TEMPEST

WP: Tempest (codename) referring to investigations and studies of compromising emanations (CE). Compromising emanations are defined as unintentional intelligence-bearing signals which, if intercepted and analyzed, may disclose the information transmitted, received, handled, or otherwise processed by any information-processing equipment.

  • 1980ies video TEMPEST - Protection from Computer Eavesdropping ~ BBC Tomorrow’s World “This is a dated BBC Tomorrow’s World production, that demonstrated the ease in which computers could be hacked.”
  • ELECTROMAGNETIC PULSE (EMP) AND TEMPEST PROTECTION FOR FACILITIES
  • EP 1110-3-2 Electromganetic Pulse and Tempest Protection for Facilities 1990 Edition, 2013 Printing, Loose Leaf Edition Loose Leaf – January 1, 2013
  • EP 1110-3-2, ELECTROMAGNETIC PULSE (EMP) AND TEMPEST PROTECTION FOR FACILITIES (31 DEC 1990)., This pamphlet provides unclassified engineering and design information about protecting fixed ground facilities against the effects of an electromagnetic pulse (EMP) produced by a nuclear explosion. It also provides unclassified engineering and design information about satisfying TEMPEST requirements. The enclosed material constitutes a general reference work on the specialized subject of electromagnetic pulse (EMP) and TEMPEST protection. It was assembled over several years by our Construction Engineering Research Laboratory. The designer who is interested in the theory behind the-design will find this material useful. The designer will also find information on aspects of the subject not normally part of the design effort. (44Mb)

surveillance

products

  • Tempest Enclosure (High level protection against electromagnetic interferences)
    Secure communications is one of the most important aims for military services. Not only the communications should be encrypted but also the communications should not be intercepted/sniffered.
    To solve this problem, SME offers a wide range of TEMPEST enclosures for housing commercial equipments, providing high levels of protection against electromagnetic interferences, broadcasted and led.
    The different sizes and configurations of SME TEMPEST T200 series offers an adapted solution for each need. The range has four models for housing from a CPU to a whole terminal, a network node or a servers group.
    These enclosures can be used in classified sites as zone 0 or higher, in accordance with NATO SDIP-28 Norm and are type-approved by the CNI (Spanish NSA – National Security Agency).
    This range includes a wide offer of TEMPEST IT equipment and peripherals to guarantee the protection of classified information by preventing the emission of related electronic signals and possible malicious disturbance.
    In addition to secure communications products, SME also develops other infrastructure like dock-ship communications enclosure for fiber optic connection.
  • EMP, EMI and TEMPEST Protection Filters
    High performance, Electro Magnetic Pulse protection, power, data, telephone and control line filters.
    Applications: Lightning, EMP, Nuclear and high powered microwave EMP, RÖS, TEMPEST shelters and systems, shielded rooms, defence, telecom systems, civil and public service utilities, homeland security, secure commerce and IT installations…
  • TEMPEST shielding is the protection of sensitive data and areas by containing any unintended emissions of electromagnetic signals. This primarily consists of creating an electromagnetic clean zone in the form of a Faraday cage.
    TEMPEST shielding provides an area protected from electronic eavesdropping; one in which communications – data or voice – can remain secure.
    Over the decades TEMPEST standards have been developed primarily for military and governmental applications. The increasing digitisation of the world, however, has meant that protection of commercial and personal information has become ever more important.
    EEP can design facilities to offer TEMPEST protection for both conducted and radiated signals to meet the highest NATO, governmental and commercial standards.
    EEP can also advise on other aspects of TEMPEST security, namely: how to install equipment to minimise the potential risks before shielding.
    EEP can design TEMPEST shielding to meet all physical configurations and applications. These include desktop cabinets through to full size rooms, for both internal, external or mobile applications.
    EEP possesses full design, installation and testing capabilities.
    (European EMC Products, Tel: +44 (0)1799 523 073, Email: info@euro-emc.co.uk)
  • TEMPEST – professional data protection Oder: professionelle Datensicherheit
    Wir schützen Ihre sensiblen Daten – mit TEMPEST. Diese High End-Sicherheitslösung für IT-Systeme ist der einzig wirksame Schutz gegen Daten- und Informationsdiebstahl durch elektromagnetische Abhörvorrichtungen.
    Der Begriff TEMPEST ist höchst komplex:
  • Er beschreibt als Kurzwort das Problem: Die gelegentliche Ausstrahlung und flüchtige Übertragung (TEMPorary Emanation and Spurius Transmission) oder auch den flüchtigen magnetischen Impuls (Transient ElectroMagnetic PulsE STandard).
  • Er steht für das Vermessen und Umrüsten eines IT-Systems (Tempestierung).
  • Er definiert das fertige Produkt: Ein abstrakt geschütztes IT-System.

military

tempest and NATO - electromagnetic protection by Anderson

EMC, EMP & TEMPEST protection solutions for tactical shelters, Company Information, Latest News, July 10, 2013
Over the years the EMC, EMP and TEMPEST protection solutions that MPE has provided to Marshall Land Systems at Cambridge, UK, have been entirely for their mobile tactical shelter projects for Western defence forces.
Such programs have included contracts to supply ground control stations for the Watchkeeper UAV for the MOD’s ISTAR objectives (as pictured here), forensic and hospital shelters for the Norwegian armed forces, and high-specification deployable machine shops for the RAF, not to mention mobile units for the Swedish Defence Materiel Administration (Försvarets Materielverk, FMV) and the Lockheed Martin UK Future Deployable Geospatial Intelligence (FDG) Project for the MOD.
Illustrated here too, the Marshall Matrix shelter with expandable sides, capable of rapid deployment and transportation by road, rail, sea and air, meets all necessary international military specifications including UK DEF STAN, US MIL-STD and NATO 6516/SHCPE standards, and one of its key features is its high RFI and EMP attenuation performance attributable to MPE’s filter products. Typical uses for this highly versatile unit range from a deployable HQ, tactical ground station or command post to a mobile workshop, field hospital or first-aid post.

Information Security Educators
Introductory Information Protection, Copyright©, 1987-9, 1995 Fred Cohen – All Rights Reserved
Chapter 5: The Integrity Issue
Military Tempest Requirements, Copyright©, 1990, 1995 Fred Cohen – All Rights Reserved

There are three domains in which physical protection is typically important. The electromagnetic domain includes all effects due to electric or magnetic fields and waves. This includes all electrical devices (especially computing equipment), and any electromagnetic material that connects to that equipment (e.g. wires and drains). The sonic domain includes all effects due to waves in air or other substances in the environment. Sonic waves are limited by sealing them inside a vacuum, but is only completely effective when there is no physical link between the environment and the area being protected (e.g. in outer space). The mechanical domain includes explosive devices, breaking and entering, flood, fire, enemy attack, etc.

The physical control requirements for military systems are quite stringent. Equipment must be kept physically secure by providing physical controls to prevent, delay, and detect unauthorized access to the central computer facility, internal controlled areas, peripheral devices, remote terminals, and storage media. In many cases, the physical controls consist of determining what personnel may enter or leave a given site, and what equipment must be kept under controlled circumstances. The current emphasis in military systems is on dedicated computer systems. This seems an expensive proposition, but because of the inability to trust current operating systems with maintaining protection, and because of the potential for TEMPEST or other attacks in non dedicated operations, it is considered necessary.

The word tempest refers to the investigations and studies of compromising emanations. It is often used synonymously with ‘compromising emanations’. The importance of tempest protection cannot be underestimated. The basic problem is that compromising emanations may be generated by any electrical information processing equipment. In many cases, facilities are required to be kept within complete metal enclosures to prevent electromagnetic leakages, and vacuum seals to prevent sonic leakages. High noise environments are sometimes artificially generated to make the detection of signals very difficult. Many other techniques may also be used.

Tempest attacks are based on emanations that may be propagated through space, over telephone lines, by fortuitous conductors (e.g. water pipes), grounding wires, etc. The tempest goals are to prevent compromising emanations from being carried to any area where unauthorized interception could occur. This type of event is assumed for the purposes of tempest to be; unintentional, classified, data related, intelligence bearing, and intercepted by unauthorized persons.

Tempest protection requires that information under one classification and compartment be isolated from other classifications and compartments. The separation requirements are based on ‘Equipment Radiation Transmission Zone (ERTZ)’. The basic ERTZ regulations are; emanations are allowed within the ERTZ; ERTZ determination is based on engineering estimates, ambient noise levels (masking), facility construction, and distance from source; equipment maintenance must not reduce tempest protection; and inspections must be used to detect interception efforts and tempest problems.

Tempest measures should be commensurate with the sensitivity of information, the amount of classified information, and the probability of facility becoming an intercept target. The tempest requirements include, but are not limited to; power lines for classified equipment must be isolated, all incoming and outgoing telephone lines must be protected, and each classification level must be isolated. This includes communications signal lines, communications equipment, and particularly telephone lines. Fortuitous conductors must be isolated at the point of egression, including drains, pipes, and conduits. Station earth ground point must not be shared by any other facility

Tempest protection can be provided by minimizing the strength of electromagnetic signals generated, filtering signals and other leads, using tempest approved equipment, modifying existing equipment, separating classified and unclassified equipment transmission paths, and shielding areas and facilities.

nuclear

Nuclear Weapon EMP Effects
The pulse can easily span continent-sized areas, and this radiation can affect systems on land, sea, and air. The first recorded EMP incident accompanied a high-altitude nuclear test over the South Pacific and resulted in power system failures as far away as Hawaii. A large device detonated at 400�500 km over Kansas would affect all of CONUS. The signal from such an event extends to the visual horizon as seen from the burst point.
The EMP produced by the Compton electrons typically lasts for about 1 microsecond, and this signal is called HEMP. In addition to the prompt EMP, scattered gammas and inelastic gammas produced by weapon neutrons produce an �intermediate time� signal from about 1 microsecond to 1 second. The energetic debris entering the ionosphere produces ionization and heating of the E-region. In turn, this causes the geomagnetic field to �heave,� producing a �late-time� magnetohydrodynamic (MHD) EMP generally called a heave signal.
Source Region Electro-magnetic Pulse SREMP is produced by low-altitude nuclear bursts. An effective net vertical electron current is formed by the asymmetric deposition of electrons in the atmosphere and the ground, and the formation and decay of this current emits a pulse of electromagnetic radiation in directions perpendicular to the current. The asymmetry from a low-altitude explosion occurs because some electrons emitted downward are trapped in the upper millimeter of the Earth�s surface while others, moving upward and outward, can travel long distances in the atmosphere, producing ionization and charge separation. A weaker asymmetry can exist for higher altitude explosions due to the density gradient of the atmosphere.
Within the source region, peak electric fields greater than 10 5 V/m and peak magnetic fields greater than 4,000 A/m can exist. These are much larger than those from HEMP and pose a considerable threat to military or civilian systems in the affected region. The ground is also a conductor of electricity and provides a return path for electrons at the outer part of the deposition region toward the burst point. Positive ions, which travel shorter distances than electrons and at lower velocities, remain behind and recombine with the electrons returning through the ground. Thus, strong magnetic fields are produced in the region of ground zero. When the nuclear detonation occurs near to the ground, the SREMP target may not be located in the electromagnetic far field but may instead lie within the electro-magnetic induction region. In this regime the electric and magnetic fields of the radiation are no longer perpendicular to one another, and many of the analytic tools with which we understand EM coupling in the simple plane-wave case no longer apply. The radiated EM field falls off rapidly with increasing distance from the deposition region (near to the currents the EMP does not appear to come from a point source).
As a result, the region where the greatest damage can be produced is from about 3 to 8 km from ground zero. In this same region structures housing electrical equipment are also likely to be severely damaged by blast and shock. According to the third edition of The Effects of Nuclear Weapons, by S. Glasstone and P. Dolan, �the threat to electrical and electronic systems from a surface-burst EMP may extend as far as the distance at which the peak overpressure from a 1-megaton burst is 2 pounds per square inch.�
One of the unique features of SREMP is the high late-time voltage which can be produced on long lines in the first 0.1 second. This stress can produce large late-time currents on the exterior shields of systems, and shielding against the stress is very difficult. Components sensitive to magnetic fields may have to be specially hardened. SREMP effects are uniquely nuclear weapons effects.
During the Cold War, SREMP was conceived primarily as a threat to the electronic and electrical systems within hardened targets such as missile launch facilities. Clearly, SREMP effects are only important if the targeted systems are expected to survive the primary damage-causing mechanisms of blast, shock, and thermal pulse. Because SREMP is uniquely associated with nuclear strikes, technology associated with SREMP generation has no commercial applications. However, technologies associated with SREMP measurement and mitigation are commercially interesting for lightning protection and electromagnetic compatibility applications. Basic physics models of SREMP generation and coupling to generic systems, as well as numerical calculation, use unclassified and generic weapon and target parameters. However, codes and coupling models which reveal the response and vulnerability of current or future military systems are militarily critical.