EPRI: Electric Power Research Institute

Software Development


Subscriber Website (SWS) Development Requirements

For existing SWS sites:

To submit a Database Requests (Restore, Back Up, or Run a Script), submit the SWS Database request e-mail form

To update SWS content, submit a GitLab Merge Request

If code or structural updates are required, contact SQA to schedule a consultation meeting with Web & Mobile Solutions to determine branding requirements and applicable development steps (e.g., Security and Usability testing).

For new SWS sites:

To develop a new SWS:

  1. Consultation with SQA and Web & Mobile Solutions
  2. Forward the Business Requirements Document (BRD) Template (71 KB) to SQA. SQA will schedule a consultation with the EPRI Project Manager, Development team, Web & Mobile Solutions and SQA.

    The consultation will serve to:

    Note:

    • Download the EPRIMobileFrameworkv1.0.pdf for more information on the EPRI Mobile Development Framework
    • All SWS must be hosted on EPRI.com
    • Refer to the branding guide 4.1 for web browser requirements

  3. Obtain URL and Design Approvals
  4. EPRI project manager must obtain approvals from:



  5. Kick-off Meeting with SQA
  6. Once URL and design approvals are obtained, forward the approvals to SQA along with a completed SWS/Mobile App Kick-off Meeting Checklist (201 KB). Once received, SQA will schedule a kickoff meeting to review the SWS development and support plans (e.g., Operating Systems, Platforms, etc.), Process Requirements (e.g., Pre-Production and Production distribution), usability testing, and security testing requirements. Upon a successful kick-off meeting, SQA will approve the start of development.



  7. SWS Compatibility Requirements
  8. For guidance on working with IT-SQA to make the web application functional on EPRI.com, use the Web Application Integration and Planning Checklist on the second part of the SWS/Mobile App Kick-off Meeting Checklist (201 KB).

    Subscriber Website must be compatible on the following stack:

    1. Microsoft Windows Server 2016
    2. Microsoft Internet Information Server 10
    3. Microsoft .NET Framework (e.g., 4.6)
    4. Microsoft SQL Server 2016

    Supported programming languages:

    1. All .NET programming languages (C#, VB.NET, etc.)
    2. JavaScript
    3. Python*

    * Note: Environment for Python-driven SWS must be discussed with SQA prior to starting development. Pre-requisites and other dependencies may require approval from IT Management.



  9. Security Requirements
  10. All SWS are scanned for security vulnerabilities using the Rapid7 AppSpider scanner. All SWS must pass the security requirements of the Open Web Application Security Project (OWASP) Application Security Verification Standard (ASVS) Project.

    A remediation plan must be provided for any high or medium risk vulnerabilities found during the scan. InfoSec may also require that certain low risk vulnerabilities be fixed at their discretion. Developers must use the Remediation Plan Template and submit the plan to SQA.



  11. Develop SWS
  12. SWS must meet applicable EPRI product requirements:



  13. SQA Testing and Distribution
  14. When the SWS is developed and ready for testing, request an SQA test (e.g., Pre-Production (Beta) or Production (Final Acceptance)) by submitting the Testing Submittal Package, which must include the SWS Promotion Checklist (81 KB).

    Reminder: SWS Developers must submit their code by checking it in to the DEV branch of their GitLab repository. For more information regarding GitLab, send a message to SQA.