R&S®SMB100B
RF Signal Generator
Instrument Security Procedures
(;ÜèJ2)
1178902602
Version 01
Instrument Security Procedures
R&S®SMB100B
1 Overview
2 Instrument Models Covered
Overview
In many cases, it is imperative that the R&S SMB100B RF signal generators are used
in a secured environment. Generally these highly secured environments do not allow
any test equipment to leave the area unless it can be proven that no user information
leaves with the test equipment. Security concerns can arise when devices need to
leave a secured area e.g. to be calibrated or serviced.
This document describes the types of memory and their usage in the R&S SMB100B.
It provides a statement regarding the volatility of all memory types and specifies the
steps required to declassify an instrument through memory clearing or sanitization procedures. These sanitization procedures are designed for customers who need to meet
the requirements specified by the US Defense Security Service (DSS).
Table 2-1: RF signal generator models
Product name Order number
R&S SMB100B 1422.1000K02
3 Security Terms and Definitions
Clearing
The term "clearing" is defined in Section 8-301a of DoD 5220.22-M, "National Industrial
Security Program Operating Manual (NISPOM)". Clearing is the process of eradicating
the data on media so that the data can no longer be retrieved using the standard interfaces on the instrument. Therefore, clearing is typically used when the instrument is to
remain in an environment with an acceptable level of protection.
Sanitization
The term "sanitization" is defined in Section 8-301b of DoD 5220.22-M, "National
Industrial Security Program Operating Manual (NISPOM)". Sanitization is the process
of removing or eradicating stored data so that the data cannot be recovered using any
known technology. Instrument sanitization is typically required when an instrument is
moved from a secure to a non-secure environment, such as when it is returned for service of calibration.
The memory sanitization procedures described in this document are designed for customers who need to meet the requirements specified by the US Defense Security Service (DSS). These requirements are specified in the "Clearing and Sanitization Matrix"
in Section 14.1.16 of the ISFO "Manual for the Certification and Accreditation of Classified Systems under the NISPOM".
2Instrument Security Procedures 1178.9026..02 ─ 01
R&S®SMB100B
4 Types of Memory and Information Storage
Types of Memory and Information Storage in the R&S SMB100B
Volatile Memory
Instrument declassification
The term "instrument declassification" refers to procedures that must be undertaken
before an instrument can be removed from a secure environment, for example when
the instrument is returned for calibration. Declassification procedures include memory
sanitization or memory removal, or both. The declassification procedures described in
this document are designed to meet the requirements specified in DoD 5220.22-M,
"National Industrial Security Program Operating Manual (NISPOM)", Chapter 8.
in the R&S SMB100B
The RF signal generator contains various memory components.
The following table provides an overview of the memory components that are part of
your instrument. For a detailed description regarding type, size, usage and location,
refer to the subsequent sections.
Table 4-1: Types of memory and information storage
Memory type Size Content Volatility User
SDRAM
(CPU board)
EEPROM/Flash
(one per module)
Flash
(CPU board)
microSD memory card
(CPU board)
1 GByte Temporary information storage
256 Byte up
to 4 MByte
8 MByte BIOS Non-volatile No None required
1 GByte
4.1 Volatile Memory
for operating system and
instrument firmware, or RAM
disk for user data
Module-specific data:
●
Serial number
●
Board internal correction
data
●
Instrument states, e.g.
USB port, LAN services
and setups
●
Instrument internal correction data
●
User data
Sanitization
data
Volatile Yes Turn off instru-
Non-volatile No None required
Non-volatile Yes see "Sanitize
procedure
ment power
(no user data)
(no user data)
internal memory"
on page 5
The volatile memory in the instrument does not have battery backup. It loses its contents when power is removed from the instrument. The volatile memory is not a security concern.
Removing power from this memory meets the memory sanitization requirements specified in the Clearing and Sanitization Matrix in section 5.2.5.5.5 of the ISFO Process
3Instrument Security Procedures 1178.9026..02 ─ 01
Loading...