The CNDA is hosted by the Neuroinformatics Research Group (NRG) and is the site of the NRG flagship installation of XNAT, an open-source software package for managing neuroimaging and related data.
Related: How to acknowledge CNDA in your publications
What is XNAT?
XNAT is an imaging informatics platform designed to facilitate data management and sharing for in vivo imaging and associated data. It consists of an image repository to store raw and post-processed images, a database to store metadata and non-imaging measures, and user interface tools for accessing, querying, and exploring data. It supports a full DICOM workflow for all common imaging modalities and an extensible system for modeling and storing clinical, behavioral, and other non-imaging data. A fine-grained access control system ensures that users are restricted to accessing only authorized data. User interface tools include a secure web application, command line tools, and desktop applications for organizing and uploading local data. The web application provides a number of quality control and productivity features, including data entry forms, sophisticated searching, detailed reports of experimental data, upload/download tools, access to standard laboratory processing pipelines, and an online image viewer. XNAT also includes a web services interface for programmatic access to hosted data by external client applications. By managing data with XNAT, researchers are prepared to better maintain the long-term integrity of their data, to explore emergent relations across data types, and to share their data with the broader community. XNAT is used by institutions and data sharing projects around the world and is part of the NIH informatics infrastructure, including the Biomedical Informatics Research Network (BIRN), the National Alliance for Medical Image Computing (NA-MIC), and the Informatics for Integrating Bench to Bedside project (I2B2)
Support for multi-site studies
The CNDA is widely used to support studies that include geographically dispersed data acquisition sites and analysis teams. Example studies include the Dominantly Inherited Alzheimer Network (DIAN), a 10-site study of inherited Alzheimer’s disease that includes PET, MR, neuropsychological, clinical, and tissue data; the Comprehensive Neuro-oncology Data Repository, a 2-site study developed advanced imaging biomarkers for glioblastoma; and INTRUST, a 10-site study of traumatic brain injury and post-traumatic stress disorder in combat veterans. The CNDA supports several options for importing scans from remote sites. Most often scans are uploaded using a user friendly web based tool that removes identifiers from the image file metadata and transfers the files to the CNDA over an encrypted protocol. Alternatively, for sites that acquire a large volume of data, a relay computer can be configured on site to automatically receive data from the scanner, remove identifiers, and forward on to the CNDA on an encrypted channel. Similarly, a number of tools are available for retrieving data from the CNDA, including web-based downloads, DICOM query/retrieve, and scriptable command line programs.
Data security and integrity
The CNDA implements a number of features and procedures to ensure the security and integrity of the data it hosts. All data coming into and out of the CNDA are transmitted over secure channels using SSL. All data are stored on a level 5 RAID device with disaster recovery and offsite backup. Snapshots of the relational database are taken nightly, enabling reconstruction of the database from any time point in the study. Access to study data is restricted to authorized users who are assigned specific access privileges (create, read, edit, delete) according to their role in the study. All logins and access to data are tracked in the internal audit system.
The CNDA offers a number of features to monitor and maintain the quality of acquired data. As data are uploaded to the system, sequence details (e.g. flip angle, repetition time) are validated against a study specific protocol to ensure that the acquisition is compliant. Noncompliant scans are flagged in the system for immediate follow-up. Automated image analysis routines are then executed to determine overall image quality specific to the acquisition type. For fMRI, for example, signal to noise and subject movement histograms are generated. For DTI, fractional anisotropy maps are generated.
The CNDA also supports radiological evaluation and manual quality assessments that can be optionally used by studies.
The output from these routines is available to users in web-based reports and is flagged when key values fall outside acceptable limits.
Computing and IT resources
The CNDA operates on a system that was designed to provide HIPAA compliance, near 24/7 uptime with no single point of failure, and grid-enabled compute services. The entire system resides behind the institutional firewall, which restricts incoming traffic by IP address and port. All of the servers will have private network addresses. Incoming network traffic is directed to redundant public-address load balancing switches (Kemp Technologies), and reverse proxy routing is implemented to direct traffic from these units to the private-address application servers. This configuration ensures that machines holding data have no direct exposure to external network traffic. All network traffic (e.g. http, ftp, DICOM) is encrypted using standard TLS-based methods.
The CNDA hardware includes 12 quad-core compute servers, 2 redundant application/database servers, and redundant load balancing switches. The servers run Linux and Solaris operating systems. Data storage will be provided by a network-attached storage (NAS) device with level 5 RAID and expandable to 250 terabytes (BlueArc, San Jose, CA). Data stored on the BlueArc storage system is replicated every 3 hours to a physically disparate disaster recovery site. Snapshots of data that has been changed or deleted on the BlueArc system are taken five nights a week. Thirty snapshots or 6 weeks of changed data are stored insuring that any accidental changes or deletions of data can be recovered. Incremental tape backups of the data are generated monthly, and full tape snapshots of the data are taken twice yearly and permanently archived.
The CNDA resides within the Washington University Neuroimaging Laboratories, which has a dedicated IT infrastructure and professional support staff. All hardware is deployed in a cold room with backup power and overseen by professional systems administrators. The data network and central servers are connected to the Washington University backbone through a gigabit Ethernet connection. The daily operations, system upgrades, and support for the CNDA are provided by the NRG, which is a team of 12 engineers, neuroscientists, and technicians under Dr. Marcus’ direction.
Marcus, D.S., Olsen, T., Ramaratnam, M., and Buckner, R.L. (2007) The Extensible Neuroimaging Archive Toolkit (XNAT): An informatics platform for managing, exploring, and sharing neuroimaging data. Neuroinformatics, 5: 11-34.
Marcus, D.S., Archie, K.A., Olsen, T., Ramaratnam, M. (2007) The open source neuroimaging research enterprise. J. Digital Imaging, 20: 130-138