Previous section.

NMF SPIRIT Issue 3.0 Platform Blueprint

NMF SPIRIT Issue 3.0 Platform Blueprint
Copyright © 1995 Network Management Forum

Scope of Management

OSI System Management Functional Areas

ISO/IEC 7498-4 (Management Framework),1 defines five system management functional areas:

  1. Accounting Management

  2. Configuration Management

  3. Performance Management

  4. Fault Management

  5. Security Management.

Accounting Management

Accounting management enables charges to be established for the use of resources in an OSI environment, and for costs to be identified for the use of those resources. Accounting management includes functions to:

  1. inform users of costs incurred or resource consumed

  2. enable account limits to be set and tariff schedules to be associated with the use of resources

  3. enable costs to be combined where multiple resources are invoked to achieve a given objective.

Configuration Management

Configuration management identifies, exercises control over, collects data from, and provides data to open systems for the purpose of preparing for, initialising, starting, providing for continuous operation of, and terminating interconnection services.

Configuration management includes functions to:

  1. set the parameters that control the routine operation of the open system

  2. associate names with managed objects and sets of managed objects

  3. initialise and close down managed objects

  4. collect on demand information about the current condition of the open system

  5. obtain announcement of significant changes in the condition of the open system

  6. change the configuration of the open system.

Performance Management

Performance management enables the behaviour of resources in the OSI environment and the effectiveness of communication activities to be evaluated. Performance management includes functions to:

  1. gather statistical information

  2. maintain and examine logs of system state histories

  3. determine system performance under natural and artificial conditions

  4. alter system modes of operation for the purpose of conducting performance management activities.

Fault Management

Fault management encompasses fault detection, isolation and the correction of abnormal operation of the OSI environment. Faults cause open systems to fail to meet their operational objectives and they may be persistent or transient. Faults manifest themselves as particular events (for example, errors) in the operation of an open system. Error detection provides for the recognition of errors. Fault management includes functions to:

  1. maintain and examine error logs

  2. accept and act upon error detection notifications

  3. trace and Identify faults

  4. carry out sequences of diagnostic tests

  5. correct faults.

Security Management

The purpose of security management is to support the application of security policies by means of functions that include:

  1. the creation, deletion and control of security services and mechanisms

  2. the distribution of security-relevant information

  3. the reporting of security-relevant events.

SPIRIT Scope of Management and ISO/X.700 SMFAS

The X.700 System Management Functional Areas are part of the underlying structure that supports the SPIRIT management. The SPIRIT Scope of Management (see SPIRIT Scope of Management ) is broader than the original ISO/IEC 7498-4 (X.700).

There is a relationship between the operational aspects of X.700 management and the SPIRIT disciplines as shown in SPIRIT Scope of Management and ISO/X.700 SMFAS .

Table: SPIRIT Scope of Management and ISO/X.700 SMFAS

SPIRIT Scope of X.700 System Management
Management Functional Areas
Business Accounting
Configuration Configuration
Software Administration  
Performance Performance
Problem Fault
Security Security

SPIRIT Scope of Management and TMN

Telecommunication Management Network (TMN) defines five layers:

  1. Business Management Layer

  2. Service Management Layer

  3. Network Management Layer

  4. Network Element Management Layer

  5. Network Element Layer.

The SPIRIT Scope of Management applies to the management of any general-purpose or management system computing platform that is utilised within any of these five layers.

SPIRIT Scope of Management

SPIRIT Scope of Management addresses distributed systems management.

As such, it is wider in scope than ISO/IEC 7498-4. The SPIRIT Scope of Management is defined for Information Systems. Not all the Information Systems, particularly legacy systems, fit the definition of open systems as defined by ISO/IEC. But management has to apply to all Information Systems.

Information System is defined as any computing system capable of receiving, storing, manipulating, retrieving or presenting information (data, voice, image, and so on).

In Application of Scope of Management to Process, Manager and Agent the SPIRIT Scope of Management areas are expanded and marked as applying to:

  1. Process

  2. Manager

  3. Agent.

Process is defined as additional functions beyond those required at either a manager or agent in order to provide complete management function. In some cases it will be a paper process. This does not preclude the assistance of programs such as PERT, GANTT or spreadsheets to help in the process.

Manager is defined to be a function that is required to be executed on a SPIRIT Management Platform (Managing System).

Agent is defined to be a function that is required on a management enabled SPIRIT general-purpose computing platform (Managed System).

Table: Application of Scope of Management to Process, Manager and Agent

  Process Manager Agent
Business Management:      
Inventory Control Yes Yes Yes
Accounting Yes Yes Yes
Policy Administration Yes    
Business Strategic Planning Yes    
Process Management Yes    
Information Services Management Yes    
Organisational Planning Yes    
Configuration Management:      
Configuration Design Yes Yes  
Environmental Planning Yes    
Configuration Creation Yes Yes  
Updating Configuration   Yes Yes
Accessing Configuration   Yes Yes
Software Administration:      
Planning Yes    
Distribution   Yes Yes
Synchronisation   Yes Yes
Installation     Yes
Activation   Yes Yes
Testing     Yes
Backout     Yes
Monitoring and Tracking   Yes  
Operations Management:      
Workload and Operations Planning Yes    
Workload Control   Yes Yes
Operations Control   Yes Yes
Print Management     Yes
Performance Management:      
Performance Planning Yes    
Performance Control and Monitoring   Yes  
Performance Execution and Measurement     Yes

Problem Management:      
Problem Process Planning Yes Yes  
Problem Policy Planning   Yes Yes
Problem Determination   Yes  
Problem Analysis   Yes Yes
Problem Bypass and Recovery   Yes Yes
Problem Assignment   Yes  
Problem Resolution and Verification   Yes Yes
Security Management:      
Authentication   Yes Yes
Access Control   Yes Yes
Non-repudiation     Yes
Integrity   Yes Yes
Confidentiality   Yes Yes
Security Audit Yes Yes Yes
Key Management   Yes  

Business Management

Business management addresses the activities involved in the management of the business aspect of an enterprise's information system. Tasks that are categorised under the business management discipline are listed below.

Inventory Control

Inventory control manages all the information system resources by maintaining information about where the resource is located and who it is assigned to. Inventory control follows a resource from identification as a requirement through purchase, installation, depreciation and finally disposal.


Accounting collects usage data and bills information system expenses to the appropriate users.

Charge-back includes the collection of usage data and the creation of billing and charge-back transactions. It correlates the user, object, access time and action performed. It provides statistics on object usage.

Financial management supports budget planning, tracking of project costs, and other activities.

Policy Administration

Policy administration provides tools and services to collect policy information and translates that into actions for automation.

Business Strategic Planning

Business strategic planning deals with the long-range planning and the bridging of a company's Information Technology goals and objectives to the business objectives of the company.

Process Management

Process management provides the support programming that allows the definition and execution of a process. A process is a defined relationship between the steps needed to accomplish a systems management task. The steps may be accomplished by people (as in signing an approval form), or they may be systems management functions (as in adding a link). Process management is applicable across all the disciplines.

Information Services Management

Information services management defines the customers of the enterprise's business and the services that will be needed to support them. This includes defining the enterprise's marketplace and associated service offerings, forecasting service volumes, forecasting and publishing prices for services, promoting services offered, identifying which organisations will use which services, providing help for users, and coordinating problem resolution.

Within information services management:

Organisational Planning

Organisational planning includes education and training. Planning for, and training, staff and users, maintaining training material, and maintaining education profiles covers staff performance and skill assessment.

Configuration Management

The configuration management discipline controls how you plan, develop and maintain the way the resources of an information system interrelate. Tasks that are categorised under the configuration management discipline are listed below.

Configuration Design

Configuration design comprises the design, modelling and validation of hardware and software configurations. These configurations may be physical or logical. Validation validates that the proposed model is correct within current system requirements and existing system structures.

Environmental Planning

Environmental planning determines the physical specifications required to support the configuration.

Configuration Creation

Configuration creation builds and manages a configuration description of a specific resource.

Updating Configuration

Updating configuration information dynamically updates configuration information.

Sub-tasks under updating configuration include:

Accessing Configuration

Accessing configuration information provides a means to retrieve any configuration information, active or inactive, based on relationships between resources and configuration versions.

Configuration parameters and policies display startup parameters. This includes install or generation parameters and modifiable parameters and their current values.

Unique product identification or vital product data is an architected definition of a resource or group of resources. Unique resource identification functions include storing the information in non-volatile storage, forwarding the information on detection of a change in status or configuration, and forwarding the information to a requesting manager on request.

Self-configuration reports a resource's own configuration at the time a change is detected, at start-up, and upon request from an authorised manager.

Downstream/Peer Attachment is the capability to recognise that another resource has joined the local configuration, record the new configuration, and report the new configuration at the time of change and on any subsequent requests for information.

System/User Access to Configuration Data provides human and/or programmed access to configuration data located at the resource. This is an agent function and is modelled through the use of Managed Resource Objects.

Maintaining a Systems Inventory of all the system/network components installed and the status of each is a manager function. Facilities must exist to permit the gathering of inventory from the system components.

Software Administration

Software administration controls the introduction of change into an information system environment. Its goals are to minimise the impact of the change, reduce the skill level needed to manage the change, and reduce the process to a series of small, repeatable steps that can be automated.

Tasks that are categorised under software administration are described in the following sections.


Change entry accepts change requests from authorised change initiators and enters them into the enterprise information base, where they provide the basis for tracking change requests within the enterprise.

Assessment and approval support business and technical assessments to evaluate and approve the change request.

Planning identifies the resources affected by the change request and any additional resources needed to satisfy the request. Planning also sets guidelines for scheduling the change and the procedures to follow when making the change.

Scheduling sets the actual schedule for the change, within the limits of the change plan, after accounting for the availability of resources, altered job schedules, and other scheduling considerations.


Distribution controls the distribution of the software and software updates.


Synchronisation defines the order and timing of change installation, along with recovery actions if the installation is not successful. It includes the synchronisation of changes across multiple managers and agents.


Installation deals with changes that can be applied under program control. Some changes cannot be applied under program control because they depend on user intervention.


Activation controls the transition from the previous production version to the new version.


Testing verifies the expected operation of the new or altered components. The change plan will identify the tests associated with each phase of the change. Tests will typically be run before the change is installed, after the change is installed, and after the change is removed if a backout was necessary.


Backout provides procedures for reversing an unsuccessful change.

Monitoring and Tracking

Monitoring and tracking maintains the status of each step in the change process. Within monitor and tracking, change result notification notifies affected areas of successful changes (that is, through electronic mail with return codes and error messages).

Post-installation analysis reviews completed changes to verify that they meet the enterprise's objectives. The analysis provides feedback to help identify modifications needed to improve the change process and to meet objectives.

Operations Management

The operations management discipline uses managers and the resources they manage to support an enterprise's information systems workload. This discipline includes tasks for planning, distributing, evaluating and controlling workloads and the resources needed to support those workloads in real time.

Tasks that are categorised under the operations management discipline are listed below.

Workload and Operations Planning

Workload planning defines, analyses and reports on the enterprise information system workloads, both actual and anticipated. It includes set-up utilities which set up and build management applications (utilities) in a consistent manner across all systems by establishing operations policies and procedures.

Operations planning defines the operational policies and procedures for the enterprise. As an example, operations planning would determine the system resources (hardware, software, time) needed to support required service levels.

Workload Control

Workload control distributes the work-handling responsibilities among systems. It includes the monitoring, analysing and adjusting of work in those systems.

Operations Control

Operations control implements operations policies in each system. It monitors and adjusts the dynamic states of systems and resources.

Within operations control:

Print Management

Print management consists of those components and interfaces required to provide for:

Performance Management

Performance management defines how to plan, evaluate and control the delivery of service to the users of an enterprise's information systems.

Tasks that are categorised under the performance management discipline are listed below.

Performance Planning

Capacity planning defines the level of system resources needed to meet anticipated service levels. Capacity planning includes the modeling of systems including growth and forecast to check their ability to deliver the required service.

Performance policy definition defines the performance specifications, controls and procedures needed to sustain the required level of service.

Define performance levels, within performance policy definition, specifies thresholds or levels of acceptable performance that meet service level agreements. These performance specifications should be made in one central place for all tools to use consistently.

Performance Control and Monitoring

Performance control and monitoring distributes established policies throughout an installation, monitors the level of service delivered, such as availability, compares actual levels with planned levels, and provides performance reporting.

Under performance control and monitoring:

Performance Execution and Measurement

Performance execution and measurement directs systems management applications to follow the installation's performance policies, taking the steps necessary to execute the plan. Performance execution and measurement periodically report back on how things are going.

Problem Management

The problem management discipline encompasses the detection, analysis, recovery, resolution and tracking of potential and recognised problems occurring in the information system. This encompasses and expands on the OSI Fault Management. The overall goals of problem management are to reduce the resources required for detecting incidents and resolving problems, and to provide better availability of information system resources.

Tasks that are categorised under the problem management discipline are listed below.

Problem Process Planning

Problem process planning and tracking supports the planning of processes to address possible problems, following the guidelines of the installation's policies.

Problem Policy Planning

Problem policy planning and definition prepares policies for identifying and resolving real-time problems rapidly and with limited human intervention.

Detection and logging provides notification of problems from the failure to meet service levels such as availability based on performance policies, to appropriate personnel to take action, and notifies others affected by the problem. This permits problems with multiple manifestations to be narrowed down to a single probable cause.

Problem Determination

Problem correlation and determination relates multiple incidents to a specific problem in order to expedite problem determination, and minimise the handling of duplicate incidents. In addition, the probable cause of a problem is determined.

Problem Analysis

Problem analysis and diagnosis determines why a specific problem occurred, and diagnostic processes can determine potential solution strategies.

Problem Bypass and Recovery

Problem bypass and recovery adjusts to the problem by using an alternate path or resource, or restarts the failing component.

Subtasks under problem bypass and recovery include:

Problem Assignment

Problem assignment directs the problem to the proper person or application for resolution.

Problem fix determination determines the "fix" for a problem.

Problem escalation provides a mechanism for increasing the priority of unresolved problems so that they receive additional attention.

Problem Resolution and Verification

Problem resolution and verification has the task of applying the problem solution identified during the problem analysis and diagnosis task, and verifying to ensure that the solution corrected the problem.

Security Management

Security management is the administration, control and review of an enterprise's security policy. Security managers make use of procedures and system security services to implement policies consistent with the organisation's objectives. System auditability can provide checks and balances on system users and administrators to ensure that security management policies are enforced.

Security management goes beyond access control administration. A clear requirement involves the registration and enrolment of system users and the management of programs, data and security information such as cryptographic keys. Event logs have to be processed that produce meaningful reports to facilitate the audit task. These functions have to accommodate a distributed system environment and manage the cross-system aspects transparent to the user.

The security management functions perform the following types of activities:

  1. system security management

  2. security services management

  3. security mechanisms management.

System security management is concerned with the management of the security aspects of the overall information systems environment. This includes:

Security services management is concerned with the management of specific security services. This includes interaction with other security service management functions and security mechanism management functions. An example might be the enabling of the access control service.

Security mechanisms management is concerned with the management of specific security mechanisms. Using the access control example, this could be the setting of access control list parameters.


This section summarises ISO/IEC 7498-2 (Security Architecture). This provides a good framework for security.2

X.800 describes the general security related architectural elements which can be applied appropriately in the circumstances for which protection of communication between information systems is required. The architecture consists of a number of functions as follows:

Security Mechanisms

Security mechanisms are technical tools and techniques used to implement the security services. Mechanisms may operate individually, or in concert with others, in providing a particular service.


ISO/IEC 7498-4:1989, Information Processing Systems - Open Systems Interconnection - Basic Reference Model - Part 4: Management Framework.

ISO/IEC 7498-2:1989, Information Processing Systems - Open Systems Interconnection - Basic Reference Model - Part 4: Security Architecture, otherwise known as CCITT X.700.

Why not acquire a nicely bound hard copy?
Click here to return to the publication details or order a copy of this publication.

Contents Next section Index