Critical The IRC Information Model describes a suggested way to classify information for each of the XML Schemas for the 35 Demand Response Interactions.
No change recommended during meeting
I've tried to address this in the resolution for the parent task, ENERGYINTEROP-287, by having a reference to a message type to which the NERC-CIP levels would apply. I think that this satisfies the IRC issue, but better to look at the proposed implementation when its complete.
I am open to suggestions in how to best manage this according to the CSWG. The IRC suggestion is to include a the CIA (Confidentiality, Integrity, and Availability) for each interaction with a high,medium, low. However, I thought that these would be optional in any interaction. Would that satisfy the concern about including the "value"? I understand that calling out this information within an interaction might increase risk, but there is the risk that the same information with no "values" (or labels) can be exposed because its information classification is not understood. As long at EI addresses the NERC-CIP requirement somehow, the IRC's requirements should be satisfied.
The information structure correctly describes the information classification for NERC CIP, but including the "value" of the message in the message seems to increase risk by flagging more valuable messages. (From discussion with CSWG members)
This would be a useful "deployment descriptor", rather than a message component.
This seems to be relevant information in deciding what security/reliability to compose for specific types of interactions.
Toby talk to Edgardo to discuss best resolution. Perhaps including NERC CIPs in an example would help.
As voted in meeting