3rd Party Registration &Account Management3rd Party Registration &Account Management
SMT Update To AMWG
April 28, 2014
3rd Party Registration &Account Management3rd Party Registration &Account Management
Status Update of AMWG Change Requests Approved by Retail Market Subcommittee (RMS)
3rd Party Registration &Account Management3rd Party Registration &Account Management
3
AMWG Change RequestAMWG CR Document
StatusEstimated Delivery
DateEstimated
Cost
AMWG CR 2013 001 – Report for AMWG Data Monitoring – Data Completeness Measurements
JDOA Estimation
2015 In Process
AMWG CR 2013 002 – Reports for AMWG Data Monitoring – Data Timeliness Measurements
JDOA Estimation
Q2 2014 Included in Maintenance Contract
AMWG CR 2013 003 – Reports for AMWG Data Monitoring – Measurement of Percentage of Actual Meter Reads
JDOA Estimation
2015 In Process
AMWG CR 2013 004 – Reports for AMWG Data Monitoring – Measurement of Estimates
JDOA Estimation
2015 In Process
AMWG CR 2013 005 – Reports for AMWG Data Monitoring – Number of SMT Help Desk Tickets Monthly by Ticket Type
Prohibited by IBM Non-Disclosure
Q2 2014 Included in Maintenance Contract
AMWG CR 2013 006 – Reports for AMWG Data Monitoring – Availability of SMT API
Prohibited by IBM Non-Disclosure
Q2 2014 Included in Maintenance Contract
AMWG CR 2013 007 – Reports for AMWG Data Monitoring – Availability of SMT FTPS
Prohibited by IBM Non-Disclosure
Q2 2014 Included in Maintenance Contract
AMWG CR 2013 008 – Reports for AMWG Data Monitoring – Average Time to Deliver HAN Messages
JDOA Estimation
2015 In Process
AMWG CR 2013 009 – Reports for AMWG Data Monitoring – Number of Accounts by Type
JDOA Estimation
Q2 2014 Included in Maintenance Contract
AMWG CR 2013 010 – Reports for AMWG Data Monitoring – Number of Reports Requested by GUI (Portal) and Number of FTPS Accesses
JDOA Estimation
2015 In Process
AMWG / RMS Change Requests
AMWG CR 2013 0001
AMWG 2013 0002
AMWG 2013 003
AMWG 2013 004
AWMG 2013 005
AMWG 2013 006
AMWG 2013 007
AMWG 2013 008
AMWG 2013 009
AMWG 2013 010
3rd Party Registration &Account Management3rd Party Registration &Account Management
4
AMWG Change RequestAMWG CR Document Status Estimated Delivery Date
Estimated Cost
AMWG CR 2013 011 – Average Time from HAN Provision Request to Meter Ready Status
JDOA Estimation
2015 In Process
AMWG CR 2013 012 – Bypass redundant screen for Users with only one meter when accessing HAN device information
Development Q4 2014Included in Third-Party
AMWG CR 2013 013 – Timeout on SMT takes user to “incorrect login” screen
Development Q4 2014Included in Third-Party
AMWG CR 2013 014 – Allow SMT user to toggle between 15-Minute Reads and Daily Reads without having to reset the date range
Development Q4 2014Included in Third-Party
AMWG CR 2013 015 – Expand Daily Usage Graph to show 35 days of daily usage on the SMT GUI
JDOA Estimation
2015 In Process
AMWG CR 2013 016 – Capability for RORs to grant access to vendors on their behalf to the ROR’s customers via API (energy usage, HAN messaging , and HAN provisioning) and FTPS files
Development Q2 2014
In DevelopmentReady for AMWG Design Review
AMWG CR 2013 017 – REP API for Energy Usage on SMT (Backfill of Historical Usage Data for Existing Customers- “Interim”)
See Below CR 2013 017 Permanent
Complete(12-18-2013)
Q4 2013 Completed
AMWG CR 2013 017 – REP API for Energy Usage on SMT (Subscription for New Customer Historical Usage – “Interim”)
See Below CR 2013 017 Permanent Development Q2 2014 In Development
AMWG CR 2013 017 – REP API for Energy Usage on SMT – Permanent Solution to Replace Interim Solution
JDOA Estimation
2015 In Process
AMWG / RMS Change Requests (Cont.)
AMWG 2013 011
AMWG 2013 012
AMWG 2013 013
AMWG 2013 014
AMWG 2013 015
AMWG 2013 016
AMWG CR 2013 017
3rd Party Registration &Account Management3rd Party Registration &Account Management
Update on Approved AMWG Change Requests Under Development
AMWG CR017 Interim Processes for
Historical Backfill Requests and
Subscription for New Customer History
3rd Party Registration &Account Management3rd Party Registration &Account Management
6
AMWG Change Request 2013-17 Requirements outlined in Change Request approved by RMS
–Backfill of Historical Usage Data for Existing Customers - Ability for the REP of Record to request a one-time retrieval of historical interval usage data (up to 12 months) for some or all of its existing customer base (backfill requests)
• Delivered December 18, 2013• Fulfilled 4 Requests to Date• In Process of Fulfilling an Additional 4 Requests in the Queue• Plan to Re-Announce to Market with Subscription Functionality in May
–Subscription for New Customer Historical Usage -Ability for the REP of Record to subscribe to automatically receive a one-time report of historical interval usage data (up to 12 months) for customers/ESIIDs that are newly served by them (new enrollments)
• Solution is Fully Tested and Deployed to Production• In Process of Developing Instructions and Request Form• Target Rollout and Market Announcement by Early May
3rd Party Registration &Account Management3rd Party Registration &Account Management
7
Subscription For Automated New Enrollment Customer Historical Data
SMT sends an email to confirm authorization validation process steps by SMT Operations Manager
START
.
ROR activity
SMT activity
1-6 days
Day 0
x daysBusiness days from previous milestone
Create the change ticket for bulk report and attach that authorization email as a reference
Close the H
elp Desk
tickets
END
1-2 days
Send Email Notification to ROR to confirm enrollment. After confirmation receipt ROR will begin receiving files to their FTP site daily
1 day
Day 0
SMT performs validation of requested information
SMT Help desk creates a ticket and assigns it to SMT Maintenance team
ROR contacts the SMT Help-Desk by phone 1-888-616-5859 or via email [email protected] to create a ticket to subscribe for automated enrollment customer historical usage
The SMT help desk sends the subscription request form to the ROR. The form will also be available for retrieval from the ERCOT AMWG website location. The ROR fills in the request form and returns to the SMT Help Desk
Create the change ticket for bulk report and attach that authorization email as a reference
Create the change ticket for bulk report and attach that authorization email as a reference
Create the change ticket for bulk report and attach that authorization email as a reference
Create the SMT change ticket to initiate the Enrollment report and attach proper authorization data for reference and to complete the formal process and security work flow
1 day
Day 0
No Authorization email Received
END
Close the ticket if no response within 10 days after 2 reminders
1st Reminder e-mail (after 5 business days)2nd follow up by phone call / Operations Manager intervention
Authorized?YES
NO
Enable Enrollment Report Job for ROR requested DUNs and ESIIDS
1-3 days
3rd Party Registration &Account Management3rd Party Registration &Account Management
ROR REQUEST FORM SUBSCRIPTION FOR NEW CUSTOMER HISTORICAL
DATARequest Date:
Requestor Name:
ROR Name:
ROR User ID: <SMT Account ID>
ROR DUNS No:
Report Type:
Enrollment Start Date:
Enrollment End Date:
Duration: <Default is 6 Months>
DailyInterval Monthly
3rd Party Registration &Account Management3rd Party Registration &Account Management
Review and Clarify Long Term Permanent Solution Requirements for
AMWG Change Request 2013 017
AMWG CR 2013 017 Revised
3rd Party Registration &Account Management3rd Party Registration &Account Management
Update on Approved AMWG Change Requests Under Development
AMWG CR016 Capability for RORs to Grant Access to SMT APIs and SMT FTPS to Vendors on Their Behalf
3rd Party Registration &Account Management3rd Party Registration &Account Management
11
API & FTP Access to Multiple Entities - Requirements
Ability for the RORs to allow API access for unlimited multiple entities in addition to retaining their own access, with appropriate approval mechanism.
Ability for the RORs to allow FTP access for multiple entities in addition to retaining their own access, with appropriate approval mechanism.
Background - – These multiple entities are typically Billing, EDI or Demand Response partners working on behalf of the REPs.– Currently only one entity can have access to API and FTP of one DUNS entity
3rd Party Registration &Account Management3rd Party Registration &Account Management
12
Solution Approach
API Access– Each entity uses its own security certificate – ROR creates a portal user (non-admin) for the new entity– SMT shares ROR’s API account access details to the new entity – SMT works with the new entity to configure and accomplish integration
FTPS Access– Each entity uses its own security certificate– SMT enables additional FTP access for the new entity on the existing FTPS account and shares the details – SMT works with the new entity to configure and accomplish integration – ROR has to share their PGP decryption key to new entity
• This is the least effort and less resource consuming alternative. The other option is to create a new FTP account for new entity with their own PGP key, however it will require the files to be processed twice and a duplicate copy of the files with separate encryption to be stored at FTPS which requires processing power as well as space.
– SMT restricts DELETE permission to all FTP accounts, to avoid deletion of files by one entity while the other has not downloaded it. The deletion will be performed by SMT as per the 10 days retention rule. There will be minor storage impact to retain more files as the immediate deletion that some entities are doing currently will be stopped.
3rd Party Registration &Account Management3rd Party Registration &Account Management
13
Request for Vendor API Access
Raise request by sending the request form* to [email protected]
Perform request information completeness validation
Send access authorization e-mail request to ROR admin, CC to SMT Operations Manager
Authorized?
1st Reminder e-mail (after 5 business days)2nd follow up by phone call / Operations Manager intervention
Create non-admin portal user for the new entity under ROR account
Share portal user information and new entity’s SSL security certificate to SMT
SMT shares ROR’s API account access details to new entity
SMT conducts initial configuration and troubleshooting session to complete integration
START
END
YES
NO Approve
•Note: 1. API access request form will be shared by SMT to Market. Suggested form attached at the end of this presentation.
2. SMT FTP/FTP Request forms must be come from ROR.
ROR activity
SMT activity
1-10 days
5- 10 days
1-5 days
5-10 days
Day 0
x daysBusiness days from previous milestone
After 10 days
Close the ticket if no response received within 10 days after 2 reminders
After 10 days
No Authorization email Received
After 10 days
END
Authorization Received
3rd Party Registration &Account Management3rd Party Registration &Account Management
14
Request for Vendor FTP Access
Raise request by sending the request form* to [email protected]
Perform request information completeness validation
Send access authorization e-mail request to ROR admin, CC to SMT Operations Manager
Authorized?
1st Reminder e-mail (after 5 business days)2nd follow up by phone call / Operations Manager intervention
Share PGP decryption key with new entity
New entity shares SSL Security Certificate
Enable additional access for new entity to existing FTPS of ROR
SMT conducts initial configuration and troubleshooting session to complete integration
START
END
YES
Note: 1. API access request form will be shared by SMT to Market. Suggested form attached at the end of this presentation. 2. SMT FTP/FTP Request forms must be come from ROR.
ROR activity
SMT activity
1-10 days
5-10 days
1-5 days
5-10 days
Day 0
x daysBusiness days from previous milestone
No Authorization email Received
After 10 days
END
Close the ticket if no response within 10 days after 2 reminders
Authorization Received
NO
Add restrict DELETE permissions for existing FTPS of ROR files
3rd Party Registration &Account Management3rd Party Registration &Account Management
ROR REQUEST FORM FOR Vendor API & FTP Access
Request Date:
ROR Requestor Name:
ROR Entity Name:
ROR Primary technical contact(name, e-mail id and phone number)
ROR Secondary technical contact (name, e-mail id and phone number)
ROR Authorization Contact:(name, e-mail id and phone number)
ROR DUNS Number(s):
Provider/Vendor Name:
Vendor Company Name:
Vendor Contact Details:
3rd Party Registration &Account Management3rd Party Registration &Account Management
16
Pre-Requisites from RORs / New Entities
API Access
– Certification Authority (CA) signed security certificate
– ROR to create a non-admin portal user under them
FTP Access
– Certification Authority (CA) signed security certificate
– ROR to share their PGP decryption key to new entity
– SMT will restrict DELETE permissions on FTPS server, this may cause a few ROR’s FTPS scripts to fail/throw errors if they try to delete files after downloading. Those scripts need to be modified to avoid such errors.
3rd Party Registration &Account Management3rd Party Registration &Account Management
17
FTPS Access - Multiple DUNS Scenario
FTPS Folder and its content ROR Partner1 Partner2 Partner3
DUNS1
√
√ √
X
DUNS2
√
X
√ √
DUNS3
√
X
√
X
The access can be restricted at DUNS/folder level and content level.
e.g. If a ROR want its partner to have access to only a subset of folders or only for specific type of content (i.e. interval usage LSE, adhoc reports, enrollment reports etc.) it can be provisioned accordingly.
3rd Party Registration &Account Management3rd Party Registration &Account Management
Update on SMT’s 3rd Party Access System Development
3rd Party Registration &Account Management3rd Party Registration &Account Management
Third-Party Security Independent Review
1st Quarter 2nd Quarter
20133rd Quarter 4th Quarter
2014
Third-Party Customer Experience Review
SMT Customer Experience Changes
Third-Party Technical Design & Development
Security Validation
Additional Solution Requirements
Third-Party Solution SIT and UAT Testing
Third-Party Implementation
Project Schedule
19
Third-Party Design AMIT / SMT DO
Third-Party Volunteer Testers Technical Integration Sessions and Testing
Security Validation
SMT Design Assessment
Legend
Completed In Process Future Task
1st Quarter 2nd Quarter 3rd Quarter 4th Quarter
Third-Party Market Integration / Instruction
Webinars