Narrative:

For over a year; I have been trying to have management address a serious concern regarding the security of the maintenance computer system and ancillary computer system. One issue was about engineering not having control over technical documentation reference within the ancillary computer system extension.I expressed the issue of security within maintenance computer system / ancillary computer system. Some of the concerns are; anyone can access the maintenance computer system and use anyone's file number to sign off a unit as serviceable without that person knowing it had been done. Once the unit is serviceable in the maintenance computer system; anyone could make a label within the ancillary computer system; which would show the file number of the unaware person on a calibration label with updated calibration date. This is without finishing the sign off process in ancillary computer system. Other issues found by other technicians and myself are: the unit wouldn't need to be made serviceable as stated above to be able to make an updated calibration label. When the unit is made unserviceable if the person preforming the function uses todays date in maintenance computer system; it will automatically update the calibration date by whatever the cycle for the unit is. I have brought this issue up in the calibration team; multiple times over the last year. The issue continues to remain and no actions have been taken to resolve our concerns of security; safety; or compliance for tooling at company.suggested resolution: secure the database. Also engineering control over database concerning technical information.

Google
 

Original NASA ASRS Text

Title: A Maintenance Technician reported ongoing concerns with the aircraft parts computer systems.

Narrative: For over a year; I have been trying to have Management address a serious concern regarding the security of the Maintenance Computer System and Ancillary Computer System. One issue was about Engineering not having control over technical documentation reference within the Ancillary Computer System extension.I expressed the issue of security within Maintenance Computer System / Ancillary Computer System. Some of the concerns are; anyone can access the Maintenance Computer System and use anyone's file number to sign off a unit as serviceable without that person knowing it had been done. Once the unit is serviceable in the Maintenance Computer System; anyone could make a label within the Ancillary Computer System; which would show the file number of the unaware person on a calibration label with updated calibration date. This is without finishing the sign off process in Ancillary Computer System. Other issues found by other technicians and myself are: The unit wouldn't need to be made serviceable as stated above to be able to make an updated calibration label. When the unit is made unserviceable if the person preforming the function uses todays date in Maintenance Computer System; it will automatically update the calibration date by whatever the cycle for the unit is. I have brought this issue up in the Calibration team; multiple times over the last year. The issue continues to remain and no actions have been taken to resolve our concerns of security; safety; or compliance for Tooling at Company.Suggested Resolution: Secure the database. Also engineering control over database concerning technical information.

Data retrieved from NASA's ASRS site and automatically converted to unabbreviated mixed upper/lowercase text. This report is for informational purposes with no guarantee of accuracy. See NASA's ASRS site for official report.