R&S®FPC
Spectrum Analyzer
Instrument Security Procedures
(;ÜÎX2)
1178644002
Version 02
R&S®FPC
Contents
Contents
1 Overview................................................................................................. 2
2 Instrument Models Covered..................................................................3
3 Security terms and definitions..............................................................3
4 Types of Memory and Information Storage......................................... 4
5 Instrument Declassification.................................................................. 7
1 Overview
Securing important information is crucial in many applications.
Generally, highly secured environments do not allow any test equipment to leave the
area unless it can be proven that no user information leaves with the test equipment,
e.g. to be calibrated.
"Regarding sanitization, the principal concern is ensuring that data is not unintentionally released" [1].
This document provides a statement regarding the volatility of the memory types used
and specifies the steps required to sanitize an instrument.
The procedures in this document follow "NIST Special Publication 800-88: Guidelines
for Media Sanitization" [1].
In addition, recommendations are provided to safeguard information on the R&S FPC.
References
See the following literature for further information.
[1] Kissel Richard L. [et al.] Guidelines for Media Sanitization = Special Publication (NIST SP) =
NIST SP - 800-88 Rev 1. - Gaithersburg : [s.n.], December 17, 2014.
[2] National Industrial Security Program Authorization Office Defense Security Service (DSS)
Assessment and Authorization Process Manual (DAAPM). - May 6, 2019.
[3] ACSC Australian Cyber Security Centre Australian Government Information Security Manual,
January 2020.
2Instrument Security Procedures 1178.6440.02 ─ 02
R&S®FPC
Instrument Models Covered
2 Instrument Models Covered
Table 2-1: Spectrum Analyzer models
Product name Order number
R&S FPC1000 1328.6660.02
R&S FPC1500 1328.6660.03
3 Security terms and definitions
Terms defined in Guidelines for Media Sanitization
NIST Special Publication 800-88 [1]
●
Sanitization
"Media sanitization refers to a process that renders access to target data on the
media infeasible for a given level of effort."
●
Clear
"Clear applies logical techniques to sanitize data in all user-addressable storage
locations for protection against simple non-invasive data recovery techniques; typically applied through the standard Read and Write commands to the storage
device, such as by rewriting with a new value or using a menu option to reset the
device to the factory state (where rewriting is not supported)."
●
Purge
"Purge applies physical or logical techniques that render Target Data recovery
infeasible using state of the art laboratory techniques."
●
Destroy
"Destroy renders Target Data recovery infeasible using state of the art laboratory
techniques and results in the subsequent inability to use the media for storage of
data."
Control of media
Another option to secure sensitive information is to keep physical media within the
classified area, see [1], paragraph 4.4.
Volatile memory
"Memory components that do not retain data after removal of all electrical power sources, and when reinserted into a similarly configured system, are considered volatile
memory components." [2]
The volatile memory in the instrument does not have battery backup. It loses its contents when power is removed from the instrument.
3Instrument Security Procedures 1178.6440.02 ─ 02
Loading...