Software Engineering Radio - the podcast for professional software developers SE Radio 668: Steve Summers on Securing Test and Measurement Equipment
May 13, 2025
Steve Summers, the Security lead for aerospace and defense systems at NI, dives into the vital topic of securing test and measurement equipment. He clarifies the distinctions between operational technology (OT) and information technology (IT) while discussing pressing security challenges faced within OT systems. The conversation spotlights the CompactRIO system's security intricacies, including its specialized Linux distribution and the importance of FPGAs. Additionally, they touch on evolving regulations and the need for robust cybersecurity practices in safety-critical industries.
AI Snips
Chapters
Transcript
Episode notes
Stuxnet Breached Air-Gapped Networks
- Stuxnet infection showed how even air-gapped OT networks can be compromised via USB sticks.
- This challenged the belief that isolated networks are inherently secure.
Challenge of Aging OT Systems
- OT test systems often have outdated software and hardware due to limited funding for ongoing maintenance.
- Continuous updates are crucial for security, but many OT systems struggle to implement them.
US OT Security Regulation Landscape
- US government regulations like CMMC enforce strict security for defense-related OT products.
- Commercial products face fewer mandates and rely on company-driven standards.