============================================================================= Run Date: MAY 15, 2023 Designation: MAG*3*329 Package : MAG - IMAGING Priority: Mandatory Version : 3 SEQ #241 Status: Released Compliance Date: JUN 15, 2023 ============================================================================= Subject: VISTA IMAGING EXCHANGE (VIX) STS TOKEN SUPPORT Category: - Informational Description: ============ This patch addresses the following issues and new capabilities: Unless noted otherwise, each change applies to VIX and CVIX. 1. Enhancement (IMAG-3893) Digital Imaging and Communications in Medicine (DICOM) Service Class Provider (SCP) Improvements. 2. Enhancement (IMAG-3826) Improve Apache Tomcat startup time. 3. Defect (IMAG 3635) Change default Release of Information (ROI) export queue priority and make configurable. 4. Enhancement (IMAG-3565) Java Logging Improvements. 5. Defect (IMAG-3842) C-STORE Transaction Logging Shows Incorrect Image Counts. 6. Enhancement (IMAG-3705, INC25102628) Installation and configuration changes and improvements. 7. Enhancement (IMAG-3599) PowerShell upgrade from 5.1 to 7.2. 8. Enhancement (IMAG-3675, INC11589881) Commercial off-the-shelf (COTS) package updates for VA Technical Reference Manual (TRM) compliance. 9. Defect (IMAG-3825) Enable HTTP Strict-Transport-Security "HSTS" in Apache Tomcat. 10. Defect (IMAG-3827) Remove default webapps from Apache Tomcat. 11. Enhancement (IMAG-3970) Implement Secure Token Service (STS) token as an alternative way VIX/CVIX uses for accessing VistA. 12. Defect (IMAG-3979) Fix Server Message Block (SMB) buffer limit of 64 KB to prevent data transfer timeouts. 13. Defect (IMAG-3984) Add time zone handling and default read time out for Text Integration Utility (TIU) operations. 14. Enhancement (IMAG-3990 and IMAG-4168) Improve CVIX handling of Integration Control Numbers (ICNs) and Social Security Numbers (SSNs) with Legacy Viewer Sustainment (LVS). 15. Defect (IMAG-3999) Improve VIX study fetch from CVIX performance. 16. Enhancement (IMAG-4084) Extend filter by specialization using DICOM modality. 17. Enhancement (IMAG-4086) Create a new study Representational State Transfer (REST) services application programming interface (API) to retrieve a list of shallow studies with their reports. 18. Enhancement (IMAG-4112) Allow ingest service users to upload multiple images and descriptions. 19. Enhancement (IMAG-4141) Modify the radiology filter in study REST services to include Cerner Central VistA Imaging Exchange Integration Adaptor (CCIA) studies. 20. Enhancement (IMAG-4180) Support Windows Server 2019. 21. Defect (IMAG-4187) Improve TIFF display, print, and export. 22. Defect (IMAG-3871) Handle DICOM SCP support for Cerner studies. 23. Enhancement (IMAG-4249) Add MUSE NX support. Patch Components: ----------------- N/A Files & Fields Associated: File Name (Number) Field Name (Number) New/Modified/Deleted ------------------ ------------------- -------------------- N/A Forms Associated: Form Name File Number New/Modified/Deleted --------- ----------- -------------------- N/A Mail Groups Associated: Mail Group Name New/Modified/Deleted --------------- -------------------- N/A Options Associated: Option Name Type New/Modified/Deleted ----------- ---- -------------------- N/A Protocols Associated: Protocol Name New/Modified/Deleted ------------- -------------------- N/A Security Keys Associated: Security Key Name ----------------- N/A Templates Associated: Template Name Type File Name (Number) New/Modified/Deleted ------------- ---- ------------------ -------------------- N/A Remote Procedures Associated: Remote Procedure Name New/Modified/Deleted --------------------- -------------------- N/A Parameter Definitions Associated: Parameter Name New/Modified/Deleted -------------- -------------------- N/A Additional Information: ----------------------- Blood Bank Team Coordination: N/A New Service Requests (NSRs): N/A Patient Safety Issues (PSIs): N/A Defect Tracking System Ticket(s) & Overview: (IMAG numbers are from VA Jira) 1. Enhancement (IMAG-3893) Digital Imaging and Communications in Medicine (DICOM) Service Class Provider (SCP) Improvements. A. DICOM Query Retrieve (QR) SCP retrieve missing accession numbers. Problem: -------- DICOM Query Retrieve (QR) SCP retrieve requests did not include accession numbers from VIX sites. Resolution: ----------- Study reports now include accession numbers and DICOM QR SCP retrieve requests now include accession numbers from VIX sites for the picklist (driven by the C-FIND response). B. Implement DICOM SCP direct image fetch from VistA and image share storage. Problem: -------- DICOM SCP CMOVE request service times are still not as fast as they can be. Resolution: ----------- DICOM SCP now goes directly to the home VistA for an exam using a BSE token for authentication and reads the exam data at that VistA. DICOM SCP uses this data to copy the files from the image storage where they exist. This removes unnecessary HTTPS and VistA RPC overhead resulting in faster CMOVE request service times. C. Ensure DICOM tags are valid for reports generated for exams homed at consolidated sites. Problem: -------- DICOM SCP generates a report with an invalid character in the studyUID DICOM tag for studies homed at a consolidated site. Resolution: ----------- DICOM SCP now generates a report with valid characters in the DICOM tags for studies homed at a consolidated site. D. Update VIX cache configuration to include DICOM SCP region and adjust DICOM SCP to use this region. Problem: -------- To avoid potential file contention with legacy architecture, DICOM SCP needs its own caching region. Resolution: ----------- The VIX cache has been configured to include a new region for the DICOM SCP. DICOM SCP now uses this cache region exclusively. E. Ensure date filtering has inclusive date searches. Problem: -------- Date searches for DICOM SCP were exclusive. Resolution: ----------- DICOM SCP now has inclusive date searches. F. Ensure date filtering has correct single before or after date searches. Problem: -------- Searching for a single before or after date returns all results regardless of date. Resolution: ----------- DICOM SCP now correctly searches for a single before or after date. G. Ensure DICOM QR SCP requests return as intended. Problem: -------- Some consumers using DICOM QR SCP were inadvertently querying different patients than intended. Resolution: ----------- DICOM Q/R SCP requests no longer supports querying by the Data File Number (DFN). 2. Enhancement (IMAG-3826) Improve Apache Tomcat startup time. Problem: -------- Apache Tomcat currently takes a significant amount of time to start up (greater than 2 minutes). Resolution: ----------- Modified Tomcat configuration files by setting the "stopStartThreads" value to "0" in "server.xml" and adding entries to Tomcat's "jarsToSkip" property in "catalina.properties" for "JAR" files which do not contain "TLD" entries. Now Apache Tomcat takes significantly less time to start up (less than 30 seconds). Further, the daily service restart script now destroys the Tomcat service if it has not stopped in 20 seconds to ensure it will startup in a reasonable amount of time. 3. Defect (IMAG 3635) Change default Release of Information (ROI) export queue priority and make configurable. Problem: -------- The default queue priority for ROI study queries or results was set to 1 which caused issues with ROI scheduling. Resolution: ----------- The default ROI export queue priority value is now 500 to help prevent ROI scheduling issues and also is a configurable value. 4. Enhancement (IMAG-3565) Java Logging Improvements. Problem: -------- Java logging is very verbose and produces large files that are difficult to use. Resolution: ----------- Java logging is now updating older logs by retaining them in archive folders with the date appended to their filenames in a zip format. Further, older logs exceeding a pre-defined size (default 250 MB) for each day roll over and a new log is generated with a number appended to their filenames after the date. The VIX installer now allows the selection of the drive to store the Java logs archive. The Java logs page now allows the download of logs in a subdirectory in the zip format. The Java logs page adds custom sorting by file size and date, adds a search box, adds filtering by the name of the log, and adds a start and end date and time filter. Log entries where Java exception stack traces provided no additional context or information have been removed. Reduced logging in MUSE study query failures to not include stack traces. Tomcat access logs are now available to record web server traffic for possible analysis and performance metrics. To reduce disk space requirements on the primary local drive, the retention periods of the Tomcat Java logs and VIX Transaction logs are now both five days, decreased from 10 days and 45 days respectively. To ensure the VIX transaction log retention period is properly applied, the maximum amount of time to purge VIX transaction log records has been increased from 10 minutes to 1 hour. 5. Defect (IMAG-3842) C-STORE Transaction Logging Shows Incorrect Image Counts. Problem: -------- The transaction log incorrectly displays one additional C-STORE transaction image count than occurs. Resolution: ----------- The off-by-one error in the transaction log is fixed and the transaction log displays the correct C-STORE transaction image count. 6. Enhancement (IMAG-3705, INC25102628) Installation and configuration changes and improvements. A. Include install logs in backup. Problem: -------- Prior to this change, the VIX Installer did not backup install logs when backing up critical configuration file folders. Further, the VIX Installer did not ever delete old backups during installation. Resolution: ----------- The VIX Install now backs up install logs in C:\VIXBackup so they can be referenced later. Further, the VIX Installer now deletes prior folder backups older than 1 year to maintain free disk space. B. Remove DoD page/window from VIX Installer Problem: -------- Prior to this change, the VIX Installer included a DoD page/window which was no longer used and taking up space. Resolution: ----------- The DoD page/window is no longer a part of the VIX Installer. C. Update VixCache drive letter in configuration file Problem: -------- Prior to this change, the VIX Installer allowed the VixCache drive letter to change during installation but this was not updated in the configuration file (ImagingExchangeCache-cache.xml) which caused the purge of the VixCache to fail. Resolution: ----------- The VIX Installer now correctly updates the VixCache drive letter in the configuration file (ImagingExchangeCache-cache.xml) if a new drive letter is selected during installation. The VIX correctly retrieves this drive letter and uses it when purging the VixCache. D. Clean-up/remove old SQL Server components. Problem: -------- Prior to this change, the VIX Installer included a prompt to uninstall SQL Server Express 2017 that was no longer used. Further, there was a need to help clean-up old SQL Server components that remained on VIX/CVIX servers. Resolution: ----------- The VIX Installer now does not include a prompt to uninstall SQL Server and includes scripts to clean-up old SQL server components. E. Manual purge of VIX Render SQLite database update. Problem: -------- Prior to this change, the VIX Installer included a prompt to manually purge the VIX Render SQLite database in a case it should not have and there was no documentation on how to purge the VIX Render database. Resolution: ----------- The VIX Installer now accounts for an additional case where it should not have prompted the user to purge the VIX Render SQLite database. Further, how to purge the VIX Render SQLite database is now described in supporting documentation. F. Prevent unnecessary query for Station 200 for patient's treating facility list. Problem: -------- When serving DoD metadata and images, CVIX unnecessarily queries Station 200 for the patient's treating facility list. Resolution: ----------- To prevent CVIX from unnecessarily querying Station 200 for the patient's treating facility list, a configuration change (the value for ensurePatientSeenAtDoD in CommandConfiguration.config) now defaults this behavior to not occur. G. Specify the port and protocol of MUSE configuration as part of the VIX install to support MUSE NX. Problem: -------- Prior to this change, in order to set-up or update the port and protocol for the MUSE configuration required for MUSE NX support, the configuration file required a manual update. Resolution: ----------- The VIX Installer's Specify the MUSE configuration page now allows the user to enter the MUSE port and specify the MUSE protocol. H. Update client authentication certificate bound on ports 343 and 344. Problem: -------- Prior to this change, the installer was not binding the latest client authentication certificate on ports 343 and 344. Resolution: ----------- The VIX Installer now unbinds an older client authentication certificate on ports 343 and 344 and removes this certificate from the certificate store. The VIX Installer also now binds the latest client authentication certificate on ports 343 and 344. 7. Enhancement (IMAG-3599) PowerShell upgrade from 5.1 to 7.2. Problem: -------- PowerShell has a more modern version released that is approved by the Technical Reference Manual (TRM). Resolution: ----------- The PowerShell version in MAG*3.0*303 was 5.1 and is upgraded to 7.2.4 to use a more modern version and maintain current and future compliance with the TRM. Further, installing PowerShell is now an included VIX Install Prerequisite instead of a manual step. 8. Enhancement (IMAG-3675, INC11589881) Commercial off-the-shelf (COTS) package updates for VA Technical Reference Manual (TRM) compliance. Problem: -------- COTS packages required an upgrade in accordance with the TRM. Resolution: ----------- The LibreOffice version in MAG*3.0*303 was 7.2.5 and upgraded to 7.3.5 in accordance with the TRM. The VIX Viewer's API documentation written in Open Application Programming Interface (API) Specification (OAS) in MAG*3.0*303 was 2.0 and upgraded to 3.1.0 in accordance with the TRM. The SQLite version in MAG*3.0*303 was 3.32.3 and upgraded to 3.39.3 in accordance with the TRM. The Laurel Bridge DICOM Connectivity Framework (DCF) in MAG*3.0*303 was 3.3.40c and upgraded to 3.3.68c in accordance with the TRM. The Tomcat version in MAG*3.0*303 was 9.0.58 and upgraded to 9.0.68 in accordance with the TRM. The Java version in MAG*3.0*303 was 8u331 and upgraded to 8u351 in accordance with the TRM. The maven version used for building Java components was upgraded to 3.8.6 in accordance with the TRM. 9. Defect (IMAG-3825) Enable HTTP Strict-Transport-Security "HSTS" in Apache Tomcat. Problem: -------- Apache Tomcat does not have HSTS enabled. This setting is a mechanism that informs web application users that the application can only be accessed via a secure connection (HTTPS). Resolution: ----------- Enabled "HSTS" in Tomcat configurations (via config/web.xml) and modified the Site Service web application to better handle this change by providing a response "Content-Type" HTTP header. 10. Defect (3827) Remove default webapps from Apache Tomcat. Problem: -------- Apache Tomcat installations contain the default web applications "manager" and "docs" which poses a security risk as it provides information about Apache Tomcat. Resolution: ----------- The web applications "manager" and "docs" are now removed during Apache Tomcat installation. 11. Enhancement (IMAG-3970) Implement Secure Token Service (STS) token as an alternative way VIX/CVIX uses for accessing VistA. Problem: -------- The Enterprise Precision Scanning and Indexing Automation (EPSI) team requested VIX/CVIX change from Broker Security Exchange (BSE) tokens to STS tokens as the primary way (for them) of accessing VistA. Resolution: ----------- VIX/CVIX now uses STS tokens as an alternative way to access VistA instead of BSE tokens. 12. Defect (IMAG-3979) Fix Server Message Block (SMB) buffer limit of 64 KB to prevent data transfer timeouts. Problem: -------- Querying CVIX data using SMB can result in long transfers and timeouts. The source code contained an adjustable buffer size that resulted in unpredictable buffer sizes leading to long data transfer times from SMB storage. Resolution: ----------- The adjustable buffer size is now fixed to 64 KB to prevent data transfer timeouts and prevent slow transfer speeds. 13. Defect (IMAG-3984) Add time zone handling and default read time out for Text Integration Utility (TIU) operations. A. Implement time zone handling in TIU operations. Problem: -------- Certain TIU operation requests like TIU note creation did not require or use time zones, which could result in loss of fidelity when calling between servers, such as if a VIX/VistA is in a different time zone. Resolution: ----------- Implemented time zone as a date/time format option for TIU note creation to preserve fidelity when calling between servers. B. Set default read time out for VIX availability during TIU note creation. Problem: -------- No default timeout when checking for VIX availability during TIU note creation led to long running CVIX threads. Resolution: ----------- Now there is a default timeout when checking for VIX availability during TIU note creation. 14. Enhancement (IMAG-3990 and IMAG-4168) Improve CVIX handling of Integration Control Numbers (ICNs) and Social Security Numbers (SSNs) with Legacy Viewer Sustainment (LVS). A. Improve handling of ICNs unknown to Station 200 by using LVS. Problem: -------- Previously, when DICOM SCP is used to query a patient whose ICN is unknown to station 200, VistA could not provide a treating facility list for that patient. Resolution: ----------- Now, DICOM SCP uses a different structure of Remote Procedure Calls (RPCs) to successfully retrieve the treating facility list from station 200. In the case VistA does not know the patient, VistA now fetches the treating facility list from Legacy Viewer Sustainment (LVS) and the Master Patient Index (MPI). B. Improve handling of SSNs in LVS. Problem: -------- Previously, when DICOM SCP is used to query a patient using an SSN, CVIX could not provide a treating facility list with an Electronic Data Interchange Personal Identifier (EDIPI) for that patient. Resolution: ----------- Now, given an SSN, DICOM SCP correctly fetches the treating facility list that includes a valid EDIPI. 15. Defect (IMAG-3999) Improve VIX study fetch from CVIX performance. Problem: -------- VIX DICOM SCP retrieval times for DoD study metadata (from CVIX) are often longer than acceptable. Resolution: ----------- Now VIX DICOM SCP goes directly to CVIX study REST services to retrieve DoD metadata which results in acceptable retrieval times for DoD study metadata in some cases. 16. Enhancement (IMAG-4084) Extend filter by specialization using DICOM modality. Problem: -------- The previous releases only supported a study filter for the radiology specialty in study REST API POSTs. There is a need to support other specialties while not impacting the previous API calls and results. Resolution: ----------- Created a matrix with standard DICOM and VA specific modalities and mapped those to specialization (cl_cardiology,cl_dermatology, cl_dicom, cl_dental, cl_eyecare, cl_other, cl_radiology). Combined study level and study modality and used to match against the map. This applies to any POST of a study Rest service uses a study filter. The specialization mappings are defined in a configuration file (DicomCategoryFilterConfiguration.config) and like all configuration files, can be updated if desired. Further, the specialization mappings can be added in the DICOM SCP configuration (ScpConfiguration.config) for each calling AE title using the new studyQueryFilter property. 17. Enhancement (IMAG-4086) Create a new study Representational State Transfer (REST) services application programming interface (API) to retrieve a list of shallow studies with their reports. Problem: -------- Clients were occurring overhead in their system because they request a list of studies and then iterate each study and request the report. This caused poor performance. Resolution: ----------- Added two new interfaces while maintaining the existing web services. Reduced the list of studies and reports to a single transaction and delegated the report retrieval to the VIX. This increased performance by up to 10 times. 18. Enhancement (IMAG-4112) Allow ingest service users to upload multiple images and descriptions. Problem: -------- Ingest service users must separately upload each image and image description to the ingest service. Resolution: ----------- Modify the ingest service to allow multiple images and their image descriptions to be uploaded in a single payload. 19. Enhancement (IMAG-4141) Modify the radiology filter in study REST services to include Cerner Central VistA Imaging Exchange Integration Adaptor (CCIA) studies. Problem: -------- The CVIX study webservice procedure filter for the legacy radiology filter doesn't include the Cerner studies. This is because the procedureDescription is used for all the VIX/VistA studies and the CCIA data populates the studyModalities instead of the procedureDescription. Resolution: ----------- The VIX/CVIX was updated to combine both the current field procedureDescription and studyModalities. This only applies to the new categories implemented in IMAG-4084. 20. Enhancement (IMAG-4180) Support Windows Server 2019. Problem: -------- VIX administrators are interested in upgrading to Windows Server 2019 that was not supported. Resolution: ----------- Software Quality Assurance (SQA) testing passed on MAG*3.0*329 running on Windows Server 2019. Required VIX server hardware requirements for Windows Server 2019 include four central processing units (CPUs), 32 GBs of random access memory (RAM), a primary local drive with 150 GBs of disk space, and a dedicated local drive for the VIX cache with 500 GBs of disk space. 21. Defect (IMAG-4187) Improve TIFF display, print, and export. Problem: -------- The following problems occurred in the VIX Image Viewer: 1) TIFF processing was slow; 2) When viewing the first page, it was poorly positioned and forced the user to pan to begin reading; 3) When printing or exporting a TIFF with multiple pages, the result was unusable. Resolution: ----------- Now the VIX Image Viewer converts all TIFF images to both JPEGs and PDFs which provides several improvements. 1) The VIX Image Viewer now immediately displays the first set of JPEGs as soon as creating them. The user does not need to wait until converting the entire PDF before viewing the TIFF. The VIX Image Viewer notifies the user when the PDF is ready for print and export. A new status message in the lower right-hand corner of the web page indicates the PDF is ready. The new Print and Export toolbar icons also show the PDF is ready. 2) The display of the first page is now fit-to-width and justified to the upper left-hand corner of the page. 3) All printing and exporting of TIFFs are now to PDF with correct scaling. 22. Defect (IMAG-3871) Handle DICOM SCP support for Cerner studies. Problem: -------- Cerner studies appear in the CFIND results using DICOM SCP for the VIX and CVIX but do not load. Resolution: ----------- Cerner studies have been removed from the blacklist and now DICOM SCP can retrieve these studies through the web services on CCIA. New handling is place for the data returned from these web services to allow CMOVE requests to be served successfully. 23. Enhancement (IMAG-4249) Add MUSE NX support. Problem: -------- The VIX did not support the use of MUSE NX. Resolution: ----------- The VIX now supports MUSE NX by correctly using the protocol tag ("http" or "https") in the MUSE configuration file and internal behavior allows for MUSE NX to respond. Test Sites: ----------- * Captain James A. Lovell Federal Health Care Center * Philadelphia VA Medical Center * Pudget Sound Health Care System * VA Tennessee Valley Healthcare System Software and Documentation Retrieval Instructions: --------------------------------------------------------------- This release includes software files. Client installer software files can also be obtained by accessing the URL: https://download.vista.domain.ext/index.html/SOFTWARE File Title File Name -------------------------------------------------------------------------- VistA Imaging Exchange (VIX) Installer MAG3_0P329_VIX_SETUP.MSI VistA Imaging Exchange (VIX) Certificate MAG3_0P329_CERTIFICATE.ZIP Central VistA Imaging Exchange (CVIX) Installer* MAG3_0P329_CVIX_SETUP.MSI Documentation describing the new functionality is included in this release. Documentation can be found on the VA Software Documentation Library at: https://www.domain.ext/vdl/application.asp?appid=105. Documentation can also be obtained at https://download.vista.domain.ext/index.html/SOFTWARE. Documentation Title File Name -------------------------------------------------------------------------- Deployment, Installation, Backout, and Rollback Guide MAG3_0P329_DIBORG.PDF VistA Imaging Exchange (VIX) Installation Guide MAG3_0P329_VIX_INSTALLATION_GUIDE.PDF Central VistA Imaging Exchange (CVIX) Installation Guide* MAG3_0P329_CVIX_INSTALLATION_GUIDE.PDF VistA Imaging Exchange (VIX) Administration Guide MAG3_0P329_VIX_ADMINISTRATION_GUIDE.PDF CVIX Administrator's Guide and Product Operations Manual* MAG3_0P329_CVIX_POM.PDF *Note: Only the VIX client for MAG*3.0*329 should be installed at medical centers. As a result, the CVIX Installer and related CVIX installation files are not provided to sites on the Network File Shares. Patch Installation: ------------------- Pre/Post Installation Overview: N/A Pre-Installation Instructions: For pre-installation instructions, please see the MAG3_0P329_VIX_INSTALLATION_GUIDE.PDF for more detail. Installation Instructions: This is an informational patch. For VIX installation instructions, please see the MAG3_0P329_VIX_INSTALLATION_GUIDE.PDF for more detail. Post-Installation Instructions: For post-installation instructions, please see the MAG3_0P329_VIX_INSTALLATION_GUIDE.PDF for more detail. Rollback, Back Out, or Uninstalling MAG*3.0*329 MSI -------------------------------------------------- If it is necessary to uninstall the MAG*3.0*329 VIX MSI, use the Uninstall option from Windows Control Panel to uninstall: "VIX Service Installation Wizard 30.329.3.8115". Then install the previous version of VIX, which was included in MAG*3.0*303. To back out the VIX and replace it with the prior version, please see the MAG3_0P329_VIX_INSTALLATION_GUIDE.PDF for more detail. The versions should be validated during uninstall, rollback or back-out if necessary. Routine Information: ==================== No routines included. ============================================================================= User Information: Entered By : Date Entered : FEB 18, 2022 Completed By: Date Completed: MAY 15, 2023 Released By : Date Released : MAY 15, 2023 ============================================================================= Packman Mail Message: ===================== No routines included