Visible to the public Information Assurance in modern ATE

TitleInformation Assurance in modern ATE
Publication TypeConference Paper
Year of Publication2018
AuthorsHeadrick, W. J., Dlugosz, A., Rajcok, P.
Conference Name2018 IEEE AUTOTESTCON
Keywordsanti-virus, ATE, ATE OS settings, ATE system software, automatic test equipment, composability, computer, computer viruses, Computers, cyber security, electronic devices, Human Behavior, information assurance, Instruments, Internet, Metrics, Microsoft Windows, operating system, operating systems (computers), policy-based governance, pubcrawl, Resiliency, security, security of data, software footprint, Task Analysis, Tools

For modern Automatic Test Equipment (ATE) one of the most daunting tasks is now Information Assurance (IA). What was once at most a secondary item consisting mainly of installing an Anti-Virus suite is now becoming one of the most important aspects of ATE. Given the current climate of IA it has become important to ensure ATE is kept safe from any breaches of security or loss of information. Even though most ATE are not on the Internet (or even on a network for many) they are still vulnerable to some of the same attack vectors plaguing common computers and other electronic devices. This paper will discuss some of the processes and procedures which must be used to ensure that modern ATE can continue to be used to test and detect faults in the systems they are designed to test. The common items that must be considered for ATE are as follows: The ATE system must have some form of Anti-Virus (as should all computers). The ATE system should have a minimum software footprint only providing the software needed to perform the task. The ATE system should be verified to have all the Operating System (OS) settings configured pursuant to the task it is intended to perform. The ATE OS settings should include password and password expiration settings to prevent access by anyone not expected to be on the system. The ATE system software should be written and constructed such that it in itself is not readily open to attack. The ATE system should be designed in a manner such that none of the instruments in the system can easily be attacked. The ATE system should insure any paths to the outside world (such as Ethernet or USB devices) are limited to only those required to perform the task it was designed for. These and many other common configuration concerns will be discussed in the paper.

Citation Keyheadrick_information_2018