Rupert Stanley Ross Systems International th 19 May

Rupert Stanley Ross Systems International th 19 May 2010 Non. Stop Management and Performance Tools BITUG - 19 May 2010 Copyright Ross Systems International Limited 2010 1

Data v Information BITUG - 19 May 2010 2

Information Leads to Decisions BITUG - 19 May 2010 3

Sometimes Data is all we need WHAT IS THE VALUE OF THIS STOCK? BITUG - 19 May 2010 4

Sometimes it’s a bit more complex IS THIS HSM WORKING? BITUG - 19 May 2010 5

Tools Available PROBE – System Information Utility FINFO – File Information and Status Discovery Tool 1. Data content closely linked to Information 2. Powerful Selection Facility 3. Wide range of Displays for Different Uses 4. Powerful Analytical Functionality Available HSEMM – HSM Emulator Suite, Management Aspects 1. 2. 3. 4. Data is all encrypted binary Performance and Fault Tolerance Vital Black Boxes lead to Quality Problems Need Independent Verification & Validation BITUG - 19 May 2010 6

PROBE NS 50000 – ITANIUM, BLADE $SYSTEM CARL 11> run probe PROBE V 1. 0 Run on: 15/10/2009 13: 50 ----Copyright Ross Systems International Ltd. 2008, 2009 Full Version (Release Date 14 th October 2009) ----------------------System Name: ATPHPLD, System Number 072354 Processor Type: 10, Model: 71, Name: NSE-M, CPU Count 6 System Speed: 2238% of K 2000 speed (x 22 faster) S 76000 – S-SERIES, RISK System Name: CORBY, System Number 052377 Processor Type: 9, Model: 11, Name: NSR-E, CPU Count 2 System Speed: 320% of K 2000 speed (x 3 faster) System Name: NEC, System Number 052376 Processor Type: 9, Model: 11, Name: NSR-E, CPU Count 2 System Speed: 320% of K 2000 speed (x 3 faster) BITUG - 19 May 2010 7

FINFO ERRORS Data Store is a crucial system resource used by: CASH DEVELOPMENT STAFF COMMERCIAL USERS COST BITUG - 19 May 2010 SYSTEM MANAGERS 8

FINFO – USER GOALS Data store is held on files on Disks, the various system users have different requirements for management and visibility of this: 1. Commercial Users – Just want the system to be up and run smoothly Don’t need or want to know about its configuration or management 2. System Managers – Want to system to run smoothly for all users Use a well defined set of files. Need to know how files are growing, if there is adequate space and if there any problems. Must have sufficient information to securely maintain the disk estate as a whole. 3. Development Staff – Want disk resources and information. Use a huge and loosely managed set of files for sources, objects, libraries, test sets, results and test data bases. Need to know where everything is and its properties. BITUG - 19 May 2010 9

FINFO – SYSTEM MANAGERS QUESTIONS 1. What disks do I have? 2. How full are they? 3. Is the system Balanced? 4. Are there any files which are going to be FINAL DEMAND full in the next few Declutter My days? Desktop and Give Me a 5. Are the indices Simple Answer! getting too deep BITUG - 19 May 2010 QUESTIONS 6. Are the files properly secured? 7. Who has got files on the system? 8. Is anyone taking too many resources? 9. Are there any files with error flags set? 10. How do I generate reports? 10

QUESTIONS FINFO – DEVELOPERS QUESTIONS 1. Where all my measure files? 5. Which big files haven’t I used for ages? 2. How much space have I used? 3. I did a test on 7 th July last where is is all? 4. Which files was I working on yesterday? BITUG - 19 May 2010 PLEA Please give me a simple way to organise and find all my stuff! 6. I’ve got to write a report and I need to export file information. how do I do it? 7. Jim has just left the project, where all his files? 11

FINFO - HELP $WORK RSITEST 8> finfo -h FINFO V 3. 2 Native 17/05/2010 17: 37 ----Copyright Ross Systems International Ltd. 2008, 2009, 2010 Inhouse Version-Never Expires 12 May 2010) ---------------------FINFO Commands are: FINFO/OUT <report>/ [<file names>] [<commands>] <report> : Output file (stdout) <file names> : Files selector [[<vol>. ]<subvol. ]<file>] where <vol> = Volume Name, default current volume <subvol> = Subvolume Name, default current <file> = file descriptor, default wild vol/subvol/file can contain wild cards * <commands> : -H or -? - Print out command help menu -W - Print out in wide format -X - Generate EXCEL semi-colon separated spreadsheet -D - Print out file date details -E - Print out file extent details -A - Print actual file sizes, not partition size -Tx - Print out user totals, total type x - None - Print all user totals V - Volume - Prints Volume and System Totals S - System - Prints System Totals only -Ox - Order by x, where x is: C - File Code D - Date N - Name (default) S - Size U - User BITUG - 19 May 2010 -Sx - Select by x, where x is: A - Audited Files Only B - Both ("<text>") where <text> is text Files are searched for the case free text C - File Code (cyyy), where yyy is file code D - Date Range (dyyyr) yyy - Number of units, default 1 day r - H(ours), D(ays), W(eeks), M(onths), Y(ears) or Calendar Date Range (dtm<date time>) t - Type: C(reation), L(ast open) E(xpiration), M(odification) m - modifier < / > <date time> - dd[/mm[/yy]][, hh: mm[: ss]] or <date time> - , hh: mm[: ss] I - Index Level (ix), where x is the index level L - Licensed Files Only O - Open Files Only P - Partitioned Files Only Q - SQL Files (qt) t - Type: L(sql), T(able), I(ndex) P(rotection), S(horthand) R - Restricted Progid Set Files S - Size (smyyy) yyy - File size in Kilobytes m - modifier, < / >- less / greater than T - File Type (tx), where x is the file type U - Unstructured, R - Relative, E - Entry Sequenced, K - Key Sequenced, U - User (u<name>>) where <name> is: <group>. <user> tandem group, user names <group no>, <user no> group & user nos. X - Text ("<text>") where <text> is text Files are searched this takes time % - Percent Full (%pp) pp = percent ( - PIRA Rec ("<pira rec>") see PIRA syntax in finfo. pdf default select all files by file selector $WORK RSITEST 9> 12

FINFO – VOLUME DETAILS $WORK RSITEST 9>FINFO $* sirius. $system. licenses FINFO V 3. 2 Native 17/05/2010 17: 47 ----Copyright Ross Systems International Ltd. 2008, 2009, 2010 Inhouse Version-Never Expires 12 May 2010) ---------------------VOLUMES on SIRIUS (Mb) % Fragments Volume Capacity Free Space Free Count Biggest(Mb) $SYSTEM 2000 267. 02 13 143 265. 98 $AUDIT 4238 1589. 11 37 7 625. 50 $WORK 4238 3585. 78 84 29 2826. 38 Totals 10476 5441. 91 51 179 2826. 38 $WORK RSITEST 10> BITUG - 19 May 2010 13

FINFO – SUBVOLUME DETAILS $WORK RSITEST 16> FINFO $WORK. * -S%90 -SI 2 SUBVOLUMES on SIRIUS. $WORK Sub. Volume Files At Limit Users Used Space(Mb) % of Disk Pages ACI 15 0 1 0. 38 0. 01 312. . . ZSPIDEF 510 0 3 22. 96 0. 88 18402 ZTEMPL 201 0 2 71. 39 1. 85 38442 ZYQ 00000 1557 0 3 148. 33 2. 34 48424 Disk Totals 5136 6 461. 54 11. 39 235714 Files needing maintenance Name ($WORK. ) Last Modified Code PExt SExt MExt PC% Comments CL 00 PDIC. DICTOUK 05 -Oct-2004 208 4 32 500 2. 9 Reload (index 2) RSITELEX 12 -Sep-2000 5000 200 32 60. 8 Reload (index 2) RSITELEX 0 12 -Sep-2000 5000 100 32 56. 7 Reload (index 2) RUPERT. TEST 20 -Apr-2007 2000 2 2 16 100. 0 Reload (too full) TELINDUS. DATA 1 27 -Jul-1999 0 100 16 100. 0 Reload (too full) TELINDUS. SPL 3 27 -Jul-1999 128 4 4 16 100. 0 Reload (too full) Recommendations: Reload (too full); Reload (index depth); System Files At Limit Users Used Space(Mb) % of System Pages Totals 5136 6 461. 54 11. 39 235714 $WORK RSITEST 17> BITUG - 19 May 2010 14

FINFO – ORDINARY DISPLAY $SYSTEM 20> FINFO Files on SIRIUS. $SYSTEM Name Last Modified Code TP RWEP Size User No PExt SExt Pages ACMMSGS 11 -May-1992 12: 56: 50 101 U CCCC 19, 862 255, 255 4 4 12 ADDHELP 20 -Nov-1992 16: 28: 57 100 L U CCNC 26, 374 255, 255 8 2 14 AHEXOBJ 17 -Jun-1997 15: 33: 58 100 L U CCCC 47, 104 255, 255 24 16 24 AID 17 -Sep-1988 00: 51 100 L U NONO 120, 832 255, 255 60 34 60 ALGORICC 01 -Dec-1997 20: 00: 49 101 U NCNC 75, 794 255, 255 28 56. . . ZX 25 TEXT 29 -Dec-1993 20: 57: 11 0 K NCNC 98, 304 255, 255 20 60 ZZEVCONF 17 -May-2010 11: 43: 50 843 E NOOO 2, 048 255, 255 1 1 1 ZZSRVMON 17 -Jan-1995 16: 07: 12 100 U NCNC 9, 608 Kb 255, 255 1858 32 4706 ZZZZFIX 05 -Apr-2007 14: 26: 45 101 U NCNC 2, 122 255, 255 2 2 2 Selected User Totals for Sub. Volume SIRIUS. $SYSTEM User No User Name Files Bytes Used Pages Used 127, 001 RSI. RUPERT 1 3, 700 2 200, 010 <alien>. (200, 10) 8 177, 108 95 200, 040 <alien>. (200, 40) 243, 624 132 255, 002 <alien>. (255, 2) 5 470, 312 278 255, 200 SUPER. RUPERT 4 558, 440 292 255, 255 SUPER 909 269, 459, 629 137, 625 Totals: 932 270, 979, 253 138, 457 $SYSTEM 22> BITUG - 19 May 2010 15

FINFO – WIDE DISPLAY $SYSTEM 22>FINFO -W Files on SIRIUS. $SYSTEM ACMMSGS ADDHELP AHEXOBJ AID ALGORICC ALGORITM AMIXF AMON APCCDC APCCOM APCHEX APCLMAP APCMSGS APCOBJ APCPCOD APCPDIR APCSEC APCTAP APEDOC APEHELP ARMTRACE ARSTVBD AS 1 ASSERTH AUDSERV AXCEL BARCODES BASEXTC BASEXTD ZSMFPAS ZSMFTACL ZSMFTAL ZSMPPTR ZSMPSCF ZSMPSEL ZSMPTEXT ZSVRCONF ZSX 1 PTR ZSX 1 SCF ZSX 1 SEL ZSX 1 TEXT ZSYSCFG ZTBLSCF ZTBLTEXT ZTCIMSG ZTCIPTR ZTCISCF ZTCISEL ZTCITEXT ZTLKPTR ZTLKSCF ZTLKTEXT ZTNTPTR ZTNTSCF ZTNTSEL ZTNTTEXT ZTR 3 SCF ZTR 3 TEXT ZTRCSEL ZX 25 PTR ZX 25 SCF ZX 25 TEXT ZZEVCONF ZZSRVMON ZZZZFIX Selected User Totals for Sub. Volume SIRIUS. $SYSTEM User No User Name Files Bytes Used Pages Used 127, 001 RSI. RUPERT 1 3, 700 2 200, 010 <alien>. (200, 10) 8 177, 108 95 200, 014 <alien>. (200, 14) 3 66, 440 33 200, 040 <alien>. (200, 40) 243, 624 132 255, 002 <alien>. (255, 2) 5 470, 312 278 255, 200 SUPER. RUPERT 4 558, 440 292 255, 255 SUPER 909 269, 459, 629 137, 625 Totals: 932 270, 979, 253 138, 457 BITUG - 19 May 2010 16

FINFO – EXTENTS DISPLAY $WORK RSITEST 32> FINFO -E Files on SIRIUS. $WORK. RSITEST Name Last Modified Code TP RWEP User No PExt SExt MExt Ix. L PC% CAPTURE 13 -Feb-2007 08: 32: 12 100 U NNNN 127, 001 26 18 0 8. 7 CONSOLE 13 -Feb-2007 08: 32: 12 100 U NNNN 127, 001 22 14 16 0 9. 5 FILELD 13 -Feb-2007 08: 32: 16 100 U NNNN 127, 001 46 16 21 0 30. 0 IPLSN 13 -Feb-2007 08: 32: 16 100 U NNNN 127, 001 42 16 36 0 6. 6 IPTEST 13 -Feb-2007 08: 32: 18 100 U NNNN 127, 001 46 16 25 0 29. 5 PIRAIP 01 13 -Feb-2007 08: 55 101 U NNNN 127, 001 2 2 16 0 1. 4 PIRATEST 13 -Feb-2007 08: 32: 21 100 U NNNN 127, 001 42 16 0 35. 2 PIRAUSRC 13 -Feb-2007 00: 03: 19 101 U NNNN 127, 001 4 4 16 0 10. 0 PIRAUSRH 13 -Feb-2007 00: 02: 51 101 U NNNN 127, 001 2 2 16 0 6. 9 STRIPIT 13 -Feb-2007 08: 32: 00 101 U NNNN 127, 001 8 32 500 0 0. 0 SVRTEST 13 -Feb-2007 08: 32: 25 100 U NNNN 127, 001 46 16 25 0 25. 9 TACLCSTM 13 -Feb-2007 08: 46: 09 101 U NNNN 127, 001 2 2 16 0 14. 6 UDPTERM 13 -Feb-2007 08: 32: 25 100 U NNNN 127, 001 46 16 28 0 9. 6 VIEWLICE 13 -Feb-2007 08: 32: 26 100 U NNNN 127, 001 28 16 18 0 9. 0 Selected User Totals for Sub. Volume SIRIUS. $WORK. RSITEST User No User Name Files Bytes Used Pages Used 127, 001 RSI. RUPERT 14 1, 275, 906 676 Totals: 14 1, 275, 906 676 BITUG - 19 May 2010 17

FINFO – DATES DISPLAY $WORK RSITEST 33>FINFO -D Files on SIRIUS. $WORK. RSITEST Name Created Last Modified Last Opened Expiration Size CAPTURE 13 Feb 2007 -08: 16 13 Feb 2007 -08: 32 10 Aug 2008 -18: 09 *NO EXPIRATION* 53 Kb CONSOLE 13 Feb 2007 -00: 10 13 Feb 2007 -08: 32 09 Feb 2010 -18: 09 *NO EXPIRATION* 45 Kb FILELD 13 Feb 2007 -00: 16 13 Feb 2007 -08: 32 10 Aug 2008 -18: 09 *NO EXPIRATION* 224 Kb IPLSN 13 Feb 2007 -00: 33 13 Feb 2007 -08: 32 10 Aug 2008 -18: 09 *NO EXPIRATION* 81 Kb IPTEST 13 Feb 2007 -00: 34 13 Feb 2007 -08: 32 09 Feb 2010 -15: 57 *NO EXPIRATION* 259 Kb PIRAIP 01 13 Feb 2007 -08: 08 15 Jan 2009 -11: 17 *NO EXPIRATION* 916 PIRATEST 13 Feb 2007 -07: 49 13 Feb 2007 -08: 32 10 Aug 2008 -18: 09 *NO EXPIRATION* 203 Kb PIRAUSRC 13 Feb 2007 -00: 03 15 Jan 2009 -11: 17 *NO EXPIRATION* 13 Kb PIRAUSRH 13 Feb 2007 -00: 02 15 Jan 2009 -11: 17 *NO EXPIRATION* 4522 STRIPIT 13 Feb 2007 -08: 19 13 Feb 2007 -08: 32 15 Jan 2009 -11: 17 *NO EXPIRATION* 2276 SVRTEST 13 Feb 2007 -00: 34 13 Feb 2007 -08: 32 09 Feb 2010 -16: 19 *NO EXPIRATION* 227 Kb TACLCSTM 13 Feb 2007 -08: 43 13 Feb 2007 -08: 46 15 Jan 2009 -11: 17 *NO EXPIRATION* 9570 UDPTERM 13 Feb 2007 -00: 45 13 Feb 2007 -08: 32 10 Aug 2008 -18: 10 *NO EXPIRATION* 94 Kb VIEWLICE 13 Feb 2007 -00: 45 13 Feb 2007 -08: 32 10 Aug 2008 -18: 10 *NO EXPIRATION* 55 Kb Selected User Totals for Sub. Volume SIRIUS. $WORK. RSITEST User No User Name Files Bytes Used Pages Used 127, 001 RSI. RUPERT 14 1, 275, 906 676 Totals: 14 1, 275, 906 676 BITUG - 19 May 2010 18

FINFO – SPREADSHEET EXPORT $SYSTEM VHS 8> finfo/out excelin/ -x FTP excelin Import excelin. txt excelin. xls ; separator BITUG - 19 May 2010 19

FINFO – VOLUME USER TOTALS SUBVOLUME TOTALS $SYSTEM OPERATE 39> FINFO -T Selected User Totals for Sub. Volume SIRIUS. $SYSTEM. OPERATE User No User Name Files Bytes Used Pages Used 255, 255 SUPER 47 110, 258 102 Totals: 47 110, 258 102 VOLUME TOTALS $WORK RUPERT 42> FINFO *. * -TV Selected User Totals for Volume SIRIUS. $WORK, Subvolumes: 105 User No User Name Files Bytes Used Pages Used 014, 021 <alien>. (14, 21) 12, 288 8 127, 001 RSI. RUPERT 3506 302, 492, 033 180, 638 127, 004 RSI. OLIVER 6 52, 240 66 127, 255 RSI. MGR 1 2, 048 8 255, 127 <alien>. (255, 127) 1 360 2 255, 255 SUPER 1621 158, 989, 860 54, 992 Totals: 5136 461, 548, 829 235, 714 BITUG - 19 May 2010 20

FINFO – SYSTEM USER TOTALS $WORK RUPERT 43> FINFO *. *. * -TS Selected User Totals for System SIRIUS, Subvolumes: 1089 Volumes: 3 User No User Name Files Bytes Used Pages Used 014, 021 <alien>. (14, 21) 12, 288 8 127, 001 RSI. RUPERT 4606 475, 509, 889 269, 386 127, 004 RSI. OLIVER 6 52, 240 66 127, 255 RSI. MGR 1 2, 048 8 200, 010 <alien>. (200, 10) 8 177, 108 95 200, 014 <alien>. (200, 14) 3 66, 440 33 200, 040 <alien>. (200, 40) 243, 624 132 255, 002 <alien>. (255, 2) 26 1, 832, 648 1, 450 255, 127 <alien>. (255, 127) 1 360 2 255, 200 SUPER. RUPERT 4 558, 440 292 255, 255 SUPER 11281 2, 755, 316, 146 2, 075, 758 Totals: 15939 3, 233, 771, 231 2, 347, 230 $WORK RUPERT 44> BITUG - 19 May 2010 21

FINFO – DATE ORDER $SYSTEM VHS 61> FINFO -OD FINFO V 3. 2 Native 17/05/2010 18: 52 ----Copyright Ross Systems International Ltd. 2008, 2009, 2010 Inhouse Version-Never Expires 12 May 2010) ---------------------Files on SIRIUS. $SYSTEM. VHS Name Last Modified Code TP RWEP Size User No PExt SExt Pages VHSDDL 17 -Feb-1998 22: 44: 30 101 U NUNU 950 255, 002 4 16 4 VHSINSP 17 -Feb-1998 22: 44: 33 101 U NUNU 722 255, 002 4 16 4 VHSTEXT 20 -Feb-1998 08: 49: 15 0 K NUNU 221, 184 255, 002 20 120 VHS 12 -Feb-1999 13: 26: 40 100 U NUNU 196, 608 255, 002 96 16 96 VHSCI 12 -Feb-1999 13: 26: 41 100 U NUNU 206, 848 255, 002 16 102 ZZEVCONF 16 -Jan-2003 11: 56: 28 843 E COOO 1, 024 255, 255 1 1 1 ZZEV 0000 16 -Jan-2003 11: 56: 28 843 E COOO 4, 096 255, 255 20 100 20 VHSSTART 16 -Jan-2003 12: 02: 24 101 U CCCC 5, 110 255, 002 8 32 8 Selected User Totals for Sub. Volume SIRIUS. $SYSTEM. VHS User No User Name Files Bytes Used Pages Used 255, 002 <alien>. (255, 2) 631, 422 334 255, 255 SUPER 2 5, 120 21 Totals: 8 636, 542 355 BITUG - 19 May 2010 22

FINFO – SIZE ORDER $SYSTEM VHS 62>FINFO -OS Files on SIRIUS. $SYSTEM. VHS Name Last Modified Code TP RWEP Size User No PExt SExt Pages VHSINSP 17 -Feb-1998 22: 44: 33 101 U NUNU 722 255, 002 4 16 4 VHSDDL 17 -Feb-1998 22: 44: 30 101 U NUNU 950 255, 002 4 16 4 ZZEVCONF 16 -Jan-2003 11: 56: 28 843 E COOO 1, 024 255, 255 1 1 1 ZZEV 0000 16 -Jan-2003 11: 56: 28 843 E COOO 4, 096 255, 255 20 100 20 VHSSTART 16 -Jan-2003 12: 02: 24 101 U CCCC 5, 110 255, 002 8 32 8 VHS 12 -Feb-1999 13: 26: 40 100 U NUNU 196, 608 255, 002 96 16 96 VHSCI 12 -Feb-1999 13: 26: 41 100 U NUNU 206, 848 255, 002 16 102 VHSTEXT 20 -Feb-1998 08: 49: 15 0 K NUNU 221, 184 255, 002 20 120 Selected User Totals for Sub. Volume SIRIUS. $SYSTEM. VHS User No User Name Files Bytes Used Pages Used 255, 002 <alien>. (255, 2) 631, 422 334 255, 255 SUPER 2 5, 120 21 Totals: 8 636, 542 355 $SYSTEM VHS 63> BITUG - 19 May 2010 23

FINFO - SELECTION • Name mask, • Date (Modification) Range (hours, days, weeks, months, years), • Date (Creation and/or Modification and/or Last Open Expiration) by (Earliest / Latest / Range), • Size Maximum/Minimum/Range • Percent Full • Index Depth • User (Name or Number), • File Code / Type • SQL All/Table/Index/Views • Audited and/or Licensed and/or Progid’d and/or Open • Content (either Text or Binary) BITUG - 19 May 2010 24

FINFO – SELECTION ON FILE CODE $SYSTEM VHS 20> finfo -sc 101 -sb"process" FINFO V 3. 2 Native 19/05/2010 06: 13 ----Copyright Ross Systems International Ltd. 2008, 2009, 2010 Inhouse Version-Never Expires 12 May 2010) ---------------------Files on SIRIUS. $SYSTEM. VHS Name Last Modified Code TP RWEP Size User No PExt SExt Pages VHSDDL 17 -Feb-1998 22: 44: 30 101 U NUNU 950 255, 002 4 16 4 VHSSTART 16 -Jan-2003 12: 02: 24 101 U CCCC 5, 110 255, 002 8 32 8 Selected User Totals for Sub. Volume SIRIUS. $SYSTEM. VHS User No User Name Files Bytes Used Pages Used 255, 002 <alien>. (255, 2) 2 6, 060 12 Totals: 2 6, 060 12 $SYSTEM VHS 21> edit vhsddl TEXT EDITOR - T 9601 D 20 - (01 JUN 93) CURRENT FILE IS $SYSTEM. VHSDDL *lb /process/ 8 ! Vhs-date Vhs-time Process-name Rest-of-text 29 05 process-name TYPE CHARACTER 8. *e BITUG - 19 May 2010 25

FINFO – SELECTION ON SIZE $SYSTEM VHS 28> finfo -ss<10 sirius. $system. licenses FINFO V 3. 2 Native 19/05/2010 06: 27 ----Copyright Ross Systems International Ltd. 2008, 2009, 2010 Full Version (Release Date 18 th March 2010) ---------------------Files on SIRIUS. $SYSTEM. VHS Name Last Modified Code TP RWEP Size User No PExt SExt Pages VHSDDL 17 -Feb-1998 22: 44: 30 101 U NUNU 950 255, 002 4 16 4 VHSINSP 17 -Feb-1998 22: 44: 33 101 U NUNU 722 255, 002 4 16 4 VHSSTART 16 -Jan-2003 12: 02: 24 101 U CCCC 5, 110 255, 002 8 32 8 ZZEV 0000 16 -Jan-2003 11: 56: 28 843 E COOO 4, 096 255, 255 20 100 20 ZZEVCONF 16 -Jan-2003 11: 56: 28 843 E COOO 1, 024 255, 255 1 1 1 Selected User Totals for Sub. Volume SIRIUS. $SYSTEM. VHS User No User Name Files Bytes Used Pages Used 255, 002 <alien>. (255, 2) 3 6, 782 16 255, 255 SUPER 2 5, 120 21 Totals: 5 11, 902 37 $SYSTEM VHS 29> BITUG - 19 May 2010 26

FINFO - SELECTION ON PERCENT FULL $SYSTEM VHS 32> FINFO *. * -S%90 -E. . . Files on SIRIUS. $SYSTEM. BSCSPOOL Name Last Modified Code TP RWEP User No PExt SExt MExt Ix. L PC% SPL 3 ***** OPEN NOW ***** 128 U NNNC 255, 255 216 16 0 99. 2 Selected User Totals for Sub. Volume SIRIUS. $SYSTEM. BSCSPOOL User No User Name Files Bytes Used Pages Used 255, 255 SUPER 1 7, 024, 640 3, 456 Totals: 1 7, 024, 640 3, 456 Files on SIRIUS. $SYSTEM. ZLOG 03 Name Last Modified Code TP RWEP User No PExt SExt MExt Ix. L PC% ZZEV 0002 18 -Oct-2004 16: 07: 16 843 E NOOO 255, 255 80 16 0 100. 0 ZZEV 0003 31 -Jan-2005 18: 45 843 E NOOO 255, 255 80 16 0 100. 0 ZZEV 0004 ***** OPEN NOW ***** 843 E NOOO 255, 255 800 16 0 90. 9 . . . Selected User Totals for Sub. Volume SIRIUS. $SYSTEM. ZSYH User No User Name Files Bytes Used Pages Used 255, 255 SUPER 3 9, 338, 880 4, 560 Totals: 3 9, 338, 880 4, 560 Selected User Totals for Volume SIRIUS. $SYSTEM, Subvolumes: 3 User No User Name Files Bytes Used Pages Used 255, 255 SUPER 7 45, 424, 640 22, 576 Totals: 7 45, 424, 640 22, 576 BITUG - 19 May 2010 27

FINFO - SELECTION ON INDEX LEVEL $SYSTEM VHS 35> finfo *. * -si 3 -e Files on SIRIUS. $SYSTEM. SYS 02 Name Last Modified Code TP RWEP User No PExt SExt MExt Ix. L PC% TMFMESG 26 -Feb-1998 23: 40: 10 0 K NCNC 255, 255 51 50 16 3 44. 0 Selected User Totals for Sub. Volume SIRIUS. $SYSTEM. SYS 02 User No User Name Files Bytes Used Pages Used 255, 255 SUPER 1 721, 920 401 Totals: 1 721, 920 401 Files on SIRIUS. $SYSTEM. SYS 03 Name Last Modified Code TP RWEP User No PExt SExt MExt Ix. L PC% TMFMESG 26 -Feb-1998 23: 40: 10 0 K NCNC 255, 255 51 50 16 3 44. 0 Selected User Totals for Sub. Volume SIRIUS. $SYSTEM. SYS 03 User No User Name Files Bytes Used Pages Used 255, 255 SUPER 1 721, 920 401 Totals: 1 721, 920 401 Selected User Totals for Volume SIRIUS. $SYSTEM, Subvolumes: 2 User No User Name Files Bytes Used Pages Used 255, 255 SUPER 2 1, 443, 840 802 Totals: BITUG - 19 May 2010 28

FINFO – CONCLUSION VARIETIES 1. COMMAND LINE INTERFACE 2. SPI SERVER VERSION – Multithreaded C++ 3. IP SERVER VERSION – TCP/IP or UDP/IP 4. JAVA CLIENT VERSION – Available July The wide variety of interfaces and the capability of defining searches and display type and order give FINFO the advantage over all other file information discovery and display tools BITUG - 19 May 2010 29

HSM - PERFORMANCE Improving Cost and performance of HSM based systems 1. Background 2. HSM Performance a) TCP/IP Threads b) HSM Host Command Firmware 3. HSM Utilisation 4. Management and Reporting a) Configuration b) Reporting c) Fault Tolerance 5. Development and Test Considerations 6. Conclusions BITUG - 19 May 2010 30

SECURITY People and Organisations need protecting Done by: 1. Physical 2. Procedural 3. ISMS BITUG - 19 May 2010 Cryptography 1. Privacy 2. Authentication 3. Integrity 4. Non-Repudiation 31

HSM Background • Long History in Cryptography • Provide Secure Trusted Environment • Used in Financial Service Industries • Volume and Crypto Mix of Transactions Increasing • Electronic Banking Core Offering • The Battle Goes on BITUG - 19 May 2010 32

Current Situation Ever growing number of POS and ATM Transaction Peak instantaneous loads about 2, 000 tps Safety margin of about 80% needed for performance Systems need to be sized to handle 10, 000 tps Transaction rate growing at about 15% p. a. Cost of high performance HSM about £ 30, 000 Failure not factored in so systems vulnerable Capital cost = Risk + Expenditure. Rising exponentially Basel and PCI DSS Regulations Need a resilient service + best use of infrastructure BITUG - 19 May 2010 33

HSM Performance Commercially available HSMs have: 1. High Performance processors, 1 GHz + 2. Cryptographic Co-processors DES, AES, RSA… Theoretical throughput is 5, 000+ PIN Translates per Second Max. Quoted tps rates: 800 Thales, 990 Atalla, 2000 n. Cipher Difference owing to: 1. HSM Operating System 2. Communications delays through 6 OSI Stack Layers 3. Need to Interpret HSM Command BITUG - 19 May 2010 34

OSI Stack All commands have to traverse stack and Host Application cannot really affect command throughput BITUG - 19 May 2010 35

TCP/IP THREADS • Number of IP Ports = Number of Threads • Increase number of threads HSM Constantly Processing • More than a certain number will increase queuing • The maximum transaction rates assume lots of threads • Maximum Port Counts 1. Thales 8000 - 64 TCP/IP Ports 2. Atalla A 10150 NSP - 64 TCP/IP Ports 3. n. Cipher net. HSM 2000 - 20 TCP/IP Ports BITUG - 19 May 2010 36

HSM FIRMWARE The Firmware is the HSM executable code. It contains the: 1. Standard Host Commands 2. Standard Console Commands 3. Bespoke Host Commands 4. Bespoke Console Commands Increase the efficiency of this code and The transactions per second will increase BITUG - 19 May 2010 37

FIRMWARE SPEEDUP BEFORE Efficiency 1 Transaction per 5 Cycles Operating System 4 Cycles BITUG - 19 May 2010 Firmware 1 Transaction 1 Cycles 38

FIRMWARE SPEEDUP AFTER Efficiency 1 Transaction per 2 Cycles Operating System 4 Cycles BITUG - 19 May 2010 Firmware 6 Transaction 6 Cycles 39

SPEEDUP CHALLENGES 1. Host Presentation Software is more complex Blocking and Unblocking of Commands 2. Line Transmission Times Increased However 100 Base. T can handle 30, 000 x 800 bytes per sec. 3. Standard Command cannot be used Bespoke Firmware Required with variable blocking Implemented as defined Beware of timeouts BITUG - 19 May 2010 40

SPEEDUP RISKS 1. Multithreaded Presentation Software is Complex Reduce by using OO techniques and products - TELOS 2. High Speed IP Processing could be a bottleneck Split over IP Stacks Use dynamic switching Presentation Layer 3. Optimising Bespoke Commands can be Expensive Do not let HSM supplier do this Prototype using a suitable product - HSEMM BUT, IF YOU WANT FIREPOWER IT’S WORTH IT BITUG - 19 May 2010 41

END EFFECT BITUG - 19 May 2010 42

MAXIMISING USE Cryptographic Facilities of HSMs is a Service BITUG - 19 May 2010 43

SERVICE GOALS 1. HSMs share transaction load equally a) Each HSM doing the same amount of work b) Reduce queuing 2. Transaction Processing time is not affected c) No transaction reaches timeout 3. HSM system is Fault Tolerant d) There is no single point of failure Impossible to do but we can have a good try. BITUG - 19 May 2010 44

ENGINEERING PROBLEMS 1. Variations in transaction load mean The HSM configuration must be dynamic 2. Host Command Processing times vary implies Allocation scheme must allow for time critical commands 3. Maximum dispatch rate of about 5000 tps causes Multiple host processes 4. Single points of failure in host, network and HSM infrastructure Must be allowed for to produce fault tolerant service 5. Multiprocessing load on OS must not Impact performance BITUG - 19 May 2010 45

BUILDING THE SERVICE 1. Find out Available HSMs, Types and Transaction Rates 2. Design IP network topology with 2+ networks and Service operates after loss of one network 3. Split Host Commands by transaction processing time into bands <0. 05 Sec, <0. 1 Sec, < 0. 2 Sec, < 0. 5 Sec, >= 0. 5 Sec 4. Allocate HSMs to Groups, this can be done: Statically. Simple but can cause unevenness in load balance Dynamically, Beware of management messages, poll? 5. Calculate Number of Dispatchers (HSM Interface Processes), Must be at least 2, use transaction rates to calculate number 6. Dispatchers have TCP/IP ports open to all HSMs 7. Requestors Linked to Dispatchers on round robin basis BITUG - 19 May 2010 46

SERVICE STRUCTURE BITUG - 19 May 2010 47

CONFIGURATION Configuration of the service occurs: 1. On Start-up a) Configuration file is read b) Checks nominated dispatcher processes are active c) Restarts any missing dispatchers d) Performs a periodic re-configuration step 2 b). 2. Periodic Re-Configuration (after a fixed time) a) Poll the HSM dispatchers (i) Number of transactions by command (ii) Transaction Command Timing Statistics (iii) Port error information and actions b) Inactive HSMs marked down c) HSM dispatchers sent their new configuration BITUG - 19 May 2010 48

REPORTING AND CONTROL HSM Manager is a socketed application server enabling: 1. Dispatcher Start-up 2. Dispatcher Polling to get Load information 3. Performance data to be supplied to other applications 4. Configuration to be: a) Inspected b) Modified. Including addition of HSMs and Dispatchers Persistence, by accessing Database following re-start 5. Applications Load Balancing by supplying names of Dispatchers BITUG - 19 May 2010 49

FAULT TOLERANCE Separate Open Systems running Two incidences of HSM Managers and Dispatchers Load routed by Active/Passive Products such as Barracuda Load Balancer Managers Synchronise Poll and Control Information To manage HSM facility as integrated whole BITUG - 19 May 2010 50

DEVELOPMENT AND TEST Problems when developing bespoke firmware: 1. Very difficult to specify and test new HSM functions 2. Multithreaded Applications are not trivial 3. Project run time increased because: a) Management of Firmware AND Application Projects b) Cannot Prototype Firmware c) HSM Firmware Design & Implementation on critical path BITUG - 19 May 2010 51

PROJECT TIMING Critical Path 7 months Application Team active for 3 months HSM Firmware suppliers want to have linear project This is not good. BITUG - 19 May 2010 52

ALTERNATIVE PROJECT • • • Critical Path 3. 5 months Quality much better, thorough with audit traces … Tools are needed BITUG - 19 May 2010 53

USEFULL TOOLS 1. Multithreaded Applications Framework : - TELOS C++ Applications Framework 2. Tools to Prototype HSM Solution : - HSEMM C Coded HSM Emulator 3. Tools to Test the HSM Operation : - HSM Test and Development Suite 4. Tools to test the Application : - PIRA Based Test Tools BITUG - 19 May 2010 54

CONCLUSION High performance, resilient, adaptable HSM architecture using: 1. A control and reporting service to manage architecture 2. HSM Dispatcher Server process to manage links to HSMs 3. Fault tolerance by using redundant architecture a) Barracuda IP Load balancer Active/Passive b) Multiple Posix Boxes c) Multiple Networks 4. Bespoke HSM Commands to improve throughput 5. Tools: Application framework & HSM Emulator and Test Suite 6. Requires Applications Architecture to deliver transactions BITUG - 19 May 2010 55

QUESTIONS? THANK YOU Rupert Stanley Tel. 01206 -392923 Email: rupert@rsi-ns. com Web www. rsi-ns. com BITUG - 19 May 2010 56