Fiber optic, shielded copper, and foil-shielded, unshielded-twisted-pair (UTP) cables are among the hardware solutions implemented to meet stringent data security networking protocols.
Critical computer networks dedicated to the storage and transmission of sensitive government, military, and national security data safeguard such information with robust security parameters and processes including firewalls, passwords, biometrics, and access cards. The information security measures specified for a given network are dictated by the nature of the data they’re meant to protect, with classified networks requiring both digital and physical protection that extends from software to network cables.
Information Security Measures
Information security measures can be divided into personnel, physical, operational, information, and electromagnetic categories. Personnel-level security measures are the most vulnerable to exploitation, as paying, bribing, or otherwise coercing workers for access or information is the fastest, least costly, and least risky method of exploitation. Physical protection measures aim to prevent adversaries from obtaining direct access to facilities, systems, cabling, and information, and are generally a bit more difficult to exploit. Operational security measures aim to minimize errors in the configuration and operation of systems and to limit the ways in which sensitive information can leak out, and are almost always paired with information security measures, which aim to prevent outside access to digital information through encryption, firewalls, and other bitstream protection measures. Similarly, electromagnetic security aims to prevent the reception of signal emanations from equipment and cabling that could allow an adversary some distance away to intercept and decode communications signals.
Physical Security Measures
Physical security measures fall into multiple categories, are often combined for maximum protection, and must be implemented in addition to information security measures in order to reliably prevent unauthorized access to network cabling and connected equipment. The government uses protected distribution systems (PDS) ranging from glued conduit and piping to alarms and video monitoring to physically protect network cabling. Operational security measures for critical military networks often include documenting and labeling the cabling and connected equipment to mitigate the possibility of mistakenly allowing classified information to be transmitted to uncontrolled media or unauthorized personnel to access sensitive cabling and equipment. Distribution labeling is an effective operational security measure that helps control access by clearly labeling, appropriately securing, and routinely surveying each and every cable termination point to prevent and detect unauthorized network ingress or egress. Documentation and periodic inspection serve to both address potential network breach points as well as to identify and terminate actual breaches.
Critical military networks also require physical protection that extends beyond restricting physical accessibility. Networks dedicated to the storage and transmission of highly classified data, like those at the Department of Homeland Security, must also physically prevent network cables from emitting detectible, discernable signals. Limiting all potentially compromising emanations to within safe, strictly controlled spaces falls under what the US government refers to as EMSEC (Emissions Security), INFOSEC (Information Security), and TEMPEST (Telecommunications Electronics Material Protected from Emanating Spurious Transmissions and/or Transient Electromagnetic Pulse Emanation Standard). These programs assure that normally radiated network signals are effectively shielded from outsiders.
Radiated signals or emissions occur in every piece of computer equipment and in all copper cabling. The US Federal Communications Commission (FCC) controls the amount of allowable emissions but international counterparts, like the International Electrotechnical Commission’s (IEC’s) International Special Committee on Radio Interference (CISPR) also exist. The unwanted variety of signal emissions are known as compromising emanations. Compromising emanations can be transmitted through power lines or data and telephone cabling, or radiated through the air. When a compromising emission is received or intercepted, it’s possible for the signals to be reconstituted, revealing the secure information. Microchips, diodes, transistors, and other non-linear electronic components in data processing equipment are all potential sources of compromising emanations. Signals on copper cables — and especially data signals, whose sharp transitions produce significantly higher-frequency signals — can also create compromising emanations.
TEMPEST, which is both a US government acronym for Telecommunications Electronics Material Protected from Emanating Spurious Transmissions and an abbreviation of Transient Electromagnetic Pulse Emanation Standard, defines the counterintelligence standards developed to protect secure data transmissions from electronic espionage. TEMPEST sets strict limits on signal radiation from data handling electronic equipment. While published TEMPEST information focuses on physical equipment, such as monitors, printers, and devices that contain microchips, the term is commonly used to describe efforts throughout the field of emissions security (EMSEC), which — according to the Alliance for Telecommunications Industry Solutions (ATIS) — is defined as, “The protection resulting from all measures designed to deny unauthorized persons information of value that might be derived from intercept and analysis of compromising emanations from other than crypto-equipment and telecommunications systems.”
In the early 1900s, it was determined that transmissions could be detected through the open air from a significant distance by listening to the emissions from a cable. In 1918, the US Army hired cryptologist Herbert Yardley and the members of Black Chamber, a cryptographic organization he founded, to develop methods to detect, intercept, and exploit combat telephones and covert radio transmitters. Those actions are among the first that fall under the TEMPEST mission of protecting signal transmission through cabling and other communications equipment; however, the code-word TEMPEST wasn’t used until the 1960s.
The TEMPEST program governs the transmission, reception, and testing of signal emanations and to categorize electrical and electronic cabling, devices, and systems as RED and BLACK, with RED media dedicated to handling unencrypted classified information, including national security information (NSI), and BLACK media dedicated to handling properly encrypted NSI and unclassified data. Basic RED/BLACK requirements and criteria were declassified in 1995 as the National Security Telecommunications and Information Systems Security Advisory Memoranda (NSTISSAM) TEMPEST/2-95. In addition, NSTISSAM TEMPEST/1-92 offers declassified information about laboratory test requirements for compromising emanations from electromagnetic media, but redacted all sensitive information, leaving many actual emission limits and test parameters classified.
TEMPEST served as a model for many other governments’ equivalent programs. The North Atlantic Treaty Organization (NATO) equivalent is AMSG 720B. In the UK, the Government Communications Headquarters (GCHO), the equivalent of the US National Security Administration (NSA), administers an equivalent program, and in Germany, the National Telecom Board administers their equivalent to TEMPEST.
TEMPEST-Approved Information Security Measures
While there is only one TEMPEST standard, there are three levels of NSA encryption level approval. Type 1 is used in classified or controlled cryptographic equipment and may refer to assemblies, components, or other items endorsed by the NSA for securing telecommunications and automated systems. This equipment is also subject to restrictions in accordance with the International Traffic in Arms Regulations (ITAR). Type 2 encryption is for equipment, assemblies, and components used in the transmission of non-classified but sensitive information, and Type 3 implements an unclassified algorithm registered to the National Institute of Standards and Technology (NIST) for use in protecting unclassified sensitive or commercial information.
TEMPEST certification can apply to both individual pieces of equipment and to complete systems in a network environment, and there are separate TEMPEST testing procedures for equipment in a laboratory and for systems in the field, which extend testing to include network cabling used to transmit secure data. TEMPEST emission control standards for equipment and cabling, combined with data encryption and other security systems, provide adequate information security (INFOSEC) measures but, because of the program’s stringent requirements, has offered the government few options for the physical layer security required to protect classified network data cables.
TEMPEST-Approved Physical Security Measures
One effective cabling solution capable of providing the physical layer security that TEMPEST requirements dictate is the use of fiber optic networks. Fiber optic cabling provides added protection due to the fact that optical fibers don’t radiate or emit signals and would thus have to be physically compromised in order to intercept communications. However, fiber optic network equipment is more costly than equivalent copper components and also results in higher maintenance costs by virtue or requiring more maintenance than copper.
Copper networks are commonly used for classified communications, but require very specific installation practices, such as those defined by the NSTISSAM TEMPEST/2-95 RED/BLACK separation guidelines. In RED/BLACK protocols, the RED cabling and equipment, which is dedicated to handling unencrypted classified information, is separated and/or shielded from the BLACK cabling and equipment, which is dedicated to handling properly encrypted SNI and unclassified data, to prevent coupling. RED equipment and cabling are also protected from both unauthorized external access as well as proximity to other potential signal radiators. Equipment that could potentially listen to, carry, or propagate emanations, such as cell phones and radios, is forbidden in RED zones.
Shielded copper cables provide an additional layer of physical security by significantly limiting emissions. In theory, this approach would allow for reduced RED/BLACK separation distances and potentially less complicated network architectures, but TEMPEST installation practices may not allow this reduction in practice. Still, shielded cable is mandated for all higher-level security, inspectable space, and threat levels. The use of shielded cable can reduce cable separations, eliminate or reduce the need for signal isolation and filtering, and can reduce or even eliminate the need for additional cable shielding or other network shielding. Shielded cable can also be used for BLACK cabling and equipment to further prevent them from receiving or emanating external signals. As such, shielded cable is usually required for use with TEMPEST-approved equipment.
Foil-shielded unshielded-twisted-pair (UTP) cable has one overall foil shield surrounding four unshielded twisted pairs and is traditionally used when shielded cable is specified; although it may not be sufficient for all TEMPEST installations. In such cases, additional signal isolation can be provided with braided shields, tighter braids, foil with braids, or individual-pair shields with an overall foil shield. Metallic distribution systems and facilities themselves can also provide signal isolation.
Most federal agencies dealing with classified information employ certified TEMPEST technical authorities (CTTAs) to advise on and ultimately approve classified system installations. CTTAs undergo significant TEMPEST training to learn how to optimally balance RED/BLACK security criteria against the potential threats to a given system and achieve cost-effective, TEMPEST-approved network security solutions. There is less of a need for TEMPEST security in certain areas, including as those with a large controlled or inspectable space around the secured network system components, and more of a need for TEMPEST security in areas with minimal controlled or inspectable spaces.
Specialty Supplier Solutions
Recent testing has shed additional light on the copper cabling standards for connections to TEMPEST and other secure processing equipment. As a result, independent, NSA-certified labs have sprung up to support interconnect suppliers to the mil/aero market and CTTAs responsible for implementing TEMPEST-approved networks. A specific configuration of Siemon Interconnect Solutions’ TERA® Category 7/Class F shielded copper cabling system has been validated to meets TEMPEST requirements for shielded cable solutions, for example. Although cabling in general cannot be TEMPEST-approved, since the signals and configurations can vary so widely, TERA shielded cabling solutions provide CTTAs with a solid starting point for achieving TEMPEST-approved physical protection.
TERA solutions employ shielded and foiled twisted-pair (S/FTP) cable, in which each pair is individually shielded and an overall braid shield surrounds all conductors, in addition to fully shielded connectors to eliminate any potential emissions. For the TEMPEST test, a four-connector, 100-meter TERA channel was deployed in a shielded anechoic chamber. The channel was energized with full duplex, 1,000Mb/s Gigabit Ethernet (GbE) traffic using a Spirent SmartBits multiport analysis system. Emissions from the cabling system were then monitored and compared to the TEMPEST requirements. The TERA cable system’s emissions did not exceed the TEMPEST emission requirements and solidly outperformed the same configuration using a 6A F/UTP system with RJ45 jacks, which emitted emanations exceeding TEMPEST testing limits.
Although the majority of TEMPEST test parameters are classified, the independent testing proved that the combination of TERA cabling and connectivity solutions sufficiently minimized — if not entirely eliminated — emissions when employed as part of a secured network system. As such, TERA cabling systems were deemed suitable for secure data transmission applications like TEMPEST networks, where radiated and compromising emissions are a primary concern.