Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

System Profile

System Full Name

Operator List SearchNational Occurence Response Management System

System Full Name (French)

Système national de gestion des interventions

Business Administrator

Dean Ciaschini

Business Owner

Joel Morley

Director

Patrick Juneau

Business Subject Matter Expert(s)

Division

Aviation Safety Policy and Intelligence

NTARS Code

Source Location

Source Code Location (Archived)

http://tfsprod:8080/tfs/CivAv/NORMS/_versionControl

Migration to DevOps

(tick)

New Source Code Location (DevOps)

https://dev.azure.com/transport-canada/DSD-CIVAV Support/_git/NORMS

Technology Assessment

Platform Type

Database Platform and Version

Oracle 18C

Development Language and Framework

Operating System and Version

Windows Server 2016

Additional Dependencies

Authentication

Environment Access Information

ENV

UNC

WWWFILES

URL

DB

DEV

\\tcwebscripts\tpwwwroot\eigdev\norms

https://eigdev.tc.gc.ca/norms/

NORMSD

ACC

\\tcwebscripts\tpwwwroot\eigacc\norms

https://eigacc.tc.gc.ca/norms/

NORMSA

PROD

https://eig.tc.gc.ca/norms/

NORMSP


Expand
titleArchived ETP Links

ENV

WWWFILES

URL

TruePass (Archived)

DEV

\\tcwebscripts\tpwwwroot\securedev\NORMS

https://etpdev.tc.gc.ca/NORMS/

PREACC

\\tcwebscripts\tpwwwroot\securedev\NORMS-PreAcc

https://etpdev.tc.gc.ca/NORMS-PreAcc/

ACC

\\tcwebscripts\tpwwwroot\secureacc

https://etpacc.tc.gc.ca/norms

PROD

https://etp.tc.gc.ca/norms

...

EIG

...

DEV

...

\\tcwebscripts\tpwwwroot\eigdev\norms

...

https://eigdev.tc.gc.ca/norms

System Overview

System Overview

This project is for the redesign and replacement of existing inefficient tools, processes, and procedures towards creating a current, modern, well designed, well supported tool set to enable the Occurrence Response sections in Civil Aviation, Marine Safety, and Rail Safety to manage and deliver the Minster’s Observer Program as defined in the Canadian Transportation Accident Investigation and Safety Board (CTAISB) Act, and other relevant legislature for Safety and Security Groups.

NORMS receives data from the TSB's ASIS system during a nightly 'handshake'. That is the only connection to the TSB other than manual emails sent by the various users (TSB liaison).

Developer installation

  1. Completely uninstall and reinstall oracle 12c. The installer can be found in \\TC4S0A\GROUPS\AARA\AARAD\Software Library\Developer Tools\Oracle. Regular installation, except there is no need for any VS dev tools and can be installed system-wide. (Note: Not having Visual Studio 2015 installed might prompt the following error. Downloading Visual Studio 2015 should fix that issue.)

    Image Modified

  2. Unconfigure Oracle’s GAC with the attached bat file from \\Tc4s0a\groups\AARA\AARAD\NORMS.

  3. Install the latest ODT from Oracle’s website.

Note: Although installing Visual Studio 2015 is needed for step 1, the application is run on Visual Studio 2019.

...

How to Create a NORMS User for Development Purposes

Good To Know

Valid Occurrence Number Formats

CWMS.Utilities - \\Tc4s0a\groups\AARA\AARAD\NORMS\CWMS.Utilities.1.0.1

Refreshing NORMS databases

Expand
titleWhen the TSB Liaison users log in, Inbox-> Occurrences will be opened to display. Action List will be closed.

When the Inspector users log in, Inbox->Action List will be opened to display, Occurrences will be closed.

At present (2023-03-20), it is not required to change the above features_ Please see task #246234 NORMS user account not being directed to 'to do list'

How-To and Fixes

Production Error Log - Tracking all the production issues to notice trends as they can't be replicated in ACC

How to Change the TSB Coordinator in NORMS

Deployment Considerations:

NORMS has been changed to use Entrust Identity Guard instead of Entrust Truepass.
They have provided dev (eigdev) and acc (eigacc) environments for EIG applications. eigdev is running on a single server but eigacc is running in web farm.

Web Farm Deployment Considerations

...

If you deploy your application in a Web farm, you must ensure that the configuration files on each server share the same value for validationKey and decryptionKey, which are used for hashing and decryption respectively. This is required because you cannot guarantee which server will handle successive requests.

With manually generated key values, the <machineKey> settings should be similar to the following example.

codeCopy

Code Block
<machineKey  
validationKey="21F090935F6E49C2C797F69BBAAD8402ABD2EE0B667A8B44EA7DD4374267A75D7
               AD972A119482D15A4127461DB1DC347C1A63AE5F1CCFAACFF1B72A7F0A281B"           
decryptionKey="ABAA84D7EC4BB56D75D217CECFFB9628809BDB8BF91CFCD64568A145BE59719F"
validation="SHA1"
decryption="AES"
/>

If you want to isolate your application from other applications on the same server, place the <machineKey> in the Web.config file for each application on each server in the farm. Ensure that you use separate key values for each application, but duplicate each application's keys across all servers in the farm.

Generate Cryptographically Random Keys

To generate cryptographically random keys:

  • Use the RNGCryptoServiceProvider class to generate a cryptographically strong random number.

  • Choose an appropriate key size. The recommended key lengths are as follows:

    • For SHA1, set the validationKey to 64 bytes (128 hexadecimal characters).

    • For AES, set the decryptionKey to 32 bytes (64 hexadecimal characters).

    • For 3DES, set the decryptionKey to 24 bytes (48 hexadecimal characters).

The following code shows how to generate random key values. Compile the code to create a console application, and then pass the required key size as a command line argument expressed as the desired number of hexadecimal characters. Each byte is represented by two hexadecimal characters; therefore, to request a 32-byte key, pass 64 as a command line argument. If you do not specify an argument, the code returns a 128 hexadecimal character (64-byte) key.

C# Example

codeCopy

Code Block
using System;
using System.Text;
using System.Security;
using System.Security.Cryptography;

class App {
  static void Main(string[] argv) {
    int len = 128;
    if (argv.Length > 0)
      len = int.Parse(argv[0]);
    byte[] buff = new byte[len/2];
    RNGCryptoServiceProvider rng = new 
                            RNGCryptoServiceProvider();
    rng.GetBytes(buff);
    StringBuilder sb = new StringBuilder(len);
    for (int i=0; i<buff.Length; i++)
      sb.Append(string.Format("{0:X2}", buff[i]));
    Console.WriteLine(sb);
  }
}

...

Machine Code Generator - Entrust Guard Identity

 Test Plans, Suites and Test Cases imported from TFS

View file
nameTest suite_ Test Plan - NORMS 2020-01 (Suite ID_ 20436).pdf
View file
nameTest suite_ NORMS 2021-01 (Suite ID_ 22284).pdf
View file
nameTest suite_ NORMS2-Prod-Jan 2021 (Suite ID_ 22319).pdf