EPICS Data Diode Solutions for Secure Remote Monitoring
Explore the EPICS Data Diode, a secure solution for remote monitoring in large experimental facilities. Learn about its objectives, implementation, and benefits for machine operations. The system provides a safe means of sending data efficiently and is configurable for various use cases. Discover how it enables long-distance and local communication, improving coordination and minimizing risks in complex environments.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
The EPICS Data Diode G.Ferro F.Sartori, N.Cruz, J.Antti, A.Duarte 1
Remote participation NOT Remote Control To minimize the risks in large experimental facilities, high level of coordination is needed. Main coordination center = CONTROL ROOM REQUIREMENTS: - Stringent rules for allowing external connections to the facility. - Remote operation not allowed. - To allow remote monitoring, traffic must be one-directional to the external server(s). The EPICS Data Diode 2
Current State and needs Home FACILITY EPICS Node Cooling plant Remote Collaborator EPICS Node Radio Freq... Collaborating organisation Internet EPICS Network EPICS Node . ? Remote Collaborator Remote Collaborator EPICS Node ... De-localised backup EPICS Node ... EPICS Services Remote Backup OPI OPI -Visitor Collaborator Operator The EPICS Data Diode 3
The DIODE Objectives: A mean to send the data out efficiently Implements: One-way gateway between two networks via a third one (for instance internet) Cannot be configured to let data in the opposite direction Requires: Minimum network security compromise: only ability to connect to external server (like a Browser) Currently uses HTTP so that we can go through proxies. Multiple parallel connections to handle network latencies. Other Network EPICS Network EPICS Network EPICS Node ... DIODE TX DIODE RX EPICS Node . The EPICS Data Diode 4
The DIODE Diode Sender Diode Receiver Configurable number of connections. Configurable send rate, the PVs changed during the period are sent first. Configurable caput rate on the receiver. The PV timestamp is preserved. The EPICS Data Diode 5
CONCLUSIONS The Diode provides an immediate and safe solution to monitor machine operations remotely. The use of the MARTe2 lib for its implementation makes it easy to configure and adaptable for different use cases (push the PVs to serial, to reflective memory, etc.) It is suitable for long-distance communication as well as for local ones (i.e technical to office network). Currently it reads/writes to EPICS through the channel access and uses softIOCs to replicate the sender EPICS environment on the receiver. The first version is already being employed. Currently it is passing through the QA process, to find out what can be improved. The EPICS Data Diode 6
