Configuration Management

1
Configuration Management

• Supplement 67

Robert Horn, Agfa Healthcare
2
Configuration Management

• The Problem being solved
• Use Cases
• Sup. 67 DICOM Configuration Management

3
The Problem Being Solved

• Installation of DICOM equipment
• Takes too long
• Requires too much effort
• Requires time consuming, multi-vendor
  coordination
• Involves too many mistakes
• Upgrading and repairing DICOM equipment
• Requires too much service effort for
  configuration tasks that are unrelated to the
  problem being solved.
• Configuration complexity prevents customer
  self-help for simple problems

4
Use cases

• Add a new machine
• Locate Actor, IP, AE-title, Security information
• Single node power up and establish configuration
• Time Synchronization

5
Constraints

• Support vendor extensions
• Support site and enterprise extensions
• Consider installed IT support facilities in
  selection
• Do not invent a new protocol

6
Network Services

• DHCP
• Assigns IP address, hostname
• Informs DNS of assignment
• Provides routing, NTP, DNS, etc. information to
  client
• DNS
• Provides hostname to IP lookup services
• Provides server location lookup services
• NTP
• Provides accurate time and time synchronization
• See www.ntp.org for descriptions, software,
  evaluation, and configuration guidance.

7
LDAP

• Very Widespread use,
• No surprises to the IT staff
• Large base of trained users and administrators
• Large base of software clients
• Support by Microsoft, Unix, Open Source
• Support for federated databases
• Easy to extend by adding schema

8
Infrastructure requirements

• DHCP, DNS, NTP, LDAP may be on one host, or may
  be on multiple hosts.
• Normal network design issues, nothing special for
  the DHCP, DNS and NTP services.
• LDAP is increasingly integrated into IT
  operations. This makes its use for configuration
  management more attractive, but means a greater
  planning involvement with the IT organization.

9
Beyond AE-Titles

• Installation and Network Configuration oriented
• Locate Application given the AE-title
• TCP/IP parameters
• AE Configuration
• SOP Classes supported (SCU/SCP, Transfer
  Syntaxes)
• Vendor extension
• Obtain new unique AE-Title
• Device Configuration
• Description
• Vendor extension
• Hospital extension

10
Preconfigured Installation

• Large network addition
• Multiple vendors
• Reduce coordination and scheduling delays
• Reduce configuration errors
• Reduce staging requirements

11
Preconfigured Installation
Vendor A Preparation
LDAP
LDIF
Prepared Configurations
IT Organization
DHCP
Network Planning
A
A
LDIF
A
Prepared Configurations
A
B
B
B
Vendor B preparation
12
Add another machine
Get IP, hostname, etc.
DHCP
Install Hardware
Find LDAP Server
Assign Name
DNS
LDAP
Query Configuration
Configure System
Obtain Unique AE Titles
Update Configuration
13
Customer Assisted Maintenance

• Simple device swap
• Remote reconfiguration
• Local reconfiguration

14
Present Supplement Status

• Supplement 67 Proposed for Frozen Draft
• Could be updated and final by September or
  October.

15
Configuration Management Actors
16
LDAP Schema
DICOM Configuration

This portion is used to provide unique AE titles
automatically.
Unique AE Titles Registry
Individual AE Title
Individual AE Title
Individual AE Title
Devices
Vendor Information, Certificates, Device
Configuration parameters, etc.
Network AE
Network AE
AE-Title, Description, AE Configuration
parameters, etc.
Transfer Capability
SCU/SCP, Hostname, Port, etc.
Transfer Capability
17
LDAP Schema
18
Example of attribute definition
3.1 dicomDeviceName string Single
This attribute stores the unique name (within the
scope of the LDAP database) for a DICOM
Device. It is a single-valued attribute.
This attribute's syntax is 'Directory
String'. Its case is not significant for
equality and substring matches. attributetype
( 1.2.840.10008.15.0.3.1 NAME 'dicomDeviceName'
DESC 'The unique name for the device' EQUALITY
caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALU
E )
19
Objects Defined
The following object classes are defined in
this document. All are structural
classes. Name Description -------------
-------------- -------------------------- dicom
ConfigurationRoot root of the DICOM
Configuration Hierarchy dicomDevicesRoot root
of the DICOM Devices Hierarchy dicomUniqueAETitl
esRegistryRoot root of the Unique DICOM AE-Titles
Registry Hierarchy dicomDevice Devices dico
mNetworkAE Network AE dicomNetworkConnection
Network Connections dicomUniqueAETitle Uniqu
e AE Title dicomTransferCapability Transfer
Capability  
20
Example of Object Definition
4.4 dicomDevice This structural object
class represents a DICOM Device.   objectclass
( 1.2.840.10008.15.0.4.4 NAME 'dicomDevice' DESC
'DICOM Device related information' SUP
top STRUCTURAL MUST ( dicomDeviceName
dicomInstalled ) MAY ( dicomDescription
dicomManufacturer dicomManufacturerModelNa
me dicomVersion dicomVendorData
dicomPrimaryDeviceType dicomRelatedDeviceR
eference dicomAuthorizedNodeCertificateReferen
ce dicomThisNodeCertificateReference) )  
21
Use of LDAP Schema

• Schema text from the supplement
• in the format used to configure generic LDAP
  servers
• Cut and paste from supplement into server
  configuration file tested and verified
• Local extension by modifying schema

22
Purpose of Frozen Draft

• Find any remaining flaws in the Frozen Draft
• Inhouse experience at several companies revealed
  flaws in the public comment version.
• The flaws only became apparent during the
  development of trial versions.
• Inter-company trials
• are expected to reveal other flaws in the Frozen
  Draft version
• The trials are not exploring implementation
  compatibility, only clarity of the standard
• The trials are not a compatibility connectathon
• The Committee for Advancement of DICOM is
  organizing a small group of trial implementations.

23
Future additions

• Security parameter distribution
• LDAP is one of the mechanisms for distributing
  PKI information for key management.