Cyber security for automatic test equipment

机译：网络安全自动测试设备

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

The initial focus for the cyber security community has been to make operating systems and networks more secure and harder to penetrate. These improvements are making it more difficult to exploit these systems, driving attackers to turn their attention to embedded systems and hardware exploitation. It is expected that new threats from improperly secured embedded operating systems, poorly defended firmware applications, and weak hardware communication protocols will be the next generation of attacks that have a high probability to significantly affect the maintenance community over the next few years. In essence, attackers will be viewing test equipment as the `PC equivalent of USB devices'. By exploiting trusted relationships in hardware systems, malware can be transported through the maintenance equipment causing infection or misconfiguration of mission critical systems. These infections can spread to other parts of the weapons platform or potentially lay in wait until some predefined action occurs to expose itself and alter the intended mission or cause catastrophic damage to the weapons platform. This paper provides a survey of potential threats in DoD maintenance equipment. Where applicable, we provide best practices for identifying and mitigating these threats through the application of defense-in-depth Offensive Architecting? for hardware and embedded systems.

机译：网络安全社区的初始焦点是使操作系统和网络更安全，更难渗透。这些改进正在利用这些系统，驱动攻击者将注意力转向嵌入式系统和硬件剥削更难。预计从不正确的嵌入式操作系统，防御性固件应用程序不良和弱硬件通信协议的新威胁将是下一代攻击，这对未来几年显着影响维护社区的概率很高。从本质上讲，攻击者将将测试设备视为USB设备的PC等效物。通过利用硬件系统中的可信关系，可以通过维护设备运输恶意软件，导致关键任务系统的感染或错误配置。这些感染可以蔓延到武器平台的其他部分或潜在地搁置，直到一些预定义的行动发生，以暴露自己并改变预期的使命或对武器平台造成灾难性的损害。本文提供了对国防部维护设备的潜在威胁的调查。在适用的情况下，我们通过应用防御进攻架构来提供最佳实践，用于识别和减轻这些威胁？用于硬件和嵌入式系统。

著录项

来源
《IEEE AUTOTESTCON》|2017年|350p|共4页
会议地点
作者
Neal Young;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP273-53;
关键词
Testing; Hardware; Computer security; Malware; Maintenance engineering; Universal Serial Bus;

机译：测试;硬件;计算机安全;恶意软件;维护工程;通用串行总线;

相似文献

外文文献
中文文献
专利

1. Cyber security for automatic test equipment [J] . Neal Young, Ronald Drees Instrumentation & Measurement Magazine, IEEE . 2018,第4期

机译：自动测试设备的网络安全
2. Table Top Wargaming: Cost Effective Planning for Cyber Security Test and Evaluation: Or, How I Learned to Stop Worrying and Love the Six-Phase Cyber Security T&E Process [J] . Paola Pringle, Hank Steinfeld, Patrick Lardieri The ITEA Journal . 2016,第3期

机译：桌面Wargaming：网络安全测试和评估的经济有效计划：或者，我如何学会不再担心并热爱六阶段网络安全T＆E流程
3. Instrumentation: Automatic test equipment; hardware and software: The need for standard languages and sophisticated interfaces is paced by the expanding applications for automatic testing [J] . Eleccion M. Spectrum, IEEE . 1976,第6期

机译：仪表：自动测试设备；硬件和软件：扩展的自动测试应用程序满足了对标准语言和复杂接口的需求
4. Cyber security for automatic test equipment [C] . Neal Young 2017 IEEE AUTOTESTCON . 2017

机译：自动测试设备的网络安全
5. Cybersecurity testing and intrusion detection for cyber-physical power systems. [D] . Pan, Shengyi. 2014

机译：网络物理电源系统的网络安全测试和入侵检测。
6. Human factors in cybersecurity; examining the link between Internet addiction impulsivity attitudes towards cybersecurity and risky cybersecurity behaviours [O] . Lee Hadlington 2017

机译：网络安全中的人为因素；研究互联网成瘾冲动性对网络安全的态度以及危险的网络安全行为之间的联系
7. Cyber Security Exercises: Testing an Organization’s Ability to Prevent, Detect, and Respond to Cyber Security Events [O] . Gregory B. White 2008

机译：网络安全演习：测试组织预防，检测和响应网络安全事件的能力

Cyber security for automatic test equipment

摘要

著录项

相似文献

相关主题

期刊订阅