Rohde&Schwarz ESL Instrument Security

Products: R&S EMI Test Receiver ESL

Resolving Security Issues

When Working with the R&S®ESL in

Secure Areas

Based upon the user’s security requirements, this document describes the Rohde&Schwarz options

available to address the user’s EMI test receiver needs. It also covers the different memory types and

locations where user information can be stored in the EMI test receiver R&S

For secure environments, it describes an approach to physically remove the user data from the

EMI test receiver.

®

ESL.

1171.6380.52-01 1 06-2008

Contents

R&S® ESL - Instrument Security

1 OVERVIEW 2

2 INSTRUMENT MODELS COVERED .............................................................................. 3

3 BATTERY INFORMATION .............................................................................................. 3

4 TYPES OF MEMORY IN THE R&S®ESL EMI TEST RECEIVER AND THEIR

SECURITY CONCERNS.................................................................................................. 3

5 INFORMATION STORAGE IN THE R&S®ESL EMI TEST RECEIVER ......................... 4

6 INFORMATION SECURITY IN HIGHLY SENSITIVE AREAS ........................................ 5

7 PERFORMING SERVICE, CALIBRATION AND MAINTENANCE ON THE R&S®ESL

EMI TEST RECEIVER ..................................................................................................... 5

8 PERFORMING FIRMWARE UPDATES AND BACKING-UP USER DATA IN

SENSITIVE AREAS ......................................................................................................... 6

9 SPECIAL CONSIDERATIONS FOR USB PORTS.......................................................... 7

10 ADDITIONAL INFORMATION ......................................................................................... 8

1 Overview

In many cases it is imperative that the R&S®ESL EMI test receiver be used
in a secured environment. Generally these highly secured environments will
not allow any test equipment to leave the area unless it can be proven that
no user information will leave with the test equipment. Security concerns
can arise when EMI test receivers need to leave a secured area to be
calibrated or serviced.

This document describes the types of memory and their usage in the R&S
ESL EMI test receiver. It also addresses methods of ensuring that no user
data will leave the secured area should the product be removed for
calibration or service needs.

®

1171.6380.52-01 2 06-2008

R&S® ESL - Instrument Security

2 Instrument Models Covered

R&S EMI Test Receivers

R&S®ESL

ESL 3

ESL 6

3 Battery Information

There are no batteries in the R&S®ESL EMI test receiver other than the
one on the CPU board used to power the clock in the chipset.

4 Types of Memory in the R&S®ESL EMI Test Receiver and Their

Security Concerns

SDRAM

The R&S®ESL EMI test receiver has 1 GByte of SDRAM on the CPU
board. SDRAM is volatile memory and it loses its memory as soon as
power is removed. The SDRAM will be unreadable within one minute after
the power is removed from the instrument.

The SDRAM is not a security concern.

EEPROM

Each board assembly in the R&S®ESL EMI test receiver has one serial
EEPROM device. These devices hold 32 kBytes up to 1 MByte and contain
information related to the installed hardware, such as board serial number,
options, correction constants, etc. The EEPROM does not hold user data
nor can the user access the EEPROM storage.

The EEPROM is not a security concern.

FLASH

The CPU board of the R&S®ESL EMI test receiver has one 512 kByte flash
memory device which contains the BIOS. The Flash memory does not hold
user data nor can the user access the Flash memory.

The Flash memory is not a security concern.

1171.6380.52-01 3 06-2008

R&S® ESL - Instrument Security

Compact Flash Memory

The main non-volatile device is the Compact Flash Memory which is used
like a mechanical hard drive. The size of the compact flash disk is 4 GByte.
The compact flash disk is used to store:

®

 Instrument operating system (Windows

 Instrument firmware and firmware options (measurement

personalities) with option license keys

 Instrument states and setups

 Trace data

 Limit Lines, Transducer tables

 Screen images

The compact flash disk content is non-volatile, so nothing is lost when
power is removed from the instrument.

The compact flash disk is a security concern.

XP)

5 Information Storage in the R&S®ESL EMI Test Receiver

DATA

Temporary Information
storage for the
functionment of the
CPU (CPU Cache, and
Swap area)

Hardware Info, Serial
Number
Product Options
and Calibration
Correction Constants

BIOS

Operating System and
Instrument Firmware

Instrument states,
setups, Limit Lines and
Transducer tables

SDRAM

Not a
security
concern

EEPROM

Not a
security
concern

FLASH

Not a
security
concern

COMPACT
FLASH MEMORY

X X

X

X

X

X

Trace data,
Measurement Results
and Screen Images

1171.6380.52-01 4 06-2008

X

R&S® ESL - Instrument Security

6 Information Security in Highly Sensitive Areas

Since the SDRAM is erased when power is removed from the EMI test
receiver it does not pose a security risk. No user data is written to the
EEPROM and FLASH memories; hence, it is deemed that they do not pose

risk either.

a

The COMPACT FLASH MEMORY is the only device that does not lose its
memory when power is removed and can contain user data. The files
containing user data have to be erased in conformance to the DoD-5220.22
specification (see below).

7 Performing Service, Calibration and Maintenance on the R&S

ESL EMI Test Receiver

Clearing the different types of memory

Compact Flash Memory

All user specific data like

 Instrument states and setups

 Trace data

 Limit Lines, Transducer tables

 Screen images

are stored on the internal compact flash memory drive. Simply deleting
these files is not sufficient from a security perspective.

For deleting files there are several Windows programs available to “shred”
files according to the DoD 5220 standard which are working with the NSA
approved algorithm. One example of these that has been tested by Rohde
& Schwarz is "Wipe & Delete" from AEVITA Software (www.aevita.com
Refer to the operating manual for details on installing Windows software on
the instrument.

®

).

http://www.aevita.com/ftp/wipedelete_setup.exe

The file shredder program works by overwriting the file seven (7) times with
an alternating pattern of bits which not only stops all software programs
from retrieving data contents, but also helps to prevent physical magnetic
data sensors from retrieving a proper image of the data. This is standard
government regulation for secure data erasure and conforms to
Department of Defense specification DOD-5220.22M.

SDRAM

This memory is volatile. To remove all data stored in the SDRAM turn-off
the EMI test receiver with the AC power supply switch on the rear panel.

The EMI test receiver can now leave the secured area

1171.6380.52-01 5 06-2008

R&S® ESL - Instrument Security

Calibration and the validity of the EMI test receiver's calibration after clearing the COMPACT FLASH MEMORY

The calibration ensures a user that their measurements are traceable to a
government standard. Rohde & Schwarz highly recommends that users
follow the calibration cycle suggested for their instrument.

The EEPROM is the only location used to hold permanent adjustment
values required to maintain the validity of the EMI test receiver's calibration.

After clearing the compact flash memory, the board assembly EEPROMs
need to be registered. This operation has to be executed once:

 Turn the instrument Off

 Turn the instrument back On while holding down the decimal point

key [.] on the number keypad on the front panel

 Continue to hold this key for 10 seconds after pressing the "On"

button

 The instrument will now recognize the changes and then power up

After clearing the compact flash memory, the self-alignment function has to
be executed once. This is done with the SETUP - ALIGNMENT function.
This function uses the high-stability internal reference generator to produce
the temporary adjustment values. Using the permanent and temporary
values, the necessary adjustment information is then stored on the compact
flash memory. Rohde & Schwarz recommends that users perform the self­alignment function on a weekly basis after the analyzer has had sufficient
time to warm-up.

8 Performing Firmware Updates and Backing-Up User Data in

Sensitive Areas

Rohde & Schwarz highly recommends, but does not require, the users of its
products, to maintain their products with the latest updates and to regularly
back-up important user data that can be erased. Firmware updates are
available from the R&S website. How does a user perform firmware
updates and back-up user data in sensitive areas? There are several
options available for the user to safely perform these operations without
compromising the security of the sensitive areas.

Via the USB port

Rohde & Schwarz EMI test receivers are equipped with USB ports as
standard equipment. The instrument firmware update can be performed
directly from the USB stick. The USB stick can likewise hold or transport
user data back-ups to an approved storage medium. As described below,
users can disable the capability of the USB ports for saving data (set to
"read only"). For users that have not elected to disable the USB ports for
writing data a memory stick can be used for backing-up user data.

1171.6380.52-01 6 06-2008

Via the LAN interface

The R&S®ESL EMI test receiver is equipped with a LAN interface as
standard interface. A user can transport the firmware update into the
secure area via a CD or another medium that meets the security
requirements. The update can then be placed on a system on the LAN
within the secure area. The EMI test receiver can be updated directly from
the LAN. The LAN can likewise be used to back-up user data to an
approved storage medium.

9 Special Considerations for USB ports

USB ports can pose a security threat in high-security locations. Generally,
this threat comes from small USB pen drives (a.k.a. memory sticks, key
drives, etc) which can be very easily concealed, yet can quickly read/write
several GBytes of data.

Disable USB Ports for Writing User Data

The R&S®ESL EMI test receiver can be updated with an utility to disable
the write capability on any USB Port for storage devices. This utility is
available from Rohde & Schwarz ESL web site w/o any charge. To disable
the write capability copy the utility software to the EMI test receiver and run
it once. After reboot of the instrument the write capability on any USB
memory device is disabled.

R&S® ESL - Instrument Security

1171.6380.52-01 7 06-2008

10 Additional Information

Please contact your support center for comments and further suggestions:

Hotline Europe

Telephone: +49 180 512 4242
Fax: +49 89 4129 63778
Internet: Contact us

Hotline America

Telephone:1-888-TESTRSA (1-888-837-8772) selection 2

From outside the USA: +1-410-910-7988

Email: customer.support@rsa.rohde-schwarz.com

Hotline Asia

Telephone: +65 6846 3716 (9am-6pm, Mon-Fri, excluding Public Holiday)
Fax: +65 6846-0029
E-mail: info@rssg.rohde-schwarz.com

R&S® ESL - Instrument Security

ROHDE & SCHWARZ GmbH & Co. KG .Mühldorfstraße 15 .D-81671 München .P.O.B 80 14 69 .D-81614 München

Telephone +49 89 4129 -0 .Fax +49 89 4129 - 13777 .Internet: http://www.rohde-schwarz.com

1171.6380.52-01 8 06-2008

.