Functional Specs

XRHMA® Suite and its peripherals subsystems are designed as Customer Centric system. Each customer (CIF / BASE) can have more than one portfolio, defined in any reporting currency and also each portfolio can contain different kind of securities types, markets, currencies. Each portfolio can be linked to a Bank account for automatic credit/debit entries forwarding and balances synchronization. Private, Margin, 3D, Derivatives, Asset Mgmt, Custody etc. are some types of portfolios with special risk management handling, Ordering control and Buying Power calculation in case of the Bank is providing online Trading. In addition a single portfolio is possible to belong to a group of customers (Common Portfolio) following all requirements and security settings for this purpose.

 Flexible, scalable system, allowing different configurations for each user profile. It can be configured to user level for all system functions, authorizations, reports, activities, languages.

The system is multi-currency in all levels i.e. Safekeeping, Portfolios, Products, Data Entry, Reporting, Risk Mgmt, Accounting, Security, Settlement & Clearing etc.

The system is multi-lingual and the user language is selected from the menu by the user without any special configuration. The languages that are currently supported are English, Greek, Romanian and recently Bulgarian & Serbian. It can be easily expanded to any other additional language depending on translation only. Also the Customer Statements can be produced according to Customer correspondence language.

Multi-product and multi-market. Any product, local or foreign and at any currency, that is traded or can be under custody, is fully handled by the system such as Equities, Derivatives, FX, Bonds, Mutual Funds, Money Markets, Commodities, OTC, etc.

High Level Security is provided by the system. There are two types of Security setup by Administrator. a) per user groups or per individual users with controlled access to all system selections and functions, and b) per system function, even for reports, if for each function, it is required authorization (double signature) from a upper level user. For special function such as changes to commission plans, to customer static data, the system can be setup to ask a second level approval during the operation. So both input/authorization and online verification are valid during significant operations of the system. A detailed audit trail is maintained for each action performed and it is available to Internal Control and Auditors.

The system is modular as regards peripherals, additional subsystems and plug-in components. Any subsystem/module can be activated or deactivated according to license agreement, taking into consideration the vertical flow of each product.


Non Functional Specs

As XRHMA® is used by major Domestic and Foreign Banks following international security standards and they are audited by International Auditors, for Security, Integrity, Audit and Control Requirements XRHMA® has been adjusted to fully cover them.

The security system of XRHMA® is custom designed, but it can used windows security for authentication purposes. System security is based on both user level and function level. For each user are assigned special rights, the group of customer where has access (per Profit center, per branch, per agent), the function of the application which he has access too. All system functions-selections are controlled by XRHMA® security even reports. Also a second level signature is activated on function level for online verification for significant function where it is required. Extensive auditing and logging at user level provides an overview of all tasks. Database access can also be secured at database level by the use of SQL server security. Regarding web users XRHMA® assigns/generates PINs for each web user and correlates PIN with XRHMA ID, so from web access the user security data are handled by XRHMA®. Remote clients (Multiclients etc) communicate direct with the Application Server (Request Server) with DCOM or TCPIIP. All data transferred are encrypted and compressed using SSL or MS Certification method. Security of data transfers is provided by SQL Server encryption libraries. SSL can also be used to provide stronger encryption, message integrity and server authentication in combination with a Certificate Authority.

Extensive auditing and logging at user level provides an overview of all tasks. System maintains a detailed audit trail for all actions related to XRHMA® operations. In case of modifications or cancellations the previous data are kept and can be compared with the new ones. The audit trail record contains username, date-time, function affected, previous & new status of changed fields. In case the administrator set the system to keep audit trail for reports, the selection criteria and the headers of each report are recorded too. There are a lot of viewing criteria available to authorized users, internal auditors, management etc, to locate and check the history of every action in the system.

System key data (customer details, commissions, interest, discounts etc.) maintenance is done under single or dual control and previous & new data are recorded in the audit trail. So all these records are available to authorized users for previewing and printing.

XRHMA® transactions are based on the double processing accounting, which means that all the transactions are related with balanced batches of G/L entries. So at any time total credit & debits are always balanced. The daily system integrity confirmation is done by means of back office or accounting reports. Also there is a special designed module where system totals appear and correlate with accounting totals. Regarding securities balances (quantities), there is a daily reconciliation process with Central Depositories and foreign brokers to verify the balance of each customer or Omnibus account with the corresponding Depository account.

Orders, modifications, cancellations and executions are kept in a well organized tree structure, easy for authorized users, auditors, management etc. to review and investigate orders/trades history.

There are no limits for the number of concurrent users. It is subject to system licences.

There are no other system limitations that should be taken under consideration. The system is based on a 3 tier, layered architecture that offers many options regarding horizontal and vertical scalability, performance, availability, reliability and fault tolerance. More specifically, load balancing, connection pooling, multi threading and clustering techniques guarantee system performance and scalability.

System Availability. As mentioned above the system is based on a 3 tier architecture layered architecture supporting both high availability and dynamic load balancing. High availability of 99.99% and disaster recovery can be achieved using a combination of standard load balancing, clustering and fail over techniques. More precisely, the system is based on Microsoft Windows DNA Architecture featuring COM+ Application Server and MSSQL Server. In addition, a WEB Based Trading Platform and a WEB Service Wrapper for the Application Server, both running on MS IIS, have been developed.  Network Load Balancing (NLB), Component Load Balancing (CLB) and Microsoft Cluster Service could be used.

The system provides a set of tools for downloading data from the Trading & Fund Management systems. These tools include:

  • A user friendly report generator, where the user can define the report layout field-by-field and also the selection criteria for making at hoc queries from almost all customer’s data.
  • Crystal Report Generator, where a more experienced user can define its own report and queries.
  • All XRHMA® reports are exported to various types of files/formats and destinations. Ie. PDF, CSV, RTF, XLS, DBF, WKS etc. Also all reports can be extracted unformatted (row data). Finally, data are available to third party reporting tools or other systems through standard database tools or Application Server documented API (COM+ Components).

System Security is based on custom forms based security and provides the ability to define different level of security on both user and function level. For each user are assigned special rights-attributes giving access to specific groups of customer (per Profit center, per branch, per agent) and application functions. Also a second level signature can be activated on function level for online verification of significant functions.

The system does not require changes to firewalls. Connection to Request Server (Com+ Application Server) can be implemented using either our WEB Service Wrapper or DCOM tunnelling techniques. Thus, system’s thick clients (Win32 Multiclient), thin clients (WEB Trading) or even third party systems are able to connect to the system using port 80 (and http).

In case for remote users to have additional security (single session) based on hardware, the system gives the option to the security officer to burn USB for each user profile, so in order a user to sign on, the system is required the specific USB to be attached.

A WEB Service Wrapper is provided upon COM+ Based Application Server that can be used for application integration and interoperability, as well as, for XML data transferring.

The system provides many options for batch interfaces including file export routines, queuing (store and forward) and database batch integration techniques. Data can be exchanged in various formats and layouts such as CSV, XML, XLS etc.

The system supports calls to external WEB Based Systems passing data through custom parameters (i.e. CustomerID, StockID etc). These calls are appearing to System’s menu (and/or custom buttons). Thus, new functionality can be added.

End User customization includes menu refinement (including/excluding choices) and grid layout refinement and storing (column position and visibility status, sorting, grouping etc).


Storage

 

Storage Requirements: Initial storage requirement includes only initial system’s databases (0,2 GB), plus the size of the migrated  historical data. Based on statistical information from our existing installations database size for 100,000 clients having 4,500,000 trades is almost 20GB. In addition daily number of trades ranges between 1,500 and 10,000 trades. Standard archiving and retrieval facilities of MSSQL Server or third party tools can be used.

Network Performance: Regarding branches network required bandwidth, each Multiclient transaction size (call to COM+ Request Server) ranges between 0.1 and 1 KB. In Bank clients Multiclient is working normally on the existing banking network together with other on line services, even on 64KB line. A usual Bank with 120 branches using average 3 Multiclients per branch plus Bank's on line services operates normally using a 128KB line. The Network protocol used is TCP/IP for intranet, HTTP(S) fro extranet.

View Architectural Design Document

View Hardware requirements and Scaling

View Infrastructure & Technical Design Document


Applications Characteristics

The main application and its subsystems are named as XRHMA®. The first installation of XRHMA® platform was done on May 2001, and since then the same product with upgraded and enhanced versions, was installed in more than 60 productive installations in three countries up to now, as it is indicated in Customer's List

General Application Information

  • The system is based on a 3 tier, layered and open architecture. More precisely, the system is based on Microsoft Windows DNA Architecture featuring COM+ Application Server and MSSQL Server. In addition, a WEB Based Trading Platform and a WEB Service Wrapper for the Application Server, both running on MS IIS, have been developed. More specifically system’s architecture is based on the following logical layers: 1) Database Layer: Includes all system’s databases for backoffice, settlement & clearing, order routing and trading. Running on MSSQL 2000 and above. 2) Application Server Layer: COM+ based Request Server. Internal and/or external clients and third party applications connect to the system through this layer. 3) Presentation Layer: Includes 3-tier thick Win32 (Multiclient) and thin –WEB based- clients for trading, portfolio management etc. Furthermore, there is a client server Win32 Application for BackOffice Operations (XRHMA®).
  • Client Server backoffice Win32 application (XRHMA®) and Win32 Client (Multiclient) are based on VB6. There are also applications for security, risk management and policies enforcement (BSConsole) that have been developed on MS Visual Studio 2005 and C#. Finally, COM+ based R/S has been developed using VB6.
  • The proposed solution can run on more than one server. As mentioned above, the system is based on a 3 tier, layered and open architecture utilizing many options regarding horizontal and vertical scalability, performance, availability, reliability, fault tolerance and interoperability. More precisely, the system is based on Microsoft Windows DNA Architecture featuring COM+ Application Server and MSSQL Server. In addition, a WEB Based Trading Platform and a WEB Service Wrapper for the Application Server, both running on MS IIS, have been developed. Thus, load balancing (NLB, CLB), connection pooling, multi threading and clustering techniques can be used increasing system performance, scalability and availability.
  • The system follows an extensible and agile architecture. Thus, new functionality can be easily added.

Application Modules

XRHMA® suite is composed by the following modules and all of them (except web on line trading engine) are mandatory for the daily operation:

  • XRHMA®2000 - backoffice
  • Request Server – Application Server with business components
  • Multiclient – front end windows application for online trading used by branches, agents etc.
  • BS-Audit-Console – Risk management setup, Margin, Policies Set and all parametrical settings for online trading.
  • Administration – Security system – Users and function attributes.
  • On line trading engine - web application used by retail clients and it is available only for Trading Members.

System Usability

  • The system utilizes session management facilities at application security and application server layers. Web based application have their additional session management facilities based on standard techniques. 
  • The system utilizes standard Win32 navigation techniques for C/S or 3-tier Win32 modules and WEB Bases navigation techniques for thin web clients.
  • End User screen/navigation customization includes menu refinement (including/excluding choices) and grid layout refinement and storing (column position and visibility status, sorting, grouping etc), through an easy to use, straightforward and quick process.

User Interface(s)

The system utilizes both Graphical (win32) and Web browser HMI. Thick client (multiclient), targeting agents, provide an extended functionality and are more agile and easy to use. Web based thin clients are usually targeting end Investors. C/S backoffice application (XRHMA®) features a very flexible and adaptive graphical (Win32)  HMI.

System Parameterization

  • System parameterization can be done in many different levels such as:
  • Security Level that includes Authentication and Authorization
  • Policies Enforcement and Risk Management including Margin and other Capital Requirements Directives, internal rules regarding trading etc.
  • Reference Data parameterization
  • Other system parameterization including reporting, custom functions etc
  • Each of the above mentioned parameterization level requires different skills and training.

Disaster Recovery

As mentioned above the system is based on a 3 tier architecture layered architecture supporting both high availability and dynamic load balancing. High availability and disaster recovery can be achieved using a combination of standard load balancing, clustering and fail over techniques. More precisely, the system is based on Microsoft Windows DNA Architecture featuring COM+ Application Server and MSSQL Server. In addition, a WEB Based Trading Platform and a WEB Service Wrapper for the Application Server, both running on MS IIS, have been developed.  Network Load Balancing (NLB), Component Load Balancing (CLB) and Microsoft Cluster Service could be used.

Application System Upgrades

  • As capital markets, worldwide, are dynamically changed (Mifid, Anti-Money Laundering, BASEL II, etc,   every six months it is scheduled to rollout a new release of XRHMA® suite. In addition in case of emergency legal changes or special customer requests, extra releases-solutions or custom sub-releases are rollout.
  • All releases are delivered with full documentation regarding modifications, and additional functionality provided.
  • Prior to issue a new release four levels of testing are performed from Broker Systems S.A. into different environments and from different groups of testers for better performance, quality and bugless delivery to the customer.
  • System-Functional testing into the development environment
  • UAT (User Acceptance Testing) from Operations-UAT Department
  • Regression Testing in an environment similar to customer setting with all peripheral subsystem involved
  • Security Testing
  • GUI Based Testing, and
  • Performance Testing in the Business Support environment

Also when a new release is delivered to a customer it is installed into customer test environment, where users have the option to detail test the changes, functionality, performance and procedures. When this piece of testing is completed and the customer feels satisfied from the results of the testing, then the release is uploaded into Production environment.

  • Standard releases, in case there are major changes or additions, are usually issued as full releases and they include all XRHMA® suite modules recompiled. In case of emergency releases to solve bugs, small legal changes, reporting, customizations etc. are issued as solutions or fix releases and they are applied to the existing software.
  • There is always provided onsite support by both technical and business BS staff, when a new release is uploading either into customer testing or production environment.

5D Methodology

Software Integration Methodology (Define - Design - Develop - Deploy - Deliver)

Broker Systems takes a systematic approach to software integration known as the "5D Methodology". The Five D's encompass:

Define
Like in the construction industry, you have to know what you are building before you can build it. Therefore, the first step in the 5D methodology is to define what software will be integrated and define the best method for integration. Also known as scope definition, this is the point in the software lifecycle where we meet with your company to discuss your software integration needs. We also identify during this stage whether the software will be able to directly integrate or middleware is required.

Design
This is another vital step in the software lifecycle. Before we begin writing any code, we first create an integration design plan, which clearly explains in non-technical terms the best method for integrating the software. In situations where middleware is required to be developed, BS Architects will create a functional specification that describes in detail the functions to be performed by the middleware. You will be involved in every step of this process and actual development of the middleware will not begin until you sign off on the functional specification. This ensures that both parties are on the same page as to what will be developed and deployed.

Develop
Once all appropriate plans and specifications have been approved, the development to integrate the software is started. The entire development process is overseen by your dedicated project manager who will provide you with scheduled updates on the progress of development and deliverable timelines. We utilize trusted, experience development resources with which we've had a working business relationship for years.

Deploy
After development and testing is complete the integration solution is deployed to your production environment.

Deliver
After deployment and the first period continues monitoring from our integration and support test, we deliver the solution to end users.


Hardware Specs

Cluster Database Server

Based on first estimates that the database of XRHMA back office will reach the size of ~ 150 GB almost and given that the back office users will be 50 and the 2000 almost concurrent users via the Application Server (Andromeda, Branches/Intranet, Internal Agents, third applications etc) we suggest the following configuration.

One cluster with two nodes in operation active/inactive where the first has an SQL instance with the back office database and the second node another instance with the bases for the ordering and other auxiliary databases.

Hardware Configuration (for every node of cluster)

CPU

2 X Quad Core (Intel Xeon 2.40 GHz or another of equal/greater power)

Memory

16 GB Ram

Hard Disk (for OS)

250 GB (RAID1/RAID5)

OS

Windows 2008/R2 64bit

SQL Server

MS SQL 2008/R2 64bit

SQL BackOffice Instance

Max. SQL Server Memory 13 GB

Shared Hard Disks (NAS)

  1. XRHMA2000 Database file > 500 GB
  2. XRHMA2000 Log file > 100 GB
  3. TempDB Database + TempDB Log File + Backups* etc. > 500 GB

*Each backup is equal to the database size. Thus, with 150GB Database and 500 GB disk for the backups, it will store only one or two backup files if we take into consideration the space that TempDB will take (max 100 GB).

SQL Ordering Instance

Max. SQL Server Memory 2 GB

Shared Hard Disks (NAS)

  1. Database files > 100 GB
  2. Log files > 50 GB
  3. TempDB Database + TempDB Log File + Backups etc. > 100 GB

SQL Reporting Database Instance

There is the possibility of exporting the reports from another database. In that case, the same server with the server that the back office database has is needed and in some way the bases should be synchronized (e.g. with transaction log shipping). It is not necessary to be in the cluster since if it is not available, XRHMA, with a central setting, can turn in the live database for the reports. In case we need to have a third node in the cluster, we should take into consideration the extreme case failover of all instances in one node.

Application Server (Bs Request Server, Request Server Wrapper, etc.)

The following configuration is the proposed one for the Application Server which will be able to cover almost 700 concurrent users.

Hardware Configuration 

CPU

2 X Quad Core (Intel Xeon 2.40 GHz or another of equal/greater power)

Memory

4 GB Ram

Hard Disk (for OS)

250 GB (RAID1/RAID5)

OS

Windows 2008/R2 32bit

Intranet for Branches (Web Multiclient)

The following configuration is the proposed one for an IIS which will be able to cover almost 700 concurrent users

Hardware Configuration 

CPU

2 X Quad Core (Intel Xeon 2.40 GHz or another of equal/greater power)

Memory

4 GB Ram

Hard Disk (for OS)

250 GB (RAID1/RAID5)

OS

Windows 2008/R2 32bit

Web Site (Andromeda + Web Site)

The following configuration is the proposed one for an IIS which will be able to cover almost 520 users (20 live/delayed streaming + 500 snapshot)

Hardware Configuration 

CPU

2 X Quad Core (Intel Xeon 2.40 GHz or another of equal/ greater power)

Memory

8 GB Ram

Hard Disk (for OS)

250 GB (RAID1/RAID5)

OS

Windows 2008/R2 32bit

Feed Provider

Also, as regards the Feed Provider of Morning Star (TenFore) if it works behind a proxy, we have to clarify that it uses the port TCP 18247. If there is a possibility to regulate the PC so as to send this port to a proxy, the application will work. However, it needs additional attention concerning the performance, since MorningStar has given us as maximum limit the 10.000 messages per second and the proxy must not create any delays.