Verification Plan (SVP) — ISO/IEC/IEEE 15289 — Plan | IEEE 29148 §6.6
Generated 2026-03-27 — UHT Journal / universalhex.org
| Ref | Requirement | Method | Tags |
|---|---|---|---|
| VER-METHODS-001 | Verify IFC-DEFS-001: Load test with 150 concurrent SIP INVITE transactions through the gateway-to-ACD interface. Measure interface latency at p50, p95, p99 percentiles. Pass criteria: p99 latency below 50ms, zero session setup failures, TLS handshake completion on all sessions. Rationale: Integration test at the gateway-to-ACD boundary validates the most critical internal interface in the call processing pipeline. P50/p95/p99 percentile measurement catches latency outliers that average measurements would mask. 150 concurrent sessions represents full system load. | Test | verification, call-handling, session-253 |
| VER-METHODS-002 | Verify IFC-DEFS-002: Submit location queries for wireline, wireless Phase II, and NG911 VoIP call scenarios. Validate JSON response schema completeness (civic, geodetic, source, timestamp fields present), coordinate accuracy against known test addresses, and response time under 500ms for each scenario. Rationale: Location data accuracy directly determines whether the correct unit is dispatched to the correct address. Testing against known addresses validates the full location pipeline from query to display. Schema completeness check ensures no downstream rendering failures when optional fields are missing from specific location sources. | Test | verification, call-handling, session-253 |
| VER-METHODS-003 | Verify IFC-DEFS-003: Inject 20 concurrent text-to-911 sessions via the gateway while 100 voice calls are active. Verify text sessions appear in the ACD queue with correct priority, are routed to available positions using skill-based rules, and achieve routing within the same 500ms target as voice calls. Rationale: Mixed-media load testing validates that text sessions do not degrade voice call routing under concurrent load. The 20 text plus 100 voice scenario represents a realistic peak ratio. Verifying skill-based routing for text sessions ensures dispatchers with text-handling training receive text calls, as required by ADA compliance. | Test | verification, call-handling, session-253 |
| VER-METHODS-004 | Verify IFC-DEFS-004: Establish 50 concurrent calls and verify 100% recording capture on both caller and dispatcher channels. Measure live audio path latency with and without recording tap active. Pass criteria: zero recording gaps, added latency below 1ms, SIPREC metadata correctly correlates recordings to call sessions. Rationale: Recording completeness verification is essential because any recording gap creates an evidentiary void. The latency measurement with and without recording tap active validates that the recording system does not degrade live call quality. SIPREC metadata correlation check ensures recordings can be associated with specific incidents for legal discovery. | Test | verification, call-handling, session-253 |
| VER-METHODS-005 | Verify IFC-DEFS-005: Create 50 incidents concurrently from workstation interface to CAD. Validate all required fields are transmitted, incident numbers are returned within 1 second, and bi-directional status updates flow back to the originating workstation. Inject malformed payloads to verify input validation. Rationale: Concurrent incident creation validates that the CAD interface handles peak dispatcher activity without queuing delays. Malformed payload injection validates input sanitization at the workstation-to-CAD boundary, critical because this interface crosses trust domains between call-taking and dispatch subsystems. | Test | verification, call-handling, cad, session-253 |
| VER-METHODS-006 | Verify SUB-REQS-001: Execute load test generating 150 concurrent SIP INVITE sequences from a SIP load generator through the ESInet SIP Gateway. Verify all sessions establish with TLS 1.2+ and SRTP. Pass criteria: 150/150 sessions established, zero TLS handshake failures, zero SRTP negotiation failures under sustained 10-minute load. Rationale: The SIP Gateway is the single entry point for all emergency calls, making its capacity the system bottleneck. Load testing at full rated capacity for 10 minutes validates sustained performance, not just burst handling. TLS and SRTP failure at any session breaks the security chain mandated by NENA i3. | Test | verification, call-handling, session-253 |
| VER-METHODS-007 | Verify SUB-REQS-009: With 100 active calls, induce primary gateway failure (process kill, network disconnect, power loss). Measure time to failover detection and session recovery on standby gateway. Pass criteria: failover within 500ms, zero calls dropped, all callers maintain audio continuity without re-dial. Rationale: Gateway failover is the highest-risk failure scenario because all active calls traverse this component. Testing three failure modes (process, network, power) ensures the failover mechanism handles different failure signatures. The zero-calls-dropped criterion is absolute because any dropped 911 call during failover could result in a caller being unable to reconnect. | Test | verification, call-handling, session-253 |
| VER-METHODS-008 | Verify IFC-DEFS-006: Inject 200 concurrent incident creation events into the IME and measure message delivery latency to the DDSM subscription endpoint. Pass criteria: 100% of messages delivered, p99 latency under 100ms, at-least-once delivery confirmed by sequence number audit with no gaps. Test under both normal load and 2x peak load conditions. Rationale: Integration test validating IME-to-event-logger interface throughput under peak load. 200 concurrent incidents simulates a major metro disaster scenario. Latency measurement confirms the interface does not bottleneck CAD event persistence. | Test | verification, cad, ime-ddsm, session-255 |
| VER-METHODS-009 | Verify IFC-DEFS-007: Populate the shared data store with 2000 simulated unit records updating at 5-second intervals. Execute 100 concurrent full-fleet read queries from the DDSM and measure read latency. Pass criteria: p99 read latency under 10ms, all unit records contain current position, status, type, capabilities, and district fields with no stale data beyond one AVL cycle. Rationale: Integration test validating unit tracking data store performance. 2000 units at 5-second intervals represents a large metro PSAP with mutual aid activation. Verifies the shared store handles sustained write throughput without query degradation. | Test | verification, cad, utsm-ddsm, session-255 |
| VER-METHODS-010 | Verify IFC-DEFS-008: Generate 50 concurrent recommendation messages from the DDSM and measure delivery to the target dispatcher workstation. Pass criteria: all messages delivered within 200ms, message payload contains unit ID, travel time, distance, capability score, and run-card compliance fields with correct data types and valid ranges. Rationale: Integration test validating dispatch recommendation delivery to dispatcher workstations. 50 concurrent messages simulates peak multi-incident scenario. | Test | verification, cad, ddsm-dwi, session-255 |
| VER-METHODS-011 | Verify IFC-DEFS-009: Execute 100 dispatch command transactions from the DWI to IME including unit assignment, status override, incident update, and incident close. Pass criteria: all commands acknowledged within 500ms, each acknowledgement contains matching dispatcher user ID and timestamp, failed authentication attempts are rejected with appropriate error codes. Rationale: End-to-end test validating the dispatcher command interface to the incident management engine. Covers the critical dispatch path. | Test | verification, cad, dwi-ime, session-255 |
| VER-METHODS-012 | Verify IFC-DEFS-010: Generate 5000 incident events per minute through the IME and verify all events are persisted to the database. Pass criteria: write acknowledgement within 50ms for 99th percentile, all events persisted within 1 second verified by read-back, audit records are append-only with no UPDATE or DELETE operations permitted, unclean shutdown test confirms no more than 1 second of event loss. Rationale: Stress test validating CAD event persistence under extreme throughput. 5000 events per minute exceeds normal operations by 10x to verify the database handles surge conditions during major incidents. | Test | verification, cad, ime-cdel, session-255 |
| VER-METHODS-013 | Verify IFC-DEFS-011: With 500 active incidents and 2000 tracked units generating continuous events, query the supervisor dashboard metric set from the read replica. Pass criteria: metric staleness under 5 seconds measured by comparing metric timestamps to primary write timestamps, query response under 200ms for the complete standard metric set, metrics include queue depth, response time percentiles, unit utilisation, and incident counts. Rationale: Performance test validating supervisor dashboard responsiveness under realistic operational load. 500 active incidents and 2000 units represents a major metropolitan emergency scenario. | Test | verification, cad, cdel-sdm, session-255 |
| VER-METHODS-014 | Verify IFC-DEFS-012: Inject synthetic RTP streams from console to gateway at maximum load (48 simultaneous channels) and measure one-way latency using hardware timestamping. Pass criteria: p99 latency below 50ms and packet loss below 0.1% sustained over 8-hour test. Verify DFSI PTT signalling round-trip within 100ms using protocol analyser. Rationale: Stress test for radio console to gateway interface at maximum channel capacity. 48 simultaneous channels represents full console utilization. Verifies audio quality is maintained under peak load. | Test | verification, radio-comms, session-256 |
| VER-METHODS-015 | Verify IFC-DEFS-013: Issue talk group affiliation, patch creation (2, 4, and 8 talk groups), and dynamic regrouping commands via API under concurrent load. Pass criteria: all operations complete within 500ms, 8-group atomic patch is applied atomically (no partial state observable), and affiliation table is consistent across primary and standby gateways. Rationale: Functional test for talkgroup management operations including multi-group patching. These are critical interoperability functions used during multi-agency responses. | Test | verification, radio-comms, session-256 |
| VER-METHODS-016 | Verify IFC-DEFS-014: Establish ISSI connections to at least 3 external P25 simulators from different vendors. Measure cross-system audio one-way latency. Pass criteria: latency below 200ms for 95th percentile over 4-hour test, ISSI Group Call and Emergency Alert messages conform to TIA-102.BACA-A wire captures. Rationale: Interoperability test validating ISSI gateway connections to external P25 systems. Multi-vendor testing is essential because interoperability failures only manifest at system boundaries between different vendor implementations. | Test | verification, radio-comms, session-256 |
| VER-METHODS-017 | Verify IFC-DEFS-015: Record 24 simultaneous talk group audio streams for 8 hours. Pass criteria: 100% of transmissions captured (verified against gateway PTT event log), zero frames dropped from live audio path (measured by comparing latency with and without recorder connected), metadata records contain unit ID, talk group, and timestamp for every transmission. Rationale: Endurance test validating radio logging recorder under sustained multi-channel recording. 24 talkgroups over 8 hours simulates a full operational shift. 100% capture rate is required because missed recordings have legal and evidentiary consequences. | Test | verification, radio-comms, session-256 |
| VER-METHODS-018 | Verify IFC-DEFS-016: Execute OTAR rekey of 100 simulated subscriber radios. Pass criteria: delivery confirmation received for all radios within 60 seconds, failed rekey (simulated on 10% of radios) triggers rollback that restores previous TEK on all targeted radios. Verify TIA-102.AACA message format compliance via protocol analysis. Rationale: Security test validating Over-The-Air Rekeying of subscriber radios. OTAR is critical for key compromise recovery — if rekeying fails, compromised encryption keys remain in use across the fleet. | Test | verification, radio-comms, session-256 |
| VER-METHODS-019 | Verify IFC-DEFS-017: Trigger 50 consecutive dispatch confirmations from CAD test harness. Pass criteria: assigned talk group delivered to console and console affiliates within 1 second for 100% of dispatches. Verify incorrect talk group assignment is rejected (negative test with invalid talk group ID). Rationale: Integration test validating automated talkgroup assignment from CAD dispatch. This interface determines which radio channel a responding unit monitors — incorrect assignment means the unit cannot communicate with the incident commander. | Test | verification, radio-comms, session-256 |
| VER-METHODS-020 | Verify SUB-REQS-026: With active voice paths established on 48 channels, trigger primary gateway failure (power cut). Pass criteria: standby assumes all sessions within 2 seconds, no voice paths dropped (verified by continuous audio tone monitoring), no PTT transmissions lost (verified by gateway event log comparison). Repeat 10 times. Rationale: Failover test for radio gateway — verifies that voice communications survive hardware failure. This is a life-safety test: if the radio gateway fails without automatic recovery, field units lose voice communication with dispatch. | Test | verification, radio-comms, session-256 |
| VER-METHODS-021 | Verify IFC-DEFS-018: Submit 100 concurrent route requests spanning the full jurisdiction with varying origin-destination distances. Pass: 95th-percentile response time below 600ms, route distance within 10% of ground truth for 90% of routes, all responses contain valid travel time, distance, and encoded polyline. Rationale: Performance test for routing engine throughput. 100 concurrent route requests validates that the dispatch decision support module can compute optimal unit assignments for multiple simultaneous incidents. | Test | verification, gis, session-257 |
| VER-METHODS-022 | Verify IFC-DEFS-019: Request tiles across zoom levels 10-18 from 24 simulated dispatcher workstations performing simultaneous pan operations. Pass: 95th-percentile tile delivery below 200ms, all tiles render correctly, ETag caching reduces server requests by at least 40% on repeated pan operations. Rationale: Load test for map tile serving under realistic multi-dispatcher usage. 24 workstations with simultaneous pan/zoom represents peak shift operations. Verifies map rendering remains responsive during high-activity periods. | Test | verification, gis, session-257 |
| VER-METHODS-023 | Verify IFC-DEFS-020: Submit 200 geocoding requests using raw ALI address strings including misspellings, abbreviations, and intersections. Pass: 95% resolve within 300ms, 90% resolve within 50m of correct location, MSAG validation correctly identifies non-valid addresses. Rationale: Accuracy test for geocoding engine using realistic ALI data quality. Raw ALI address strings with misspellings and abbreviations represent actual field conditions. MSAG validation ensures dispatch to valid response zones. | Test | verification, gis, session-257 |
| VER-METHODS-024 | Verify IFC-DEFS-021: Connect MDT application to FirstNet LTE module via USB 3.0 interface. Execute sustained file transfer test for 60 seconds measuring throughput. Pass criterion: sustained throughput >= 50 Mbps with zero connection drops. Rationale: Hardware interface test validating MDT-to-LTE module connectivity. USB 3.0 throughput test confirms the physical interface supports concurrent voice and data streams without bandwidth contention. | Test | verification, mobile-data, session-258 |
| VER-METHODS-025 | Verify IFC-DEFS-022: Establish 200 concurrent WebSocket sessions between simulated MDTs and Gateway Server over cellular network. Inject network disruptions (3G/LTE handoff, 5-second blackout). Pass criteria: all sessions maintain TLS 1.2+, heartbeat interval 15 +/- 1 seconds, reconnection completes within 3 seconds of transport failure. Rationale: Scale test for mobile data gateway under full fleet connectivity. 200 concurrent WebSocket sessions validates the server handles all field units simultaneously. Heartbeat and reconnection testing validates reliability over cellular links. | Test | verification, mobile-data, session-258 |
| VER-METHODS-026 | Verify IFC-DEFS-023: Submit 100 CJIS queries through the IPsec VPN tunnel. Capture packets to confirm AES-256 encryption and NLETS XML format. Measure gateway-to-proxy latency per query. Pass criteria: all traffic encrypted AES-256, all messages valid NLETS XML, 95th percentile latency <= 500ms. Rationale: Security compliance test for CJIS query encryption. Packet capture confirms AES-256 IPsec encryption is applied end-to-end. FIPS 140-2 compliance is a federal mandate — failure means loss of CJIS access. | Test | verification, mobile-data, cjis, session-258 |
| VER-METHODS-027 | Verify IFC-DEFS-024: Generate 50 concurrent dispatch transactions per second via REST API from Gateway to Incident Management Engine. Validate JSON payloads against NIEM Justice domain schema. Pass criteria: API response time <= 1 second at 50 TPS, all payloads schema-valid, zero dropped transactions. Rationale: Throughput test for dispatch assignment delivery via REST API. 50 concurrent transactions per second validates the interface under mass-casualty incident conditions where many units receive simultaneous dispatch. | Test | verification, mobile-data, cross-subsystem, session-258 |
| VER-METHODS-028 | Verify IFC-DEFS-025: Simulate 200 units transmitting AVL reports at 10-second intervals via UDP. Verify Gateway aggregates reports and forwards batches via TCP at 5-second intervals to Unit Tracking Module. Pass criteria: all position reports contain unit ID, WGS84 lat/lon, heading, speed, UTC timestamp; batch interval 5 +/- 0.5 seconds; zero data loss over 10-minute test. Rationale: Integration test for AVL position report delivery. Verifies the Unit Tracking module receives and processes GPS updates at the required rate for accurate unit tracking on the dispatch map. | Test | verification, mobile-data, cross-subsystem, session-258 |
| VER-METHODS-029 | Verify SUB-REQS-040: Instantiate 200 simulated MDT clients connecting to the Mobile Data Gateway Server. Verify all sessions achieve TLS 1.2+ handshake. Disconnect 20 clients and reconnect. Pass criteria: 200 concurrent sessions maintained, all TLS 1.2+, re-establishment within 3 seconds. Rationale: Data integrity test for incident record replication from CAD to Records Management. Ensures closed incidents are faithfully replicated for long-term retention, FOIA response, and statistical reporting. | Test | verification, mobile-data, session-258 |
| VER-METHODS-030 | Verify SUB-REQS-044: Deploy AVL Module in test vehicle. Collect 1000 position reports over a 2-hour route including open highway, urban streets, and parking structures. Compare against RTK-GPS reference receiver. Pass criteria: CEP <= 3m for open-sky segments, CEP <= 10m for urban segments. Rationale: Integration test for audio recording linkage to incident records. Verifies recordings are retrievable by incident case number, which is essential for evidentiary chain of custody. | Test | verification, mobile-data, avl, session-258 |
| VER-METHODS-031 | Verify IFC-DEFS-026: Close 100 incidents in CAD within a 5-minute window. Monitor replication lag to Records database. Pass criteria: all 100 incident records appear in Incident Report Database within 60 seconds of CAD closure, with all event logs, timestamps, and unit assignments intact. Rationale: Search performance test for Records Search and Retrieval Engine. Index synchronization within 5 minutes ensures recently closed incidents are searchable for active investigations. | Test | verification, records-management, session-258 |
| VER-METHODS-032 | Verify IFC-DEFS-027: Create 50 incidents with associated call recordings. Retrieve recordings via URI reference from incident records. Pass criteria: all 50 recordings retrievable within 3 seconds, audio playback matches original, incident case number linkage correct. Rationale: Security test for PSAP perimeter. Validates that the firewall correctly enforces inter-VLAN segmentation required by CJIS Security Policy v5.9. Unauthorized lateral movement between zones would compromise criminal justice data. | Test | verification, records-management, session-258 |
| VER-METHODS-033 | Verify IFC-DEFS-028: Insert 1000 incident records into the database. Measure time until full-text search index reflects new records. Execute fuzzy name search with known misspellings. Pass criteria: index synchronized within 5 minutes, fuzzy match returns correct records at 80% similarity threshold. Rationale: Security test for WAN traffic inspection. Ensures all ESInet and internet traffic passes through the firewall before reaching internal systems. Bypass would expose life-safety systems to external threats. | Test | verification, records-management, session-258 |
| VER-METHODS-034 | Verify IFC-DEFS-029: Configure 802.1Q trunk between core switches and firewall with all production VLANs. Generate 5 Gbps aggregate traffic across all VLANs simultaneously using traffic generators. Measure per-VLAN throughput and latency at the firewall sub-interfaces. Pass criteria: aggregate throughput sustained at 5 Gbps with less than 1ms added latency on voice VLAN, all VLAN ACLs correctly enforced with no cross-VLAN leakage. Rationale: Integration test for network monitoring via SNMP v3. Validates encrypted polling, syslog aggregation, and alerting. Network faults must be detected within the NFPA 1221 two-minute notification window. | Test | verification, network-infrastructure, session-259 |
| VER-METHODS-035 | Verify IFC-DEFS-030: Establish 10 Gbps Ethernet links between core switches and WAN routers with 802.1Q tagging. Inject mixed SIP and bulk data traffic. Verify DSCP EF marking is preserved on voice packets from LAN ingress through WAN egress using packet capture at both ends. Pass criteria: DSCP marking preserved on 100% of voice-tagged packets, no DSCP remarking or stripping observed at any hop. Rationale: Accuracy test for time synchronization infrastructure. NTP and PTP accuracy are verified against reference clocks. Timestamp accuracy is critical for incident timeline reconstruction and multi-channel audio correlation. | Test | verification, network-infrastructure, session-259 |
| VER-METHODS-036 | Verify IFC-DEFS-031: Inject simulated ESInet SIP traffic and known attack signatures through the WAN gateway toward internal networks. Verify all traffic traverses the firewall with stateful inspection and IPS analysis. Attempt direct bypass of firewall via routing manipulation. Pass criteria: 100% of WAN-originated traffic inspected by firewall, all known attack signatures detected and blocked, no bypass route exists to reach internal networks without firewall traversal. Rationale: Functional test for UPS power conditioning and status reporting. Validates battery runtime meets the 30-minute requirement and SNMP alerts reach the Network Management System before battery depletion. | Test | verification, network-infrastructure, session-259 |
| VER-METHODS-037 | Verify IFC-DEFS-032: Configure SNMP v3 polling from NMS to all managed devices on the management VLAN. Simulate device failure by disconnecting a switch uplink. Measure time from failure event to SNMP trap receipt at NMS. Verify SNMP v3 authentication and encryption using packet capture. Pass criteria: trap received within 5 seconds of event, all SNMP traffic encrypted and authenticated, no SNMP v1/v2c fallback observed. Rationale: Performance test for SIP signalling over the dedicated voice VLAN. 150 concurrent sessions validates system capacity requirement. DSCP EF marking verification ensures voice traffic receives priority queuing. | Test | verification, network-infrastructure, session-259 |
| VER-METHODS-038 | Verify IFC-DEFS-033: Configure PTP boundary clock mode on all core switches. Connect PTP slave clocks at call recording and radio logging subsystems. Measure PTP offset from grandmaster over 24 hours including simulated GPS antenna failure. Pass criteria: PTP clients maintain sub-100 microsecond offset during normal operation, NTP clients within 1ms, holdover drift within 10 microseconds per hour during GPS loss. Rationale: Precision time test for PTP distribution via core switches. PTP boundary clock mode is required for sub-microsecond accuracy to latency-sensitive subsystems. Verifies call recording timestamp alignment. | Test | verification, network-infrastructure, session-259 |
| VER-METHODS-039 | Verify IFC-DEFS-034: Inspect physical power distribution from UPS to each network equipment rack for dedicated circuit isolation. Simulate mains power failure and verify ATS transfers to generator within 10 seconds. Verify UPS SNMP v3 reporting of battery charge, load percentage, and environmental sensors to NMS. Pass criteria: each rack on independent circuit, ATS transfer within 10 seconds, all UPS parameters visible in NMS within 60 seconds of polling cycle. Rationale: Security test for field MDT CJIS query path through the firewall. Validates IPsec VPN termination and source authentication ensure only authorized MDTs can query NCIC databases. | Inspection | verification, network-infrastructure, session-259 |
| VER-METHODS-040 | Verify IFC-DEFS-035: Establish 150 concurrent SIP sessions via the ESInet SIP Gateway with RTP media on the voice VLAN. Measure per-session bandwidth, one-way latency at switch ports, and verify DSCP EF marking. Simultaneously inject background data traffic at 80% link utilisation. Pass criteria: all 150 sessions maintain less than 5ms switch-to-switch latency, DSCP EF marking on 100% of voice packets, no packet loss on voice VLAN during data traffic saturation. Rationale: Functional test for DNS and DHCP infrastructure. Validates active-active redundancy, zone transfer replication, and IP phone provisioning. DNS failure would halt NG9-1-1 SIP URI resolution. | Test | verification, network-infrastructure, cross-subsystem, session-259 |
| VER-METHODS-041 | Verify IFC-DEFS-036: Establish IPsec VPN tunnels from simulated field MDTs through the firewall to the CJIS Query Proxy. Verify mutual certificate authentication and AES-256 encryption using packet capture. Attempt CJIS query from unauthorised source IP. Attempt connection without valid certificate. Pass criteria: authorised MDT queries succeed with full encryption, unauthorised source IPs blocked, certificate-less connections rejected, all CJIS traffic encrypted with AES-256. Rationale: Security test for IPS signature update mechanism and alert generation. Validates that the firewall maintains current threat intelligence and notifies operators of detected intrusion attempts. | Test | verification, network-infrastructure, cross-subsystem, session-259 |
| VER-METHODS-042 | Verify SYS-REQS-012: Systematically disable each subsystem (CAD, GIS, Records, Mobile Data) while maintaining 150 concurrent call load. Measure call-to-dispatch time for Priority Emergency incidents in degraded state. Pass criteria: voice call processing continues without interruption, radio channel access maintained for all active talk groups, call-to-dispatch time not exceeding 120 seconds for 95th percentile of Priority Emergency incidents during each degraded scenario. Rationale: Degraded mode verification requires systematic fault injection to confirm each subsystem can be lost independently without violating the minimum dispatch capability. Testing at 150 concurrent calls validates the stated capacity floor under realistic load conditions. The 95th percentile measurement for call-to-dispatch time accounts for statistical variation while ensuring the 120-second ceiling is met for the vast majority of Priority Emergency incidents. | Test | verification, session-261 |
| VER-METHODS-043 | Verify SYS-REQS-013: Execute full-site failover drill disconnecting primary PSAP from network. Measure time from primary site isolation to backup site accepting emergency calls. Pass criteria: backup site processing 100% of call volume within 60 seconds of primary site disconnection, no calls lost during transition, all CAD data replicated to backup site within RPO of 30 seconds. Rationale: Site failover is a high-consequence, low-frequency event that must be validated before it is needed. A full-site disconnection drill is the only way to confirm the 60-second failover target and verify that no calls are lost during transition. The 30-second RPO for CAD data replication ensures dispatchers at the backup site have near-current incident state and do not lose recently created incidents. | Test | verification, session-261 |
| VER-METHODS-044 | Verify IFC-DEFS-037: Dispatch 20 fire and EMS incidents in rapid succession through the CAD. Measure time from dispatch confirmation to station alerting activation at target fire stations. Pass criteria: alerting tones and printouts activated at all assigned stations within 2 seconds of dispatch confirmation for 100% of dispatches, incident details on printout match CAD data exactly, talk group assignment matches dispatch assignment. Rationale: Rapid-succession dispatch testing validates the 2-second station alerting latency under burst conditions, not just single-incident scenarios. 20 fire and EMS incidents exercises the interface under realistic multi-alarm conditions. Exact data match verification ensures the API does not corrupt or truncate incident details during high-throughput operation. | Test | verification, session-261 |
| VER-METHODS-045 | Verify IFC-DEFS-038: Execute 50 spatial queries using point-radius (1km, 5km, 10km) and polygon filters against a database loaded with 1 million incident records spanning 12 months. Pass criteria: all queries return correct spatial results within 3 seconds, results correctly sorted by date, polygon queries correctly exclude incidents outside boundary. Rationale: Spatial query verification requires a realistic data volume (1 million records over 12 months) to stress-test index performance and confirm the 3-second response ceiling is achievable at production scale. Testing multiple radius values and polygon filters covers the full range of query patterns used by investigators and analysts in real PSAP operations. | Test | verification, session-261 |
| Requirement | Verified By | Description |
|---|---|---|
| SYS-REQS-013 | VER-METHODS-043 | |
| SYS-REQS-012 | VER-METHODS-042 | |
| IFC-DEFS-038 | VER-METHODS-045 | |
| IFC-DEFS-037 | VER-METHODS-044 | |
| IFC-DEFS-036 | VER-METHODS-041 | |
| IFC-DEFS-035 | VER-METHODS-040 | |
| IFC-DEFS-034 | VER-METHODS-039 | |
| IFC-DEFS-033 | VER-METHODS-038 | |
| IFC-DEFS-032 | VER-METHODS-037 | |
| IFC-DEFS-031 | VER-METHODS-036 | |
| IFC-DEFS-030 | VER-METHODS-035 | |
| IFC-DEFS-029 | VER-METHODS-034 | |
| IFC-DEFS-028 | VER-METHODS-033 | |
| IFC-DEFS-027 | VER-METHODS-032 | |
| IFC-DEFS-026 | VER-METHODS-031 | |
| IFC-DEFS-025 | VER-METHODS-028 | |
| IFC-DEFS-024 | VER-METHODS-027 | |
| IFC-DEFS-023 | VER-METHODS-026 | |
| IFC-DEFS-022 | VER-METHODS-025 | |
| IFC-DEFS-021 | VER-METHODS-024 | |
| IFC-DEFS-020 | VER-METHODS-023 | |
| IFC-DEFS-019 | VER-METHODS-022 | |
| IFC-DEFS-018 | VER-METHODS-021 | |
| IFC-DEFS-017 | VER-METHODS-019 | |
| IFC-DEFS-016 | VER-METHODS-018 | |
| IFC-DEFS-015 | VER-METHODS-017 | |
| IFC-DEFS-014 | VER-METHODS-016 | |
| IFC-DEFS-013 | VER-METHODS-015 | |
| IFC-DEFS-012 | VER-METHODS-014 | |
| IFC-DEFS-011 | VER-METHODS-013 | |
| IFC-DEFS-010 | VER-METHODS-012 | |
| IFC-DEFS-009 | VER-METHODS-011 | |
| IFC-DEFS-008 | VER-METHODS-010 | |
| IFC-DEFS-007 | VER-METHODS-009 | |
| IFC-DEFS-006 | VER-METHODS-008 | |
| IFC-DEFS-005 | VER-METHODS-005 | |
| IFC-DEFS-004 | VER-METHODS-004 | |
| IFC-DEFS-003 | VER-METHODS-003 | |
| IFC-DEFS-002 | VER-METHODS-002 | |
| IFC-DEFS-001 | VER-METHODS-001 | |
| SUB-REQS-044 | VER-METHODS-030 | |
| SUB-REQS-040 | VER-METHODS-029 | |
| SUB-REQS-026 | VER-METHODS-020 | |
| SUB-REQS-009 | VER-METHODS-007 | |
| SUB-REQS-001 | VER-METHODS-006 |
| Ref | Document | Requirement |
|---|---|---|
| STK-NEEDS-009 | stakeholder-requirements | The Emergency Dispatch System SHALL determine the location of an emergency caller to within 50 metres horizontal accurac... |