Slashdot Mirror
Ask Slashdot: Automatically Logging Non-Computerized Equipment Use?
First time accepted submitter Defenestrar writes "I've recently taken a job at a large state university where I manage the laboratories for a couple of departments. We have a good system to pro-rate costs for shared use of big ticket items, but don't have anything in place for small to medium expense pieces which don't require software control (i.e. AD user authentication logs). It is much more efficient to designate a common room for things like water purifiers and centrifuges, but log books have a history of poor compliance. Also, abuse or neglect of communal property has been an issue in the past (similar to the tragedy of the commons).
Do any of you know of good automatic systems to record user/group equipment usage which would allow for easy data processing down the line (i.e. I don't want to go through webcam archives). Systems which promote accountability and care are a bonus, but for safety reasons we don't want the room's door locked (i.e. no pin/badged access). Most of these systems also require continuous power — so electrical interlocks are not a good option either.
I call on you, my fellow Slashdotters, to do your best and get quickly sidetracked while still including the occasional gem in the comments."
Do any of you know of good automatic systems to record user/group equipment usage which would allow for easy data processing down the line (i.e. I don't want to go through webcam archives). Systems which promote accountability and care are a bonus, but for safety reasons we don't want the room's door locked (i.e. no pin/badged access). Most of these systems also require continuous power — so electrical interlocks are not a good option either.
I call on you, my fellow Slashdotters, to do your best and get quickly sidetracked while still including the occasional gem in the comments."
You can easily have the door "locked" from outside, But the room can be easily exited in the event of a power loss (crash bar on the inside door).
UPS Sucks
Failure to have filled out that one is beginning to use the equipment in the log book is grounds for immediate dismissal.
Sphinx of black quartz, judge my vow.
Locked doors. Swipe Card Entrance and choosing which equipment you'll be using. Swipe card to leave. Log time. If that is too hard/complicated then do not prorate the equipment based on usage, but on availability. Every dpt that uses the equipment gets charged a small part of the equipment's costs, including operating and maintenance costs and don't use any logs at all. Sometimes the cost of compliance is more than the actual costs you're looking to recover.
It isn't rocket science.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
You hire someone to check it in and out. Honestly unless you put RFID tags on everything and then force them to be passed through a reader before use, you can not automate that stuff.
Do not look at laser with remaining good eye.
Adding RFID tags to equipment and encouraging people to swipe it out as it is used might be a good idea. But short of adding a supply clerk or using a badge system I don't see many other options. Maybe there's some work-study budget for a freshman to sit in the lab and check out equipment?
I heard on Freakonomics about putting up web cams and paying someone in a far-off land to ensure hand-washing compliance. Perhaps a system like that might work.
This one's tricky. You have to use imaginary numbers, like eleventeen... --Hobbes
why does "big ticket items" link to a page advertising a "high-resolution diffractometer" from the Rigaku Corporation?
and for that matter, "pin/badged access" links to a page from Stanley Security Solutions??
can I purchase sponsored links from slashdot summaries to promote my company's products??
What about a system where when people use the system the swipe their badge on a logging device? Wouldnt be 100% perfect but would be better than paper as people are lazy. If the devices have stand alone monitors you could put make the power for the monitor (not the test equipment) tied to the badge reader?
Or a badge-swipe operated inline power switch, shouldn't be difficult to lock something onto the end of a normal power cord.
--- Most topics have many sides worth arguing, allow me to take one opposite you.
In cases like this, I create a resource in MS Exchange that can be reserved. Bill against that reservation. It isn't perfect, but after someone gets kicked off by someone who reserved it, they begin to use the system. This makes the guy that pays for usage the prefered user.
Place nail here >+
I was about to post this same thing, but in a different way.
As an Oracle of the Bordland Delphi, I look into my magical book of syntax. I breath deeply the fumes of the mighty Pascalious Flowerus. Your future is very clear. I see a person, at a desk with a book. No wait! Two books!. The person sitting asks people for identification, and validates this against one book. If their name is found, they ask them to sign in to the other book. There is more! The desk sits sideways, so this person not only controls who enters the room, but also asks those leaving to sign out.
This will be as it must be due to your mighty constraints of continual lightning and desire to have doors without locks!
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
All RFID scheme would allow hands-full exit. A high power tag reader at the door would read the RFID badge and whatever equipment tags were being removed, tying equipment to the person who removed them. If yourfacility doesn't have RFID badges, just get some more RFID tags (different series number, perhaps) and stick 'em on the back of the users' ID badges..
Locating the equipment would still be an issue, though.
or RDIF badges for things that do require constant power.
You charge them based on how long they are within range of the badge detector.
excitingthingstodo.blogspot.com
To people who haven't worked in labs:
First off, generally the issue isn't tracking usage for the purposes of billing, or actual inventory (ie preventing people from walking off with things.) Most expensive stuff can and is plated and then cabled down to tables. The issue is often more tracking down who screwed up something so they're told not to do it again/given additional instruction, or their lab/PI is billed for the repair.
Why? All manner of equipment isn't cleaned after use, or toxic stuff is used on equipment that can't be cleaned of it easily, or equipment that is shared with other experiments that would be damaged by certain chemicals or contaminants. Centrifuges have the wrong rotors installed or mis-balanced loads, destroying the bearings or worse. Cryo vacuum traps don't get cleaned and can accumulate liquid gas and explode. Microscope objectives get damaged from impacting the slide or overuse of oil for immersion objectives. Microscope light sources get left on and burn out (some of them have lifetimes measured in hundreds or a few thousand hours.) The list goes on.
You can't always control power, because a number of instruments have long warm-up times before they stabilize, or require a bunch of parameters be entered on power-on.
Access control via keycards works until you discover that someone left the lab, dropped off their ID, security for some reason never cancelled their card, and now it's become a shared resource in the lab. This happens so often it's not funny, except in places that take access control VERY seriously, like hospitals that have research groups. Or people swipe others in.
It often really comes down to solving people problems with people, not technology...and having a culture of following procedures and policies. If someone can't follow procedure, lies, cheats, etc - they're a liability/danger to your lab/center/school reputation because they could be (and probably are) doing the same thing in their research. Why are you still employing/collaborating with them? Kick their ass to the curb.
That said, a lot of equipment manufacturers could recognize this need, and provide lockout contacts that can be interfaced with various access control and logging solutions.
Lastly, a reminder to Slashdotters: please think critically about the solutions you offer. If some random guy can think up a "solution", then chances are it's occurred to, and maybe even been tried by, someone with actual experience. At least recognize that possibility...
Please help metamoderate.
the cost to fill the hole often exceeds the value of the things fall through it...........
It sounds like your total annual cost today.....is the 1/8FTE to take the paper logs and produce a chargeback report..............
I often see organizations create ferraris where kias would have been more appropriate.
How about an android pad so technicians can log into the device and log out - step two is put an analog switch from the pad to control the power switch to the high value device..........several hundred dollars and you are done!
But if you really want to over-engineer..........how about a laser security system like in mission impossible?
Todd
Cheap, available, and renewable.
Seriously. As a graduate student, I was responsible for managing and running a university-wide center for amino acid analysis and protein sequencing. As dedicated staff (namely me) used and maintained the equipment, it was not trashed by poorly-trained users. Proper protocols, sample preparation, calibration, and periodic assay of the standards were all assured.
Other solutions above will monitor access to the equipment, but that is a far cry from ensuring longevity of the equipment or accurate and reproducible results.
The problem is the management structure leading to internal billing sounding like a good idea! Flat rate the costs unless they're really significant and you can't gauge who the users are. Make the flat rate based on 'reserved' units. i.e. a portion of the resources have 'priority' access for a dept. based on the amount the dept. allocated to the budget. They are still shared, but the sponsoring dept. has priority access. Infrequent users use the 'free' equipment or any 'reserved' unit not currently in use. Frequent users can fund additional 'sponsored' units if they need more. While imperfect, it's better than treating each bit of equipment like a rent-way rental.
The AC's idea of an RFID timeclock in the room is great if you must internally bill. A crude measure of usage should work if your office politics aren't toxic. If you really have problems with equipment abuse, you can use a webcam and review it only if there is unreported damage. Review the footage only with a managers approval with public knowledge every time it happens (with penalties for snooping) and you'll make junior NSA drama less likely.
Still, internal billing is very expensive operationally.
Or a badge-swipe operated inline power switch, shouldn't be difficult to lock something onto the end of a normal power cord.
That won't meet his requirements:
Most of these systems also require continuous power — so electrical interlocks are not a good option either.
Accounting problems generally use accounting solutions. The costs and hassle associated should be proportional to the costs needing to be allocated. Assuming the amount involved are unlikely to be material*, a good enough solution might be to simply apportion based on the number of persons likely to use the labs. This might actually make more sense than detailed usage tracking:
The "big ticket" items are presumably in heavy use and you can imagine a direct correlation (cause & effect, even) between usage and cost. In other words there is something approximating a "cost driver".
More general facilities, particularly if there isn't really "consumables" as such and taking hints from the posting that they are not near maximum capacity (no booking system), users generally benefit from the existence of the facilities rather than being proportionate to their use, there probably isn't a direct relationship between usage and costs. This is therefore more like overhead recovery and you're looking to apportion it using the most relevant method.
* It does occur to me that if this is a university budget every penny is fought over ridiculously so you might have a bit of a fight from anyone who thinks they are "losing out" (read: not winning) from any potential alternate approach. However this is true regardless of approach taken.
So, your university wants to monetize the usage of the basic infrastructure in order to leverage your synergies by applying an undue burden of usage and accounting on the people to more accurately ensure they spend most of their time accounting for the 2 cents it cost to use the device? So you're going to make me waste an hour of my expensive and limited time to account for a few sheckles?
I had a PM once who wanted us to account for our time in 5 minute increments. Then he was surprised that 1 of every 5 minutes was recording what we did the last 4, despite us having told him that is exactly what would happen.
This sounds about as stupid and counter productive.
It sounds like cost recovery run amok, and usually marks the point at which an organization has been taken over by accountants who then work very hard to ensure the real work can't happen.
Sorry sir, I couldn't do any actual engineering/science/work because I was filling out my time sheets in triplicate, filling in the TPS reports, and updating the spreadsheet to indicate that I've done all of those things.
The 'solution' you think your finding is essentially creating a new kind of problem -- and that's one created from institutional stupidity.
My advice? Just don't do it.
Lost at C:>. Found at C.
Think about what you are asking here: you are trying to protect equipment from a bunch of jerks who don't follow the rules on how to properly take care of it, and are offering a solution that requires them to voluntarily log their actions. If they don't follow proper equipment maintenance rules, they aren't going to follow your logging rules either. If any voluntary system works for you, it will be when you have no jerks. If you have damaged equipement, then you have jerks. If you have jerks, you must have some sort of mandatory access control, such as signing out equipment using an id checked by the person in charge of the inventory. Anything less secure than this will be abused by jerks. After all, you don't expect them to sign out equipment they are planning to destroy, are you?
" Swipe card to leave." To enforce this requires using a locking mechanism works in both directions, like a magnetic plate lock. In order to maintain security in a power failure, you need battery backup for the plate lock. In order to maintain fire code, you need to have a tie-in with the building fire system, among other things. It's really not that simple.
Please help metamoderate.
If that's the issue, it would be more efficient to focus on training up front, possibly with annual recertification. Maybe a cheap webcam to catch particularly heinous offenders. Access control isn't worth it under the constraints given.
Not locking doors for "safety" reasons is absurd. If there's a genuine safety concern, you put a big red button near the badge reader which both releases the maglock and sets off an alarm.
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
I worked at a large university in the midwest for a long time and I understand what you're trying to accomplish, but there is no easy answer.
The best suggestion that I can offer is power logging. APC and a number of other solutions do can do continuous logging of power draw by port on some large PDUs. Since the current draw while idle is probably constant, then you can track usage by measuring the spikes in usage. If it were a mandate, or required by a grant, I would secure the PDU plugs into the wall sockets, make wall sockets unavailable, and secure the equipment plugs into the PDUs, so you know what device is plugged into the port, and you can graph its usage (maybe MRTG or something similar). Then when they have new equipment to install in the lab, they coordinate with tech staff.
Anyway, that's how I would do it.
----
Rob.
---
"Sufficiently advanced technology is indistinguishable from magic."
There are tons of ways to do this .. problem is they will all cost more than what your'e trying to accomplish. .. "what you seek is a technical solution to an administrative problem" .. you said you use logbooks but compliance is poor"
.. and ask "is this really worth it?".
.edu and I deal with a lot of this BS.
As I like to tell the bean counter types
You have cameras, so that's your "abuse" answer
Solution: Random daily audits and punish any non-compliance.
Also, consider the cost for all the inter-departmental billing and your time in managing all this foolishness
Source? : I am security@ for a large
Call your student employment office and post N/20 jobs .. where N is the number of hours/week the lab is open.
FWS students can work 20hrs/wk according to their visa, but it must be an on-campus job. As such, there are tons of students needing a job.
It sounds like the micropayment problem. Which no one but the telephone companies have been able to solve, at a flat rate additional cost to all transactions. Only lacking the network access requirement of telephone services, which are the means by which these transactions are recorded.
This is a pretty stupid goal, since if you could solve this problem, the magazine and newspaper industry would be beating down your door already, assuming you could get an audience stupid enough to not want predictable flat rate pricing. Good thing you have a monopoly where you can effectively force participation in an otherwise untenable micropayment system.
Seriously, though...
Just do a historical analysis of the wear rate of non-software access controlled items, assume that's going to be a lab cost, potentially using regression analysis to account for things which get worn at different rates, depending on correlation between class offerings (i.e. if none of the labs for the classes this quarter/semester require a centrifuge, you are probably not going to see wear on your centrifuge), and then roll that costing into the lab fee that everyone pays equally.
Yeah, you're going to get the occasional Calamity Jane/Wrong Way Corrigan who's going to be harder on the equipment than average, but given that you'll have accounted for this by historical records already in your possession, the costs will work out. This is exactly how real businesses deal with wear on capitol equipment.
Hm. If you don't want to restrict access to the room, and don't want to restrict access to power, you'll have to restrict access to the machines themselves. You could apply a padlock to a moving part of the device (or perhaps a cage around its controls). You'd then store the keys in a central place and require people to sign out those keys when they want to use the device.
If you don't want to rely on people's good faith in signing things out, you could have someone else control the keys. This would require some manual work, but it could probably be done by a department secretary or someone else who's already at a desk - you wouldn't have to put someone in the room itself, and it would presumably be a very small part of their job.
You could conceivably store the keys in some sort of container with electronic access control as well, but that may be more trouble than it's worth.
"If they send someone here, I'll arrange the usual 'accident.'" -- Alice, "Dilbert"
And if you don't have badges, use a bluetooth sniffer, and require registered phones. In this day and age, everybody, including students, are carrying around an RFID tag with them at all times anyway.
SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
As an add-on to this, could you put covers on the control panels that only unlock after an RFID or badge swipe? That would help confirm use of a particular piece of equipment.
How many concurrent users do you typically get in the common room? If there are a lot of people that hang out waiting for equipment, or kibitzing, RFID would be less effective. But in that case, you would have witnesses as to who did a particular f-up. So I suspect you're dealing with small numbers of people in the room at any given time. This would make RFID more effective.
We are the 198 proof..
How 'bout a beefy UPS? That allows the simple "continuous power" scenarios to be considered again, and is far cheaper than staffing a desk.
You're special forces then? That's great! I just love your olympics!
How 'bout a beefy UPS? That allows the simple "continuous power" scenarios to be considered again, and is far cheaper than staffing a desk.
It's probably cheaper to pay an undergrad to staff a desk than to continually replace UPS batteries as they go through many repeated deep discharge cycles.
Put bar code labels on everything with the asset identifiers.
Make a simple web app that authenticates to the LDAP server (you don't even have to write the auth part - Apache will handle that for you). The app will have two basic functions: start using asset and stop using asset.
They will touch one function or the other and enter the asset ID to generate a log entry.
Write an iOS native wrapper app for it using UIWebView and ZBar, to let them scan the asset tag using the camera on their phone.
Leave a $170 iPod touch in the lab for anyone who doesn't have an iPhone, so they don't feel left out.
If desired, automate sending nag messages to people who forgot to log stopping the use of something. Give them a way to enter corrections with a web form.
Provide your bean counters with a suitable report, preferably something that exports to their favorite bean counting app's format (I'd probably use the free Crystal Java Runtime just because I know it).
It can be made generic enough to get app store approval.
Done.
Cost to implement: 2 weeks of my time - negotiable.
There is an upside to logging stuff like this besides satisfying the beanies... you also have data to justify new purchase requests.
RFID-tag each piece of equipment. Door scanners can then log the personnel and hardware they leave with. I'm in heavy aviation maintenance and this is what we do, though in our case the tool control is more about the safety element (when a tool is missing, nothing leaves the hangar - could migrate to a critical flight system). It's not very expensive and highly effective.
Feel free to continue open access, but place a social stigma on using the equipment without recording your use.
For example, imagine that when you sit down at the desk, a light goes on that says "Thanks for logging in" (if you have). Now, tomorrow, you find three other people in the lab who don't have the sign lit. You say "Hey, I can see that you didn't sign in to indicate that you're using the system-- here, let me help you"
Another way to encourage self-policing from the users is to tie maintenance or upgrades to the logged use of the system. Say "Sorry, we're not going to upgrade that oscilloscope because nobody logs that they use it. We're going to spend grant money on the bench power supply in room 6B that has lots of log entries."
Put these two things together, and the people who care about using the equipment will help you keep the other users under control.
--Joe
to more accurately ensure they spend most of their time accounting for the 2 cents it cost to use the device?
I assure you that there is very, very little scientific equipment which costs "2 cents to use." There's often both a substantial capital and operating expenditure. Depreciation isn't that bad on some stuff (a centrifuge, for example, I believe) but can be absurd on something like a new microscope system, as better optics and digital camera modules come out.
Microscopes are probably the most common equipment with horrible opex, aside from maybe genetics sequencing equipment. They're easily damaged, regularly need cleaning, their light sources are expensive and have limited lifetime, etc. Oh yeah, and MRIs...the LN2 and LHe bills, training, insurance, re-shimming for changes in the building that affect the magnetic field, etc...crazy.
Please help metamoderate.
For example: if it's a water-purifier; install a plastic barricade around the unit with a chained door and padlocks.
Each department has a representative called a "gatekeeper" that holds the key to one of the padlocks. And there are TWO logbooks to be kept for all use of the equipment: one by the user, and one by the "gatekeeper" of their department.
When someone wants to use one of the pieces of shared equipment, they have to go to their department's gatekeeper and get the key. A log entry must be created for "key checkout".
To access the equipment, the user now has to visit the room, when the equipment is not in use --- open the logbook in the room, inspect the tamper-evident seal on their department's padlock: write down the date, time, and seal number. break the seal. use their department's key to open it and remove the barricade.
Now, they can use the equipment. When they are done, they must close the door, reaffix and lock their department's padlock, and make the entry in the logbook.
Call the gatekeeper. The gatekeeper will come visit the equipment room, verify that the equipment is in good working order: note the date and time in the gatekeeper log book.
Verify that the proper entries have been made in the equipment use logbook
Affix a new tamper-evident seal to their department's padlock, and write down the seal number in the gatekeeper logbook with "Key returned"
The user will sign the log entry, and the gatekeeper will return the key to the department's lockbox, and sign the entry.
Employees log equipment in/out by scanning an RFID tag and entering their name or ID # on a terminal. A second RFID scanner in the doorway logs all instances of equipment moving in or out without an associated terminal entry together with a photo. Web cam photos only need to be reviewed for non-compliance.
Have gnu, will travel.
Yes, and since Active Directory is largely based on Kerberos and LDAP, we must assume that MIT and everyone involved in LDAP/X.500 have no idea what is going on either. Because some anonymous asshat said so. Please share your text file based solution to managing 100K users and all of their associated equipment, we'll wait.
--- Generation X: The first generation to have SIG lines inferior to their parents... ---
Look into the logistics business -- specifically the tattle-tale systems that tell whether truck/trailer doors are open and shut during specific time frames. I forget the product names, was too long since I designed one.
Do not mock my vision of impractical footwear
But there are multiple instruments in the room and the room is unlocked (safety). If each piece of equipment really needs to be independently monitored, each machine would need its own RFID tag reader or similar that controlled power to the machine as opposed to opening the door. It would also need to monitor current draw to see how long the machine was actually in use after a user started it up.
Swipe cards can switch electrical power supplies as well as doors.