Automatic test systems designed to validate the performance of military and aerospace products have always been held to a higher standard; emerging threats to data security and instrumentation integrity continue to raise this bar.
The days when automatic test systems could operate with relative autonomy in standalone mode or on isolated test networks are slowly disappearing as the demand to quickly share data between internal team members, or with external customers, continues to grow.
Test system complexity is constantly evolving in response to advances in military electronics such as radar, electronic warfare, software defined radios and stores management systems.
Rogue nation states employ ever more sophisticated techniques in an attempt to disrupt critical systems and infrastructure, but more critical are the less publically acknowledged attempts to infiltrate sensitive Department of Defense assets. Accessing test results from an F-35 radar TPS may not seem like the holy grail of hacks to the layman, but compromised data could potentially shed light on enough of the radar’s operational characteristics to aid in the development of effective countermeasures.
Test engineers must now expand their scope of concern beyond evaluating and qualifying the UUT, to ensuring that the entire test system operates securely in an evolving cyber threat environment, including mitigation of both software and hardware threats. Basic safeguards such as individual password protected login and automatic inactivity logout can provide a means to control local system access, but this will not protect against online cyber threats. Evaluation and selection of a test development environment must include essential protections such as encryption of the binary source code for drivers, program files and system files, TPS and user event log recording and audit of configuration changes.
Furthermore, one can no longer assume that instrumentation and other devices that comprise a test system are intrinsically safe when returned from repair or calibration. Counterfeit parts / components can not only impact the functionality of an instrument by degrading specified performance, but they can also contain embedded malware designed to compromise data or modify operation. Selecting suppliers and calibration partners certified to AS9100D, and who adhere to AS5553 best practices, will minimize this threat.
Our connected world, coupled with the proliferation and availability of compromised hardware components, increases the burden placed on test engineers to effectively test the UUT while protecting it from malicious attacks that could compromise the safety and effectiveness of the warfighter.
For more detailed look at ATE system cybersecurity considerations and best practices, download our white paper, Countering Cybersecurity and Counterfeit Material Threats in Test Systems