|
||||
News and Information about the Test of Electronics in Research & Design, Production, Maintenance, and Installation. | ||||
Main MenuNewsletterNews AreaInfo AreaWeblinksProduct Focus |
Readers Top 5 News of last 30 days
News - Board and System TestBackground: LXI Security04 June 2018 - Security is a critical attribute of industrial networks and Industry is giving a growing amount of attention to cybersecurity issues. Since LXI instruments are connected to company networks cybersecurity is also an important topic for LXI. This article gives an overview on the general security concepts and provides a summary of the current state of the LXI Security Working Group discussions and proposals for Test Engineers setting up LXI based test systems and IT departments supervising the company network. LXI instruments are connected to company networks. Depending on the test setup for the LXI instruments there are different levels of risk introduction:
You can find the different setups and their pros and cons on the LXI Consortium web site. LXI Security Ecosystem The following standards are relevant for cybersecurity for A&D and industrial test systems which the LXI Security WG took into consideration:
When we look at the LXI Security Ecosystem there are commonalities which LXI instruments share with IoT (Consumer Internet of Things), IIoT (Industrial Internet of Things) and IT (Information Technology). These observed communalities are device security, data security and network security. Primary goals for security within industrial networks are following the key principles C.I.A. which means Confidentiality, Integrity and Authenticity. Confidentiality ensures that data transported in the network cannot be read by anyone but the intended recipient. Integrity means any message received is confirmed to be exactly the message that was sent, without additions, deletions or modifications of the content and finally Authenticity ensures that a message that claims to be from a given source is, in fact, from that source. The following communication channels are used within LXI Test Systems:
To ensure secure communication between test computers and LXI instruments encryption is required. The standard for encryption for the remote control of LXI instruments is TLS (Transport Layer Security) and for the web browser interface HTTPS (secure HTTP) which combines the HTTP protocol with TLS. Transport Layer Security (TLS) Transport Layer Security (TLS) is a protocol that provides privacy and data integrity between two communicating applications. It's the most widely deployed security protocol used today and is used for Web browsers and other applications that require data to be securely exchanged over a network, such as file transfers, VPN connections, instant messaging and voice over IP. Public Key Infrastructure (PKI) In the Public Key Infrastructure (PKI), digital certificates are based on public key cryptography. The PKI consists of a set of components, policies, protocols, and technologies that provide data authentication, integrity, and confidentiality through the use of certificates, and public and private keys. Digital certificates Certificates are the foundation of the PKI. The certificate contains the public key of the user e.g. the LXI instrument. The public key can be used to encrypt and sign data before it is transmitted over the network to the LXI instrument. The digital certificate contains information such as the certificate version, serial number, signature, issuer, and validity period, among other information. Certification Authorities (CAs) A Certificate Authority (CA) is a trusted entity that generates and validates digital certificates to users, computers, applications, and services. The CA adds its own signature to the public key of the client. This essentially indicates that the public key can be considered valid, by those parties that trust the CA. Mutual Authentication & Encryption To start the communication between a client (test computer) and a server (LXI instrument) the client verifies the server identity via the certificate. For LXI test systems this is a mutual authentication step because the server also verifies the client identity. Certificates for LXI Devices The LXI Security WG proposes to use two different certificates for remote control and the secure web browser interface. Summary The LXI Security Working Group proposes the described general security measures and concepts for LXI based test systems. We will follow-up with more articles on the technical details for the secure HiSLIP protocol and the secure web browser interface using X.509 certificates. www.tsep.de/ Related Articles: |
Upcoming Events More events...
Tag CloudOscilloscope
JTAG
Boundary Scan
Goepel
PXI
Rohde & Schwarz
Tektronix
Keysight
AOI
Anritsu
National Instruments
Inspection
Teledyne LeCroy
Aeroflex
LTE
Yokogawa
AXI
Spectrum Analyzer
Keithley
In-Circuit-Test
Signal Analyzer
Automotive
EMC-Test
Signal Generator
Advantest
Multitest
B&K Precision
Corelis
Power Supply
SPI
Flying Prober
Teseq
Cognex
Switching
Teradyne
Viscom
Pickering
Fluke
GAO Tek
PCIe
|
||
© All about Test 2018 |