Information Assurance in modern ATE

2018 IEEE AUTOTESTCON Pub Date : 2018-09-01 DOI:10.1109/AUTEST.2018.8532516

W. J. Headrick, Anne Dlugosz, Paul J. Rajcok

{"title":"Information Assurance in modern ATE","authors":"W. J. Headrick, Anne Dlugosz, Paul J. Rajcok","doi":"10.1109/AUTEST.2018.8532516","DOIUrl":null,"url":null,"abstract":"For modern Automatic Test Equipment (ATE) one of the most daunting tasks is now Information Assurance (IA). What was once at most a secondary item consisting mainly of installing an Anti-Virus suite is now becoming one of the most important aspects of ATE. Given the current climate of IA it has become important to ensure ATE is kept safe from any breaches of security or loss of information. Even though most ATE are not on the Internet (or even on a network for many) they are still vulnerable to some of the same attack vectors plaguing common computers and other electronic devices. This paper will discuss some of the processes and procedures which must be used to ensure that modern ATE can continue to be used to test and detect faults in the systems they are designed to test. The common items that must be considered for ATE are as follows: The ATE system must have some form of Anti-Virus (as should all computers). The ATE system should have a minimum software footprint only providing the software needed to perform the task. The ATE system should be verified to have all the Operating System (OS) settings configured pursuant to the task it is intended to perform. The ATE OS settings should include password and password expiration settings to prevent access by anyone not expected to be on the system. The ATE system software should be written and constructed such that it in itself is not readily open to attack. The ATE system should be designed in a manner such that none of the instruments in the system can easily be attacked. The ATE system should insure any paths to the outside world (such as Ethernet or USB devices) are limited to only those required to perform the task it was designed for. These and many other common configuration concerns will be discussed in the paper.","PeriodicalId":384058,"journal":{"name":"2018 IEEE AUTOTESTCON","volume":"54 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE AUTOTESTCON","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AUTEST.2018.8532516","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

For modern Automatic Test Equipment (ATE) one of the most daunting tasks is now Information Assurance (IA). What was once at most a secondary item consisting mainly of installing an Anti-Virus suite is now becoming one of the most important aspects of ATE. Given the current climate of IA it has become important to ensure ATE is kept safe from any breaches of security or loss of information. Even though most ATE are not on the Internet (or even on a network for many) they are still vulnerable to some of the same attack vectors plaguing common computers and other electronic devices. This paper will discuss some of the processes and procedures which must be used to ensure that modern ATE can continue to be used to test and detect faults in the systems they are designed to test. The common items that must be considered for ATE are as follows: The ATE system must have some form of Anti-Virus (as should all computers). The ATE system should have a minimum software footprint only providing the software needed to perform the task. The ATE system should be verified to have all the Operating System (OS) settings configured pursuant to the task it is intended to perform. The ATE OS settings should include password and password expiration settings to prevent access by anyone not expected to be on the system. The ATE system software should be written and constructed such that it in itself is not readily open to attack. The ATE system should be designed in a manner such that none of the instruments in the system can easily be attacked. The ATE system should insure any paths to the outside world (such as Ethernet or USB devices) are limited to only those required to perform the task it was designed for. These and many other common configuration concerns will be discussed in the paper.

查看原文本刊更多论文

现代ATE中的信息保障

对于现代自动测试设备(ATE)来说，现在最艰巨的任务之一是信息保障(IA)。曾经最多是次要的项目，主要包括安装反病毒套件，现在已成为ATE最重要的方面之一。鉴于当前IA的环境，确保ATE不受任何安全破坏或信息丢失的影响变得非常重要。即使大多数ATE不在Internet上(甚至对许多人来说不在网络上)，它们仍然容易受到一些困扰普通计算机和其他电子设备的相同攻击向量的攻击。本文将讨论一些必须使用的过程和程序，以确保现代ATE可以继续用于测试和检测它们设计用于测试的系统中的故障。ATE系统必须具有某种形式的反病毒(所有计算机都应该如此)。ATE系统应该具有最小的软件占用，只提供执行任务所需的软件。应该对ATE系统进行验证，确保所有的操作系统(OS)设置都按照它要执行的任务进行了配置。ATE操作系统设置应该包括密码和密码过期设置，以防止非预期系统上的任何人访问。ATE系统软件的编写和构造应该使其本身不容易受到攻击。ATE系统的设计应使系统中的任何仪器都不容易受到攻击。ATE系统应该确保通往外部世界的任何路径(例如以太网或USB设备)仅限于执行其设计任务所需的路径。本文将讨论这些和许多其他常见的配置问题。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 IEEE AUTOTESTCON

自引率

0.00%

发文量