| Paper |
Title |
Page |
| TUP019 |
Diagnostic and Monitoring CERN Accelerator Controls Infrastructure : The DIAMON Project - First Deployment in Operation
|
128 |
| |
- M. Buttner, P. Charrue, J. Lauener, M. Sobczak
CERN, Geneva
|
|
| |
The CERN accelerator controls infrastructure spans over several machines and several thousands of devices are used to collect and transmit piece of control data. Each of these remote devices might fail and therefore prevent correct operation. A complete diagnostic and monitoring infrastructure has been developed in order to provide Operation crews with complete and easy to use graphical interface presenting the state of the controls system. Simple agents running in each surveyed item periodically report monitoring information to a central server. Graphical JAVA clients in the operation centers subscribe to this monitoring data and display a view of the current state of the machines. Mouse actions from these clients allows for diagnostic commands to be sent to the agent to get additional details or to repair a faulty situation. This presentation will describe the overall architecture of DIAMON, present the different agents running in the controls system and a few views of the graphical clients. The outcome of the first months in operation of the DIAMON tools will also be presented. Finally, the future plans will be exposed.
|
|
|
Poster
|
|
| TUP020 |
Role Based Access Control in the LHC : The RBAC Project - First Deployment in LHC Operation
|
1 |
| |
- P. Charrue, W. Sliwinski, M. Sobczak, I. Yastrebov
CERN, Geneva
- S. R. Gysin, E. S.M. McCrory, A. D. Petrov
Fermilab, Batavia
|
|
| |
Operating the LHC, its high energy stored in the magnets and the multitude of devices settings demand a strict control on who can do what. A Role Based Access infrastructure has been designed and deployed for the LHC. A simple identification based on username/password is translated into an operational role by the RBAC server and this role is then transmitted and checked on the device level to grant or deny access. The RBAC infrastructure has been commissioned in the summer 2008 and used in operation for the first time for the first LHC beams. This presentation will describe the RBAC architecture, its technical choices and its operational deployment. The outcome of the first deployment in LHC operation will be presented, together with the future plans.
|
|
| WEP099 |
Management of Critical Machine Settings for Accelerators at CERN
|
594 |
| |
- W. Sliwinski, P. Charrue, V. Kain, G. Kruk
CERN, Geneva
|
|
| |
In high energy accelerators as LHC energy stored in the beams is orders of magnitude above the damage level of accelerator components like magnets. Uncontrolled release of energy can lead to a serious damage of equipment and long machine downtimes. In order to cope with these potential risks Protection Systems were developed at CERN including two software systems: MCS (Management of Critical Settings) and RBAC (Role Based Access Control). RBAC provides means for authentication and an authorization facility which grants access to the critical parts of a control system. Second layer of security is provided by MCS by ensuring that critical parameters are coherent within the software and hardware components of a control system and can only be changed by an authorized person. MCS system is aimed for the most critical and potentially dangerous equipment (e.g. Beam Loss Monitors) and is complementary to RBAC infrastructure. Both systems are fully integrated in the control system for LHC and SPS and were successfully commissioned for the first beam in LHC. This presentation will describe the MCS architecture, current status and its operational deployment together with plans for the future.
|
|