Securing important information is crucial in many applications.
In many cases, it is imperative that the R&S NGA100 instruments are used in a
secured environment. Generally, highly secured environments do not allow any test
equipment to leave the area unless it can be proven that no user information leaves
with the test equipment, e.g. to be calibrated.
"Regarding sanitization, the principal concern is ensuring that data is not unintentionally released" [1].
This document provides a statement regarding the volatility of the memory types used
and specifies the steps required to sanitize an instrument.
The procedures in this document follow "NIST Special Publication 800-88: Guidelines
for Media Sanitization" [1].
In addition, recommendations are provided to safeguard information on the
R&S NGA100.
References
See the following literature for further information.
[1]Kissel Richard L. [et al.] Guidelines for Media Sanitization = Special Publication (NIST SP) =
[2]National Industrial Security Program Authorization Office Defense Security Service (DSS)
Assessment and Authorization Process Manual (DAAPM). - May 6, 2019.
[3]ACSC Australian Cyber Security Centre Australian Government Information Security Manual,
January 2020.
5Instrument Security Procedures 5601.8890.02 ─ 01
Page 6
R&S®NGA100
2Instrument Models Covered
Instrument Models Covered
Table 2-1: R&S NGA100 models
Product nameOrder number
NGA1015601.8002.02
NGA1025601.8002.04
NGA1415601.8002.03
NGA1425601.8002.05
6Instrument Security Procedures 5601.8890.02 ─ 01
Page 7
R&S®NGA100
3Security Terms and Definitions
Security Terms and Definitions
Terms defined in Guidelines for Media Sanitization
NIST Special Publication 800-88 [1]
●
Sanitization
"Media sanitization refers to a process that renders access to target data on the
media infeasible for a given level of effort."
●
Clear
"Clear applies logical techniques to sanitize data in all user-addressable storage
locations for protection against simple non-invasive data recovery techniques; typically applied through the standard Read and Write commands to the storage
device, such as by rewriting with a new value or using a menu option to reset the
device to the factory state (where rewriting is not supported)."
●
Purge
"Purge applies physical or logical techniques that render Target Data recovery
infeasible using state of the art laboratory techniques."
●
Destroy
"Destroy renders Target Data recovery infeasible using state of the art laboratory
techniques and results in the subsequent inability to use the media for storage of
data."
Control of media
Another option is to keep physical media holding sensitive information within the classified area, see [1], paragraph 4.4.
Volatile memory
"Memory components that do not retain data after removal of all electrical power sources, and when reinserted into a similarly configured system, are considered volatile
memory components." [2]
The volatile memory in the instrument does not have battery backup. It loses its contents when power is removed from the instrument.
If the instrument is battery operated, e.g. handhelds, it retains data in the volatile memory as long as the battery is installed.
Typical examples are RAM, e.g. SDRAM.
Non-volatile memory
"Components that retain data when all power sources are discontinued are non-volatile
memory components." [2].
In the context of this document, non-volatile memory components are non-user accessible internal memory types, e.g. EEPROM, Flash, etc.
7Instrument Security Procedures 5601.8890.02 ─ 01
Page 8
R&S®NGA100
Security Terms and Definitions
Media
Media are types of non-volatile memory components. Media are user-accessible and
retain data when you turn off power.
In the context of this document, media types are Hard Disk Drives (HDD), Solid State
Drives (SSD), Memory Cards, e.g. SD, microSD, CFast, etc., USB removable media,
e.g. Pen Drives, Memory Sticks, Thumb Drives, etc. and similar technologies.
8Instrument Security Procedures 5601.8890.02 ─ 01
Page 9
R&S®NGA100
4Statement of Volatility
The R&S NGA100 contains various memory components. See the subsequent sections for a detailed description regarding type, size, usage and location.
Notes on memory sizes
Due to the continuous development of memory components, the listed values of memory sizes may not represent the current, but the minimal configuration.
4.1Volatile Memory
Volatile memory modules are considered as non-accessible internal memory devices,
as described in Security Terms and Definitions > Volatile Memory. It requires power to
retain data and when the power is turned off, all data is erased.
Table 4-1: Types of volatile memory
Statement of Volatility
Non-Volatile Memory
Memory type LocationSizeContentUser
data
DDR2
SDRAM
MPU Internal
SRAM
MCU Internal
SRAM
PSoC Internal
SRAM
Front Controller2 x 512 MbitOperating instructions, user and pro-
gram data
Front Controller128 kbyteOperating instructions, user and pro-
gram data
Mainboard4 kbyteChannel operating dataNoPower Off
Front Controller1 kbytePSoC operating dataNoPower Off
YesPower Off
YesPower Off
4.2Non-Volatile Memory
Non-volatile memory modules are considered as non-accessible internal memory devices, as described in Security Terms and Definitions > Non-volatile Memory. It does not
require power to maintain the stored data.
Table 4-2: Types of non-volatile memory
Memory type LocationSizeContentUser
data
Sanitization procedure
Sanitization procedure
NANDFront Controller1 x 2 GbitBoard and device IDs, instrument
firmware, calibration data, instrument
settings, state and user data
MPU Internal
ROM
MCU FlashMainboard32 + 4 kbyteChannel control firmwareNoNone required (no user
Front Controller160 kbyteBoot loaderNoNone required (no user
YesSee Instrument Sanitiza-
tion Procedure
data)
data)
9Instrument Security Procedures 5601.8890.02 ─ 01
Page 10
R&S®NGA100
Statement of Volatility
Media
Memory type LocationSizeContentUser
MCU
EEPROM
PSoC FlashFront Controller16 kbyteFirmware for instrument peripheralsNoNone required (no user
Mainboard1 kbyteChannel calibration dataNoNone required (no user
Sanitization procedure
data
data)
data)
4.3Media
Media are considered as non-volatile memory devices, as described in Security Terms
Leave the instrument powered off at least for 10 minutes to make sure that all volatile memory modules lose their contents, see [3].
The Flash does not lose its contents when power is removed. It can contain user data.
Sanitizing the non-volatile memory
The Flash is cleared by executing the sanitizing procedure provided on the instrument.
The sanitizing procedure complies to the definition of NIST [1], see "Terms defined in
Guidelines for Media Sanitization"on page 7.
NOTICE! Risk of losing data. The sanitization procedure clears all user data and
1.
resets the instrument.
Back up all data you want to keep.
2. Remove all media:
a) Disconnect USB mass memory.
3. Keep the media memory devices under organizational control.
NOTICE! Risk of instrument damage when interrupting the sanitizing procedure.
4.
Do not turn off or disconnect the R&S NGA100 from the mains while the sanitizing
procedure is running.
Wait until the instrument confirms the completed sanitizing.
To activate the sanitizing procedure, press the [Menu] key on the front panel of the
R&S NGA100.
5. Select "Device" > "Reset" menu item.
6. Select "Yes" to proceed when prompted to reset all settings to factory defaults.
7. Wait for the "Device reset" message to appear at the top left corner of the screen.
All user data will be removed and factory default settings restored.