R&S®Scope Rider RTH
Handheld Digital Oscilloscope
Instrument Security Procedures
(;ÜUÇ2)
1178.3757.02 ─ 02
Instrument Security Procedures
R&S®Scope Rider RTH
1 Overview
In many cases, it is imperative that the R&S RTH Handheld Oscilloscopes are used in
a secured environment. Generally these highly secured environments do not allow any
test equipment to leave the area unless it can be proven that no user information
leaves with the test equipment. Security concerns can arise when devices need to
leave a secured area e.g. to be calibrated or serviced.
This document describes the types of memory and their usage in the R&S RTH. It provides a statement regarding the volatility of all memory types and specifies the steps
required to declassify an instrument through memory clearing or sanitization procedures. These sanitization procedures are designed for customers who need to meet
the requirements specified by the US Defense Security Service (DSS).
2 Instrument Models Covered
Overview
This document applies to the following R&S RTH models:
Product name Order number
R&S RTH1002 1317.5000K02
R&S RTH1004 1317.5000K04
3 Security Terms and Definitions
Clearing
The term "clearing" is defined in Section 8-301a of DoD 5220.22-M, "National Industrial
Security Program Operating Manual (NISPOM)". Clearing is the process of eradicating
the data on media so that the data can no longer be retrieved using the standard interfaces on the instrument. Therefore, clearing is typically used when the instrument is to
remain in an environment with an acceptable level of protection.
Sanitization
The term "sanitization" is defined in Section 8-301b of DoD 5220.22-M, "National
Industrial Security Program Operating Manual (NISPOM)". Sanitization is the process
of removing or eradicating stored data so that the data cannot be recovered using any
known technology. Instrument sanitization is typically required when an instrument is
moved from a secure to a non-secure environment, such as when it is returned for service of calibration.
The memory sanitization procedures described in this document are designed for customers who need to meet the requirements specified by the US Defense Security Service (DSS). These requirements are specified in the "Clearing and Sanitization Matrix"
2Instrument Security Procedures 1178.3757.02 ─ 02
R&S®Scope Rider RTH
in Section 14.1.16 of the ISFO "Manual for the Certification and Accreditation of Classified Systems under the NISPOM".
Instrument declassification
The term "instrument declassification" refers to procedures that must be undertaken
before an instrument can be removed from a secure environment, for example when
the instrument is returned for calibration. Declassification procedures include memory
sanitization or memory removal, or both. The declassification procedures described in
this document are designed to meet the requirements specified in DoD 5220.22-M,
"National Industrial Security Program Operating Manual (NISPOM)", Chapter 8.
4 Types of Memory and Information Storage
in the R&S RTH
Types of Memory and Information Storage in the R&S RTH
The following table provides an overview of the memory components that are part of
the Handheld Oscilloscope. For a detailed description regarding type, size, usage and
location, refer to the subsequent sections.
Memory
type
Frontboard
EEPROM 1 kbyte Hardware information (board
SRAM 4 kbit (micro-
Flash 32 kbit + 4 kbit
Mainboard
QSPI 2 x
EEPROM 1 Mbit Alignment data Non-volatile No None
Size Content Volatility User
Data
Non-volatile No None
serial number)
controller)
(microcontroller)
512 MB
3 x or 4 x
512 bytes
(microcontroller)
Temporary information storage
for front controller firmware
Front controller firmware Non-volatile No None
Instrument firmware and FPGA
data
Used by firmware to control
analog channels
Volatile No None
Non-volatile No None
Sanitization
procedure
required
required
required
required
required
LPDDR2 512 Mbyte Temporary information storage
for operating system and instrument firmware
Flash 3 x or 4 x
16 kbyte (microcontroller)
512 kbyte Interface controller firmware
Analog channel controller firmware
Volatile Yes Turn off
instrument
power
Non-volatile No None
required
3Instrument Security Procedures 1178.3757.02 ─ 02
R&S®Scope Rider RTH
Types of Memory and Information Storage in the R&S RTH
Volatile Memory
Memory
type
SRAM 3 x or 4 x
SD card
Micro SD
card (removable)
4.1 Volatile Memory
Size Content Volatility User
1 kbit (microcontroller)
196 kbyte (interface controller)
4 Gbyte
The volatile memory in the instrument does not have battery backup. It loses its contents as soon as power is removed from the instrument. The volatile memory is not a
security concern.
Temporary information storage
for analog channel controller
firmware
Temporary information storage
for interface controller firmware
Instrument and user data
●
Instrument data:
– User settings
– Configuration files
– Log files
– Screenshots
– Trace data
– Logger data
●
User data
●
Backup firmware
Sanitization
Data
Volatile No None
Non-volatile Yes Remove
procedure
required
micro SD
card from
instrument
Removing power from volatile memory meets the memory sanitization requirements
specified in the "Clearing and Sanitization Matrix" in Section 5.2.5.5.5 of the ISFO
Process Manual for the Certification and Accreditation of Classified Systems under the
NISPOM.
SRAM (frontboard)
The microcontroller on the frontboard contains 4 kbit of SRAM. The SRAM memory is
used by the front controller firmware. It does not hold user data nor can the user
access the storage.
Sanitization procedure: None required (no user data)
SRAM (mainboard)
Each microcontroller of the main board has one 1 kbit SRAM memory which contains
temporary information storage for the analog channel controller firmware.
In addition, the interface controller on the main board has one 196 kbyte SRAM memory which contains temporary information storage for the interface controller firmware.
The SRAM does not hold user data nor can the user access the SRAM storage.
Sanitization procedure: None required (no user data)
4Instrument Security Procedures 1178.3757.02 ─ 02
R&S®Scope Rider RTH
LPDDR2
This 512 Mbyte of DDR memory is a shared working memory for the operating system
and the signal processing system. It contains temporary information storage for operating system and instrument firmware. The LPDDR2 loses its memory as soon as power
is removed.
Sanitization procedure: Turn off instrument power
Types of Memory and Information Storage in the R&S RTH
Non-Volatile Memory
4.2 Non-Volatile Memory
The R&S RTH contains various non-volatile memories. Out of these, only the removable micro SD card contains user data. The micro SD card can be physically removed
from the R&S RTH and left in the secure area.
All non-volatile memories of the R&S RTH are not a security concern.
EEPROM (frontboard)
The R&S RTH frontboard contains 1 kbyte of EEPROM. The EEPROM contains information related to the installed hardware, such as board serial number. The EEPROM
does not hold user data nor can the user access the EEPROM storage.
Sanitization procedure: None required (no user data)
Flash (frontboard)
An integrated flash with a size of 32 kbit + 4 kbit in the microcontroller at the frontboard
contains the front controller’s firmware. The flash does not hold user data nor can the
user access the flash storage.
Sanitization procedure: None required (no user data)
QSPI
Each QSPI memory on the mainboard has a size of 512 MB and contains instrument
firmware and FPGA data. The QSPI does not hold user data nor can the user access
the QSPI storage.
Sanitization procedure: None required (no user data)
EEPROM (mainboard)
An EEPROM storage on the mainboard has a size of 1 Mbit and contains alignment
data.
In addition, each EEPROM storage in the microcontroller, located in every analog
channel on the mainboard, has a size of 512 bytes. It is used by firmware to control
analog channels.
The EEPROM does not hold user data nor can the user access the EEPROM storage.
Sanitization procedure: None required (no user data)
5Instrument Security Procedures 1178.3757.02 ─ 02
R&S®Scope Rider RTH
Flash (mainboard)
The microcontrollers in every analog channel on the mainboard have an internal flash
memory of 16 kbyte each. They contain the analog channel controller firmware.
The interface controller has a 512 kbyte internal flash memory, which is used for the
interface controller firmware.
The flash memory does not hold user data nor can the user access the flash storage.
Sanitization procedure: None required (no user data)
Micro SD card
The R&S RTH is delivered with a micro SD card, which is inserted and ready to use.
The removable micro SD card has a memory size of 4 Gbyte and is used to store all
instrument data such as user settings, configuration files, log files, screenshots, trace
data and logger data. In addition, backup firmware is stored on the micro SD card to
boot the instrument if a firmware update failed. The micro SD card holds user data and
is non-volatile. Hence, user data is not erased when power is removed from the instrument.
Instrument Declassification
The micro SD card can be removed from the R&S RTH Handheld Oscilloscope, leaving the customer assured that no user data is stored within the R&S RTH Handheld
Oscilloscope.
Sanitization procedure: Remove micro SD card from instrument
The R&S RTH Handheld Oscilloscope, equipped with the removable micro SD card,
addresses the needs of customers working in secured areas.
5 Instrument Declassification
Before you can remove the Handheld Oscilloscope from a secured area (for example
to perform service or calibration), all classified user data needs to be removed. You
can declassify the Handheld Oscilloscope as follows:
1. Turn off the Handheld Oscilloscope. This will sanitize the volatile memory.
2. To remove the classified micro SD card (containing user data), perform the following steps:
a) Remove power supply, probes, test leads and all other cables.
b) Fold out the tilt stand on the back of the instrument.
6Instrument Security Procedures 1178.3757.02 ─ 02
R&S®Scope Rider RTH
c) Unscrew the battery cover.
Instrument Declassification
Figure 5-1: Opening of the battery cover
d) Remove the battery pack.
The micro SD card slot is under the right lid under the battery pack.
e) Open the lid of the SD slot and hold it.
f) Remove the micro SD card.
Figure 5-2: Removing of the micro SD card
7Instrument Security Procedures 1178.3757.02 ─ 02
R&S®Scope Rider RTH
Following these steps removes all user data from the Handheld Oscilloscope. The
Handheld Oscilloscope without the removable micro SD card can now leave the
secured area.
These declassification procedures meet the needs of customers working in secured
areas.
The Handheld Oscilloscope without the removable micro SD card still functions properly for service or other needs.
When the Handheld Oscilloscope is back within the secured area, the original classified removable micro SD card can be reinstalled.
Validity of instrument calibration after declassification
The calibration makes sure that measurements comply to government standards.
Rohde & Schwarz recommends that you follow the calibration cycle suggested for your
instrument.
The EEPROM is the only memory type used to hold permanent adjustment values
required to maintain the validity of the R&S RTH's calibration. Therefore, the declassification does not affect the validity of the instrument’s calibration.
Instrument Declassification
© 2017 Rohde & Schwarz GmbH & Co. KG
Mühldorfstr. 15, 81671 München, Germany
Phone: +49 89 41 29 - 0
Fax: +49 89 41 29 12 164
Email: info@rohde-schwarz.com
Internet: www.rohde-schwarz.com
Subject to change – Data without tolerance limits is not binding.
R&S® is a registered trademark of Rohde & Schwarz GmbH & Co. KG.
Trade names are trademarks of their owners.
Throughout this manual, products from Rohde & Schwarz are indicated without the ® symbol , e.g. R&S®RTH
is indicated as R&S RTH.
8Instrument Security Procedures 1178.3757.02 ─ 02
Loading...