Keysight AC6800 Series, AC6802A, AC6801A, AC 6803A, AC6801B Information Manual

...
Keysight AC6800 Series
This manual provides the memory declassification and sanitation procedures for the following instruments:
Keysight AC6801A, AC6802A, AC 6803A, AC6804A Keysight AC6801B, AC6802B, AC 6803B, AC6804B
Instrument Security Information Manual
2
Notices
© Keysight Technologies, Inc. 2014, 2017
No part of this manual may be reproduced in any form or by any means (including electronic storage and retrieval or translation into a foreign language) without prior agreement and written consent from Keysight Technologies, Inc. as governed by United States and international copyright laws.
Trademark Acknowledgements
N/A
Manual Part Number
AC6800-900002
Print Date
December 2017
Supersedes: February, 2014
Published in USA
Keysight Technologies Inc. 1400 Fountaingrove Parkway Santa Rosa, CA 95403
Warranty
THE MATERIAL CONTAINED IN THIS DOCUMENT IS PROVIDED
“AS IS,” AND IS SUBJECT TO
BEING CHANGED, WITHOUT NOTICE, IN FUTURE EDITIONS. FURTHER, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, KEYSIGHT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED WITH REGARD TO THIS MANUAL AND ANY INFORMATION CONTAINED HEREIN, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. KEYSIGHT SHALL NOT BE LIABLE FOR ERRORS OR FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, USE, OR PERFORMANCE OF THIS DOCUMENT OR ANY INFORMATION CONTAINED HEREIN. SHOULD KEYSIGHT AND THE USER HAVE A SEPARATE WRITTEN AGREEMENT WITH WARRANTY TERMS COVERING THE MATERIAL IN THIS DOCUMENT THAT CONFLICT WITH THESE TERMS, THE WARRANTY TERMS IN THE SEPARATE AGREEMENT WILL CONTROL.
Technology Licenses
The hardware and/or software described in this document are furnished under a license and may be used or copied only in accordance with the terms of such license.
Restricted Rights Legend
If software is for use in the performance of a U.S. Government prime contract or subcontract, Software is delivered and licensed
as “Commercial computer software” as defined in DFAR
252.227-7014 (June 1995), or as
a “commercial item” as defined in FAR 2.101(a) or as “Restricted computer software” as defined in
FAR 52.227-19 (June 1987) or any equivalent agency regulation or contract clause. Use, duplication or disclosure of Software is subject to Keysight Technologies’ standard commercial license terms, and non-DOD Departments and Agencies of the U.S. Government will receive no greater than Restricted Rights as defined in FAR 52.227-19(c)(1-2) (June 1987). U.S. Government users will receive no greater than Limited Rights as defined in FAR
52.227-14 (June 1987) or DFAR
252.227-7015 (b)(2) (November
1995), as applicable in any technical data.
Safety Notices
A CAUTION notice denotes a hazard. It calls attention to an operating procedure, practice, or the like that, if not correctly performed or adhered to, could result in damage to the product or loss of important data. Do not proceed beyond a CAUTION notice until the indicated conditions are fully understood and met.
A WARNING notice denotes a hazard. It calls attention to an operating procedure, practice, or the like that, if not correctly performed or adhered to, could result in personal injury or death. Do not proceed beyond a WARNING notice until the indicated conditions are fully understood and met.
3
<Page intentionally left blank>
4
Table of Contents
Contacting Keysight Sales and Service Offices ............................................................................... 5
Products Covered by this Document ................................................................................................ 6
Security Terms and Definitions ......................................................................................................... 7
Instrument Memory ........................................................................................................................... 8
Summary of Memory Declassification Procedures ........................................................................ 10
User and Remote Interface Security Measures ............................................................................. 11
Administrative Password .......................................................................................................... 11
Remote Access Interfaces ........................................................................................................ 11
Controlling the front panel display ................................................................................... 11
Calibration regulation ............................................................................................................... 11
Firmware update regulation ..................................................................................................... 12
Procedure for Declassifying a Faulty Instrument ........................................................................... 13
References ....................................................................................................................................... 14
5
Contacting Keysight Sales and Service Offices
Assistance with test and measurement needs, and information on finding a local Keysight office, is available on the Internet at:
http://www.keysight.com/find/assist
If you do not have access to the Internet, please contact your field engineer.
In any correspondence or telephone conversation, refer to the instrument by its model number and full serial number. With this information, the Keysight representative can determine whether your unit is still within its warranty period.
6
Products Covered by this Document
Product Family Name
Product Names
Model Numbers
AC6800 Series
AC Source
AC6801A, AC6802A, AC 6803A, AC6804A AC6801B, AC6802B, AC 6803B, AC6804B
This document describes instrument security features and the steps to declassify an instrument through memory clearing, sanitization or removal.
For additional information, go to:
http://www.keysight.com/find/security
Be sure that all information stored by the user in the instrument that needs to be saved is properly backed up before attempting to clear any of the instrument memory. Keysight Technologies cannot be held responsible for any lost files or data resulting from the clearing of memory. Be sure to read this document entirely before proceeding with any file deletion or memory clearing.
7
Security Terms and Definitions
Term
Definition
Clearing
As defined in Section 8-301a of DoD 5220.22-M, clearing is the process of eradicating the data on media before reusing the media so that the data can no longer be retrieved using the standard interfaces on the instrument. Clearing is typically used when the instrument is to remain in an environment with an acceptable level of protection.
Instrument Declassification
A term that refers to procedures that must be undertaken before an instrument can be removed from a secure environment, such as is the case when the instrument is returned for calibration. Declassification procedures include memory sanitization or memory removal, or both. Keysight declassification procedures are designed to meet the requirements specified in DoD 5220.22-M, Chapter 8.
Sanitization
As defined in Section 8-301b of DoD 5220.22-M, sanitization is the process of removing or eradicating stored data so that the data cannot be recovered using any known technology. Instrument sanitization is typically required when an instrument is moved from a secure to a non­secure environment, such as when it is returned to the factory for calibration.
Keysight memory sanitization procedures are designed for customers who need to meet the requirements specified by the US Defense Security Service (DSS). These requirements are
specified in the “Clearing and Sanitization Matrix” in Section 5.2.5.5.5 of the Error! Reference source not found..
Secure Erase
Secure Erase is a term that is used to refer to either the clearing or sanitization features of Keysight instruments.
8
Instrument Memory
This section contains information on the types of memory available in your instrument. It explains the size of memory, how it is used, its location, volatility, and the sanitization procedure.
Table 1: Summary of instrument memory
Memory Type and Size
Writable During Normal Operation? Data Retained When
Powered Off?
Purpose/ Contents
Data Input Method
Location in Instrument and Remarks
Sanitization Procedure
On-Chip RAM 64 Kbytes
Yes
No
Used for hardware processing
When the instrument boots up, the firmware automatically uploads the DSP program, which is embedded in the Main Flash memory as a part of instrument firmware data.
CPU board U29 (TMS320VC5502) (embedded in the DSP chip)
Power cycle
Flash 1 Mbyte
Yes
Yes
Operating system, instrument firmware
Factory install, firmware update
CPU board U4 (STM32F427) (embedded in the DSP chip)
N/A contains no application­specific information
SRAM 256 Kbytes
Yes
No
Temporary execution data
By operating system or instrument firmware
CPU board U4 (STM32F427) (embedded in the DSP chip)
Power cycle
EEPROM 1 Kbyte
Yes
Yes
Model Info (1st 256-byte block) Calibration Info (2nd 256-byte block) (3rd & 4th blocks are unused)
Factory Install, or by service personnel
CPU board U9 (BR24G08FVM)
N/A contains no application­specific information
9
Memory Type and Size
Writable During Normal Operation? Data Retained When
Powered Off?
Purpose/ Contents
Data Input Method
Location in Instrument and Remarks
Sanitization Procedure
EEPROM 1 Kbyte
Yes
Yes
Recall Panel Info (1st~3rd 256-byte blocks) User Preference Info (4th 256-byte block)
User-saved data (regardless of implicit or explicit SAVE operations
CPU board U10 (BR24G08FVM)
See "User EEPROM #1 Sanitization
10
Summary of Memory Declassification Procedures
This section explains how to clear, sanitize, and remove memory from your instrument, for all classes of memory that are writeable during normal operation, and for which the clearing and sanitization procedure is more than trivial, such as rebooting your instrument.
Read this entire document before using any sanitization procedure. Failure to do so may necessitate returning the instrument to an Authorized Keysight Service Center for firmware downloads and recalibration.
Table 2: User EEPROM #1 Clearing and Sanitization
Description and purpose
This is the user's partition of internal storage that uses an EEPROM device. It contains user preferences and instrument panel settings.
Size
1 Kbyte
Memory clearing
No.
Memory sanitization
On front panel, press System > Admin > Sanitize.
From a remote interface, send: SYSTem:SECuriry:IMMediate
This procedure clears all instrument memory except for instrument firmware, model info, and calibration info. It then automatically reboots the instrument.
This routine writes all zeros to the entire EEPROM memory.
11
User and Remote Interface Security Measures
Administrative Password
To reset an instrument’s administrative password, follow the procedure in the AC6800A Operating and Service Guide. This involves removing power and other connections to the instrument, removing the instrument cover (requires tools), changing a switch position, and cycling power.
The password never expires.
This instrument does not track or report invalid password attempts, nor does it lock-out password entry following a number of invalid password entries.
Remote Access Interfaces
The user is responsible for providing security for the I/O ports for remote access by controlling physical access to the I/O ports. The I/O ports must be controlled because they provide access to all user settings, user states and the display image. The I/O ports include USB, GPIB, and LAN.
1. The LAN port provides the following services, which can be selectively disabled: a. VXI-11 b. Sockets c. Telnet d. Web instrument control e. mDNS f. HiSLIP
To disable LAN services:
On the front panel press [Menu] > System > LAN > Modify > Services.
To disable USB or GPIB:
On the front panel press [Menu] > System > Admin > IO.
Controlling the front panel display
The front panel display can be turned off from the remote interface by sending the command:
DISPlay OFF
The display is enabled when power is cycled.
Calibration regulation
The instrument requires a password to allow calibration. The instrument’s calibration count will increment each time calibration data is saved.
12
Firmware update regulation
The user is allowed to update the instrument firmware. Follow the procedure in the AC6800A Operating and Service Guide. Depending on the combination of old and new firmware versions, user preference info and recall panel info may or may not be erased (not strictly sanitized), if the new layout of user's data is different than the old version.
The instrument may be configured to require a password to allow updating the firmware.
On the front panel press [Menu] > System > Admin > Login and log in with the administrative password.
Navigate to System > Admin > Update and check the box:
󠄀 Must log in as admin to allow firmware update
The instrument’s calibration count will increment with each successful update.
13
Procedure for Declassifying a Faulty Instrument
If the instrument is not functioning and you are unable to use the security functions, you must physically remove the processor board from the insstrument. Refer to the operating and service guide for disassembly instructions.
Once the processor board is removed:
1. Destroy the CPU board and send the instrument to a repair facility
or
2. Unsolder the two EEPROMs (U9 and U10) from the CPU board and destroy these chips.
Send the instrument and the removed CPU board to a repair facility
14
References
1.
DoD 5220.22-M, “National Industrial Security Program Operating Manual (NISPOM)”
United States Department of Defense. Revised February 28, 2006.
May be downloaded in Acrobat (PDF) format from:
http://www.dss.mil/isp/fac_clear/download_nispom.html
Loading...