Software Engineering Radio - the podcast for professional software developers SE Radio 668: Steve Summers on Securing Test and Measurement Equipment
May 13, 2025
Steve Summers, the Security lead for aerospace and defense systems at NI, dives into the vital topic of securing test and measurement equipment. He clarifies the distinctions between operational technology (OT) and information technology (IT) while discussing pressing security challenges faced within OT systems. The conversation spotlights the CompactRIO system's security intricacies, including its specialized Linux distribution and the importance of FPGAs. Additionally, they touch on evolving regulations and the need for robust cybersecurity practices in safety-critical industries.
AI Snips
Chapters
Transcript
Episode notes
Critical Role of Test Equipment Security
- Test and measurement equipment interfaces the physical and virtual worlds, making security critical.
- Compromise can lead to physical harm or control over critical real-world systems.
Higher Risks in Operational Technology
- Operational Technology (OT) systems have higher risk impact than typical IT systems.
- OT failures can disrupt essential services like power and gas, causing severe consequences.
Two Threat Vectors in OT Systems
- Two main OT threat models: test equipment as an attack vector to spread malware and industrial control systems as critical targets.
- Malicious code in test lines can propagate insecure devices to consumers.