Standard symbols libraries shall be augmented by user defined symbols. Editing features for adding, deleting and modifying data, shall be provided. Access to the colour graphics features shall be controlled so that only designated operators can display or modify files.

d. Each and every input, output and calculated BAS point shall be placed on an associated graphic display. Unless there is a specific requirement to use a distinct graphics style e.g. to tie in with existing BAS graphics or a MPA standard graphics requirements, then the graphics shall be constructed as described below.

e. Each and every system shall be provided with a separate graphic display comprising a system overview screen, and engineering screens. For large systems several engineering screens shall be required to display all relevant information and setpoints. These displays shall be linked as described below.

f. It shall be possible to interrogate each item of plant or system by graphic penetration. That is, all graphics shall be constructed in levels as follows:

1) Level 1 Graphic detailing site overview. 2) Level 2 - Graphic detailing building/block overview. 3) Level 3 - Graphic detailing systems on each floor/within each plant

room. 4) Level 4 - Graphic detailing a 2D system schematic. 5) Level 5 - Graphic(s) detailing system engineering parameters and

setpoints. 6) Level 6a - Graphic detailing system description of operation (or a link

to a read only file containing the description of operation). 7) Level 6b - Graphic displaying system strategy diagram or flow chart

(or link to a read only file containing the system strategy diagram or flow chart).

8) Level 7 - Empty user definable graphic screen.

16. Each system shall be provided with graphics for different user groups, populated according to the needs of Engineering and Building Control users. For Building Control graphics, provide a basic display of plant operating status and environmental conditions. For Engineering graphics, provide more detailed plant status and environmental conditions. The points to be displayed for each user group and each typical system type are detailed in the RFP.

17. The system software shall accept up to 10 levels of graphics. Changing from one graphic to another graphic shall be by the use of 'click' boxes on the graphics.

18. It shall be possible for a system operator to navigate from any level 4 Graphic to any other level 4 graphic in no more than four 'click' box operations.

19. Graphical representation of all plant and plant symbols (i.e. schematics) shall be two-dimensional in representation. Refer to ‘Sample Graphics’.

20. Level 2 graphics shall show environmental conditions in all spaces where measured. Measured values shall be displayed numerically and with graduated colour scale shading on plans to aid quick assessment by the user of space conditions.

21. Level 3 graphics shall provide plant overview for Building Control Users. 22. Level 4 graphics shall be the Engineering user’s operators 'window' to the system.

They shall show the main functionality of the system, whether the system is 'required to run' and whether the system is 'available to run'. If a system is required to run but is not available then the operator would interrogate the system via the level 5 and 6 graphics which would contain the detailed operational information.

23. Primary system setpoints (such as supply air temperature) shall be displayed and accessible from the level 4 graphics. All other setpoints shall be accessed via level 5 graphics only. Where setpoints are calculated or scheduled within software, then the calculated value can be displayed on level 4 graphics, but shall be 'greyed out', so as to indicate to the operator that it is non-accessible.



24. Where fans/pumps are variable speed, the drive enable, run and BAS speed outputs only shall be displayed on the level 4 graphic. All other drive related information shall be displayed on level 5 graphics.

25. All level 4 graphic screens shall comprise as a minimum the following:

a. Date, time, outside air temperature and humidity. Outside air enthalpy (where required).

b. Primary system setpoints (e.g. supply air temperature). c. Safety Interlock status. d. Plant command (on/off). e. Plant status (e.g. fan, pump, boiler, etc). f. Measured values (e.g. temperature, humidity, static pressure, etc). g. Output values (e.g. valve and damper position etc). h. Alarms. i. Critical/safety overrides (e.g. fire shutdown). j. Associated graphic 'click' boxes. k. Facility to link to trend logs for all displayed plant values and status. l. Facility to link to system description of operation.

26. Level 5 graphic screen shall comprise as a minimum the following:

a. Date, time, outside air temperature and humidity. Outside air enthalpy (where required).

b. All setpoints/schedules. c. Optimum start/fixed time program settings. d. Plant command status (e.g. optimum start, fixed time start, boost, night low

temperature cycle, manual, etc). e. System demand signals. f. Control loop parameters. g. Plant run time status and associated hours run resets. h. Normal overrides (e.g. primary heating loop temperature, enthalpy, standby

power shutdown). i. System fault reset button(s). j. Associated graphic 'click' boxes. k. Facility to link to trend logs for all displayed plant values and status. l. Facility to link to system description of operation. m. Should a graphic be too large to place on a single display, it shall be

segmented and each portion placed on separate graphics joined by 'click' boxes.

27. All setpoints defined in the RFP shall be able to be modified via the graphic displays. 28. It shall be possible to manually override (force) on/off each system and individual

points via the applicable graphic screen. Indication shall be provided on a graphic when a system has been manually overridden and for each and every individual point overridden. The manual overrides shall be configured such that a competent operator with sufficient access rights shall have the ability to override system and individual points. An operator with lesser access rights shall have the ability to override complete systems only.

29. The colour of each point/symbol on a graphic display shall represent a different condition associated with the point/symbol. Symbol colours shall be in compliance with the basic guide below and as represented in the typical graphic samples.



30. The conditions of each point as described below are the minimum requirements.

Off White On/Enabled Green Overridden Off White with 'hand' symbol Overridden On Green with 'hand' symbol Alarm/Mismatch Alarm Red Loss of communication Display to product manufacturer's standard default

31. Based upon the above representations the following examples are given for a pump or fan:

a. If a pump or fan is enabled and a running status has been received by the BMS then the outer section of the symbol (enable output) would be green and the inner section of the symbol (run status) would be green.

b. If a pump or fan were switched off by the BMS but overridden via the BMS/graphics by the operator then the outer section of the symbol would be green and the inner run status of the symbol would be green. Additionally a 'hand' symbol would be adjacent to the pump or fan symbol and a plant override alarm would be present on the BMS system.

c. If a pump or fan is disabled and a running status has been received by the BMS (but has not been overridden via the graphics by the operator) then the outer section of the symbol would be white and the inner run status of the symbol would be green. Additionally a plant mismatch alarm would be present on the BMS system and a red flashing 'mismatch alarm' banner would be present on the graphics adjacent to the pump or fan symbol.

d. If a pump or fan is enabled and a running status has not been received after the flow proving period then the outer section of the symbol would be green and the inner run status of the symbol would be red. Additionally a plant mismatch alarm would be present on the BMS system and a red flashing 'mismatch alarm' banner would be present on the graphics adjacent to the pump or fan symbol.

32. Positions of all items such as modulating dampers and control valves shall be shown as a percentage open figure adjacent to the symbol. Dynamic representation of damper positions shall be accepted in addition to the percentage figure where this is available.

33. Where dampers and control valves are open/close types, then the controlling output and input status shall be represented in words. Where required mismatch alarms shall be adjacent to the word banners.

34. All ductwork shall be drawn to the same width as the symbols for plant items within that ductwork or AHU.

35. All sensors shall have 'failure' and 'out of limits' alarms displayed on level 4 graphics. If either condition occurs the device symbol shall turn from white to red and flash. A red flashing banner with white text adjacent to the sensor shall indicate which state has caused the alarm. Stem and capillary temperature sensors shall be represented by different symbols.

36. Plant and field equipment references (tags) used in the Equipment Schedules shall be included on all graphic screens. Where available, tag references shall normally be hidden, to be highlighted when the cursor is placed over the device, or shall have the facility to be turned on and off via a button on the graphic.

37. The background colour for the entire graphic shall be light grey. The specific shade chosen shall enhance the graphic display and not obscure any on-screen data.

38. In addition to those graphics mentioned previously the following shall also be provided on separate graphics:



a. All DDCPs and TECs detailing their number and location. b. The BAS network and all items of intelligent BAS equipment complete with

addresses and locations.

B. Sample Graphics for Engineering User Group

1. The following sample graphics are not project specific but are for indication of style only.

a. Sample of a Typical Level 4 Graphic Office (Office AHU1-System 1)

100%1/CDM/2

20%1/CVM/1

1/HDX/1

100%1/CDM/1

1/TSX/1XXXoC

0%1/CVM/2

0%1/CDM/3

1/DPX/21/DPX/1

20.6oC1/TAX/2 SETPOINT

20oC

1/QDX/130m3/s

OFFICE AHU 1 - SYSTEM 1

60%rH1/TAX/120.2oC

ENTHALPY 18kJ/kg

1/TSX/11/HDX/260%rH 3.0oC

ENTHALPY 36kJ/kg

OUT OF LIMITS

FAILURE

80% DIRTY

20% DIRTY

Outside Air TemperatureOutside Air Humidity

17.2oC56%rH

98%

0%

BUILDING LAYOUTDESCRIPTION OF OPERATION

SYSTEM 1 INTERLOCKS AND STATUS

SYSTEM 1 SETPOINTS

VAV UNIT MENUS

LTHW SYSTEMS

MAIN MENU

CHILLED WATER SYSTEMS

SYSTEM AVAILABLE TO RUN

SYSTEM REQUIRED TO RUN

298PaSETPOINT

300Pa1/SPX/1

27m3/sSETPOINT

27m3/s1/QDX/2

YES

FAULT

Customer's Logo

SF1

EF1

b. Sample of a Typical Level 5 Graphic (Office AHU1 – System 1, ‘Interlocks and

Status’)

SYSTEM AVAILABLE TO RUN FAULT

FAULT RESET

SYSTEM REQUIRED TO RUN YES

OPTIMISER STARTUP

OCCUPANCY TIMECLOCK

BOOST MODECOOL DOWN MODE

OFF

ON

OFFOFF

LOW LIMIT PROTECTION OFF

OPERATING MODE

MANUAL SYSTEM OVERRIDE AUTO

FIRE ALARM STATUS

MAIN SYSTEM INTERLOCKS

HEALTHYFIREMANS OVERRIDE SWITCH AUTO

MCC PHASE STATUS HEALTHY

MCC ISOLATOR STATUS HEALTHY

AHU SYSTEM 1 INTERLOCKSFROST SHUTDOWN INTERLOCK HEALTHY

ECONOMISER OVERRIDE NORMAL

MINIMUM OUTDOOR AIR BEING OVERRIDDEN NORMALPLANT OPERATING ON ZERO OUTDOOR AIR NORMAL

PLANT FROST SHUTDOWN ALARM HEALTHY

OFFICE AHU 1 - SYSTEM 1INTERLOCKS AND STATUS

Customer's LogoOutside Air TemperatureOutside Air Humidity

17.2oC56%rH

FAN FAULT

FAN ENABLED FAN RUN

OUTPUT CONTROL SIGNALINVERTER FEEDBACK SIGNALFAN TEST OVERRIDEHOURS RUN

ENABLEDSTOPPEDHEALTHY

100%0%

IN TEST350

SUPPLY FAN STATUS

ENABLED

HEALTHYRUNNING

100%98%

NORMAL349

FAN FAULT

FAN ENABLED FAN RUN

OUTPUT CONTROL SIGNALINVERTER FEEDBACK SIGNALFAN TEST OVERRIDEHOURS RUN

EXTRACT FAN STATUS

DEMAND SIGNALSDEMAND PRESENT FROM VAV UNITSDEMAND SIGNAL TO LTHW

DEMAND SIGNAL TO CHILLED WATER

YES

NOYES

SYSTEM 1 SETPOINTS BUILDING LAYOUT

VAV UNIT MENUS

LTHW SYSTEMS MAIN MENU

CHILLED WATER SYSTEMSSYSTEM 1 MAIN GRAPHIC



c. Sample of a Typical Level 5 Graphic (Office AHU1 – System 1, ‘Setpoints’)

OFFICE AHU 1 - SYSTEM 1SETPOINTS


17.2oC56%rH

SYSTEM 1 MAIN GRAPHIC

SETPOINTS ON THIS PAGE ARE PASSWORD PROTECTED

21.0oC

20 mins

35.0oC

10.0oC

15.0oC

16.0oC

60.0oC

30 mins

5 mins

OPTIMUM START INTERNAL SPACE SETPOINT

PRIMARY SYSTEM OPTIMUM START PRE-EMPTIVE TIMER

BOOST MODE MAXIMUM SUPPLY AIR SETPOINT

COOL DOWN MODE SUPPLY AIR SETPOINT

STARTUP DELAY BEFORE INITIATING OUT OF LIMITS ALARMS

TIME DELAY BEFORE INITIATING ECONOMISER OVERRIDE

INITIATE LOW LIMIT PROTECTION SETPOINT

DISABLE LOW LIMIT PROTECTION SETPOINT

BOILER FLOW TEMPERATURE, AHU STARTUP INTERLOCK SETPOINT

SYSTEM 1 INTERLOCKS AND STATUS LINK TO BUILDING LAYOUT

LINK TO VAV UNIT MENUS

LINK TO LTHW SYSTEMS LINK TO MAIN MENU

LINK TO CHILLED WATER SYSTEMS

1.0oCSUPPLY AIR TEMPERATURE OUT OF LIMITS ALARM SETPOINT +/-

d. Sample of a Typical Level 4 Graphic (Primary Heating – System 100)

100/TIX/1 100/TIX/2 100/TIX/378.1oC 76.4oC

PRIMARY HEATING - SYSTEM 100

OUT OF LIMITS

Outside Air TemperatureOutside Air Humidity

17.2oC56%rH

BUILDING LAYOUT

DESCRIPTION OF OPERATION


SYSTEM 100 TEMPERATURE SETPOINTSMAIN MENUSYSTEM AVAILABLE TO RUN


FAULT

Customer's Logo

M

FLOW NO FLOWFLOW

56.5oC 100/TIX/477.2°C

100/TIX/5105.9oC

100/QPX/16.3 l/s

100/THL/1HEALTHY HWS CIRCUIT SYSTEM 103

CT CIRCUIT SYSTEM 101

VT CIRCUIT SYSTEM 102

CT CIRCUIT RETURN

VT CIRCUIT RETURN

HWS CIRCUIT RETURN

PRESSURISATION UNITUNIT HEALTHY

100/HPS/1HEALTHY

100/LPS/1HEALTHY

LOW FIRE

H/TEMP OK

LOW OFF

BOILER 2

LOW OFF

BOILER 3BOILER 1

P1 P2 P3

HIGH FIRE HIGH OFF HIGH OFF

LOCKOUT OK

H/TEMP OK

LOCKOUT OK

H/TEMP OK

LOCKOUT

P1 P2

SAFETY CIRCUITSPANIC BUTTON

GAS DETECTION

GAS VALVE STATUS

FIRE ALARM

HEALTHY

OPEN

HEALTHY

SYSTEM HEALTHY

DETECTOR HEALTHY

FIREMANS OVERRIDEAUTO

e. Sample of Typical Level 5 Graphic (Primary Heating – System 100 ‘Interlocks

and Status)



RESET

RESET

RESET

RESET

RESET

RESET

SYSTEM AVAILABLE TO RUN FAULT

FAULT RESET


CT SECONDARY SYSTEM DEMAND

PRE-EMPTIVE SYSTEM START

VT SECONDARY SYSTEM DEMANDHWS SECONDARY SYSTEM DEMAND

ON

OFF

OFF

OFF

STAGE 1 FROST PROTECTION OFF

OPERATING MODE

STAGE 2 FROST PROTECTION OFF

FIRE ALARM STATUS

MAIN SYSTEM INTERLOCKS

HEALTHY

FIREMANS OVERRIDE SWITCH AUTO

MCC PHASE STATUS HEALTHY

MCC ISOLATOR STATUS HEALTHY

PRIMARY HEATING SYSTEM 100 INTERLOCKSPLANTROOM PANIC BUTTON STATUS HEALTHY

GAS DETECTION SYSTEM STATUS HEALTHY

GAS DETECTED NORMAL

GAS VALVE STATUS OPEN

SYSTEM LOW PRESSURE ALARM HEALTHY

PRIMARY HEATING - SYSTEM 100INTERLOCKS AND STATUS


17.2oC56%rH

BOILER 1 HOURS RUN 195

SYSTEM HIGH PRESSURE ALARM HEALTHY

HOURS RUN DATA

BOILER 2 HOURS RUN 190BOILER 3 HOURS RUN 198

PRIMARY PUMP P1

PRIMARY PUMP P2

PRIMARY PUMP P3

195

198

199

BOILER SEQUENCE

REQUIRED SEQUENCE 3-1-2

OPERATING SEQUENCE 1-2-3

P1/B1 STATUS

P2/B1 STATUS

P3/B3 STATUS

B1 H/TEMP OKP1 HEALTHY

B2 H/TEMP OKP2 FAULT

P3 FAULTSYSTEM MANUAL OVERRIDE AUTO

SYSTEM 100 TEMP. SETPOINTS

BUILDING LAYOUT

MAIN MENU


B3 H/TEMP OK

B1 LOCKOUT OK

B2 LOCKOUT OK

B3 LOCKOUT

f. Sample of a Typical Level 5 Graphic (Primary Heating – System 100

‘Temperature Setpoints’)

PRIMARY HEATING - SYSTEM 100TEMPERATURE SETPOINTS


17.2oC56%rH

SETPOINTS ON THIS PAGE ARE ADJUSTABLE VIA SOFTWARE ONLY

BOILER SEQUENCE WITH ONE PRIMARY PUMP ENABLEDLOW FIRE ON LOW FIRE OFFHIGH FIRE ON HIGH FIRE OFF

66oC 68oC56oC 58oC

BOILER SEQUENCE WITH TWO PRIMARY PUMPS ENABLEDB1 LOW FIRE ON B1 LOW FIRE OFFB1 HIGH FIRE ON B1 HIGH FIRE OFF

68oC 69oC63oC 64oC

B2 LOW FIRE ON B2 LOW FIRE OFFB2 HIGH FIRE ON B2 HIGH FIRE OFF

58oC 59oC53oC 54oC

BOILER SEQUENCE WITH THREE PRIMARY PUMPS ENABLEDB1 LOW FIRE ON B1 LOW FIRE OFFB1 HIGH FIRE ON B1 HIGH FIRE OFF

68.7oC 69.7oC65.3oC 66.3oC


62.0oC 63.0oC58.7oC 59.7oC


55.3oC 56.3oC52.0oC 53.0oC



LINK TO BUILDING LAYOUT

LINK TO MAIN MENU

g. Terminal Unit Graphics

1) Floor layout graphics shall be provided for all terminal units (e.g. FCUs, VAV boxes, chilled beams) showing for each terminal unit its location, reference number and space/return temperature value. Each terminal unit shall be represented by an active colour coded symbol - grey when disabled and yellow when enabled. Each terminal unit shall also be provided with an operational mode spot – either red, blue or no spot to indicate whether they are in a heating mode, cooling mode or are neither heating or cooling.



2) Each time program associated with a zone of a floor layout graphic shall be provided with direct link from that graphic.

3) A click box/hot spot shall be provided for each terminal unit to access a dedicated graphic for that unit. This graphic shall provide full information status including current mode of operation, i.e. time program status (occupancy/non-occupancy), heating boost, cool down, fabric low limit protection, extension time, fire status etc.

4) All input values, output values, settings and control parameters in the terminal unit IUCs shall be displayed on the individual terminal unit graphic and shall be adjustable from the graphic.

5) In addition, the terminal units shall be listed in tabular format on a separate set of graphics (15 terminal units maximum per graphic) on a floor by floor basis to enable the operation of a large number of terminal units to be compared at once. Information to be displayed per terminal unit shall include reference number, control sensor value, setpoint(s), status, valve and/or damper output values.

2. Information Redirection

a. It shall be possible for the system to redirect information to other (or future) operator's stations and/or printers on a time schedule basis (including holiday programming) or manual command basis. For example, all alarms may be re-directed from the MBCS alarm printer to the security room alarm printer, after hours.

2.12 USER (PROFILE) MANAGEMENT

A. The MBCS Integrator shall liaise with MPA to set up a set of standard user profiles for use on the system. These profiles will range from a super-user level with full access and full system administration rights, through building specific users, down to ‘look only’ users. A minimum of 10 standard user profiles shall be configured. The user profiles will be assigned to a minimum of 100 users.

B. Once a profile is assigned to a specific user, their standard profile shall only be altered by a user with the necessary system access level.

C. Initial user profiles shall be as follows:

1. Level 1 (Read, Edit, Command),i.e. full administrative access 2. Level 2 (Read, Command), i.e. basic user to view, start/stop equipment and devices,

override points, scheduling and adjust setpoints 3. Level 3 (Read only)

D. User levels shall be configurable to individual pieces of equipment and locations.

2.13 SYSTEM LOGS AND REPORTS

A. An operator shall be able to display system logs on any PC or print logs on any printer. Logs as a minimum shall include:

1. Critical alarm summary log. 2. Critical and general alarm summary log. 3. Summary of all current alarms. 4. Status logs which include a review of selected system points (e.g. a graphic display

or logical group). 5. Time schedules logs, which print all or selected time schedules. 6. Trend logs, which display real time values of selected points in a graphical/graph

format. Up to four points (minimum) shall be able to be displayed on each trend log. These logs shall be capable of updating at one second intervals.



7. Historical trend logs, which log the value of selected points as recorded at predetermined intervals. Sample times for each point to be logged shall vary from 5 seconds to 24 hours.

8. Hours run values for selected or all equipment. 9. Accumulated register values for selected or all equipment. 10. Change of state conditions for selected or all equipment.

B. In addition, an operator must be able to record, format, display and/or print out information, as detailed above, on a building controller or point ID basis.

C. The point ID basis allows an operator to enter in all or any part of a point identifier complete with wild cards. The system will then perform the required function (i.e. search, record, print etc.) on all points which have common identifier characters to that entered.

D. A print screen function shall also be available.

E. The MBCS shall be able to arrange all data in a format compatible with Microsoft Excel software or an approved equivalent, which shall also be supplied with the system.

F. Historical and calculated data shall be able to be displayed in standard graphical chart formats e.g. standard trend format, BAR chart (2D &3D), Pie (2D & 3D), X/Y Scatter chart etc.

G. Real time and historical trend logs shall be user configurable and points to be trended shall be selected from a drill-down menu structure e.g. building, then system then point.

H. It shall be possible to display real time and historical trend log data in both graphical and numerical formats. It shall be possible to select from either a number of pre-set time periods (month, week, day etc.) for the data display, or else for a user to specify particular start and end dates and times for the data display.

I. Once a trend display is on the screen, it shall be possible to both zoom in on particular areas of interest and to zoom out to show data from a wider time span.

J. Trend displays of binary data e.g. fan status, shall have displays where all lines are either horizontal or vertical. Displays shall not link start and stop event with diagonal lines.

K. The MBCS shall be able to produce reports either on a timed or demand basis. Reports shall have the ability to combine data from multiple buildings and present the data, along with pre-programmed text, in a single report form. Reports shall be user-configurable but pre-configured report forms shall also be provided to cover:

1. Weekly and monthly energy consumption on a site and building basis. 2. Weekly and monthly water consumption on a site and building basis. 3. Weekly and monthly LEED information. 4. Weekly and monthly environment/health related information such as exceeded CO2

levels and potable water storage temperatures. 5. Weekly and monthly alarm summaries, listing the number of each priority alarm on a

building by building basis,

L. User-configurable reports shall be able to use and mix real and virtual point data, calculated values, alarm data etc. on the same report.

M. When an operator's station is being used for spreadsheet purposes and other similar programming functions, which may not be directly related to the monitoring and control aspects of the system, it shall continue to monitor, display and annunciate alarms upon their occurrence.



N. Once the hard disk unit of an operator's station is 90% full it shall raise an alarm to indicate this.

2.14 REPORTS

A. The MBCS shall allow the user to produce Reports which provide results, processed data and averaged values over a specified time period.

B. The following reports are available to the user by default:

1. Points currently overridden 2. Historic alarms 3. Current alarms 4. User logs indicating any changes made with user Id, date and time 5. Trend of any monitored point

C. Users shall be able to develop customized reports. Reports shall be viewable on the BMS graphics with the facility to save in Postscript Data File (PDF), text, HyperText Markup Language (HTML) or Comma Separated Variable (CSV) file format for printing or archiving.

2.15 PERSONAL DIGITAL ASSISTANTS(PDA)/SMART PHONE DEVICES

A. The system shall support the use of PDAs or Smart Phone Devices for remote monitoring of systems over the building WiFi IT networks.

B. The system and graphics shall be configured (and separate graphics provided if necessary to suit a small screen format ) to support the following functionality:

1. Tailored graphics to permit interface and status overview of equipment and systems. 2. Targeted alarm notification and escalation to specific users or groups of users for

alarms. Notification of alarms by Email, SMS by the thin client on the device. 3. Alarm Acknowledgement. 4. An alarm console for alarm notification.

2.16 INTERFACES TO 3RD PARTY SOFTWARE PACKAGES

A. Provide capability to transfer sub-system data such as alarms, hours run etc. to a Computerized Maintenance Management System.

1. Provide capability to interface to other systems including:

a. Energy monitoring and reporting b. Airport operational database c. Airport enterprise and billing systems

2.17 CONTROL PANELS

A. Enclosures

1. It is envisaged that integration will be performed at server to server level using the existing MPA IT network. If this is not possible in all cases and interface devices are required in the field, then these shall be put forward for review, and enclosures shall be provided.

2. All MBCS panels shall be metal enclosures containing the controller, power supplies, termination strips, battery (if not integral to the controller or I/O module) and a spare AC outlet.

3. All penetrations of the panels in mechanical rooms shall be from the bottom of the enclosure with wireway and conduit stubs from the wireway up to the panel.

4. All transformers and power supplies shall be mounted outside of the central panel.



5. Enclosures located in mechanical rooms shall be NEMA 4. 6. Enclosures located in relatively dust free and dry spaces may be NEMA 1. 7. Enclosures shall be mounted on walls or free-standing supports. 8. Provide enclosures with key lockable doors.

B. Power Supplies

1. 120VAC power supplies will be provided by MPA local to each enclosure. 2. MBCS Integrator shall provide final connections to the enclosure. 3. The MBCS Integrator shall certify, in writing, at the time of shop drawing submittal

that the equipment provided will not cause, as a result of its operation, either directly or indirectly, electrical interference to be induced into the building’s electrical power systems.

4. Class II transformers shall be used.

PART 3 - EXECUTION

3.1 EXAMINATION

A. Verify that conditioned power supply is available to control units, gateway, routers etc and operator workstation.

3.2 INSTALLATION

A. Install equipment level and plumb.

B. Install software in control units and operator workstation. Implement all features of programs to specified requirements and as appropriate to sequence of operation.

C. Connect and configure equipment and software to achieve sequence of operation specified.

3.3 ELECTRICAL WIRING AND CONNECTION INSTALLATION

A. It is envisaged that integration will be performed at server to server level using the existing IT network. If this is not possible in all cases and interface devices are required in the field then power wiring will be required.

B. MBCS Integrator shall advice MPA Electrical of power wiring requirements per RFP. Final power wiring connection shall be by MBCS Integrator.

3.4 FIELD QUALITY CONTROL SYSTEM START-UP AND TESTING

A. Manufacturer’s Field Service: Engage a factory-authorized service representative to inspect, test and adjust field-assembled components and equipment installation, including connections and assistance in field testing. Report results in writing.

B. The commissioning process shall be undertaken systematically through the following principle stages to meet the requirements of the contract programme:

1. Pre-commissioning 2. Point to point testing 3. System acceptance testing

C. Pre-commissioning shall include:

1. Verification that the device has the correct application and is correctly engineered with the system network.

2. Checking network availability and functionality.



3. Checking assignment of IP/Network addresses.

D. Point to Point testing shall include:

1. Checking that the points integrated communicate via the integrated network to their respective local server and the main system server, including any associated status and alarm text.

2. Labels provided on all system controllers/devices are correct. 3. Point to point checks shall be proven from the field device/interface operation to the

presentation of the point on the operator's graphics in a single continuous operation. The results from the point to point tests shall be submitted on pre-defined schedules.

4. The MBCS Integrator shall submit a schedule of points to be checked in this manner for each system to be integrated.

5. Controller and MBCS Workstation Checkout: A field checkout of all controllers and front-end equipment (computers, printers, modems, etc.) shall be conducted to verify proper operation of both hardware and software. A check-out sheet itemizing each device and a description of the associated tests shall be prepared and submitted to Massport/Engineer at the completion of the project.

E. System acceptance testing shall include:

1. Test each alarm in the system and validate that the system generates the appropriate alarm message, that the alarm appears at all prescribed destinations (workstations and printers), and that the any other related actions occur as defined (i.e. reports generated). Submit a test results sheet to Massport/Engineer.

2. Perform an operational test of each unique colorgraphic display and report to verify that the items exist, that the appearance and content are correct, and that any special features work as intended. Submit a test results sheet to Massport/Engineer.

3. Perform an operational test of each third party interface that has been included as part of the MBCS. Verify that all points are properly polled, that alarms have been configured, and that any associated graphics and reports have been completed. If the interface involves a file transfer over Ethernet, test any logic that controls the transmission of the file, and verify the content of the specified information.

4. Trend logs shall be compiled to show compliance with all setpoints, scheduling, setbacks, etc.

5. Replace damaged or malfunctioning controls and equipment and repeat testing procedures.

3.5 DEMONSTRATION

A. Engage a factory-authorized service representative to train MPA’s maintenance personnel to adjust, operate, and maintain MBCS.

End of Section

Massport Information Technology Standard Specifications

Information Technology Operations Massport IT System Standards Manager, Systems Operations


Revision Date: [07/2013]

This document details Massport’s current Information Technology Hardware and Software standards and should be used as a guideline for all future system acquisitions. Proposed solutions that utilize technologies that adhere to our IT standards will be given preferential treatment over those that do not.

Section Component MPA Standard Detailed Information

Section 1 Server Hardware HP Servers and Chassis See attachment: Part A Section 2 Network Hardware Enterasys Switches & Routers See attachment: Part B Section 3 Network Operating System Microsoft Windows Server See attachment: Part C Section 4 Database Software Microsoft SQL Server See attachment: Part D Section 5 SAN Storage Hardware EMC Storage See attachment: Part E Section 6 Virtualization Software VMware ESX 4 / vSphere See attachment: Part F Section 7 Desktop & Mobile Devices Dell x86 PCs & Apple iOS devices See attachment: Part G

Section 1: Server Hardware

Massport Standard: HP Servers

Overview

Massport IT is committed historically to providing its user community with the best of breed hardware server systems to make the end-user experience as rich, reliable, and seamless as possible. Accordingly, Massport has partnered with Hewlett-Packard (HP) Servers to apply the wealth of HP reliability, experience, and leadership in customer service to our operations. HP servers are the current Massport standard and will be utilized for all future hardware deployments Authority wide. This should be considered an absolute requirement unless a vendor demands, and can clearly demonstrate, that an equivalent HP hardware solution would be deficient for the purpose of the vendors deployment. See attachment, Part A for additional information.

Section 2: Network Hardware

Massport Standard: Enterasys Switches & Routers

Overview

Massport IT has standardized on Enterasys Secure Networks as the network switch vendor. Further, a standard has been developed for the way this equipment to be configured and deployed.

The standardized edge switch and modular configuration is as follows, (1) Enterasys SSA switch part #SSA-T1068-0652, (2) SSA Power Supplies part #SSA-AC-PS-625W, (2) Single Mode Fiber SFP Uplink Modules part # MGBIC-LC09, (1) Enterasys SupportNet Maintenance Contact part #ES-SN-S10. This configuration allows for 48 ports of 10/100/1000 Ethernet access and 2 Gigabit Single Mode uplinks to the core. Two uplinks are utilized on each switch for redundancy -- each uplink terminates in diverse core switch/routers in the data center. This configuration provides redundancy during scheduled and non-scheduled outages, allowing Massport to power down one core switch/router while maintaining connectivity with remainder of the network. For connectivity to the core, (2) Single Mode Fiber SFP Uplink Modules part # MGBIC-LC09 are required. See attachment, Part B for additional information.

http://portal/IT/Public%20Documents/MPA%20IT%20System%20Standards%20Part%20G.doc



Section 3: Network Operating System

Massport Standard: Microsoft Windows Server

Overview

With the arrival in February 2008 of Microsoft’s newest server operating system ‘Windows Server 2008’ Massport IT operations will be shifting all newly acquired, and built for purpose systems to utilize this new operating system. This decision has been reached as part of MPA IT Operations overarching strategy to bring the best of breed to technology to bear on the evolving challenges on performance, uptime, and security here at Massport.

As a Microsoft centric organization, Server 2008 (Server 2k8) will be used by Massport as the primary OS platform for client/server applications for the foreseeable future. Key features of this new OS include: enhanced security, increased network performance, virtualization, and remote application serving. This strategic standardization on the 2k8 Server platform may be revisited only in the event that required applications dictate the selection of other platforms (such as Linux distributions or VMWare) as individual circumstances and IT Operations approval warrant. See attachment, Part C for additional information.

Section 4: Database Software

Massport Standard: Microsoft SQL Server

Overview

Microsoft SQL Server 2008 has been selected as the data management application for new systems requiring a robust database back-end. For systems requiring a redundant clustered hardware environment, SQL Server 2005 Enterprise is the version recommended for deployment (provided that the solution cannot be virtualized to provide High Availability functionality). For database systems not requiring a clustered environment, SQL Server 2005 Standard is the version that will be deployed. In limited circumstances, with specific vendor recommendation and the approval of Massport IT Operations SQL Server Express will be utilized.

Most applications can be installed using a default instance of the selected database server or share resources with other databases on a single physical platform. Given the high acquisition cost of Microsoft SQL and the servers on which they are deployed efforts will be made to ‘stack’ multiple databases onto fewer and more powerful hardware platforms. This means that an application will likely be installed on a database server that runs one or more other production database applications. Therefore, it is imperative that IT Operations be able to predict, during the planning stages of a deployment, the requirements and size of your database over its expected production lifecycle. If you are buying an off-the-shelf product, your vendor or IT Operations personnel will be able to provide you with this information. See attachment, Part D for additional information.



Section 5: SAN Storage Hardware

Massport Standard: EMC Storage

Overview

Massport has selected EMC Storage as the vendor of choice for SAN storage with the Celerra NS-960 product line as the new standard for MPA storage needs. The NS-960 is a new generation of unified storage that delivers concurrent connectivity for fiber channel, ISCI and NAS host connections with a total capacity of 960TB of usable disk capacity.

Massport IT selected the EMC Disk Library platform featuring the DL-4200 Disk Library and Symantec Netbackup environment to conduct Enterprise backups. The Centralized Backup system is located at the Logan Office Center computer room and it is available to systems located within the boundaries of the Office Automation Gigabit network. New systems to be implemented should be integrated into the Centralized Backup environment. Each new system will required a standard Netbackup agent and additional space in the Disk Library for the backups operations to take place. If the new system hosts a database a special agent may be needed to conduct backups in said system. In this case the input of the project manager and vendor will be required to select the appropriate backup agent for the system. See attachment, Part E for additional information.

Section 6: Virtualization Software

Massport Standard: VMWare ESX

Overview

With the recent emphasis on server consolidation as a method to reduce the high costs of hardware, power, and cooling in the datacenter Massport has taken steps to embrace these trends through virtualization. Virtualization is the practice of running many server operating systems (Windows, UNIX, Linux) instances using software based Hypervisor on a single physical hardware host. This virtual “stacking” of servers on to fewer physical server platforms leads to improved hardware utilization, increased space savings, and decreased power and cooling costs in the datacenter.

Accordingly, Massport IT now maintains, as a matter of policy, that if a server system or group of systems can be virtualized that they should be virtualized at inception. It is recognized however that not all applications or services are ideally suited for virtualization. Therefore the Project Management team will work with IT to make a determination to virtualize a project on a case by case basis. See attachment, Part F for additional information.



Section 7: Desktop & Mobile Devices

Massport Desktop & Laptop Standard: Dell branded IBM compatible x86 Devices

Overview

Like most organizations Massport has standardized on IBM compatible x86 computers for our Desktops and Laptops since the late 80’s and the 386 processor hit the market. Dell is our primary standard computer hardware manufacturer. Accordingly, we utilize its computer management system, KBox, in our environment. This brand standard is cost-effective for the organization in that it allows for the customer support team to not have to continually train on different hardware platforms, helps them more effectively manage inventory, enables the development of a long-term replacement/upgrade policy and allows us to negotiate better pricing for volume purchases. Secondarily, we utilize Panasonic Toughbooks in instances that require “Ruggedized” laptops such as in vehicles. Any solution requiring workstations or laptops should acquire these types of devices. Different devices may be procured such as in the event that a required application dictates the selection of another platform (such as Mac OSX or Linux distributions) or as circumstances warrant with IT Operations approval.

Massport Mobile Handheld Device Standard: Apple iOS Devices

Overview

Unlike in the desktop world, where for years x86 devices have dominated the landscape, the mobile device market is far more fragmented. Early trials of adopting these various platforms proved challenging and we have made a strategic decision to standardize on a single platform to limit the complexity in managing, supporting and securing these devices. Massport has standardized on Apple’s iOS platform, the iPad, iPad mini and the iPhone handhelds and we utilize the Apple Configurator and McAfee’s Enterprise Mobile Device Management solution in our environment. Any solution requiring mobile handheld devices should acquire these types. Different devices may be procured such as in the event that a required application dictates the selection of another platform (such as Windows or Blackberry handhelds) or as circumstances warrant with IT Operations approval. See attachment, Part G for additional information.





Part A: HP Server Hardware Standard Revision Date: [09/2011] Overview

Massport IT has historically been committed to providing its user community with the best of breed hardware server systems to make the end-user experience as rich, reliable, and seamless as possible. Accordingly, Massport has partnered with Hewlett-Packard (HP) Servers to apply the wealth of HP reliability, experience, and customer service leadership to our operations. HP servers are the current Massport standard and will be utilized for all future hardware deployments Authority wide. This should be considered an absolute requirement unless a vendor demands, and can clearly demonstrate, that an equivalent HP hardware solution deficient for the purpose of the vendors deployment.

HP Server Hardware Platform Overview

Two form factors of HP servers may be considered for considered for deployment at the Authority: ProLiant C-Class Blade System and ProLiant Rack mounted ProLiant DL systems.

1. C-Class Blade Systems: The HP C-Class Blade System is the de facto standard server deployment for the future of Massport. With a single 10U chassis capable of containing 16 servers, 32 processors, 128 cores, and 512 GB of memory the computation power, management, and efficiency of the C-Class makes it the first choice as a server platform. Optionally storage blades can be added as needed to provide RAID protected storage on demand.

a. Blade Chassis Selection: if adequate slots within an existing operational chassis are not available a new chassis will be procured for the project at the discretion of IT Operations. Preference should be given to the C7000 model (16 slots) over the smaller C3000 (8 slots) chassis to maximize space allocation and power efficiency within the datacenter in which the system is to be deployed.

b. Interconnect Selection: In order to assure interconnectivity between the servers and the network core chassis interconnects will be acquired. In order to minimize the amount of physical connections to the network the standard interconnect for Massport is the HP GbE2c but consideration for use of HP 1/10Gb Virtual Connect Ethernet Module will be made based on vendor requirements. The number of interconnects will be doubled should redundancy be required in the design.

2. ProLiant DL Systems: These rack mounted models vary from 1U to 7U form factors and should be considered when the C-Class system is not an option. These circumstances may include:

a. Connection Requirements: Blade systems do not possess the ports required to accommodate legacy hardware such as modems or other devices requiring serial or parallel connections.

b. Remote Deployments: In some cases it will be economically unfeasible to purchase an entire chassis for a limited deployment in an area of operations where little additional demand can be expected. IT will make this determination on a case by case basis.

c. Computational Power or Storage Requirements: In very rare cases the amount of processor sockets (4) or memory (64GB) or onboard storage (>1 TB) may necessitate the deployment of a DL system in some deployments.



Part B: Enterasys Networking hardware Revision Date: [09/2011] Overview

Massport IT has standardized on Enterasys Secure Networks as the network switch vendor. Further, a standard has been developed for the way this equipment is to be configured and deployed.

The Massport standardized edge switch configuration is as follows: (1) Enterasys SSA switch part #SSA-T1068-0652, (2) SSA Power Supplies part #SSA-AC-PS-625W (2) Single Mode Fiber SFP Uplink Modules part # MGBIC-LC09, (1) Enterasys SupportNet Maintenance Contact part #ES-SN-S10.

This configuration allows for 48 ports of 10/100/1000 Ethernet access and 2 Gigabit Single Mode uplinks to the core switches. Two uplinks are utilized on each switch for redundancy -- each uplink terminates in diverse core switch/routers in the data center. This configuration provides redundancy during scheduled and non-scheduled outages, allowing Massport to power down one core switch/router while maintaining connectivity with remainder of the network. For connectivity to the core, (2) Single Mode Fiber SFP Uplink Modules part # MGBIC-LC09 are required.

There are a couple of more requirements in the closet itself which bear consideration for installation. The installation will need to supply sufficient power to connect the UPS, enough wall space upon which to hang the cabinet, and two fiber runs (at a minimum) back to the required core location.



Part C: Microsoft Windows Server Operating System Standards Revision Date: [09/2011] Overview With the arrival in February 2008 of Microsoft’s newest server operating system ‘Windows Server 2008’ Massport IT operations will be shifting all newly acquired and built for purpose systems to utilize this new operating system. This decision has been reached as part of MPA IT Operations overarching strategy to bring the best of breed to technology to bear on the evolving challenges on performance, uptime, and security here at Massport. As a Microsoft centric organization, Server 2008 (Server 2k8) will be used by Massport as the primary OS platform for client/server applications for the foreseeable future. Key features of this new OS include: enhanced security, increased network performance, virtualization, and remote application serving. This strategic standardization on the 2k8 Server platform may be revisited only in the event that required applications dictate the selection of other platforms (such as Linux distributions or VMWare) as individual circumstances and IT Operations approval warrant. Server 2008 Overview Server 2008 extends on the proven performance of Server 2003 in several key areas including:

1. Server Consolidation. Microsoft has extended the capabilities of Virtual Server 2005 with its new Hyper-V virtualization technology. While not a clear front runner in the technology, Hyper-V will enhance the ability of Massport to provision and consolidate servers in its operations. In short: many smaller servers reaching the end of their useful hardware life can be consolidated onto modern servers to mitigate risks associated with aging hardware while leveraging enormous space and power savings of virtualization.

2. Web (IIS 7.0): The latest iteration of Microsoft’s Internet Information Server includes enhancements to reporting, development of websites, ease of administration. Unlike previous versions of IIS, version 7 includes the ability to share Hosted Applications and Services.

3. Remote Applications (TSRemote): Utilizing the Server 2008 enhanced Terminal Services it is now possible for a 2008 server to act as an application server to remote hosts. Traditionally it has been possible to access a Terminal Server session to present only a remote “desktop”. With TSRemote only the application is accessed by a WAN (i.e. internet based) or LAN (local network) connection via a shortcut or link. By utilizing a front end Terminal Server it will now be possible to securely access internal corporate applications without the necessity of first connecting to Massport through a VPN.

4. Improved Network Performance: The mechanism by which data is physically transferred across the network

(TCP/IP) has been completely redesigned as part of Server 2008. According to independent tests, Server 2008 can speed file transfers of up to 71% in the case of a folder transfer.

5. Network Access Protection: Denies connections from hosts (PC’s) based on criteria established by the

Administrative staff. In essence if a connecting PC does not pass these specific criteria (Domain, IP range, Anti-virus level, etc.) then the connection cannot be established to the Server.

6. Improved Security: Microsoft (MS) has incorporated the concept of system hardening in its latest server

release in Windows Server 2008. It has long been known that by minimizing the amount of unused server services provided (Web, FTP, IMAP, DNS), security is improved as a result of a reduced ‘attack surface’, providing some measure added security against attack. Server 2008 is the first MS Server OS to allow for the installation of a minimalistic “core” system on which only those services required for a specific role will be installed before deployment.



Server 2008 Editions Windows Server 2008 has been released in eight gratuitous editions guaranteed to further confuse an already complex selection process and further complicate the MPA licensing scheme. However, it is not the policy of IT to place a blanket requirement on the selection of the Windows Server 20008 version required for a particular project. Rather, this selection should be reviewed on a case by case basis with the advice and consent of the IT representatives for a project as required.



Part D: Microsoft SQL Server Database Software Standard Revision Date: [09/2011] Microsoft SQL Server 2008 has been selected as the data management application for new systems requiring a robust database back-end. For systems requiring a redundant clustered hardware environment, SQL Server 2008 Enterprise is the version recommended for deployment (provided that the solution cannot be virtualized to provide High Availability functionality). For database systems not requiring a clustered environment, SQL Server 2008 Standard is the version that will be deployed. In limited circumstances, with specific vendor recommendation and the approval of Massport IT Operations SQL Server Express will be utilized. Most applications can be installed using a default instance of the selected database server or share resources with other databases on a single physical platform. Given the high acquisition cost of Microsoft SQL and the servers on which they are deployed efforts will be made to ‘stack’ multiple databases onto fewer and more powerful hardware platforms. This means that an application will likely be installed on a database server that runs one or more other production database applications. In some cases, a database application should not be installed in an instance with other production databases. For these applications, we can often install a second, named instance for your application on the same hardware using either the full version of SQL Server or SQL Server Express. If this is not advisable, you should plan to purchase separate server hardware for your system. Production database systems, including those running on SQL Server Express, should never be installed on non-server hardware or reside in non-approved computer rooms. If you intend to do development on your application, please consider installing on one of our test database servers. If you have any questions about how your system should be installed, please contact IT Operations and provide the documentation and any relevant support contacts and telephone numbers and I will try to find the best solution for your application. It is imperative that IT Operations be able to accurately predict, during the planning stages of a deployment, the requirements and size of your database over its expected production lifecycle. If you are buying an off-the-shelf product, your vendor or IT Operations personnel will be able to provide you with this information.



Part E: EMC/HP Storage Standards Revision Date: [09/2011] Overview

Massport has selected EMC Storage as the vendor of choice for SAN storage with the Celerra NS-960 product line as the new standard for MPA storage needs. The NS-960 is a new generation of unified storage that delivers concurrent connectivity for fiber channel, ISCI and NAS host connections with a total capacity of 960TB of usable disk capacity.

Guidelines for implementation are as follows:

a. Additional Storage: A single NS-960 can contain up to 64 Switched Device Shelves each containing up to 15 drives. Therefore the optimum method for storage expansion will be the addition of additional capacity to an existing NS-960.

Massport has selected HP Storage as the vendor of choice for SAN storage with the EVA4400 product line as the new standard for MPA Web systems storage needs. The EVA is a new generation of SAN storage with the capacity to serve 256 hosts at 4GB speed, with a total capacity of 96TB of fibre channel drives.

Guidelines for implementation are as follows:

a. Additional Storage: A single EVA4400 can contain up to 8 Switched Device Shelves each containing up to 12 drives. Therefore the optimum method for storage expansion will be the addition of additional capacity to an existing EVA4400.

b. New Storage: Should the lack of proximity to an existing EVA array or the project require physical isolation a new EVA4400 will be provisioned. Up to 16 EVA’s can be centrally managed and it is expected that any new array will be centrally managed by IT Ops personnel.

The previous storage standard of Massport IT Operations is the EMC Storage Platform featuring the CX-500 Storage Array. The CX-500 Storage Array can serve up to 128 hosts and it can be expanded up to 64 TB of space. Massport has two CX-500 Storage Arrays, one is located at the Boutwell Data Center the second is located at the LOC Data Center. New systems to be integrated, requiring storage, must utilize either Storage Array. Special dispensation of this policy may be granted at the sole discretion of Massport IT Operations. In all cases the amount of space required will be determined during the planning stages of a deployment and disk space will be purchased and integrated in the designated Storage Array. As an end of life product the CX-500 is expected to be supplanted at Massport by the HP EVA line of Storage Arrays in the very near future.

Massport IT selected the EMC Disk Library platform featuring the CDL-4200 Disk Library and Symantec Netbackup (version 6.53A) environment to conduct Enterprise backups. The Centralized Backup system is located at the Logan Office Center computer room and it is available to systems located within the boundaries of the Office Automation Gigabit network. New systems to be implemented should be integrated into the Centralized Backup environment. Each new system will required a standard Netbackup agent and additional space in the Disk Library for the backups operations to take place. If the new system hosts a database a special agent may be needed to conduct backups in said system. In this case the input of the project manager and vendor will be required to select the appropriate backup agent for the system.



Part F: VMware ESX Virtualization Software Standard Revision Date: [07/2013] Overview

With the recent emphasis on server consolidation as a method to reduce the high costs of hardware, power, and cooling in the datacenter Massport has taken steps to embrace these trends through virtualization. Virtualization is the practice of running many server operating systems (Windows, UNIX, Linux) instances using software based Hypervisor on a single physical hardware host. This virtual “stacking” of servers on to fewer physical server platforms leads to improved hardware utilization, increased space savings, and decreased power and cooling costs in the datacenter.

Accordingly, Massport IT now maintains, as a matter of policy, that if a server system or group of systems can be virtualized that they should be virtualized at inception. It is recognized however that not all applications or services are ideally suited for virtualization. Therefore it the Project Management team will work with IT to make a determination to Virtualize a project on a case by case basis.

Virtualization Overview

Massport has standardized on VMware’s ESXi 5.1 / vSphere Server Virtualization software and their View desktop virtualization software:

1. VMWare : The industry leading virtualization technology VMware is the most widely adopted and utilized virtualization technology currently in production at Massport. It can be deployed to form high availability services through clustering and achieve automatic load balancing and recovery in the event of a failure of a physical host. For these reasons it is the only virtualization technology recommended for mission critical information systems requiring high availability at Massport.



Part G: Desktop & Mobile Device Standards Revision Date: [07/2013]

Massport Desktop & Laptop Standard: Dell branded IBM compatible x86 Devices

Overview

Massport has standardized on IBM compatible x86 computers for our Desktops and Laptops. Dell is our primary standard computer hardware and sometimes we utilize Panasonic Toughbooks in instances that require “Ruggedized” laptops such as in vehicles. When purchasing these devices please use the following specifications as a minimum system requirements guideline. The Massport Help Desk (617) 568-5699 will be more than happy to provide the latest specs directly from Dell if required.

General Computer Specifications

IBM compatible Dell personal computers / Model Optiplex 7010 Small Form Factor Case Processor speed, Intel® Core™ i7 3770 Processor (3.4GHz, 8MB) 8GB DDR3 Non-ECC SDRAM, 1600MHz, (2 DIMM) 250GB 7,200 RPM 3.5" SATA, 6.0Gb/s Hard Drive with 8MB Databurst Cache 1GB DDR3 AMD RADEON HD 7470 (1 DP/ DVI), Low Profile 8X Slimline DVD+/-RW CD/DVD DRIVE

Network Interface Card Integrated Ethernet LAN 10/100/1000 Desktop Operating System Windows 7 Professional-64 BIT. Monitor 19-inch Flat Panel Monitor with Sound Bar and 3-Year Warranty Hardware Warranty 3 Year Basic Limited Warranty and 3 Year NBD On-Site Service.

CAD Workstation Specifications

IBM compatible Dell personal computers / Model Alienware Aurora Processor speed, Intel® Core™ i7 3960X Processor (4GHz w/OC, 15M cache) 16GB (4X4GB) Quad Channel DDR3 Non-ECC SDRAM, 1600MHz, 256GB SATA 6.0Gb/s Solid State Hard Drive Dual AMD RADEON HD 7870 2GB GDDR5 24X CD/DVD burner (DVD+/-RW w/double layer write capability)

Network Interface Card Integrated Ethernet LAN 10/100/1000 Desktop Operating System Windows 7 Professional-64 BIT. Monitor 19-inch Flat Panel Monitor with Sound Bar and 3-Year Warranty Hardware Warranty 3 Year Basic Limited Warranty and 3 Year NBD On-Site Service.



Massport Mobile Handheld Device Standard: Apple iOS Devices

Overview

Massport has standardized on Apple’s iOS platform, the iPad, iPad mini and the iPhone handhelds. Any solution requiring mobile handheld devices should acquire these types. When purchasing these devices please use the following specifications as a minimum system requirements guideline.

Apple iPad 64GB Model with WiFi & Cellular Verizon 4G LTE capability Apple iPad Mini 64GB Model with WiFi & Cellular Verizon 4G LTE capability Apple iPhone 4S 16GB Model with Verizon Cellular 4G LTE capability Apple iPhone 5 16GB Model with Verizon Cellular 4G LTE capability

Additionally, when investigating mobile software solutions for the Authority, please be aware that there are generally three modes of software compatibility developed for these devices, Native Applications, Browser-based and Hybrid ones. IT highly recommends acquiring Hybrid solutions that both have a native application and can be accessed via a web browser from a workstation or laptop. This will help ensure a high degree of capability, flexibility and compatibility of the system in our environment. The Manager of System Operations (617) 568-5972 will be more than happy to answer any additional questions regarding this.



Appendix G - Information Technology (IT) Technical Environment Matrix Version 3.0: [011/10]

The Technical Environment outlined on the next page represents a summary of Massport’s current IT operating environment. Please see the separate IT System Operations Standards Document for a more detailed depiction of our environment.

NOTE:

RFP Requires that the MBCS Integrator fill out the following table and submit with Proposal.

Please indicate whether the proposed solution is or is not compatible with Massport’s Technical Environment. If the proposed solution is partially compatible with this environment, please provide a concise explanation for Massport’s consideration. Massport reserves the right to update this configuration if older than 90 days. If further discussions are warranted please schedule with the Massport project manager.



RFP Requires that the MBCS Integrator fill out the following table and submit with Proposal.

Category Technical Environment Yes/No

General PC standards: Does your system operate optimally on hardware meeting the following minimum requirements?

IBM compatible Dell personal computers / Model Optiplex 790 Small Form Factor Case

Processor speed, Intel® Core™ i7 2600 Processor (3.4GHz, 8M)

8GB DDR3 Non-ECC SDRAM, 1333MHz, (2 DIMM)

320GB 7,200 RPM 3.5" SATA, 6.0Gb/s Hard Drive with 16MB Cache

1GB AMD RADEON HD 6450 (1 DP/ DVI), Low Profile

8X Slimline DVD+/-RW CD/DVD DRIVE

Network Interface Card Integrated Ethernet LAN 10/100/1000

Desktop Operating System Windows 7 Professional-64 BIT.

Monitor 19-inch Flat Panel Monitor with Sound Bar and 3-Year Warranty

Hardware Warranty 3 Year Basic Limited Warranty and 3 Year NBD On-Site Service.

Server Operating System Windows 2008

Productivity Suite Office 2007 Professional

Server Hardware HP Blade Server Technologies

Network Hardware Enterasys Switches & Routers

Mail Application / Client

Exchange 2007

Outlook 2007

Production Databases Microsoft SQL Server

Backup Software Veritas Netbackup

Anti-Virus Software McAfee Virusscan Suite

Virtualization Software VMWare ESX Server

Storage Area Network HP and EMC Technologies

Web Server Application Microsoft IIS

Authentication Protocols Uses Windows Integrated and/or Standard LDAP authentication protocols

Strong Authentication Supports RSA SecureID Tokens, smart cards, and/or biometrics



Appendix K – Information System Security General Standards

EFFECTIVE DATE: 7-21-2011 REVISED ON: 9-20-2011

General For the purposes of this section - Information System Security – the term information system refers to all of the following:

• Hardware used to host any component of the vendor solution

• Operating system software used in any component of the vendor solution

• Database Management Systems used in any component of the vendor solution

• Application software used in any component of the vendor solution

Security Design The vendor is responsible for inclusion of security in the design of all information systems:

• The vendor will incorporate industry best practices and standards when developing the security posture of the information system(s)

• The vendor will be responsible for the development of a strong access control methodology that applies the security principle of “least required access” to perform a given function

• The vendor must exercise due diligence to ensure that all components of the information system are appropriately secured to ensure the confidentiality, integrity, and availability of the information they store and process

• Massport recommends the Vendor validate system security design with the Massport security manager before proceeding to build phase.

• Hosted information systems and Software as a Service (SaaS) systems must provide documentation, as it relates specifically to the security posture of the system to the Massport security manager before contract negotiation or system activation.

Secure Authentication

• Massport requires all systems to be secured with credentials for authentication (ID/password). Current Network Password Policy requires passwords to meet the following minimum guidelines: - Contain at least eight (8) characters or more

- Contain characters from three of the following four character classes:

o Uppercase Alphabetic (i.e., A-Z)

o Lowercase Alphabetic (i.e., a-z)

o Numeric (i.e., 0-9_

o Punctuation and other characters (e.g., !%@*#^()_+|~)



• The password must not be a derivative of the Username • Password aging: Passwords should be required to be regenerated after a set period of time.

Massport is currently requiring this period not to exceed twelve months. • Browser based system or applications shall be configured to accept only HTTPS connections for

authentication purposes. • Whenever possible, systems should be made part of the massport.com domain. Authentication

services for individual systems or applications are best made utilizing MPA’s established Microsoft Active Directory system.

• Vendors with hosted information systems and Software as a Service systems must provide documentation, as it relates specifically to the security posture of the system. Authentication services for these systems are best made utilizing MPA’s established Microsoft Active Directory system when possible.

Security Controls The vendor is responsible for security controls during the implementation phase until the information system is accepted by, and turned over to, Massport. Security controls must be consistent with industry best practices, including, but not limited to, the following:

• Ensure the latest operating system patches have been applied to all components

• Ensure the latest security-related patches have been applied to all components

• Run only services required to meet desired functionality (disable unused services)

• Enable only required protocols, identify TCP/UDP ports required and disable access to TCP/UDP

ports when or where applicable

• Log unauthorized or invalid attempts to access privileged services or functions

• Log all security related events and anomalies

• Establish authentication requirements for access to sensitive data and privileged functions Vendors with hosted information systems and Software as a Service systems must provide documentation, as it relates specifically to the security controls of the system. Secure Coding The vendor is responsible for developing secure application code. Vendors and their development staff must be familiar with security best practices in order to avoid producing systems, applications or modules that contain security related vulnerabilities. Massport recommends the Vendor refer to “The Open Web Application Security Project (OWASP, http://www.owasp.org/)” for information on developing secure applications.

OWASP is dedicated to finding and fighting the causes of insecure software. OWASP has created a Top 10 project which lists the most serious web application vulnerabilities, discusses how to protect against them, and provides links to more information.

http://www.owasp.org/



Refer to the Top 10 project main page (https://www.owasp.org/index.php/Top_10_2010-Main) for additional information.

A1-Injection Injection flaws, such as SQL, OS, and LDAP injection, occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing unauthorized data.

A2-Cross Site Scripting (XSS)

XSS flaws occur whenever an application takes untrusted data and sends it to a web browser without proper validation and escaping. XSS allows attackers to execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites.

A3-Broken Authentication and

Session Management

Application functions related to authentication and session management are often not implemented correctly, allowing attackers to compromise passwords, keys, session tokens, or exploit other implementation flaws to assume other users’ identities.

A4-Insecure Direct Object References

A direct object reference occurs when a developer exposes a reference to an internal implementation object, such as a file, directory, or database key. Without an access control check or other protection, attackers can manipulate these references to access unauthorized data.

A5-Cross Site Request Forgery (CSRF)

A CSRF attack forces a logged-on victim’s browser to send a forged HTTP request, including the victim’s session cookie and any other automatically included authentication information, to a vulnerable web application. This allows the attacker to force the victim’s browser to generate requests the vulnerable application thinks are legitimate requests from the victim.

A6-Security Misconfiguration

Good security requires having a secure configuration defined and deployed for the application, frameworks, application server, web server, database server, and platform. All these settings should be defined, implemented, and maintained as many are not shipped with secure defaults. This includes keeping all software up to date, including all code libraries used by the application.

A7-Insecure Cryptographic Storage

Many web applications do not properly protect sensitive data, such as credit cards, SSNs, and authentication credentials, with appropriate encryption or hashing. Attackers may steal or modify such weakly protected data to conduct identity theft, credit card fraud, or other crimes.

A8-Failure to Restrict URL Access

Many web applications check URL access rights before rendering protected links and buttons. However, applications need to perform similar access control checks each time these pages are accessed, or attackers will be able to forge URLs to access these hidden pages anyway.

A9-Insufficient Transport Layer Protection

Applications frequently fail to authenticate, encrypt, and protect the confidentiality and integrity of sensitive network traffic. When they do, they sometimes support weak algorithms, use expired or invalid certificates, or do not use them correctly.

A10-Unvalidated Redirects and Forwards

Web applications frequently redirect and forward users to other pages and websites, and use untrusted data to determine the destination pages. Without proper validation, attackers can redirect victims to phishing or malware sites, or use forwards to access unauthorized pages.

https://www.owasp.org/index.php/Top_10_2010-Main



Massport also recommends the Vendor’s development staff be familiar with and adhere to the following if applicable:

• CERT Secure Coding Initiative recommendations

• Microsoft published; “Secure Coding Guidelines for the .NET Framework”

• MSDN (Microsoft Developer Network) Patterns & Practices Guides: “Improving Web Application

Security and Building Secure ASP.NET Applications”

The vendor must follow and include in the security document the standard coding conventions and coding practices for the framework being utilized to develop secure application code. Security Documentation The vendor is responsible for developing a system security document, which provides an overview of the security requirements and describes the controls in place to meet those requirements. The information system security document will include, but is not limited to:

• An overview of the overall information system security posture

• A full description of the access control methodology

• Full technical details regarding secure coding practices

• Full technical details regarding the information system implementation strategy (documentation or

guidelines vendor engineers follow to implement and deliver the information system)

• Full technical details regarding security strategy (e.g., patches applied, operating system hardening

steps, services enabled and disabled, TCP/UDP ports opened/closed, authentication requirements,

etc).

Security Review The vendor is responsible for reviewing the intended security configurations with the Massport IT Security Manager:

• The vendor will submit security documentation for review by the IT Security Manager • The vendor will schedule a security review with the IT Security Manager before beginning

acceptance testing • The vendor will be required to show that the system conforms to all security related industry best

practices and is designed and implemented in a fully secure fashion Security Assessment A security assessment may be performed to ensure appropriate security controls have been both designed and implemented:

•



• At the discretion of the IT Security Manager and prior to or immediately after information system

deployment, Massport or a third party representing Massport, may conduct a security assessment (vulnerability and penetration testing) of the system prior to final acceptance

• Vendors with hosted information systems and Software as a Service systems that can provide detailed results of independent vulnerability and penetration testing are would not be subject to further testing.

Security Issue(s) Remediation The vendor is responsible for making the necessary provisions for remediation of security issues as requested by Massport:

• The vendor must immediately remediate vulnerabilities and high-priority security issues identified during a security assessment

• The vendor will be responsible to remediate medium level issues within a reasonable timeframe (or negotiate risk versus functionality with Massport)

• An additional security assessment may be performed after remediation for verification purposes at the discretion of the IT Security Manager

wrsmith

Typewritten Text

wrsmith

Typewritten Text

End of Section

wrsmith

Typewritten Text

wrsmith

Typewritten Text

wrsmith

Typewritten Text

wrsmith

Typewritten Text

wrsmith

Typewritten Text

wrsmith

Typewritten Text

wrsmith

Typewritten Text