Summary
Recommendations for improving the security of networked Teledyne LeCroy Windows-based oscilloscopes.

Additional Formats
PDF

Introduction

Currently manufactured Teledyne LeCroy oscilloscopes utilize either the 64-bit Microsoft^® Windows^® 10 Professional or 32-bit Microsoft CE platforms to support the oscilloscope application. From a networking perspective, they are for all intents and purposes Personal Computers (PCs).

Using a commonly available computer operating system such as Microsoft Windows on a Teledyne LeCroy oscilloscope offers a multitude of advantages, such as the ability to link third-party software to oscilloscope operations and to connect to a wide variety of hardware. The downside of using a common operating system is the threat of malware.

Malware (including but not limited to viruses, Trojan horses, worms, bots, keyloggers and spyware) can infect a PC via many paths. Examples include websites, USB memory sticks, emails and your local area network. Simply connecting an unprotected PC (i.e., unprotected Windows-based oscilloscope) to a "compromised" network is enough to infect the PC within seconds. Likewise, a compromised oscilloscope can infect an entire network.

This technical brief outlines practices Teledyne LeCroy strongly encourages all users to follow to minimize the risks that malware presents. Remember, the time you spend attending to oscilloscope network security is minimal compared to the cost of having to clean up an infected instrument. . .or network!

Factory Security Measures

Teledyne LeCroy is dedicated to ensuring that our oscilloscopes are free of any malware throughout the manufacturing process, and we have taken aggressive steps to make sure that all oscilloscopes leave our manufacturing facility virus free:

Oscilloscopes are manufactured on an isolated, secure, virus free network with no internet access.
Oscilloscopes are virus scanned and updated with all critical operating system updates before shipping, and a DSO security certificate is included.
All "demo" oscilloscopes carried by sales engineers have NOD32 installed.
All products shipping from the New York factory running Windows 10 LTSC have the built-in protection of Microsoft Defender suite enabled, which provides basic system protection out of the box.

These steps help to guarantee that any oscilloscope will be virus-free when delivered, but from that point on, it is the user's responsibility to ensure the security of the oscilloscope. Below are our recommended actions for protecting networked oscilloscopes.

Recommended Oscilloscope Security Measures

Consult with Your IT Department Regarding Security Policies

Before connecting any oscilloscope to your company's network, consult with your IT Department to find out what policies apply to personal computers. Remember that although the oscilloscope behaves as a test and measurement instrument, to the network it appears to be a computer. Follow your company's PC security policies with regards to user privileges and virus protection.

Regularly Install OS and Application Updates and Patches

There are more than a million known malware threats targeting PCs, a number which grows daily. Operating System developers devote much time and energy to patching security breaches, but developers of malware are always looking for new weaknesses to exploit. Regularly installing Windows security fixes and updated virus definitions greatly reduces the probability of infection, although it can never eliminate it completely.

Also regularly install oscilloscope firmware upgrades , which will include MAUI^® application updates that support Windows security updates.

Install Antivirus Software on Oscilloscopes

After careful research and consideration, Teledyne LeCroy selected the NOD32 package from ESET for use on Teledyne LeCroy-owned oscilloscopes, and we recommend this to our customers as an anti-virus package well suited to the needs of a Windows-based oscilloscope.

NOD32 has a very high detection rate and includes real-time protection against both known and potential security threats. It scans quickly and has a small footprint, which helps to minimize the boot time of the oscilloscope. ESET and the NOD32 package are well-known and highly respected among IT and network security professionals.

Regularly Run Virus Scans and Update Virus Definitions

It is important that you periodically run a virus scan on any oscilloscope that is connected to a network. Configure your anti-virus software to periodically scan the system automatically at a time when the oscilloscope is not in use.

It is also important to keep the virus definitions up to date to ensure your anti-virus software is performing optimally. Teledyne LeCroy recommends checking virus definition updates on a weekly basis, or else let the application check by itself as it runs in the background. Windows 10 will automatically check for updates and give the user notification of those updates available and ready to be installed. NOD32 automatically updates its virus definitions when connected to the internet, so keeping the definitions up to date is very simple. Be sure to always update the OS and anti-virus definitions when advised to do so by your company's System Administrator or IT department.