Securing MDSplus for the NSTX-U
 Digital Coil Protection System

Authors:   Gregory J. Tchilinguirian, Keith G. Erickson

Abstract:   NSTX used MDSplus extensively to record data, relay information and control data acquisition hardware. For NSTX-U the same functionality is expected as well as an expansion into the realm of securely maintaining parameters for machine protection. Specifically, we designed the Digital Coil Protection System (DCPS) to use MDSplus to manage our physical and electrical limit values and relay information about the state of our acquisition system to DCPS. Additionally, test and development systems need to use many of the same resources concurrently without causing interference with other critical systems. Further complications include providing access to critical, protected data without risking changes being made to it by unauthorized users or through unsupported or uncontrolled methods either maliciously or unintentionally. To achieve a level of confidence with an existing software system designed with minimal security controls, a number of changes to how MDSplus is used were designed and implemented. Trees would need to be verified and checked for changes before use. Concurrent creation of trees from vastly different use-cases and varying requirements would need to be supported. This paper will further discuss the impetus for developing such designs and the methods used to implement them.
_________________________________________________________________________________________________

Presented at:  IEEE 26th Symposium on Fusion Engineering (SOFE), Austin, TX, May 31-June 4, 2015
_________________________________________________________________________________________________

Download PPPL-5166 (pdf 2 MB 7 pp)
_________________________________________________________________________________________________