157 Controls & Computing Wide-area remote experiment system at SPring-8 Controls Controls & & Computing Computing SPring-8 users have been traveling from their institutes to the SPring-8 site to conduct their experiments using beamlines during their beam time. However, this requirement/restriction has exerted various loads to users. Many users requested to perform out-of-site remote experiments in order to increase effective working time for their research and development. The use of a wide-area remote experiment system (WRES) frees users from traveling and brings a more flexible operation style of experiment such as 24-hour operation in collaboration with different groups from different countries. The WRES has been developed [1] and first experiment successfully carried out from a remote site in RIKEN Wako, located about 480 km away from SPring-8, at the end of October 2010. To realize remote experiments, there are two important points to consider: 1) human safety and 2) security of the remote access. 1. Safety issue As in other synchrotron radiation facilities, experimental equipment is installed in radiation shielding hutches. A radiation safety interlock system ensures that there is no person inside the hutch when the synchrotron radiation beam is introduced into the hutch. Under remote experiments, a radiation safety interlock also guarantees this condition. SPring-8 staff members access the experimental equipment for the maintenance or preparation of experiments. Some of the equipment is heavy or moveable. If a remote user move equipment, it might damage lead to injury in SPring-8 staff members inside the hutch. To avoid this situation, a remote experiment interlock unit (see Fig. 1) was introduced. The unit is designed to inhibit experimental equipment operation unless the radiation safety condition is satisfied. The safety condition status is fed from the radiation safety interlock system. The radiation safety interlock guarantees that there is no person inside the hutch. This also guarantees human safety condition. The remote experiment system is designed on the basis of a message exchange system because a message filtering system can be built easily compared with systems based on virtual private network or virtual network computing used for remote access systems in other facilities. The connection server, shown in Fig. 1, filters commands from remote experiment software and relays only permitted Remote access user Send the certificate to the user Send samples to SPring-8 SPring-8 Generate user’s certificate Verify the certificate Remote Access Interlock unit Mount the samples Connection Server Login with the user certificate Operate experiments via the Internet Radiation shield hutch status Experimental station Fig. 1. Schematic view of the remote experiment. 158 Controls & Computing commands to the station control systems. A video streaming system is also introduced to monitor the inside of the experimental hutch. Users can also check their sample conditions using the streaming system. 2. Security issue Remote experimental users can access SPring-8 via the Internet. This creates access security issue. Unauthorized individuals might access the remote experiment system intentionally or accidentally. Such an unexpected operation disturbs experiments or enables illegal access to experimental data. The secure socket layer (SSL) with bidirectional authorization is introduced to protect proper access to the system. As shown in Fig. 1, a SPring-8 staff generates a user's authentication certificate, and sends it to the user by e-mail. The certificate is locked by a password, which is sent by postal mail afterwards. The certificate contains a beam time ID. The connection server verifies the certificate and allows access by users with the authentication certificate and the password for the specified beam time. The flow of the remote experiment is shown in Fig. 1. A SPring-8 staff registers the user and the beam time information on a remote experiment information database. A user's authentication certificate, an electrical file, is generated on the basis of the registered information and sent to the remote user. The remote user sends their samples to SPring-8 and the SPring-8 staff mounts samples on the experimental equipment. The remote user accesses SPring-8 with the authentication certificate, and the connection server verifies the certificate and enables access to the experimental station control system. After establishing the connection to the experimental station, the user can perform their experiment during their beam time. Protein crystallography experiment was chosen as the first trial remote experiment because the standardized experiment control system for protein crystallography at SPring-8 is highly automated and the experiment is suitable for adaptation to a remote experiment system. A graphical user interface (GUI) for the remote protein crystallography experiment has been developed as shown in Fig. 2. A remote user can monitor their sample on the goniometer installed inside the experimental hutch and can specify the X-ray beam irradiation position on the sample by clicking the sample image. The response time of the system is around 1 s, which is good enough to perform the experiment. After a few years of intensive testing including the safety system, remote access server, remote user’s GUI, video streaming system and experimental station control system, the first remote experiment was successfully performed from the RIKEN Wako site 480 km away from SPring-8 at the end of October, 2010. The remote experiment system will bring flexibility for synchrotron radiation experiments and enhance international collaborations. It will be opened for protein crystallography users in October 2011; it will eventually be used in other experiments. Fig. 2. Remote user's graphical user interface. Yukito Furukawa SPring-8/JASRI E-mail: furukawa@spring8.or.jp References [1] Y. Furukawa, K. Hasegawa, D. Maeda and G. Ueno: Proc. ICALEPCS 2009 (Kobe, Japan) p.615.
home
- JP
- EN