Presentation is loading. Please wait.

Presentation is loading. Please wait.

Jan Hatje, DESY CSS ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron.

Published byDerek Allison Modified over 8 years ago

Similar presentations

Presentation on theme: "Jan Hatje, DESY CSS ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron."— Presentation transcript:

1 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 1 CSS – Control System Studio Alarm System, Authorization, Remote Management CSS – Control System Studio Summary Presentation @ ITER March 8 th 2009 Matthias Clausen, Jan Hatje (DESY / MKS-2) Presented by: Jan Hatje

2 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 2 Overview Alarm System Structure of components Management System CSS Views of alarm status Authentication and Authorization CSS Interfaces Configuration of user access rights Remote management Install and update CSS components Management of CSS headless instances

3 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 3 Alarm System - Overview Common APIs for JMS -, LDAP – Server and Database → no special implementation is required JMS Messages (Key, Value) for all communication between components Alarm System can handle all kinds of messages (e.g. log messages) Several sources for alarm/log messages are possible (EPICS, D3, CSS, …) Sending alarms to different destinations (SMS, e-mail, voice mail, …) Users can configure filters for alarm messages themselves Redundancy for main components of the system

4 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 4 Alarm / Log message Sources Alarm system - Structure EPICS IOCD3 PCMCSS Instance JMS Server Persistent Store (LDAP) Archive DB CSS Alarm Tools (Views, Con- figuration, …) Message Table Message Archive Alarm Management System AMS Configuration Alarm Tree SMS Mail Updated from IC

5 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 5 JMS Communication Message sources Special Format Other Sources EPICS IOC and D3 PCM send alarm messages in special format Interconnection Server (EPICS) and D3 Alarms (D3) translates alarm messages in JMS format CSS uses log4j and sends log messages in JMS format Generic message system for alarm messages Easy to add other sources EPICS IOC D3 PCM CSS Instance Interconnection Server D3 Alarm Reader Special Format JMS Server (Active MQ)

6 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 6 Alarm System - Persistent store Persistent Store (LDAP) holds structured list of all records Represents the current alarm status of all records Records are ordered by facility name, component and controller Alarm status of a record: –epicsAlarmAcknTimeStamp –epicsAlarmSeverity –epicsAlarmStatus –epicsAlarmTimeStamp Alarm status is updated by Interconnection Server (from IOC) Acknowledge is set directly by concerning CSS instance Source for Namespacebrowser → next presentation Persistent Store (LDAP) Interconnection Server D3 Alarm Reader Update (not yet implemented)

7 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 7 CSS Alarm Configu- rator Alarm System - Alarm Management System (AMS) DB Filter Manager Filter SMS JMS Read configuration Action Alarm Message (JMS) Write Configuration SMS ConnectorVoice Mail ConnectorMail Connector JMS Mail JMS Voice Mail

8 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 8 Alarm System - AMS Filter Filter: Checks if the filter matches Creates a new message with the relevant information of the alarm message Forwards the message to an action Filter condition: A Filter is a combination of filter conditions Filter conditions can be connected with AND and OR Available condition types are: Compare strings, Check current PV, Time based condition, …

9 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 9 Alarm System - AMS operators and groups Operators: Receive alarm messages via mail, sms, … Status active or inactive can be set PIN Code to acknowledge alarm messages Groups: Operators responsible for specific facilities Defines priority who should be informed first, second, … Maximum delay for acknowledgment of alarm messages

10 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 10 Alarm System - Alarm Tree view Shows the current status of the persistent store (LDAP) Delete and create records and subcomponents by context menu Changes are stored in the LDAP server Alarm status is propagated to root component Property view to display and edit tree items

11 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 11 Alarm System - Alarm Table Message properties, color and text for severities are configurable Log View Shows all types of messages in a chronological order Alarm View Shows alarm messages Ordered by: 1. severity and 2. timestamp Archive View Shows messages stored in archive DB Time period and search criteria settable

12 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 12 CSS Instance Acknowledge Alarm message Alarm System - Acknowledgement Ack. Message (JMS) Update Persistant Store (LDAP) JMS Server Ack CSS Instance Ack

13 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 13 Authentication and Authorization - CSS Extensions Implementation of CSS rights management is located in separated Plug-Ins CSS Core provides extension points for authentication and authorization CSS Core loginModule authorization- Provider Implementation of an authentication module Implementation of an authorization provider SecurityFasade canExecute(id) Extension-PointService CSS Plug-In request

14 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 14 Authentication and Authorization - Implementation CSS is available with and without rights management Without rights management: Deliver no implementation / plug-in for loginModule ans authorizationProvider All users are anonymous With no authorizationProvider all CSS actions are available With rights management: loginModule authenticates all users. (@DESY Java-API JAAS with Kerberos module) AuthorizationProvider checks for each action if the user is authorized (@DESY LDAP implementation for authorize IDs, groups, roles)

15 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 15 Authentication and Authorization - Name structure for authorizeID Sensitive actions can be protected with an authorizationID Hierarchical name structure for authorizationIDs AuthorizationID service in CSS core shows all existing authorizationIDs in the system Not mandatory, each institute can define their own structure

16 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 16 Authentication and Authorization - LDAP Structure User Roles (administrative aspect) Groups (technical aspect) AuthorizeIDs Configuration for authorization and authentication is stored in LDAP User, Groups and Roles are updated by DESY Registry AuthorizeIDs and the mapping can be set by CSS plug-in “AuthorizeID” or manually. DESY authorizationProvider “LDAPAuthorization” reads user rights from LDAP Server.

17 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 17 Authentication and Authorization - AuthorizationID, Groups and Roles CSS plug-in “Authorize ID” An Action is mapped to an AuthorizeID. Naming rule for AuthorizeIDs AuthorizeIDs are mapped to combinations of groups and roles. Rights are granted by assigning an user to a group- role combination.

18 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 18 Authentication and Authorization - Next steps Implementing authorization for all sensitive actions Collaboration with ORNL/SNS Make authentication module configurable via preferences → no changes in source code Current state of the project: http://elogbook.desy.de:8181 → CSS Core → Authentication and authorization http://elogbook.desy.de:8181

19 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 19 Office Control room Remote Management - Management of CSS instances CSS UI instance CSS UI instance CSS UI instance CSS Manager instance CSS UI instance CSS UI instance CSS UI instance CSS UI instance CSS UI instance CSS Headless instance All remote features are located in separated plug-ins → CSS can easily be built with or without remote management CSS Core provides common remote commands (e.g. update plug- in, write preference, …) Each plug-in is able to provide its own remote commands

20 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 20 Remote Management - Current state Available commands of selected instance DESY Communication Framework (DCF) is based on XMPP DCF plug-in defines an extension point for actions Plug-ins can register remote actions at DCF DCF displays all CSS instances in a tree Pop up menu for available actions

21 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 21 Authentication and Authorization - ECF Prototype Prototype (remoteRCP) for basic remote management on basis of Eclipse Communication Framework (ECF) Using OSGI services for remote commands RemoteRCP on the ECF wiki page: http://wiki.eclipse.org/Remote_Eclipse_RCP_Management All (online and offline) instances Selected instances to be managed Available remote commands Editor to handle specific remote command

22 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 22 Authentication and Authorization - Next Steps ECF 2.1 supports now multiple resources (The same user can run multiple CSS instances) Integrate prototype components in CSS core Convert DCF actions to ECF commands Using chat, file transfer, shared desktop, … provided by ECF

23 Jan Hatje, DESY CSS Presentation @ ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 23 Who is involved? Alarm Management System: C1-WPS / DESY Interconnection Server, JMS2Oracle: DESY Alarm Viewer: DESY Authentication and Authorization: DESY / SNS/ORNL Remote Management: DESY / University of Hamburg / C1-WPS

Download ppt "Jan Hatje, DESY CSS ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron."

Similar presentations

Control System Studio (CSS)

Control System Studio (CSS)
Jan Hatje, DESY AMS – Alarm Management System PCaPAC 2008 1 AMS – Alarm Management System and CSS – Control System Studio Update PCaPAC 2008 J.Stefan Institute,

Jan Hatje, DESY AMS – Alarm Management System PCaPAC AMS – Alarm Management System and CSS – Control System Studio Update PCaPAC 2008 J.Stefan Institute,
XFEL The European X-Ray Laser Project DESY/ XFEL An Overview EPICS Collaboration Meeting San Francisco, October 5th, 2013 Matthias Clausen, DESY.

XFEL The European X-Ray Laser Project DESY/ XFEL An Overview EPICS Collaboration Meeting San Francisco, October 5th, 2013 Matthias Clausen, DESY.
XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser Kay Kasemir, Matthias Clausen, SNS,DESY EcliseCon March 2008 EclipseCon, SLAC visit March.

XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser Kay Kasemir, Matthias Clausen, SNS,DESY EcliseCon March 2008 EclipseCon, SLAC visit March.
Best Ever Alarm System Toolkit Kay Kasemir, Xihui Chen, Katia Danilova SNS/ORNL April, 2013.

Best Ever Alarm System Toolkit Kay Kasemir, Xihui Chen, Katia Danilova SNS/ORNL April, 2013.
Matthias Clausen, DESY CSS GSI Feb. 2009: Introduction XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 1 CSS – Control System.

Matthias Clausen, DESY CSS GSI Feb. 2009: Introduction XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 1 CSS – Control System.
User Management DigiTool Version 3.0. User Management 2 User Architecture PatronsStaff Users DepositorsApprovers Meditor User Management Management Module.

User Management DigiTool Version 3.0. User Management 2 User Architecture PatronsStaff Users DepositorsApprovers Meditor User Management Management Module.
Electrical Engineering Department Software Systems Lab TECHNION - ISRAEL INSTITUTE OF TECHNOLOGY Persistent chat room Authors: Hazanovitch Evgeny Hazanovitch.

Electrical Engineering Department Software Systems Lab TECHNION - ISRAEL INSTITUTE OF TECHNOLOGY Persistent chat room Authors: Hazanovitch Evgeny Hazanovitch.
Performed by:Gidi Getter Svetlana Klinovsky Supervised by:Viktor Kulikov 08/03/2009.

Performed by:Gidi Getter Svetlana Klinovsky Supervised by:Viktor Kulikov 08/03/2009.
Managed by UT-Battelle for the Department of Energy Kay Kasemir ORNL/SNS Jan. 2013 Control System Studio Training - Alarm System Use.

Managed by UT-Battelle for the Department of Energy Kay Kasemir ORNL/SNS Jan Control System Studio Training - Alarm System Use.
Managed by UT-Battelle for the Department of Energy Kay Kasemir ORNL/SNS April 2013 Control System Studio Training - Alarm System Use.

Managed by UT-Battelle for the Department of Energy Kay Kasemir ORNL/SNS April 2013 Control System Studio Training - Alarm System Use.
Portal and AQAS-Philadelphia University 21-22/6/2011 AVCI Platform in PU Dr. Abdel-Rahman Al-Qawasmi Philadelphia University Director of Computer Center.

Portal and AQAS-Philadelphia University 21-22/6/2011 AVCI Platform in PU Dr. Abdel-Rahman Al-Qawasmi Philadelphia University Director of Computer Center.
Control System Studio (CSS)‏ Kunal Shroff EPICS Training Meeting 07/10/2010.

Control System Studio (CSS)‏ Kunal Shroff EPICS Training Meeting 07/10/2010.
Training Course 2 User Module Training Course 3 Data Administration Module Session 1 Orientation Session 2 User Interface Session 3 Database Administration.

Training Course 2 User Module Training Course 3 Data Administration Module Session 1 Orientation Session 2 User Interface Session 3 Database Administration.
XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser Matthias Clausen, DESY XFEL Refrigerator Controls – April 27 2010 Alarm Training Making.

XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser Matthias Clausen, DESY XFEL Refrigerator Controls – April Alarm Training Making.
W. Sliwinski – eLTC – 7March08 1 LSA & Safety – Integration of RBAC and MCS in the LHC control system.

W. Sliwinski – eLTC – 7March08 1 LSA & Safety – Integration of RBAC and MCS in the LHC control system.
Managed by UT-Battelle for the Department of Energy Kay Kasemir ORNL/SNS 2012, April at SLAC Control System Studio - Introduction.

Managed by UT-Battelle for the Department of Energy Kay Kasemir ORNL/SNS 2012, April at SLAC Control System Studio - Introduction.
Deutsches Elektronen-Synchrotron DESY Helmholtz Association of German Research Centres 22603 Hamburg, Germany www.xfel.net The European X-Ray Laser Project.

Deutsches Elektronen-Synchrotron DESY Helmholtz Association of German Research Centres Hamburg, Germany The European X-Ray Laser Project.
XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser Matthias Clausen, DESY XFEL Refrigerator Controls – April 27 2010 CSS-DCT (SNL) Training.

XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser Matthias Clausen, DESY XFEL Refrigerator Controls – April CSS-DCT (SNL) Training.
Matthias Clausen, DESY CSS GSI Feb. 2009: Introduction XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 1 CSS – Control System.

Matthias Clausen, DESY CSS GSI Feb. 2009: Introduction XFEL The European X-Ray Laser Project X-Ray Free-Electron Laser 1 CSS – Control System.

Similar presentations

Ads by Google