|
|
|
|
 |
|
|
|
|
|
|
|
|||||||||||||||||||||||||||||
 |
 |
 |
|
|||||||||||||||||||||||||||||||||
| Guidelines on the essential requirements for network security and integrity | |
|||||||||||||||||||||||||||||||||||
 |
 |
 |
|
|||||||||||||||||||||||||||||||||
 |
|
|
|
 |
|
|||||||||||||||||||||||||||||||
|
|
|
||||||||||||||||||||||||||||||||||
|
9
October 2002 Annex A – The existing regulatory framework for terminal equipment Annex B – Requirements for ‘lifeline’ telephony Introduction Purpose 1. The purpose of these Guidelines are to ensure that the industry has a full understanding of Oftel’s approach to interpretation of Condition 20 in the fixed Public Telecommunications Operator (PTO) licence covering the 'essential requirements', thus helping to protect the public interest and promote fair, efficient and sustainable competition. A draft version of these Guidelines was the subject of a public consultation by Oftel. After carefully considering the responses received during this consultation, Oftel formally adopted this final version of the Guidelines. Scope of Guidelines 2. These Guidelines contain an explanation of how Oftel will approach the enforcement of the following clauses of Condition 20 of the fixed PTO licence: 20.3
The Licensee shall take all reasonably practicable steps to maintain,
to the greatest extent possible, the availability of Fixed Public
Telephone Systems run by it and Fixed Publicly Available Telephone
Services provided by it, having particular regard to the needs of
Emergency Organisations, in the event of catastrophic network failure,
or in cases of force majeure, such as extreme weather, earthquake,
flood, lightning or fire. 3. Conditions 20.5 and 20.6, which relate to restrictions on access to the network on grounds of network security or integrity, will be addressed in a separate document. Conditions 20.8 and 20.9, relating to terminal equipment (TE) interoperability and data protection, are outside the scope of these Guidelines, although these Guidelines do encompass TE in so far as it poses a risk to network integrity. 4. These Guidelines do not define the requirements that may be placed on operators by government in times of a national emergency or in order to protect national security. Such requirements are the responsibility of other government departments, principally the Cabinet Office, and queries on these requirements should be addressed to them. Such requirements are likely to take precedence over the guidance contained in this document. There will also be end-users with operational requirements that may lead to additional measures being taken over and above those contained in this document. Legal status of the Guidelines 5. These Guidelines do not affect the scope of the licence conditions listed in this document or any others. The Director General will take the Guidelines into account in applying the relevant conditions in licences, and give reasons if they are departed from. The Director General cannot legally fetter his discretion and retains the ability to depart from the Guidelines where the circumstances warrant it. The Guidelines are therefore not legally binding on the Director General. 6. These Guidelines are not intended to be used to specify contractual obligations between network operators and their customers and should not be used for this purpose. 7. These Guidelines will be subject to review and amendment following consultation with interested parties in the light of experience of their operation, of development in telecommunications markets and of any changes to UK or European Community law. Background 8. The Revised Voice Telephony Directive (see reference 1) Articles 13(1), 13(2)(a) and 13(2)(b) place obligations on Member States to ensure security of network operations and maintenance of network integrity. Additionally, any restrictions on network access on these grounds must be based on objective criteria identified in advance. These requirements apply to fixed public telephone network operators. In the UK, these articles have been transposed by the Revised Voice Telephony Regulations (see reference 2) into fixed network operator’s licence as Conditions 20.3, 20.4, 20.5 and 20.6. These licence conditions apply whether or not the fixed network operator has Significant Market Power. In addition, the licence requires the licensee to have particular regard to the needs of emergency organisations. The term emergency organisation is defined in the PTO licence. Application 9. These Guidelines apply to fixed public telephone systems and fixed publicly available telephone services and are independent of the technologies used to deliver these services. For the avoidance of doubt, these could include IP or other packet-based systems. The terms Fixed Public Telephone System and Fixed Publicly Available Telephone Service are defined in the PTO licence. Acknowledgement 10. The Director General acknowledges the assistance given by the Network Interoperability Consultative Committee (NICC) in the production of these Guidelines. Guiding principles 11. To comply with Licence Conditions 20.3 and 20.4, Oftel expects network operators to adhere to the following over-arching principles: a) the nature of investments made by network operators to maintain network security and integrity should relate to the risk and the consequent impact of failure; b) a network operator should seek to prevent problems wherever practicable; c) a network operator should have documented contingency plans to deal with problems when they occur (see also the licence condition concerning Consultation with emergency organisations and provision of services in emergencies); and d) there should be clear management commitment to all the policies and procedures developed in the interests of network security and integrity. Network security 12. Network security relates to threats to the network due to the inherent reliability of the network itself, and its vulnerability to threats, for example weather, natural disaster and malicious acts. Oftel recognises that the source of threat may stem from an interconnected telecommunications network. In this section, Oftel seeks to indicate examples of areas that should be given attention, rather than specifying explicit targets for percentage availability, mean time between failures (MTBF), mean time to repair (MTTR), etc. Physical security 13. A secure environment is a key factor in the maintenance of an adequate telecommunications service. 14. Wherever reasonable, essential equipment should not be concentrated, particularly in one building, to the extent that overall network security is jeopardised. Where essential equipment is co-located (for example, multi-processor sites), priority should be given to physical separation such as a fire break to reduce the possibility of common mode failure. 15. Underground line plant, buried at a depth where intrusions are unlikely, is preferable to aerial line plant. 16. The location of all external line plant such as underground and aerial cables should be notified to the relevant authorities as and when appropriate. 17. Suitable processes should be in place to co-ordinate the activities of the various utilities and highway authorities to ensure that risk of damage is minimised. 18. All sites, including radio mast sites, need to be secured against malicious attack and other forms of physical interference. Sites should also be capable of withstanding relevant environmental conditions. 19. Where appropriate, diverse cable entry points, eg to sites or buildings, should be provided. 20. Where appropriate, use should be made of diverse duct tracks or routes (Oftel notes that physical separation on its own does not deliver guaranteed availability, and that this is usually achieved by a combination of physical separation, redundancy and re-routing, which are addressed later in this document). 21. Public telephone boxes should be positioned to minimise risk, for example from road accidents or vandalism. Street furniture such as cabinets should be similarly positioned and also be locked or sealed. 22. Poles should ideally be placed in the lowest risk positions consistent with their use. Aerial cables and dropwires must be installed to ensure adequate clearance of vehicles, land and buildings (see Section 10 of the Telecommunications Code – see reference 3). A procedure for regularly surveying poles to ensure their physical integrity and to assess new risks, eg tree growth, should be in place. 23. The power supply to key equipment should not be interrupted in the event of a mains power supply failure. 24. The mains supply should be secure and steps taken to ensure that it is reliable. Where appropriate duplication should be used. 25. There should be adequate arrangements to ensure a supply of fuel for back-up generators is available with contracts for replenishment. 26. The standby power supply should be of sufficient capacity to fully support the operational power load in the period between power failure and the cut over to the alternative supply. Where power is provided by batteries, the battery capacity should be specified to maintain service for an appropriate duration at any stage in the battery design life. The duration and reason for the chosen duration should be documented. All batteries should be maintained to manufacturers' recommendations, taking account of expected lives as well as any recommendation to fully discharge batteries on a regular basis. Standby power systems should be exercised to ensure that they perform satisfactorily under failure conditions. 27. Where ventilation or air conditioning is used, single failure should not hazard the facility. 28. Essential cooling for facilities should be appropriately secured against failure. 29. Buildings should be secure against entry by unauthorised people. An adequate level of building security shall be demonstrable and commensurate with to the assessment of levels of risk and vulnerability. Secure entry systems, movement detectors and video surveillance may be necessary, and both perimeter and cellular security may be appropriate in large buildings. 30. Equipment should be carefully sited within buildings to provide physical separation and protection where required. 31. Processes should be in place to reduce the risk of equipment failure due to building and civil engineering works. Network operators should make information available on planning consents and cable routeing (where necessary providing a helpline to deal with inquiries). Network operators should keep themselves informed about activities of other parties which may present a risk to network security. 32. Force majeure: a) where appropriate, suitable detection and extinguishing systems for fire, and detection systems for explosive and asphyxiating gases and floods are recommended. For fire detection, current experience suggests that aspirating systems are superior to fixed head detectors, particularly where airflows are influenced by forced air conditioning. Fire extinguishing systems (for example water, misting or gas dumping) may be appropriate in certain circumstances but current experience suggests that none of these are particularly suitable for large operational areas. b) where normal maintenance access to a site may be jeopardised because of bad weather, arrangements for use of suitable alternative transport should be covered by the contingency plan (eg four-wheel drive vehicles, 'snowcats' and helicopters). c) at sites prone to flooding, building utilisation should be such that the least critical functions are performed in the areas of highest risk. System security 33. Network security should be delivered through an appropriate combination of resilience, redundancy, restoration and repair: a) resilience means that the equipment and architecture used are inherently reliable, secured against obvious external threats and capable of withstanding some degree of damage; b) redundancy means that back-up systems duplicating the functionality of the systems are available to take over in the event of failure; c) restoration means that the capabilities are in place to replace a failed system with a working one; d) where redundancy and restoration are not possible, repair processes are critical; and e) Oftel acknowledges that redundant design is easier to achieve in the core or long distance networks, where switches can provide mutual redundancy. Closer to the customer (for example at the local concentrator), fast restoration and repair become more critical. 34. In particular, Oftel expects network operators to: a) use reliable apparatus and systems (sourced from capable suppliers) designed to prevent or withstand the effects of extreme conditions, including the loss of public power supplies; b) give particular attention to the security of 999/112 emergency and safety of life traffic, for example by using techniques such as priority routeing, repeat attempts, alternative routeing and trunk reservation, and by avoiding dependence on a single set of premises for dealing with emergency traffic; c) have a recovery plan in place against the event that network failure occurs; and d) consider the security of both traffic and signalling links. Network management and operational procedures 35. Network management systems allow the remote control and surveillance of communications networks. Network management plays a vital role in both network security and integrity by providing data on events and alarms in the network, allowing the network operator to take corrective actions as required. The appropriate use of statistical data collection is an essential part of network management. Properly designed network management and procedures should mitigate losses due to internal and external events. 36. Oftel expects to see effective network management and procedures in place, covering at least the following areas: a) fault management; b) planned works and planned maintenance; c) configuration management; d) performance management; e) security management; and f) traffic management. 37. Oftel further considers that for fault management to be effective, there must be evidence of systems and processes being in place for fault detection, fault monitoring, finding the cause of faults, bypassing faults to maintain network performance and fault fixing. Oftel further considers that: a) the network operator should be fully informed about the status of its network at all times, including the status of the network itself and all related buildings and equipment on which the network is dependent; b) the network operator should make use of information derived from customer-reported faults and complaints to identify network faults; c) competent personnel, data and technical equipment should be available for fault management 24 hours a day; d) there should be points of contact and escalation procedures to guarantee an equitable and timely response to faults; e) a clear process should be in place for the systematic analysis of the causes of faults, for example: observation of symptoms, development of a hypothesis, testing of the hypothesis and the formation of conclusions; f) the network operator should develop and operate a maintenance manual including agreed response times for different fault conditions as well as indicative restoration or repair times and procedures; and g) the network operator should prioritise service restoration over clearance of faults not affecting service. 38. Oftel considers that the network operator should provide reasonable notice to the affected parties of any planned work (including maintenance) that carries significant risk of impairment to essential service. 39. In the case of interconnected network operators, Oftel expects that: a) any party becoming aware of an interconnect service fault will inform all other associated operators, and b) in such an event, prompt action to resolve the fault should be taken by the party in whose system the fault has arisen. 40. The management of planned maintenance and faults between interconnected operators should be part of more general operations and maintenance (O&M) procedures between interconnected operators. 41. Oftel considers that good configuration management entails keeping a reliable inventory of network resources and having documented robust processes for the allocation of resources. 42. Oftel considers that effective performance management involves the use of data from the network management system and elsewhere to monitor network performance, to gauge performance against specified standards and to manage call carrying capacity to meet specified grades of service. On this point, reference should be made to other sections in these Guidelines relating to traffic management. 43. Oftel considers that effective security management in this context involves systems and processes that control access to both the network itself and the network management system. This includes user authentication, encryption, and password protection processes. 44. Real time traffic management involves the ability to gather data from various parts of the network to allow judgements to be made concerning real time call routeing options, for example, local, trunk, Intelligent Network (IN) platforms or Virtual Private Network (VPN) platforms. This may also include the gathering of data from signalling links, PSN/Internet gateways and interconnect with other licensed operators. 45. A network management centre should not be a potential cause of catastrophic failure of the network. Oftel expects that network operators will consider the desirability of geographically separate network management centres, based on an analysis of costs, benefits and risks. Testing 46. Oftel considers that network operators should be able to demonstrate the existence of procedures for testing of the network, including provocative testing of network components as appropriate. Oftel also recognises that it is impossible to test something as complicated as a modern telecommunications network with complete certainty. Therefore network operators should be able to demonstrate that potential failure scenarios have been envisaged and that contingency plans for service restoration have been prepared, tested and are in place. The objective of the contingency plan should be to maintain the network operator's ability to at least fulfil its statutory obligations for service provision in the event of network failure. Network integrity 47. Network integrity concerns threats to the normal operation of the network that enter via the network itself, and also those that are introduced from outside sources such as customers or other networks. Network operators should plan accordingly to mitigate these threats. Such threats include: a) electrical conditions – Oftel expects that network operators will use apparatus at network interfaces that can withstand or prevent onward transmission of electrical signals or conditions that are outside normally expected operating values; b) signalling – Oftel expects that network operators will minimise the impact of inappropriate signalling messages which may cause mis-operation of the network or billing systems; and c) traffic loads – Oftel expects that network operators will apply network management controls to limit the impact and onward transmission of excessive traffic volumes, but no more than is reasonably required to maximise the establishment of effective calls. Abnormal electrical conditions 48. Oftel expects that operators will consider what protection may be necessary on metallic circuits from accidentally applied voltages, current surges associated with earth potential differences and lightning strikes. 49. Terminal equipment (TE) may cause a safety hazard by presenting an excessive voltage to the network. The presentation of high voltage to the network termination is clearly only applicable to fixed networks and should only occur after serious TE failure. The threat this presents to the network should be limited to the local loop, as the network should be self-protecting to prevent more extensive damage and reduce the risk to network maintenance staff. 50. Network operators should be aware that TE may under certain circumstances inject incorrect signalling information. Conducted or radiated emissions including those from TE may affect fixed networks. They should penetrate no further than the local loop, albeit possibly affecting adjacent circuits. 51. Network operators should also be aware that under certain circumstances, service-affecting problems can be caused by ingress into the telecommunications system of radio signals. The use of mitigating measures (eg filters) may be useful to resolve such problems. Access Network Frequency Plan 52. Since the metallic access network was not designed for the transmission of high frequency signals, its use for Digital Subscriber Loop (DSL) technology has the potential to generate unacceptable levels of crosstalk (where the signals on one circuit may cause interference to the signals on one or more adjacent circuits). 53. The actions of each individual DSL user may have implications for all other users including those not using DSL services. It is therefore essential that the interference environment within an access network is controlled and managed to prevent accidental or malicious degradation of service and to this end some form of Access Network Frequency Plan (ANFP) is required. An ANFP will essentially specify what signals can be injected into the network and this will have direct implications on the type of technology that can be deployed and consequently the type of services that can be provided. An ANFP is intended to control interference caused by systems that directly transmit into the network and subsequently cross couple. It will have no control over signals that are coupled into the network from external electromagnetic sources. 54. Future developments may make it easier for end users to unwittingly inject spurious signals into the network. Oftel expects that network operators will keep themselves informed of any emerging risks in this area, and any other initiatives that may arise from time to time that have the potential to present similar threats to network integrity. 55. There are many possible ways of structuring and presenting an ANFP. Oftel does not have a preferred methodology but would point out the advantages of the approach being adopted for BT's network. Different points of connection to the network are defined eg exchange end and end-user premises. For each defined point there is an associated Power Spectral Density (PSD) mask. The mask describes the maximum power envelope that can be injected into the network at that point. This approach is technology neutral and transparent, and allows equipment designers to comply with the plan at the design stage. 56. Network operators must not compromise the appropriate ANFP. 57. Oftel has commissioned
the NICC to make appropriate recommendations. Outputs from the DSL task
group set up by the NICC to undertake the detailed work are published
on Oftel’s website Inappropriate use of signalling protocols 58. Incorrect signals received from outside can interfere with the correct operation of the network. Such signals might be benign in intent and be caused by accidental mis-operation of other equipment. However, they may also be caused by deliberate attempts to interfere with network integrity, for example to avoid the proper charging for network services (phone fraud), to deny service to others, or to corrupt stored data or software. Multiple levels of security may be needed to counter such threats, including signalling ‘policing’, firewalls, etc. 59. TE may under certain circumstances inject incorrect signalling information. The network should be self-protecting and ignore incorrect signalling from TE which does not conform to the expected protocols. Nonetheless, such signals may interfere with or mask legitimate information. Correctly formatted but erroneous signalling may be more dangerous to the network, for example malfunctioning automatic dialling equipment congesting the network with unwanted calls. 60. Oftel expects that network operators will implement the Calling Line Identity (CLI) Code of Practice (see reference 4) to assist, inter alia, with tracing the source of signals. 61. Screening (also known as policing) is a technique that can be used if appropriate at the edge of the network to protect it from mis-operation of connected networks. Candidate areas for screening that Oftel would expect operators to consider as necessary might be: a) interconnect screening – there are good grounds for providing screening of an interconnect link so that only agreed use of the interconnect is allowed; and b) policing is also used to reduce the incidence of false 112/999 calls to Emergency Organisations. Oftel needs to be satisfied that genuine emergency calls are not rejected by this policing. Intra-network signalling screening may not be necessary as modern protocol specifications contain sufficiently robust error handling procedures. Routine access screening may also not be necessary, as there is less likelihood of apparatus connected to the PSTN adversely affecting its operation. 62. Oftel expects to see appropriate precautions to guard against and respond to hacking and electronic attack. In addition, Oftel encourages network operators to make use of appropriate industry fora to co-operate on these issues. 63. Oftel expects that operators should consider appropriate measures to ensure that their networks can be protected from signalling problems in an interconnected network. 64. Oftel notes here in passing some examples of potential problems associated with STP working: a) Unidirectional signalling, whereby a signalling route exists from Signalling End Point (SEP) A to SEP B but there is no signalling route from SEP B to SEP A. This risk can be reduced by avoiding non-symmetrical signalling routes (ie A to B via C but B to A via D); and b) Circular routeing, whereby signalling messages are passed in a closed loop between STPs without ever reaching the correct SEP. This could happen when network failures occur, and could rapidly cause overload of those particular parts of the network involved in the loop. This risk can be reduced by keeping the number of STPs in a signalling route to a minimum, avoiding the use of signalling points acting as STPs for each other to the same destination and avoiding the use of links between a mated pair of STPs. Terminal equipment 65. Instances have been given above where TE may pose a threat to network integrity. 66. Physical disconnection of fixed line TE can protect the integrity of the network from risks posed by TE. The regulatory framework allowing such disconnection is set out in Annex A. Excessive traffic loads 67. Networks need to be protected from traffic overload conditions. Network traffic management (NTM) is a set of tools and techniques for detecting, monitoring and controlling network traffic to protect the network from abnormal loads, while at the same time optimising network performance. While NTM is capable of dealing with mass calling behaviour, Oftel recognises that complete service denial or disconnection may be required to control excessive traffic from (or to) a single subscriber. 68. Oftel expects network operators to adhere to the following NTM principles in protection of essential service: a) maximise the number of trunks filled with effective calls (ie calls which can be carried to their destination), rather than non-effective calls (ie calls which encounter congestion and cannot be carried to their destination); b) give priority to single link calls, rather than calls going via alternative/overload routes. During overload, more calls go by alternative multiroute links which greatly increases the possibility of these calls blocking other call attempts. All or a portion of alternative route traffic can be blocked; c) during abnormal overload conditions, use any temporary idle capacity in the network to reroute traffic; d) prevent switching congestion caused by large numbers of call attempts and prevent the spread of congestion to connected systems; and e) give priority to terminating traffic over origination of new calls. 69. Oftel expects that network operators will ensure a congestion control process is in place prior to any implementation of UK ISUP in accordance with the document ISUP Overload Control (PNO-ISC/INFO 015) (see reference 5) prepared by the NICC Public Network Operators Automatic Congestion Control Working Group (PNO ISC ACC WG). 70. Network operators should be able to demonstrate the capability for manual or automatic traffic management, with variable degrees of implementation depending on the magnitude of the problem, in the following categories: a) protective controls that remove traffic from the network as close as possible to its origins during overload; and b) expansive controls that re-route traffic from overloaded routes or failures to other parts of network that are underloaded with traffic because of different busy hours. 71. Network operators should have: a) an NTM centre to provide real time surveillance of the access and transport network and to implement traffic controls; b) arrangements in place with their customers for the notification of planned mass calling events eg TV show phone-ins; c) arrangements in place to inform interconnected network operators of planned and detected mass calling events; d) knowledge of national holidays and festivals (eg Christmas Day, New Year’s Eve); e) knowledge of holidays and festivals in distant countries to which they operate direct links; and f) an awareness of, in real time, news reports that may stimulate traffic (eg natural disasters). 72. Oftel accepts that in some cases, network operators with small networks consisting of only one or two switches may choose not to invest in NTM facilities but instead rely on controlling their interconnect with other networks that do provide NTM. 73. Oftel recognises that congestion can be created in one network, and have an impact on a competitor's network due to network interconnection. If steps are taken in the affected network to reduce the impact of excessive traffic, typically by call-gapping, it is conceivable that another network operator may have cause to complain that its ability to carry revenue-earning traffic is restricted. Conversely if no action is taken the affected network could fail. It is important for network operators to understand that good network traffic management actually maximises the effective (ie revenue-generating) call capacity of the network. Oftel therefore expects that: a) all network operators will document what congestion protection measures will be used (for example: call gapping, alternative routeing and priority techniques) and in what circumstances. Any such documentation should be made available to other network operators with a legitimate interest; b) all network operators will also document what measures will be used to ensure the priority of 999/112 traffic, particularly during congestion periods; and c) signalling links will be dimensioned to avoid congestion and will in general have much lower occupancy than traffic links. This is due to the importance of minimising the risk of losing signalling messages and the need to reduce signalling latency. The number of signalling links should be established for normal and failure conditions, and some form of planning tool may be required to determine the signalling relationships supported by a given linkset except in very small networks.
Annex A – The existing regulatory framework for terminal equipmentA.1 TE is connected to the public network at a Network Terminating Point (NTP). It includes, for example, individual mobile, fixed and cordless telephones, fax machines, modems, answer-phones, private branch exchanges and private systems attached to the public networks. A.2 RVTD (see reference 1) Article 13(c) (transposed into SI No.1580/1998 (see reference 2) regulation RVTD9.8 and Licence Condition 20.8) specifically excludes the imposition, by the Licensee, of further restrictions on use of TE on the grounds of interoperability of services. TE interoperability has been excluded from the scope of these Guidelines. However, if a measure were being legitimately adopted against TE to preserve network integrity (rather than on the grounds of end-to-end interoperability) it would come within the scope of these Guidelines. A.3 Since 8 April 2000, the placing on the market and putting into service of TE is subject to the Radio Equipment & Telecommunications Terminal Equipment Directive (RE&TTED) (see reference 6) which is transposed into UK law by SI No.730/2000 – see reference 7). Under the RE&TTED (see reference 6), non-radio TE is subject to compliance with the ‘essential requirements’ of the Directive (the safety objectives of the Low Voltage Directive 73/23 (see reference 8) and the protection requirements of the Electro-Magnetic Compatibility Directive 89/336 – see reference 9) demonstrated by a manufacturer’s declaration of conformity. Additional ‘essential requirements’ may be imposed by a Commission Decision. A.4 The former regime of equipment approvals (Directive 98/13 – see reference 10) came to an end on 7 April 2000, although equipment approved under that regime was permitted to be placed on the market during a one year transition period up to 7 April 2001. Individual items of approved equipment placed on the market during the transitional period enjoy an enduring right to be connected and put into service. This also applies to the legacy of approved equipment placed on the market before the transition period. However, all apparatus supplied on or after 8 April 2001 must comply with the applicable ‘essential requirements’ and other relevant provisions of the RE&TTED. A.5 RE&TTED (see reference 6) Articles 7.4 and 7.5 complement the RVTD (see reference 1) provisions, and allow for disconnection of TE. However, Articles 7.4 and 7.5 only apply in the case of apparatus that has been declared to be compliant with the provisions of the Directive, and that has been put into service for its intended purpose. Disconnection procedures for non-compliant equipment are outside the scope of the Directive and are subject to national procedures. A.6 RE&TTED (see reference 6) Article 7.4 provides for a Licensee to be authorised by the authorities to refuse connection of, disconnect, or withdraw from service TE which (even though it has been declared to be compliant with the provisions of the RE&TTED) causes: a) serious damage to the network; b) harmful radio interference; and/or c) harm to the network or its functioning. A.7 RE&TTED (see reference 6) Article 7.5 provides for a Licensee to make emergency disconnection of TE, where this is immediately necessary to protect the network. Having taken such a step, the network operator is required to advise the National Regulatory Authority and provide an alternative solution to the customer without delay or costs.
Annex B – Requirements for ‘lifeline’ telephonyNote on Annex B Both Licence Condition 20.3 and Licence Condition 20.4 require Licensees to have ‘particular regard to the needs of Emergency Organisations’ in meeting their network security and integrity obligations. Annex B should be considered as part of the draft Guidelines, in so far as they describe how Oftel would expect the Licensee to meet this ‘particular regard’ requirement. In the clauses of this Annex, the text preceded by the word ‘NOTE’ should be considered solely as informative. Requirements B.1 ‘Lifeline’ telephony means access to the 999/112 emergency service and other nationally important help-lines (hereafter called ‘safety of life’ numbers) on which peoples’ lives may depend. B.2 All operators providing Publicly Available Telephone Service (PATS) must meet all the relevant obligations in the RVTD (see reference 1). Note: PATS is not defined in the RVTD and therefore Oftel has provided the clarification that it should be taken to mean a telephone service which is made generally available and would in principle be provided to anyone prepared to pay for it, capable of using it (in the case of wholesale products) and to abide by the applicable terms and conditions. The general availability of PATS is in contrast to a bespoke product which is offered only to one or a limited class of customers. B.3 All providers of PATS must provide robust and resilient access to the 999/112 service. Routings must provide a very good grade of service, avoiding single points of failure as far as reasonably possible and supported as appropriate by such techniques as automatic alternative routing, repeat attempts, protected call attempts, repeated call attempts and trunk reservation. The speech connection must be of a quality to allow two-way, simultaneous, uninterrupted and readily intelligible conversation with 999/112 operators and the emergency authorities. It must also allow the transport of textphone low speed in-band data signals. For example, if ‘Voice over DSL’ or ‘Voice over IP’ (VoIP) is used, the operator must maintain complete control over the packet contention to ensure this quality. Note:
Oftel takes a technologically neutral approach to regulating voice telephony.
A service is deemed to be PATS if it is either sold as a substitute
for traditional public telephony service, or appears to the end user
to be so, or if it provides the sole means of customer access to the
traditional PSTN. Thus ‘Voice over IP’ and ‘Voice over DSL’ would be
considered to be PATS if they meet this definition and therefore the
RVTD obligations would apply. Where specific technologies are mentioned
in this text, it is because these are currently commonly used technologies,
not because these are the only ones permitted. B.4 Calling Line Identity (Network CLI) must be forwarded to the 999 operator to assist the handling of emergency calls. The network CLI must normally unambiguously identify the calling customer, in order further to identify the registered installation address from which the call is being made. Note: There are a few cases where the CLI may not immediately identify the location of the caller, eg remote extensions on private networks or when calls are placed by an intermediary eg social alarm providers. Operators should ensure that callers are aware of such cases so that the 999 operator can be advised where the received CLI is not valid, but such arrangements should be considered as exceptional and should not be depended on for general use, since tracing ‘silent 999’ calls depends entirely on the provision of a valid CLI. In the case of VoIP networks, operators cannot always be sure that the CLI will allow the caller’s location to be established. Operators should make reasonable efforts to draw attention to this particular issue both to those customers controlling such systems and to emergency organisations. B.5 Access must also be provided to the 100 operator service. Oftel expects that network operators will provide access to certain nationally important ‘safety of life’ help-lines in the 0800, 0808 and 0845 number ranges. If operators decide to give these numbers a different level of service to other numbers (eg faster restoration) and are capable of doing so, Oftel would not regard this as undue discrimination. Note: The following services are recognized by Oftel as being ‘safety of life’ services of national significance:
This list is current as of the date of publication, but may be varied from time to time as and when Oftel is advised of other ‘safety of life’ numbers. B.6 All exchange or network equipment providing PATS must be provided with power backup to ensure continuity of service during failures of the public electricity supply. This backup must provide service for a period of one hour, based on the average busy hour current loading, provided that the mains supply is available in the previous six hours to any such failure. If batteries are used, then further backup from generator-supplied sources is strongly recommended. Power back-up of air handling equipment should also be addressed. Where generator-supplied sources are impractical, Oftel strongly recommends the provision of longer battery back-up. Note: If telephony is being provided via the DSL equipment, then this must also be provided with one-hour back-up. DSL equipment providing solely data services does not require back-up for these purposes. B.7 All single line telephony (‘POTS’) and basic rate ISDN (‘ISDN2’) services must provide for line powering of customer premises equipment (CPE) and, where relevant, the Network Terminating Equipment (NTE) to ensure that access is maintained during any loss of mains power at the customer’s premises. These features must be declared as part of the interface publication requirements of the RVTD and RE&TTED (see licence condition Publication of Interfaces – Condition 15 of the PTO licence and Condition 2 of the Telecommunications Services Licence – see reference 11). Note 1: Note that while BT’s ISDN2 service provides for line powering, Home and Business Highway services default to restricted line-powered operation on power failure at the customer’s premises. Note 2: In the past there was a UK national requirement for equipment that required local power for the provision of basic telephony to be marked as "not suitable for use as a prime instrument", but with the adoption by the UK of the RE&TTED [6], this has ceased to be a legal requirement. Note 3: The international standards for ISDN basic access user-network interface (layer 1) define the minimum line power that must be provided to CPE under a loss of mains power condition (ie restricted power mode). This is set at four RPCU (Restricted Mode Power Consumption Units). A ‘designated’ terminal is allowed up to four RPCU in the restricted mode. It is the user’s responsibility to ensure that only one ‘designated’ terminal is connected to the ISDN basic access. B.8 For multi-line telephony, line powering of CPE and NTE is not a requirement and the customer is responsible for providing power back-up where the lines are used for 999/112 access. Note: Multi-line telephony is any telephony service where more than two lines are provided over the same bearer, eg primary rate ISDN (‘ISDN30’). Many ‘Voice over DSL’ systems provide for multiple lines and therefore do not need to be provided with line powering. It would be for the customer to decide how to provide resilient access, by providing local power back-up or by using alternative means. Where battery back-up is used, a one hour capability is recommended. B.9 Operators cannot circumvent these requirements by asking the customer to rely on another line from BT, another fixed line operator or a mobile phone, except in temporary situations (see B.10 below). Note: However, an Operator may itself acquire such services from another operator and resell them as part of a bundle of services supplied to the customer. B.10 Operators must ensure that any transfer process of numbers or services between an existing telephone line and any other line providing public voice telephony provides the shortest practicable interruption in access to 999/112. Customers must be informed of when such interruption may occur and how long it is likely to be. Oftel’s current view is that any such interruption should be kept as short as reasonably practicable and always targeted to be less than 24 hours, unless temporary alternative means are provided, eg a mobile phone is provided or where the customer has explicitly consented to use alternative arrangements. B.11 Operators must maintain a list of customers’ installation addresses (not necessarily the same as directory addresses) in order to assist the emergency services, especially in the case of ‘silent 999’ calls. The operator (BT, C&W or KCL) providing the 999 service may request this list to add to their own database and this must also be kept up to date with at least daily feeds of amendments. B.12 Operators must co-operate with 999 Operators (BT, C&W or KCL) to ensure that 999 calls are forwarded to the correct emergency organisation contact point, eg Oxfordshire County Fire Service. This is usually done using the subscriber’s installation address postcode. B.13 All partial or complete loss of 999 access at any exchange lasting more than 30 minutes should be reported to Oftel’s Outage Liaison Point as soon as possible; currently this is David Heath (tel: 020 7634 8818). Note: Partial equates to 500 customers or 50 per cent of exchange capacity whichever is the less.
Annex C – GlossaryDefinitions Call Gapping – a technique used to restrict the number of calls that can be to a specific number or group of numbers. It is used in circumstances where a high percentage of calls would not get through anyway (because of the limited number of available lines) but would restrict other calls that would have otherwise completed successfully. Calling Line Identity – the number of the calling customer. Plain Old Telephone Service – straightforward voice telephony. Abbreviations ANFP – Access Network Frequency Plan BT – British Telecommunications plc CLI – Calling Line Identity CPE – Customer Premises Equipment C&W – Cable and Wireless plc DSL- Digital Subscriber Loop KCL – Kingston Communications plc NICC – Network Interoperability Consultative Committee NTM – Network Traffic Management NTE – Network Terminating Equipment PATS – Publicly Available Telephone Service POTS – Plain Old Telephone Service PSTN – Public Switched Telephone Network PTO – Public Telecommunications Operator RE&TTED – Radio Equipment & Telecommunications Terminal Equipment Directive RPCU – Restricted Mode Power Consumption Unit RVTD – Revised Voice Telephony Directive SEP – Signalling End Point STP – Signalling Transfer Point TE – Terminal Equipment VoIP – Voice over Internet Protocol
References1. Directive 98/10/EC of the European Parliament and of The Council of 26 February 1998 on the application of open network provision (ONP) to voice telephony and on universal service for telecommunications in a competitive environment, OJ L 101, 1.4.1999, p.24. 2. Telecommunications (Open Network Provision) (Voice Telephony) Regulations 1998 – SI No 1580/1998, The Stationery Office Limited, London. 3. Schedule 2 of the Telecommunications Act 1984, The Stationery Office Limited, London. 4. Code of Practice for Network Operators In Relation to Customer Line Identification Display Services and Other Related Services, Oftel. 5. ISUP Overload Control PNO-ISC/INFO 015 Issue 1 draft C, obtainable from the secretary to NICC, Oftel. 6. Directive 1999/5/EC of the European Parliament and of The Council of 9 March 1999 on radio equipment and telecommunications terminal equipment and the mutual recognition of their conformity, OJ L 91, 7.4.1999, p.10. 7. The Radio and Telecommunications Terminal Equipment Regulations 2000 SI No.730/2000, The Stationery Office Limited, London. 8. Council Directive 73/23/EEC of 19 February 1973 on the harmonization of the laws of Member States relating to electrical equipment designed for use within certain voltage limits, OJ L 077 26.03.1973, p.29. 9. Council Directive
89/336/EEC of 3 May 1989 on the approximation of the laws of the Member
States relating to electromagnetic compatibility, OJ L 139, 23.05.1989,
p10. 10. Directive 98/13/EC of the European Parliament and of The Council of 12 February 1998 relating to telecommunications terminal equipment and satellite earth stations and the mutual recognition of their conformity, OJ L 74, 12.3.1998, p.1. 11. Class Licence to Run Branch Systems to Provide Telecommunications Services, Department of Trade and Industry, see www.dti.gov.uk/cii/docs/tsl_apr2001.pdf.
History
|
|
|||||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||
 |
 |
|
||||||||||||||||||||||||||||||||||
 |
|
|||||||||||||||||||||||||||||||||||
