introduction to oss and bss
TRANSCRIPT
Page: 1
September 2008
Operation Support Systems & Business Support Systems: An Overview By Ravi Sharda
1. Overview
Before the initial 1970s, most of the support activities in a telephone company such
as taking orders, maintaining network inventory, provisioning services (for example,
line assignment and testing), configuring network components, managing faults and
collecting payments were performed manually. It was realized that many of these
activities could be replaced by computers. In the next few years, a number of
computer systems and software applications were created to automate these
activities. Examples include TIRKS, RMAS, SES, etc. Thus came the term Operations
Support Systems (OSS).
OSS are “network systems” dealing with the communications network and
supporting processes such as maintaining network inventory, provisioning services,
configuring network components, managing faults.
Business Support Systems (BSS) is a newer term and typically refers to “business
systems” dealing with customers and support processes such as taking orders,
processing bills, collecting payments, sales and marketing, supporting customer care
agents in response to service requests, trouble reporting and billing inquiries, etc.
OSS and BSS systems together are often abbreviated as BSS/OSS or B/OSS. The
term OSS was historically used to include both network and business systems. Some
industry analysts, system integrators and service providers still use the term OSS to
include both network and business systems, which sometimes causes confusion.
This article provides an overview of some of the core areas in OSS & BSS such as
Order Fulfillment, Service Assurance and Billing systems. The following BSS/OSS
systems are covered:
Order Fulfillment – Order Management, Service Provisioning and Inventory
Management
Service Assurance - Fault & Trouble Management, Network Performance
Management, Topology & Configuration Management, Planning & Testing
Billing - Billing Mediation, Rating, Billing Systems, Interconnection Billing,
Revenue Assurance
The article explains some of the basic functions of these systems, flow and some of
the products available from OSS/BSS vendors. It then provides an overview on some
of the available standards in OSS/BSS such as Telecommunications Management
Network (TMN) Model, Enhanced Telecommunications Operations Map (eTOM), “OSS
Through Java” (OSS/J) initiative, Simple Network Management Protocol (SNMP), etc.
Terms marked with suffix “*” are explained in the “Terms” section. References list
out the references used in the article as well as others for the reader’s reference.
Page: 2
2. The Realm of OSS/BSS in Order Fulfillment, Assurance and Billing
2.1. Order Fulfillment
Communications products/services could range from Voice services to IP and Data
services to Hosting and CPE services. Some of the examples of communications
products/services are:
Voice – Basic telephony, long distance, toll-free, Voice over IP (VoIP), Contact
Center, Local Access, etc.
Internet Protocol (IP) – Internet Access, VPN, Contact Center, VoIP, Remote
Access, etc.
Data – Layer 1 Wide Area Network (WAN) Services such as SONET*, Layer 2
WAN services such as ATM, Frame Relay, Private Lines, Layer 2 VPN and
Metro Ethernet, etc.
Hosting – Custom Application Environments, Disaster Recovery, Managed
Services such as storage, security and network services, Web Site Hosting,
etc.
Order Fulfillment functions are a critical set of activities performed in order to fulfill
customer orders for services in a Communications Service Provider (CSP)*.
Figure 1 shows a high-level Order Fulfillment activity flow in a typical CSP
environment.
Enter Order
Validate &
Submit
Order
Order Valid?
Send Order
Rejection
No
Decompose
Order
Yes
Circuit
Design
Facilities
Available?
Procure &
Commission
Test
No
Activate
Service/
Circuit
Integrate &
Test
Test Results
Passed?
Yes
Perform End
to End Test
Yes
No
Test Results
Passed?
No
Initiate
Customer
Testing &
Acceptance
Yes
Put Details
to Inventory
Order Management Service Provisioning & Inventory Management
Figure 1 Order Fulfillment Flow
After order entry, validation and submission, orders are decomposed and sent for
provisioning. Upon fulfilling the decomposed orders and appropriate testing of the
Page: 3
circuits, the orders are put into inventory. The following sub-sections explain the
Order Fulfillment related functions and OSS/BSS systems.
2.1.1. Order Management
Order Management systems are complex systems that allow customer or customer
service representatives to capture and process new orders, modify existing orders,
process customer moves and changes, price quotes and orders, validate orders, etc.,
while supporting multiple channels such as Web, Order template documents and
partner applications as well as multiple lines of businesses.
Order Management includes the following areas:
Order Entry and validation – The Order Entry process captures order details
such as package or plan, service address, service details, customer accounts,
relevant contacts and applicable contracts. Data entered during Order Entry is
also validated against predetermined rules.
Orders can be validated as the data is entered and/or validation after all the data
has been entered. Products/solutions that validate order data as they are entered
and walk the user through the product configuration process are known as
“Product Configurators”. One of such tools available in the market is Selectica
COnfigurator.
Order Decomposition – A single customer order can be decomposed into one
or more service requests, typically based on service types or quantities, in order
to be able to fulfill an order.
For example, if a customer order contains both a VoIP order and a phone line
order, two service requests would be created, one each for VoIP and the phone
line, each of which would be sent to the appropriate provisioning systems.
One of the major problems service providers often grapple with is that, as new
services are added to the offerings, led by different business units, the lack of
flexible order management platform results in product/service specific OSS/BSS
applications. These in turn result in higher time-to-market as well as increased costs
of maintaining many different applications and systems. Product catalog based Order
Management solutions attempt to solve these problems by storing and processing
qualification rules for services based on customer profiles, ordering channels, service
locations, product interdependencies, availability, customer eligibility and other
business constraints. One of the solutions available offered in this area is IBM
Websphere Product Center.
Vendors/products in the Order Management area include:
MetaSolv (Priorly Architel and Nortel) Order Management System (OMS)
Lucent Arbor Order Manager
Oracle Order Manager (part of the e-Business CRM suite)
IBM Websphere Product Center
NTG Clarity Unified Service Ordering
ConceptWave Order Care Suite
Page: 4
2.1.2. Service Provisioning
Service Provisioning systems are systems used to setup products/services for the
customer after an order for the services has been created and accepted by the CSP.
Service provisioning activities include specifying the pieces of equipment and parts of
the network to fulfill the service, configuring the customer’s routing path, allocation
of bandwidth in the transport network, setting up of wiring and transmission, etc.
Some of the systems that constitute provisioning systems are: Circuit Design &
Assignment Tools, Activation systems, and Field Service Management systems.
Circuit design refers to specifying whether facilities exist to provide the service and
which pieces of the network equipment and routes the service shall utilize.
One of the most widely used systems providing Circuit Design facility is Telcordia
TIRKS. Apart from Circuit Design support, it also provides circuit order control,
inventory record maintenance, selection and assignment of components from
inventory, and preparation and distribution of circuit work orders. The order control
module in TIRKS works with a circuit provisioning system and operates in
conjunction with other TIRKS components to assign facility and equipment
information for circuit orders and design circuits. TIRKS can then provide automated
design criteria for certain circuit orders. The circuit design generated in TIRKS is then
communicated to field operations or automated activation systems for
implementation.
Circuit Design and Assignment tools these days often have graphical tools that allow
a user to create services on a network map using mouse clicks and drag-and-drop
rather than drawing maps by hand or using an abstract set of equipment identifiers
displayed in a table.
After a service is designed based on the existing equipment and circuit inventory, it
is ready to be activated. If new equipment or lines need to be configured manually, a
Field Service Management (FSM) system is notified which in turn dispatches
technicians.
Moreover, certain activations can be performed automatically. For example, issuing
commands to ATM* or circuit switches to provision circuits, to SONET* terminals to
allocate bandwidth, and to a wide array of access devices such as DSLAMS*, Digital
Loop Carriers (DLC)*, or cable modems. For such activations, Service Activation
systems pass the device specific commands and configuration changes to the
network elements, Element Management Systems (EMS)*, Network Management
Systems (NMS)* or application hosts.
EMSs* are designed to receive and execute commands sent by activation systems on
the devices. EMSs* can also feed equipment status data back to network and trouble
management systems. EMSs* use protocols such as Common Management
Information protocol (CMIP) or Transaction Language (TL)* or Simple Network
Management Protocol (SNMP) to communicate with activation and other systems.
Activation systems often comprise a library of adapters to various network systems.
They usually also support transaction control, i.e. the capability to roll-back
operations already performed, in case an error occurs. Some of the Activations
Systems are:
Ericsson SOG (Service Order Gateway)
Page: 5
Nortel ASAP (Automated Service Activation Platform)
Oracle SFM (Service Fulfillment Manager, part of the e-Business suite)
Ehpt Service Initiator
It should be noted that Provisioning systems interact with the Inventory systems,
both to verify that the required network elements and other facilities are available,
and once the resources are provisioned - to reflect the changed on-line configuration
of the facilities. Therefore, provisioning systems have close channels with inventory
systems. As a result, some vendors such as Axiom, Xenicom, Cramer and Granite
have combined workflow capabilities with inventory management capabilities in their
products.
2.1.3. Inventory Management
Tracking inventory involves tracking equipment, facilities and circuits.
Some examples of information tracked are: the location and quantities of the
equipment, how a piece of equipment is configured and its status, etc.
Inventory Management Systems track both the physical network assets (such as
equipment and devices) as well as “logical” inventory (such as active ports, circuit
ids, IP addresses, etc.), although not all support both.
By relating usage of network assets to specific customers and services, an inventory
system can help network operations determine the network usage and available
capacity as well as enable automated network design and planning. Inventory
Management Systems also enable Service Assurance systems to find the impact of a
network fault on the customer’s circuits.
Some tools also have “auto-discovery” features to automatically check physical
network assets and match the results with the information held in the inventory.
However, these work only with some of the newer intelligent network elements.
Some of the vendors and their products include:
Granite System’s Xpercom
Cramer System’s Dimension
Telcordia’s TIRKS
Visionael’s ServiceBase
2.2. Service Assurance
Communications service providers (CSP) strive to differentiate themselves from their
competitors by implementing attractive Service Level Agreements (SLA). SLAs are
formal contracts where the level of service delivered by the CSP to his customer is
stipulated. An SLA may specify levels of service availability, performance, operation,
etc. as well as penalties upon violation of the SLA.
Offering SLAs implies that the service provider has the ability to monitor, act and
report the level of service, in order to assure the quality of services delivered to the
customers. Service Assurance refers to all the activities performed for such an
Page: 6
assurance. The goal of Service Assurance is to provide an optimal customer
experience, that helps retain existing customers, attract new customers and prevent
penalties arising out of violation of SLAs.
The following sub-sections introduce some of the common service Assurance
systems.
2.2.1. Fault & Trouble Management
Fault Management Systems are designed for detection, isolation and correction of
malfunctions in a communications network. They monitor and process network
alarms* generated by network elements (routers, switches, gateways, etc.). An
alarm* is a persistent indication of a fault that is cleared only when the triggering
condition is resolved.
Examples of trouble or fault in a network are damage to an optical fiber line, switch
failure, etc. Such a problem in the network can result in a chain reaction where many
network elements in a certain path produce alarms*.
Fault Management Systems may be either a component within Network Management
Systems or as a standalone set of system and application software. Figure 2
illustrates how Fault Management Systems work.
DSLAMIP
NetworkATM/Frame
Network
Network Element Layer
Element Management Layer
EMS A EMS Z
Trouble Ticketing System
Service Management Layer
Fault Management
SystemsAlarm Handlers
Network Management
Systems
Network Management Layer
* Collect event alarms via SNMP
traps or polls and forward to NML
* Low level event correlation.
* Low level event enhancement
* Event conversion to Common Alarm
Object, Alarms Correlation,
suppression, and Root Cause
Analysis.
* Alarms Ticketing Rules monitoring.
* Alarms GUI monitoring
* Network Element such as switch or
router, generate events via SNMP,
TL1, or by Poll
* Trouble ticket rule definition
* Trouble ticket creation based on
alarms
* Trouble ticket grouping and
distribution
Figure 2 Fault Management Systems
Network Elements* are designed to provide various levels of self-diagnosis. Older
Network Elements* might simply send an alarm* notifying a problem while newer
Network Elements can provide more precise and detailed messages. Fault
Management Systems may collect alarms* via SNMP traps, CMIP events or
Page: 7
proprietary agents, via EMS*. They use complex filtering systems to assign alarms*
to specific severity levels and correlate different alarms* to locate the source and
cause of a problem.
After a problem is identified, the FMS then notifies appropriate network operators as
well as pass the problem information to a Trouble Management System that in turn
logs the problem and issues a trouble ticket to start the repair process.
The Trouble Management System then sends commands to appropriate systems
such as Field Service Management to schedule and dispatch technicians to repair the
equipment and/or to EMS* to reroute network traffic around the problem areas.
Trouble Management systems also handle automatic escalation, such as progression
of a ticket from minor to major or major to critical, etc., and support a variety of
notification methods such as paging, emails, synthesis voice dial-out.
Fault Management systems usually provide graphical network displays which are
projected on large screens at the Network Operations Centres (NOC). NOC operators
can see role-based views on their consoles, shortcuts to operations they perform the
most as well as tools to quickly make connections to EMS* to perform any testing or
diagnostic operation.
Popular fault management systems include:
Micromuse Netcool/Omnibus (also marketed as Cisco’s Cisco Info Center)
HP Open-View and TeMIP
Agilent OSI NetExpert
Riversoft OpenRiver
2.2.2. Network Performance Management
Performance Management components in NMS* and other Alarm Handlers monitor
applications and systems and collect performance variables of interest at specified
intervals. Performance variables of interest may be service provider network edge
availability, customer premises availability, response times, packet delivery rate,
packet losses, latencies, jitters and out of sequence packet reorder, etc., to name a
few.
One way to capture performance metrics is collecting event logs, CDRs and other
performance data such as counters or timers that the network and system elements
maintain as part of their normal operation. This is referred to as passive
measurement. Performance data is captured by polling MIB* using SNMP or using
syslog*, (I & II), FTP, EMS* feeds, etc. Most passive measurements report on a
single network element.
For example, an Ethernet Switch may have a MIB* which provides in and out data
volumes of each port, histograms of frame sizes, number and types of erroneous
frames, central processing unit (CPU) busy status. Associated Remote Monitoring
(RMON) MIB*-type data can then list ten most active users, etc. Performance
Management tools can access the data by using SNMP to poll the MIBs* at
predefined intervals.
Statistics on performance variables can also be captured via dedicated network
appliances known such as “probes” and “sniffers” that monitor or probe customer’s
Page: 8
local loop* connections, packet performance, etc. This form of performance testing is
usually referred to as active testing.
Packet sniffers typically monitor signaling protocols such as SIP and RTP by
inspecting packets on the wire/fiber, using pings, DNS, FTP, HTTP fetches, etc.
Examples include WireShark and Geoprobes.
Probes such as Brix Networks BrixWorks Verifiers and Tektronix/Minacom IVR tools
typically emulate customer traffic in order to test or probe specific paths to measure
the quality of the services supported. Probes could be either placed into the network
or could be built into network elements* such as in the case of Cisco’s IP Service
Level Agreements tools.
Note that active measurement measures a service, such as application response
time, instead of the internal operation of a network element.
An example of active network performance test is injecting “ping” (short, network
layer echo packet) into the network aimed at a remote IP address. Round-trip time is
measured if the ping packet returns, and an error counter is incremented if it
doesn’t.
Performance statistics captured by “active” or “passive” performance tests are
normalized and routed to relational databases and/or data-warehouses. An
alternative is to pass the performance data directly to Performance Management
tools. For example, Concord eHealth could collect performance statistics from Netcool
agents via SNMP polls at a pre-defined interval.
Performance statistics are initially analyzed to determine the normal (baseline)
levels. Appropriate thresholds are determined for each of the interesting
performance variable so that exceeding the thresholds indicates a problem.
Performance Management tools then measure the performance variables against
SLAs defined as thresholds per application or service, on an on-going basis. In case
of exceptions they report them to alarm handlers. This form of performance
monitoring is reactive performance monitoring. Some tools also support proactive
monitoring by way of providing simulation tools that helps network operators project
how growth in network traffic will affect performance metrics and plan to take
proactive countermeasures such as increase capacity.
Performance Management tools may also support real-time and historical reporting.
Some CSPs have taken performance statistics of the network affecting customers’
circuits to their customer self-service portals.
Some of the products widely accepted in the Performance Management area include:
Lucent VitalSuite
Ericsson Net-Tuner
ADC Metrica
InfoVista
Brix Networks – BrixWorx (Software) and Verifiers (Hardware)
Computer Associates eHealth
Unicenter NetMaster Network Management
Page: 9
2.2.3. Topology & Configuration Management
Older networks and systems were static and the network wiring was fixed in place,
and sometimes required long outages while changes to the network and its
configuration were being made. Any error or inconsistency in the configuration files
of different network devices caused problem, and therefore these changes were well
controlled [3].
According to [3], with the rise of IP-based, dynamically routed networks, network
topologies started becoming dynamic. The topology of the network became dynamic
because a few of routers might decide, on their own, to shift routing patterns, or
because a network operator group might add a new router or switch to the network,
possibly without everyone else in the network operations center being aware of the
changes. Instead of static associations between users and network addresses (as
was set in the old “hosts” file), DHCP and other techniques allowed users to appear,
move, and disappear without providing prior notice to the network administration.
Most major NMSs therefore provide capabilities to automatically discover a network’s
actual topology, which is critical to understand network performance or root cause of
network alarms*, etc.
Probes are placed into the network to automatically find devices and circuits. Also,
most network elements* provide MIBs* that can be polled via SNMP to discover the
network, although discovering the network topology in its entirety may not be
guaranteed. Backup paths, virtual private networks, MPLS, etc., can make it very
difficult to discover actual paths, through multiplexed* links, patch panels, and test
equipment [3].
Also, most Topology Management Systems allow the network operator to provide
hints so that the system, for instance, in order that the system can ignore certain
portions of the network. This makes it easier to discover relevant portions of the
network more accurately.
Some service providers may run network discovery routines on a daily basis to
discover any unauthorized changes to the network topology as a result of security
intrusions or unplanned insertion of devices.
Moreover, network elements and computer systems have a variety of version
information associated with them. For example, a workstation may have: Operation
System, version 32, Ethernet Interface, version 5.4, TCP/IP Software, version 2.0
and SNMP Software, version 3.1. Since multiple engineers/network operators work
on making changes to the network equipment, tracking the changes manually would
be very tedious and error-prone. Configuration Management tools help automates
the tracking of the changes. Configuration Management systems store the
configurations in a database or LDAP server for easy access.
They also enable network operators to change configurations of the network
elements as well as to roll back a change to a previous configuration, if required.
When a problem in the network occurs, network operators often search the
Configuration Management database for clues that can help solve the problem.
Configuration management vendors/tools include:
CA Concord – Aprisma
TripWire
Page: 10
AlterPoint
Opsware – Rendition
Visionael
2.2.4. Planning & Testing
Network Planning solutions help determine when a communication network needs an
upgrade or additional equipment as well as to predict the impact of changes to a
service provider’s network’s topology, configuration, traffic and technology. They
provide simulation tools that help the network operators to project how growth in
network traffic will affect the network performance. Based on the results and other
planning activities, network operators can take countermeasures such as increase
capacity.
Testing is an important activity in setting up a network or customer circuits. For
simplicity in understanding the gamut of testing activities, let us divide them into the
following:
1. Testing of existing network or a change
2. Integration testing of services configured for the customer
3. End-to-end testing of services configured for the customer
Testing the entire network platform - including the equipment, services and call
quality – is critical for assessing the system prior to deployment and for service
assurance in production environments [4].
Network testing tools usually simulate a production environment and generate
synthetic voice, video and data traffic, which helps measure call/data quality,
network performance, and the affects of any changes to the network or increasing
traffic or adding new applications. These tests typically include tests like DNS, HTTP,
RTP, Ping, etc. Also, during ongoing operations, these testing tools enable active
testing of facilities. Some of the tools available are from vendors such as Brix
Networks, Concord Communications, Viola Networks, InfoVista, PROGNOSIS,
Micromuse, Cisco Systems and NetIQ.
Another form of testing is integration testing of network setup for the customer, i.e.,
routes, circuits, etc. configured for a customer. Network operators or field engineers
perform integration testing of services upon completion of activations and other
provisioning activities. Field engineers typically use equipment and network element
specific applications to perform integration testing.
Upon completion of integration testing, field operations teams are notified to perform
end-to-end testing. End-to-end testing includes testing of circuits, both within the
CSP’s network as well as local access* circuits between the CSP and the customer
premises. Some service provider’s use craft access systems for the benefit of field
technician’s access to their internal systems through a hand held terminal [5]. The
hand held terminal helps them to access loop testing system and to view the
complete test summary from remote locations.
Page: 11
2.3. Billing
IDC [6] defines Billing as: the processing and compiling of charges and enabling of
revenue collection for network usage, feature transactions, and access charges of the
services.
Figure 3 depicts a simple billing flow:
CDR/IPDR
Switch
Customer
Makes a Call
Call data is collected
Call data is stored
Billing
Mediation
Rating
Calls rated for billing
Billing
Billing is run
Invoicing
Interconnection
Billing
Other Service Providers
Figure 3 Billing Flow
The following sub-sections explain the systems depicted in the figure and the flow.
2.3.1. Billing Mediation
Mediation systems collect network usage data from the network elements and
convert to billable statistics.
Traditionally for phone calls, Call Detail Records (CDR) have been used to record the
details of the circuit-switched phone call. CDR includes information on start time of
call, end time of call, duration of call, originating and termination numbers. CDRs are
stored until a billing cycle runs. For IP Based Services, a new standard is gaining
acceptance called Internet Protocol Detail Record (IPDR). IPDR supports both voice
and data.
Billing systems use mediation output to determine charges for the customers. It is
also used to feed other downstream applications such as Fraud and Churn
Management.
Market leading mediation product vendors include:
Comptel
XACCT
HP Smart Internet Usage
Page: 12
Ehpt BMP
2.3.2. Rating
Rating systems calculate the charge for an individual call, IP usage event, etc. using
the CDRs/IPDRs. Rating systems apply charges based on pre-configured pricing
rules, applicable discounts and rebates from promotions.
This rating process has grown increasingly complex in recent years. In older times, it
was solely a matter of taking the length of the call, assigning a price based on the
mileage band (calculated by cross-referencing the prefix of the originating and
terminating numbers in a table of values), and assigning discounts based on the time
of day (peak, evening, night), day of the week, and holidays.
Modern rating systems can assign discounts based on calling circles, provide flexible
rating plans based on size of accounts and increase switching costs [2]. These serve
as strategic marketing tools but can be very complex to administer and operate.
2.3.3. Billing Systems
Billing systems aggregate rated calls, IP/data usage events, etc. and calculate
customer invoices. In the United States, billing is usually performed once a month.
Billing systems combine rated records with prior balance information, payment
records, recurring charges (such as line rentals), one-time fees (such as installation
and service charges), promotions and discounts associated with the customer
account, taxes and credits. Overnight billing batch jobs are among the largest batch
environment at a CSP’s operating environment. Each customer is assigned a specific
billing cycle.
According to Insight [2], the holy grails of the billing industry are unified billing and
convergent billing. With unified billing, a customer gets a single bill for all services
provided (or billed) by the service provider, appropriately rated, discounted, and
taxed, and a single contact for inquiries and negotiation.
Some of the main vendors and products in the area of rating and billing are:
Lucent Arbor Billing Platform
Amdoc Internet Administration Framework (IAF)
Portal Software’s Infranet
Geneva
AMS Tapestry
2.3.4. Interconnection Billing
In the competitive world of communications, service providers often tie-up with
partners, in order to bundle their own products with their partners. This helps the
service providers to provide attractive bundles of products and services. However, in
order to successfully settle interconnect billing settlements an effective
Interconnection Billing is required.
Interconnection Billing products support inter-working of a service provider’s billing
systems with the corresponding systems of another service provider, based on
interconnect agreements and contracts.
Page: 13
Some of the products in this area are:
InterconnecT from Intec Systems Ltd. These also contain Application Network
Operator
Prospero from ICL
INCA from BT
2.3.5. Revenue Assurance
Revenue Assurance & Fraud Management systems verify billing, detect and identify
unauthorized usage of service provider network assets. Some of the kinds of frauds
are Usage and Subscription.
Usage Fraud means that a customer uses the telecommunications network illegally.
This is accomplished either by obtaining a service with no intent to pay or by
obtaining unauthorized access to the network (i.e. “hacking” or “cracking”).
Fraud Management systems typically detect and prevent unauthorized access to a
communications network by analyzing traffic patterns on the network. Some
examples are provided in [8]:
One technique involves analyzing the average call duration or the number of
calls placed to foreign countries to determine whether the traffic patterns are
consistent with a subscriber's call history or pattern. If a call is inconsistent
with the subscriber's call pattern profile, the subscriber is provided with a
report of the abnormal call activity.
Other methods for dealing with the problem of unauthorized use involve
automatically denying or blocking access to the network when abnormal use
is detected to minimize the subscriber's financial loss.
Subscription fraud means that a customer obtains a service account by giving a false
identity (name and/or SSN) or by giving a false address or false credit worthiness.
Detecting subscription fraud involves searching recent order and existing customer
data for multiple orders and/or accounts with the same customer name, SSN, or
service address.
Common subscription fraud patterns include
Change of billing address within a few weeks of opening an account.
Substantial deviation of usage profile of a new user from an average new
user.
Common techniques to control subscription based fraud include threshold based
analysis, inference rules analysis, profile based analysis such as habitual user profiles
and neural networks.
Fraud Management Systems typically read and store usage data from the service
provider’s network switching equipment and allows queries to be executed against
the data that detect suspicious usage patterns.
They also allow operators to review customer accounts that have suspicious activity,
to track their investigation and record the final case resolution. One of the available
tools in this area is SAS Fraud Management.
Page: 14
It should be noted that fraud is different from revenue leakage. Revenue leakage is
characterized by the loss of revenues resulting from operational or technical
loopholes where the resulting losses are sometimes recoverable and generally
detected through audits or similar procedures [1]. Fraud, on the other hand, is
characterized with theft by deception, typically characterized by evidence of intent
where the resulting losses are often not recoverable and may be detected by analysis
of calling patterns.
Another important class of Revenue Assurance tools includes Churn Management
tools. Churn management is an important area for service providers that have
subscription-based business - due to price wars, aggressive marketing and
promotions from competing service providers, and customer’s expectations related to
customer service.
Churn Management tools provide functions such as automated behavior analysis,
forecasting and simulation, empirical profiling, churn metrics capture, that enable
service providers to learn which customers are likely to leave and take appropriate
countermeasures. Some of the tools/vendors in this area are:
HP Oneview Churn Management
Amdocs
CGI Churn Management
2.4. Standards & Protocols
2.4.1. Telecommunications Management Network (TMN) Logical Model
To survive in a highly innovative and competitive communications market, service
providers must use a robust architecture for network and service management. TMN
was formed with an aim to provide such an architecture framework. It was defined
by ITU-T (International Telecommunications Union – Telecommunications Services
Sector).
TMN provides a framework that helps service providers to achieve the
interconnection between various types of operating systems and/or
telecommunications equipment for the exchange of management information with
standardized interfaces including protocols and messages.
TMN describes network management from the following different viewpoints:
Logical or business model
Functional model
A set of standard interface
The scope of this section is the TMN logical model. The reader is referred to [11] for
detailed information on the TMN models.
The TMN logical model breaks down the functions related to managing a
telecommunications support environment into manageable subsets and helps service
providers to think logically about how the business of a service provider is managed.
It introduced the concept of logical layered architecture, consisting of four layers,
each of which reflects particular aspects of management.
Page: 15
Figure 4 below depicts the TMN Logical Model.
BUSINESS
MANAGEMENT
SERVICE MANAGEMENT
NETWORK AND SYSTEMS
MANAGEMENT
ELEMENT MANAGEMENT
Figure 4 TMN Model
The idea is that management decisions at each layer are different but interrelated.
Each layer imposes requirements on the layer below. Each layer provides a capability
to the layer above.
For example,
Detailed information is needed to keep a switch at the element management
layer operating, but only a subset of that information is needed to keep the
network operating (e.g. is the switch operating at full capacity?).
Network elements emit several low-level syslog* events. Not all of the events
are important or interesting to a network operator. Instead network operators
may rely on systems at the Network Management layer to filter the events
and show important ones.
The four layers in the TMN model as shown in Figure 4 are as follows:
Element Management - The Element Management layer (EML) is used to
manage an individual network element or a sub-network. In this layer, data
such as logs, audit trails and performance statistics from network elements
within the layer’s span of control are analyzed and interpreted in a meaningful
manner to monitor and control the subnetwork. As a subnetwork is a subset
of the whole network, relevant data are passed on to the Network
Management Layer applications for integration of the views of the whole
network.
Network Management - The Network Management layer (NML) is
concerned with the management of the whole network. It receives data from
the lower level EML and synthesizes the data into a meaningful end-to-end
view of the network.
The NML communicates with other layers using standard interfaces.
Page: 16
Service Management - The Service Management layer (SML) is concerned
with and responsible for, the contractual aspects of services that are being
provided to customers.
Examples of functions at the SML include: customers interfaces, service
provisioning, opening new accounts, closing existing accounts, resolving
customer complaints including those related to billing, fault reporting,
maintaining statistical data (e.g., QoS), interaction with the business
management layer, interaction between services, etc.
Business Management – The Business Management layer (BML) includes all
the functions necessary for the implementation of policies and strategies
within the organization which owns and operates the services (and possibly
the network).
Examples of functions at the BML include network planning, agreement
between operators, executive-level activities such as strategic planning,
decision making for optimal investment and goal-setting
2.4.2. Enhanced Telecom Operations Map (eTOM) Model
New Generation Operations Systems & Support (NGOSS) aims to deliver a
framework that will help produce New Generation OSS/BSS solutions, and be a
repository of documentation, patterns, models and code in support of these
developments.
It is driven and managed by TM Forum (TMF), a non-profit organization, which
consists of more than 340 member companies around the world.
The eTOM model – the business process pillar within NGOSS, effectively captures the
complex business processes in a communications service provider.
The eTOM defines business processes through a hierarchical process decomposition
that begins at the overall Enterprise/conceptual level (referred to as Level 0), and
each level is decomposed into greater detail at the next lower level (Level 1, 2, 3
etc.). Each level captures process descriptions, inputs and outputs, as well as other
key elements.
Page: 17
Figure 5 eTOM Model (Reference: http://www.tmforum.org)
Figure 5 above captures eTOM level 0 and 1 process areas. “Operations”, “Strategy,
Infrastructure and Support” (SIP), and “Enterprise Management” form level 0
processes.
Operations – Covers the core of operational management
Strategy, Infrastructure and Support (SIP) - planning and life cycle
management
Enterprise Management (EM) covering corporate or business support
management
According to [12],
“The eTOM Framework contains seven end-to-end vertical Level 1 process groupings
across OPS and SIP, representing the processes required to support customers and
to manage the business. The focal point of the eTOM is around the core customer
operations processes of Fulfillment, Assurance and Billing (FAB) within OPS.
Operations Support & Readiness (OSR) forms the fourth vertical grouping within
OPS, and is differentiated from FAB real-time processes to focus on enabling support
and automation of the FAB processes. The SIP process area contains more “back-
Page: 18
office” processes that typically work on different business time cycles than the real-
time Operations. The SIP processes enable, support and direct the work in OPS.
The eTOM also includes horizontal views of functionality across a service provider's
organization, in OPS and SIP. These Level 1 horizontal functional process groupings
gather together functionally-related processes, e.g., customer-facing processes such
as Marketing, Selling, etc, within Customer Relationship Management.”
To illustrate the hierarchical process decomposition concept, let us take a case of one
such hierarchy to illustrate the hierarchical process decomposition process.
“Operations” is a level 0 process.
“Operations Support & Readiness (OPS)” is a level 1 process within the
“Operations” process is responsible for support to the "FAB" processes, and
for ensuring operational readiness in the fulfillment, assurance and billing
areas.
“Customer Relationship Management – Support and Readines” is a level 2
process within OPS and is responsible for managing classes of products,
ensuring that all CRM processes in Fulfillment, Assurance and Billing are
supported and able to manage interactions with customers promptly and
efficiently.
One of the level 3 process under “Customer Relationship Management –
Support and Readines” is “Support Order Handling” and is responsible for
ensuring that new and/or modified Order Handling related infrastructure is
deployed effectively, and to ensure that Order Handling processes can
operate effectively
For each of the processes under each levels, eTOM defines details of specific
responsibilities. For example, “Order Handling” level 4 process has the following
responsibilities, with details defined in eTOM.
Determine customer order feasibility
Authorize credit
Track and manage customer order handling
Issue customer orders
Report customer order handling
Close customer order
2.4.3. “OSS Through Java” (OSS/J) Initiave
OSS/J stands for “OSS through Java”. The goal of OSS/J is to provide open interface
standards for the integration of OSS/BSS, through the Java Community Process
(JCP).
OSS/J creates API specifications, reference implementations, technology
compatibility kits and multi-technology profiles (Java, XML, and Web Services) for
OSS integration and deployment.
The OSS/J API specifications use the Core Business Entities (CBE) model, which is
based on the TMF's NGOSS Shared Information/Data (SID) Model and therefore, the
Page: 19
initiative provides a technology neutral implementations view of the NGOSS
architecture [9]. The initiative also produces the design guidelines for defining
interfaces and implementing the specifications.
Some of the core OSS/J APIs available are:
Customer Management - for creating, modifying, suspending, and terminating
customers.
Order Management - for creating, modifying, suspending, and canceling
orders and order activities.
Service Activation - to activate services as defined by TMF’s eTOM and SID.
Product Inventory - for populating, querying and updating the Product
Inventory repository.
Service Inventory - for populating, querying and updating the Service
Inventory repository.
Trouble Ticketing - for creating, tracking, and deleting trouble tickets.
Service Quality Management - for querying, creating, updating and deleting
Service Level Specifications objects, Service Quality Objective objects, and
Service Quality Report objects, as well as subscribing for notifications on
object violation events and availability of new service quality reports
Fault Monitoring - reception of alarms*, state changes, and threshold crossing
alerts from the network and maintaining a list of active alarms*.
Performance Monitoring - for creating and deleting metric and threshold
objects. collection of performance data from the network, setting thresholds,
and generating/forwarding threshold crossing events.
Billing - for rating services and calculating billing records, sending invoices to
customers, processing their payments, and performing payment collections,
handling inquiries by the customer about bills and billing problems.
Billing Mediation - for matching usage to individual services for usage-based
services
Pricing – to determine offers and prices based on a variety of criteria including
a specific customer profile, location, current promotions, other parties in the
transactions, factors peculiar to the request, and any other set of complex,
possibly inter-related points
OSS/J helps service providers get around vendor lock-ins and improve
interoperability among OSS/BSS products from different vendors and customer
developed applications.
OSS/J interface specifications represent operations that are “business-function-
focused” – e.g., “createOrder”, “createTroubleTicketByKey”. Profiles are available for
RMI/IIOP, XML/JMS, Web Services implementations.
2.4.4. Simple Network Management Protocol (SNMP)
SNMP is a widely used communication protocol used by network management
platforms to manage (for example, to obtain configuration and statistical
Page: 20
information) network devices such as routers, gateways and switches and server
elements.
Almost all network elements and server elements support MIBs*, which can be read
by SNMP to obtain management information.
For example, an Ethernet switch contains an MIB* for each Ethernet port that
provides port statistics such as status, port configuration, number of frames and
octets transmitted and received [3]. The switch also includes MIBs* that give
information on the switch such as status of power supply and the number of active
ports on the switch. Routing tables MIBs* give status of routing protocols, entries in
the routing tables, etc.
SNMP normally operates through requests and responses. Also, Management
platform can send configuration information to a network element or server, and
have the server acknowledge a receipt [3]. Also, SNMP can send un-requested
messages (“traps” or “inform” signals) asynchronously to a management platform,
for example when it reinitializes itself.
2.4.5. Common Management Information Protocol (CMIP)
CMIP is an Open Systems Interconnection (OSI) based network management
protocol that supports exchange of information between network management
systems and management objects or network elements such as network devices and
circuits.
CMIP can be used for accessing information about network objects or devices,
modification their configuration, and receiving status reports from them. CMIP is
object-oriented and can help manage very complex hierarchies of managed objects.
It is more sophisticated then SNMP, although lot less popular than SNMP. CMIP
provides better security and fault reporting capabilities.
3. Conclusion
3.1. Summary
OSS/BSS systems and applications automate many of the day to day operations
performed in a communications service provider’s operating environment. They
optimize the time taken to perform these operations and make the business
processes more efficient.
There are no all-encompassing OSS/BSS systems that can be installed, integrated,
tested and allow the service providers to easily modernize their end-to-end
operations functions.
Service providers, therefore, use all the different approaches: best-of-breed in some
areas, off-the-shelf in some, and home-grown custom applications in the remaining
areas, to modernize and optimize their operations.
More often than not, many of these OSS/BSS systems are integrated with the others
in a point-to-point fashion, as part of discrete projects and programs, sponsored out
of different business units. This leads to point-to-point integration of OSS/BSS
systems unless the programs/projects are planned with a strategic goal.
An example of point-to-point integration is: Netcool, a popular Alarm Handler,
provides a gateway that links directly into the Trouble Ticketing product Remedy
Page: 21
ARS, which is a point-to-point integration. The mechanism is quick to use and easy
to deploy leading most system integrators* and service providers to prefer the
mechanism. A negative side of the approach is it makes taking the component out
for replacement more difficult. Integration and flexibility are the key challenges faced
by service providers with respect to their OSS/BSS systems, due to their time-
consuming nature and high costs.
A side effect of the difficulty in integrating the various OSS/BSS systems is many of
the OSS/BSS systems in a service provider’s operating environment may not be
integrated at all. For example, it is not unusual to find the following scenario: when a
customer orders a new telephone line, the ordering system takes the details of a
customer’s order, but a manual process is present to configure the telephone
exchange using a switch management system. Details of the order entered in the
Order Handling system is re-keyed manually by the technician into the Switch
Management System – a process often referred to as “Swivel-Chair Integration”.
The article provided an overview of some of the core OSS/BSS areas in Order
Fulfillment, Service Assurance and Billing.
3.2. Terminology
Alarm - A persistent indication of a fault that is cleared only when the
triggering condition is resolved
Asynchronous Transfer Mode (ATM) - ATM is a packet-oriented
technology that allows multiple logical connections (voice, video and data) to
be multiplexed over a single physical interface as fixed-sized packets called
cells.
ATM is more often used as a backbone technology, working behind the scenes
transporting customer-facing services such as Frame Relay, Voice over
Internet Protocol (VoIP), Ethernet and Internet Access. For example, traffic
originating at customer-facing frame relay end-points is terminated on ATM at
corporate hub. Moreover, carriers often transport frame relay traffic on ATM
backbones.
Communications Service Provider (CSP) - A CSP sells one or more of the
following: telephone lines, long distance, LAN & WAN products, bandwidth,
network access, managed network/storage/security services, etc.
All of the following are CSPs: Telecommunications carriers, wireless
communications providers, Internet Service Providers (ISP) and cable service
providers providing high-speed internet access.
Digital Loop Carriers (DLC) – A DLC uses digital transmission to extend the
range of a local loop* farther than would be possible using usual twisted-pair
copper wires. It digitizes and multiplexes* signals carried by local loops*.
DSLAM – A Digital Subscriber Line Access Multiplexer (DSLAM) is a network
device located in the telephone exchange (or central office) of a service
provider that connects multiple customer DSL lines to a high-speed internet
backbone (for example, ATM/Frame Relay or IP network) using multiplexing*
techniques.
Element Management System (EMS) – An EMS manages one or more of a
specific type of network element. Typically, the EMS manages the functions
Page: 22
and capabilities within each network element but does not manage the traffic
between different network elements in the network [10]. To support
management of the traffic between itself and other network elements, the
EMS communicates upward to higher-level network management systems
(NMS)* as described in the telecommunications management network (TMN)
layered model.
Local Loop - The customer premises connects to the telephone company's
central office (CO) switch by means of the local loop, which is often referred
to as the access portion of the network. This CO switch is a link between the
local loop and the network backbone.
Management Information Base (MIB) - An MIB is a collection of
information on managed objects such as routers and switches and the
commands they can execute, stored in a virtual database. SNMP polls
information from MIBs and passes the information to Network Management
Systems or executes commands specified for the MIBs.
Multiplexer/Multiplexing – A multiplexer is a device for converting several
data streams (for example, voice, video and data) into a single output for
transporting via a single communications channel. De-multiplexing is the
opposite in that it converts a single stream into multiple data streams. Time
Division Multiplexing and Wave Division Multiplexing are methods of
multiplexing.
Network Element (NE) – Network element usually refers to a logical entity
or structural group uniting one or more of devices for a single purpose. For
example, a telephone exchange is a distributed group of devices such as
subscriber line units, line trunk units, switching matrix, CPU and remote hubs,
etc. and is typically referred to as a telephone exchange network element.
Also independent routers, switches, gateways and other devices are referred
to as network elements.
Network Management System (NMS) – Network Management Systems
(NMS) consist of hardware platforms, application software, middleware and
services that together allow network operators to manage network elements.
Synchronous Optical Network (SONET) - SONET is a physical layer
network technology that defines optical carrier standards and therefore
enables fiber-optic systems from different vendors to work with each other.
Syslog – Syslog is a standard for forwarding log messages and is used to
forward events/messages from network elements and computer systems. It is
a client/server protocol, where a syslog sender sends cleartext textual
messages to a syslog receiver, via TCP and/or UDP protocols. It can be used
for monitoring audit trails, logging network and system events, etc.
System Integrators - Refers to a company providing professional services
required to install, configure, integrate, test a solution. It could be a
consultant company like Infosys, Wipro, etc. or an equipment/software
supplier.
Transaction Language 1 (TL1) - Transaction Language 1, Is mainly a
control protocol, and has been use for several years, for issuing commands to
voice network elements.
Page: 23
3.3. References
[1] Who Makes What: OSS,
http://www.lightreading.com/document.asp?doc_id=113052&print=true,
Light Reading, Dec 2006
[2] The 2007 Telecommunications Industry Review, The Insight Research Corp.,
Dec 2006
[3] Eric Siegel, Architectural Overview of Network Management, The Burton
Group, Oct 2005
[4] Arindam Banerjee, Network Management is the Key to the Success of Next-
Generation Architecture, Yankee Group, Jan 2007
[5] Senthil K. Ramachandran, Order Fulfillment Core Processes and Pain Areas,
TMFC 2122 White-paper
[6] Sterling Perrin et al., IDC's Service Provider Infrastructure Taxonomy,
2004, IDC
[7] Lars Andersson, OSS Solutions for Network Operators – white paper, 2002
[8] Telecommunications Fraud Detection Scheme, US Patent 5504810,
http://www.patentstorm.us/patents/5504810/description.html, April 1996
[9] OSS Through Java Initiative, OSS/J Roadmap, TeleManagement Forum, Jan
2007
[10] Element Management Systems – Definition and Overview, Web ProForums,
International Engineering Consortium (IEC)
[11] Divakara K. Udapa, TMN Telecommunications Management Network, McGraw
Hill, ISBN:9780070658158, 1999
[12] Enhanced Telecom Operations map - eTOM: The Business Process Language
of NGOSS, TeleManagement Forum
[13] Wikipedia, http://en.wikipedia.org/wiki/Operational_Support_Systems
[14] Elisabeth Rainge, Next-Generation OSS and Billing Market Taxonomy, IDC,
Oct 2004
[15] Wikipedia, http://en.wikipedia.org/wiki/Fault_management
[16] Wikipedia, http://en.wikipedia.org/wiki/Management_information_base
[17] Network Management Basics,
http://www.cisco.com/en/US/docs/internetworking/technology/handbook/NM
-Basics.html
[18] Wikipedia, http://en.wikipedia.org/wiki/Network_planning_and_design
[19] Balan Nair et al., Method and system for planning a telecommunications
network, United States Patent 5974127,
http://www.freepatentsonline.com/5974127.html, Oct 1999
Page: 24
[20] Telecommunications Fraud Detection Scheme, US Patent 5504810,
http://www.patentstorm.us/patents/5504810/description.html, April 1996
[21] Stephen Brown, Telecommunication Fraud Management, Jan 2005,
http://www.waveroad.ca/ressources/Whitepaper_SB_Janvier2005.pdf
[22] Eric Siegel, Measuring Performance of Networks and Applications, The Burton
Group, Feb 2007
[23] International Engineering Consortium (IEC), Tutorials,
http://www.iec.org/online/tutorials/