Information for TSOs and users
Application downloads
Please follow the links to get on the right download page
ECCo SP Alert: Vulnerability in ActiveMQ
A critical vulnerability, identified as CVE-2023-46604 in ActiveMQ, has been reported through Apache CVE Publication.
Impact on ECCo SP:
This vulnerability specifically impacts the OpenWire protocol, whereas ECCo SP employs the AMPQS protocol by default. To ascertain which protocol is in use, please refer to the <transportConnectors>
section in the activemq.xml file, applicable to both the internal broker and ECP Broker. By default, if “name” is set to “amqp+ssl” in the transportConnector element, it signifies the utilization of the AMPQS protocol. In case the OpenWire protocol was in use, “name” would be set to “default” or “auto” or “openwire”.
Furthermore, an examination of the ActiveMQ fix’s source code changes (accessible at https://issues.apache.org/jira/browse/AMQ-9370) has been conducted to identify the affected classes. A corrective method was introduced in the BaseDataStreamMarshaller.createThrowable methods for all OpenWire versions. We conducted debugging on ECCo SP, employing breakpoints within these methods, and observed that these methods were never invoked.
In conclusion, ECCo SP remains unaffected by this vulnerability, unless it is configured to use the OpenWire protocol, which has never been supported by ECCo SP or mentioned in the ECCo SP documentation.
Docker Images access
ECP and EDX components can be run within Docker containers.
Option 1: Docker Hub Access
The ECP and EDX components can be seamlessly executed within Docker containers, facilitated through Docker images conveniently hosted on the ENTSO-E Docker hub.
To initiate the process, simply pull the required Docker images from the ENTSO-E Docker hub. These pre-packaged images are readily available, ensuring a smooth deployment experience.
For additional details or assistance, please feel free to reach out to ecp@entsoe.eu . They can provide you with the necessary access to the Docker images on the Docker hub.
Option 2: Direct Download from Website
You can download the ECP Endpoint and EDX Toolbox Docker binaries directly from our official website. To begin the download process, simply click on the link located at the top of this page. This action will redirect you to the designated download page.
NOTE: - To access the Docker test environment, Docker Compose YAML file, and Helm charts, please download the installation package from our website. After downloading, navigate to the specified location: ECP-4.XX.0\ECP-4.XX.0.XX-Client\ECP Other Deliverables.
Please refer to the following video for more information:
Sandbox Environment
NOTICE - We have decommissioned the current Sandbox environment. We are actively working on a new setup. While we cannot provide a specific date at this time, we will share further instructions and details about the new environment once it’s ready for use.
ECCoSP Sandbox environment has been created to provide an easy way to try out the ECCoSP platform. You can explore ECCoSP features in the sandbox and get a first-hand experience of its capabilities. With the ECCoSP Sandbox, you can experiment with the different features and even try out the latest features without having to commit to a full deployment (you still need to install an ECP Endpoint). It can also be used to perform a basic set of smoke tests before installing/upgrading to a new release on your network. So, start exploring and have fun with the ECCoSP Sandbox!
Please contact ecp@entsoe.eu for further information and access to the sandbox environment.
Projects running ECP & EDX
Many Transmission System Operators (TSOs) rely on ECCoSP as the standard for managing messages exchanged between TSOs and market participants. Moreover, a range of projects utilizing ECP and EDX as a pan-European exchange layer. Notable examples encompass the Transparency Platform, Common Grid Model, OPC/STA, and European balancing platforms such as TERRE, MARI, and PICASSO.