What is the NAAD System, what exactly does it do?
Pelmorex Communication Inc.’s (“Pelmorex”) National Alert Aggregation & Dissemination (NAAD) System provides Authorized Government Agencies across Canada with a simple, easily accessible means by which they can issue public safety messages. The NAAD System validates and authenticates the messages it receives to ensure they are indeed from the participating government authority and are compliant with certain agreed to standards and policies. After this, the NAAD System then aggregates all the alert messages it receives from government authorities into a data stream which it distributes over the internet and by satellite ensuring coverage across Canada. This allows “Last Mile Distributors” like radio and TV broadcasters, cable and satellite operators to broadcast the alert messages if they wish to.
The NAAD System provides alerts over C band, as well as IP. Is there a requirement to receive on all of them?
The NAAD System provides 3 feeds to choose from: Satellite C band, TCP Socket and RSS feeds. It’s totally up to the LMD whether they choose one of these or a combination of these depending on their setup.
How is the ‘alert region’ field defined in an alert?
The NAAD System uses the Statistics Canada – Standard Geographical Classification 2006 (Updated May 2010) from Statistic Canada (LINK). This standard allows multilevel fields for alert location and an alert can have a single or any combination from these location levels:
Province/Territory > Census Division > Census Subdivision.
According to this standard an alert issued for Quebec will have an SGC code “24” and if issued for a location within Quebec it will always start with an SGC code of “24…”. It depends how an LMD is receiving the alerts, if they have a tool available then it can be used to filter the alerts for location code “24” or codes starting as “24… ”.
Within the alert CAP file this code can be found in the fields (an alert can have multiple geocode fields for multiple locations):
Are the NAAD System servers sitting in one contiguous IP space?
Yes, the servers reside on certain IP ranges, however if needed, we can only provide the DNS names, not the IP addresses.
Are the NAAD System servers always sitting in the same IP range?
Ideally, in normal case the IP doesn’t change behind the DNS. IP’s will remain the same (but please keep in mind that there is no guarantee if they would get changed or not in future; for example if we change our ISP, which would result in IP change).
Is the alert information sent over the network secure?
The NAAD System is a web based application, which uses HTTPS, SSL/TLS web secure protocols and AES-256 encryption to secure all data.
Will there be a time delay between receiving the audio feed over the radio and the beginning of the text display on the television?
Yes, since these are completely different networks. They will have a time difference. Even two TV stations may not necessarily broadcast as the exact same time.
For multilingual alerts containing the Third language, will the LMD equipment pick the third language part of the alert?
The totally depends on the configuration of the equipment at the LMDs side (which should be configured to pick content for languages other than ‘En-CA’ etc. with any valid language code).
Does a broadcaster get the .mp3 or .wav file intact (still in an .mp3 or .wav file format) to broadcast/play or does the audio get transformed and reformatted into an overall different encapsulating file format?
The short answer is the broadcaster gets the audio file in the format it is sent in. Last mile distributors need to know exactly what types of file types they can expect to receive. Same principle applies to image files.
Please refer to this document for the type of attachments supported by the NAAD System.
The longer answer is that the file, regardless of type is reformatted into base64 (a standard required by CAP) and then reformatted back into its original format by the LMD.
The issuer attaches an mp3 file to an alert
The NAAD System reformats it to base64 and distributes it
LMD receives alert, extracts the base64 file and reformats it back into mp3.
The CAP-CP specification indicates that the polygon element is optional. Will the polygon be always contained within the given CAP-CP message or alert message can be without a polygon?
Even though the use of polygon is optional, it is strongly recommended in both CAP and CAP-CP. As such, all the alerts issued through the NAAD system or by EC are guaranteed to contain polygon data when such values are present.
Is the NAAD System data feed free of charge for LMDs?
Yes, the NAADS system is completely free, there is no charge what so ever to use it or to gather data from it.
What RSS reader or parser should be used?
Any RSS Reader tool can be used based on the need. For example a popular one is RSSOwl – http://www.rssowl.org/; it is a free download and very simple to use.
The RSS feed in a browser is not listing all the attachments included in the alert. How can I view the missing ones?
This depends on the browser being used. If someone is looking at the RSS feed using the Internet Explorer browser, then only one attachment is shown. This is something specific to the settings of IE browser but at display level only, the alert actually has all attachments but only one is displayed. If it is viewed on Firefox for example, all attachments are displayed.
Is it possible to get the alerts steaming through fibers (dedicated fiber connections) other than the TCP sites and satellite feeds? Is there plan to support direct connections in the future?
When the NAAD system was designed, Pelmorex consciously stayed away from designing point to point connections, the main reason being the commitment given to the CRTC and to the Pelmorex Governance Council to broadcast alerts to everyone on a public domain without restrictions and to make the alerts in fairness, available to everybody equally under the same terms and conditions.
Pelmorex does not have any plans to change the system to support customized or user specific direct connections.
Is it mandatory that the output of the Cisco receiver needs to be multicast?
The receiver we have mentioned in the LMD User Guide does not have the possibility to change (override) the destination IP address / multicast; the destination IP is decided at the equipment that is sending the feed.
Will there be packet re-ordering issues while listening to the satellite feeds via Cisco receiver setup?
In order to receive the UDP packets from the satellite receiver (regardless of whether it is from C Band or Ku Band satellite), a UDP socket application (client) should be used by the LMD (NAAD System doesn’t provide this application). This application will need to be in the same network segment as the satellite receiver, and it should register and receive packets sent to the IP multicast group: 220.127.116.11.
The UDP destination port 25555 must be used to receive data. The application should receive data from this port and reassemble the packets to receive CAP-CP XML data.
The UDP packets should be assembled in the sequence in which they are received, in order to reassemble the packets into CAP-CP XML data. There is no additional information used to indicate the sequence of the UDP packet’s data within the CAP-CP XML.
In order to minimize the UDP packets re-ordering issue (since it could happen according to protocol specifications), LMD should connect the decoding system/computer directly to the satellite receiver using an Ethernet cable.
The CAP protocol specifications has a provision for the alert not to be signed. Are all alerts signed?
The security of the NAAD System is our highest priority.
The NAAD System supports SSL. Every alert sent through the system will always have 1 or 2 signatures:
First one is a digital signature produced by the Issuer (AGA) allowing verification to Alerts as being genuine to that specific Issuer and not tempered with. This signature is optional and is at the discretion of the Issuer’s organization. So it may or may not be present.
Second one is the NAAD System’s digital signature in the alert message in addition to the Issuer’s signature. It will always be present in alerts disseminated by NAAD System. It may be used by LMD’s to confirm that the Alert Messages are received from the NAAD System
When an Alert is received, the Last Mile Distributor has the option of checking either or both of the signatures to validate that the Alert did originate from NAADS system (i.e. not tampered in internet transmission after issuing) and also validate that the original Alert Message from the issuer is genuine and intact.
For more details, please refer to the LMD user guide available on our Public Alerting website.
Is there any method to validate the digital signature, using a NAAD public key for instance, without connecting to the DSS SOAP server?
No, the NAADS DSS was implemented as a DSS SOAP server. The Last Mile Distributers will have to format a DSS request and make a SOAP call to the DSS web server, whose URL is in the signature.
To verify the NAAD System’s digital signature, the help document mentions about RequestID and Profile. Where do we get these values from?
The RequestID and Profile are values that should be generated by the request issuer. Both are treated as strings. For instance an LMD can use the Alert’s ID in the RequestID or can use an automatically generated ID if their system has one. The profile is the ID of the LMD, it should be a short string that identifies the request issuer i.e. LMDs organization name.
What is the process for addressing a situation where an LMD receives corrupt data in the public alerting feed?
There could be 2 possibilities:
- The LMD receives a complete alert but the content within the alert is corrupt or they doubt it’s tempered with
- They received an incomplete data file, alert without complete start and ending XML tags etc.
Based on these:
Verifying the alert’s digital signature will ensure if the alert has been corrupted or tempered with or not. An alert will have 1 or 2 digital signatures. LMD can verify the alert is sent by NAADS by validating NAADS digital signature against NAADS DSS. This verifies that Message is not tampered in transmission from NAADS to LMD. If this is valid, then LMD can further validate that original Alert is not modified or tampered in any way from the original issuing source by validating the issuer’s signature against the issuing organization DSS. For both these validations, the LMDs will need to form XML based SOAP requests on https (following the OASIS-DSS standard) to the NAADS/Issuer DSS to get the signatures validated. It is recommended that LMDs verify signatures for all Alert Messages intended to be displayed to the Public. When both signatures are present, it is preferable to check Issuer signature as it verifies the originators source. LMD User Guide’s section “Appendix 4: Digital Signatures” explains this in much detail.
If LMD received an incomplete file, it could most probably be due to transmission issue, for example slow internet connection, issue with satellite communication etc. However these would be on LMDs side. They should check their systems and fix/improve as needed. (the reason we say it’s on LMD side is due to the fact that we check all the transmissions to feeds in NAADS, anything failed to go to any feed will show incomplete tracing)
What should an LMD do if they receive corrupt alerts?
If the corrupt alert is due to DSS failure LMD should report it to us and reject the corrupted alert. (Note: Verifying the signature is LMDs choice, if they don’t verify any signature and process a tempered alert, it’s their own responsibility, but we do recommend them to verify signature for at least the broadcast messages)
Multiple feeds are made available; it is recommended that LMDs listen to more than one feed for redundancy purposes. This will also determine if the alert is corrupted on one feed or all of them. If it’s only on one feed, they can use the corresponding valid alert from another feed.
If alert is corrupted due to a transmission/application issue on LMD’s end on all feeds or if LMD listens to only one feed, then they should use auxiliary mechanisms to retrieve the alert. Messages are kept in their integral form for 48 hours (in a short term repository) for automated retrieval an LMD.
Do you anticipate a lot of alerts being issued?
The amount and type of alerts issued will depend on the policies set by each province and the authority they delegate to other agencies and municipalities. However, the types of events that are severe enough to warrant alerts interrupting television or radio broadcasts are expected to be infrequent.
Is the media (aka: Last Mile Distributors) required by law or regulation to broadcast or distribute alerts?
Participation by “Last Mile Distributors” is purely voluntary.
Will the alerts be for my specific area?
The issuing government authority will determine what areas are affected by the alert message they are issuing. They will use an agreed to coding system established by Statistics Canada called the Standard Geographical Code. These codes typically correspond to census divisions and sub-divisions usually along municipal boundaries. The use of these codes will allow participating radio, TV, cable and satellite companies to identify and broadcast the alerts that are most relevant to the communities they serve.
Will multiple alerts be generated for the same event if sent by multiple authorities?
It is possible for multiple alert messages to be issued related to the same event because the event touches on the mandate and responsibilities of more than one government body or because the nature of the event changes over time. However, emergency management officials are experts in their respective areas and coordinate activities, including public alerting very closely. In fact, most government authorities will be watching the NAAD System alerting data feed to monitor the warnings issued by other neighbouring authorities.
Will an ‘all-clear’ be issued after the alert is ended?
Government authorities must set an expiry time for every alert they issue. In addition they may cancel an alert anytime they wish if the situation is “all-clear” prior to the expiry of the alert.
Who can issue an alert within the Government Agencies?
The respective government agencies have exclusive control over who has access to issue an alert on their behalf.
Will these alerts look any different from what I see now on the TV or the web?
Until now there has been no national system to broadcast alerts. The Weather Network and MétéoMédia have always broadcast severe weather warnings for Environment Canada and will continue to do so as either a full page text message or as a scrolling display at the bottom of the page. It is expected that participating TV, cable and satellite companies will do something similar. Participating radio stations will play the audio messages where they are available.
Will alerts interrupt my television show?
The manner in which alerts will be broadcast is left to the discretion of the local television broadcaster, cable or satellite TV distributor. In most cases a crawl across the top or bottom of the screen or a full page display is expected.
What type of security is in place so that I know the alerts are being sent by an authorized agency?
The NAAD System and government authorities take security very seriously. In addition to the security measures that government agencies take every day to ensure access to their system is by authorized personnel only, additional login passwords and user identification is needed to access the NAAD System. Separately, Pelmorex’s NAAD System has measures to prevent unauthorized access by hackers or others. Finally, each individual message issued over the NAAD System will have a unique digital certificate to ensure its authenticity.
How are these alerts made available to the visually impaired?
The NAAD System allows government authorities to include an audio version of their alert messages which can be broadcast by radio and television stations, cable and satellite operators, etc.
Will the alerts be sent out in different languages?
At the discretion of the government authority, alerts can be issued in languages other than English or French. Distribution of these messages to the public will be up to the individual TV, radio, cable or satellite operator.
Are alerts archived and if so for how long?
All alert messages are archived for seven years.
How can I get access to a previously issued alert?
Previously issued alert messages can be seen on the RSS feed for 48 hours after it has been issued. As well, all alerts are archived indefinitely on the Archived Alert Messages section on this web site.
If an alert is issued, how and where can I find out more information?
Issuing authorities may include reference within their alert to websites to get additional information. As well, it is expected that conventional TV and radio broadcasters will cover events as they occur.
Who can issue an alert within the Government Agencies?
Each province or territory will decide the level of authority it wants to delegate within its jurisdiction. For example, one province may decide that only one organization such as the provincial Emergency Management Office will have authority to issue an alert whereas another province may decide to allow local authorities such as, regional or municipal emergency management staff, police or fire departments to issue certain types of alerts. Certain federal authorities such as Environment Canada also access the NAAD System to distribute their weather warnings.
What types of alerts will be issued?
The NAAD System allows Authorized Government Agencies to issue a wide range of public safety messages. Typically however, an alert will be issued if there is imminent danger to persons or property. The scope is quite large and can cover things such as tornados, train derailments, industrial fires, water contamination, missing persons; the list is endless and is not limited to weather or environmental warnings.
What’s the relationship between the alerting system and The Weather Network/MétéoMédia?
The NAAD System was designed and is operated by Pelmorex Communications Inc. which is the parent company that also owns and operates The Weather Network and MétéoMédia.