Rohde&Schwarz R&S®SMM100A Instrument Security Procedures Security
R&S®SMM100A
Vector Signal Generator
Instrument Security Procedures
(;Ý_;2)
1179471102
Version 01
This document describes the types of memory and their use in the R&S®SMM100A.
While every effort has been made to ensure the accuracy of the information herein, it is provided without
warranty. Design iteration and revisions may result in minor differences between the information provided
here and your product.
© 2022 Rohde & Schwarz GmbH & Co. KG
Muehldorfstr. 15, 81671 Muenchen, Germany
Phone: +49 89 41 29 - 0
Email: info@rohde-schwarz.com
Internet: www.rohde-schwarz.com
Subject to change – data without tolerance limits is not binding.
R&S® is a registered trademark of Rohde & Schwarz GmbH & Co. KG.
Trade names are trademarks of the owners.
1179.4711.02 | Version 01 | R&S®SMM100A
Throughout this document, products from Rohde & Schwarz are indicated without the ® symbol , e.g. R&S®SMM100A is indicated as
R&S SMM100A.
R&S®SMM100A
1 Overview................................................................................................. 3
2 Instrument models covered.................................................................. 4
3 Security terms and definitions..............................................................4
4 Statement of volatility............................................................................5
5 Instrument sanitization procedure....................................................... 7
6 Operability outside secured area......................................................... 9
7 Validity of instrument calibration....................................................... 10
8 Security features..................................................................................10
Contents
Contents
9 Recommended security settings........................................................11
Glossary................................................................................................15
1 Overview
Securing important information is crucial in many applications.
Generally, highly secured environments do not allow any test equipment to leave the
area unless it can be proven that no user information leaves with the test equipment,
e.g. to be calibrated.
"Regarding sanitization, the principal concern is ensuring that data is not unintentionally released" [1].
This document provides a statement regarding the volatility of the memory types used
and specifies the steps required to sanitize an instrument.
The procedures in this document follow "NIST Special Publication 800-88: Guidelines
for Media Sanitization" [1].
In addition, recommendations are provided to safeguard information on the
R&S SMM100A.
References
See the following literature for further information.
3Instrument Security Procedures 1179.4711.02 ─ 01
R&S®SMM100A
2 Instrument models covered
Instrument models covered
[1] Kissel Richard L. [et al.] Guidelines for Media Sanitization = Special Publication (NIST SP) =
NIST SP - 800-88 Rev 1. - Gaithersburg : [s.n.], December 17, 2014.
[2] National Industrial Security Program Authorization Office Defense Security Service (DSS)
Assessment and Authorization Process Manual (DAAPM). - May 6, 2019.
[3] ACSC Australian Cyber Security Centre Australian Government Information Security Manual,
January 2020.
Table 2-1: R&S SMM100A models
Product name Order number
R&S SMM100A 1440.8002.02
3 Security terms and definitions
Terms defined in Guidelines for Media Sanitization
NIST Special Publication 800-88 [1]
●
Sanitization
"Media sanitization refers to a process that renders access to target data on the
media infeasible for a given level of effort."
●
Clear
"Clear applies logical techniques to sanitize data in all user-addressable storage
locations for protection against simple non-invasive data recovery techniques; typically applied through the standard Read and Write commands to the storage
device, such as by rewriting with a new value or using a menu option to reset the
device to the factory state (where rewriting is not supported)."
●
Purge
"Purge applies physical or logical techniques that render Target Data recovery
infeasible using state of the art laboratory techniques."
●
Destroy
"Destroy renders Target Data recovery infeasible using state of the art laboratory
techniques and results in the subsequent inability to use the media for storage of
data."
Control of media
Another option to secure sensitive information is to keep physical media within the
classified area, see [1], paragraph 4.4.
4Instrument Security Procedures 1179.4711.02 ─ 01
R&S®SMM100A
Statement of volatility
Volatile memory
Volatile memory
"Memory components that do not retain data after removal of all electrical power sources, and when reinserted into a similarly configured system, are considered volatile
memory components." [2]
The volatile memory in the instrument does not have battery backup. It loses its contents when power is removed from the instrument.
If the instrument is battery operated, e.g. handhelds, it retains data in the volatile memory as long as the battery is installed.
Typical examples are RAM, e.g. SDRAM.
Non-volatile memory
"Components that retain data when all power sources are discontinued are non-volatile
memory components." [2].
In the context of this document, non-volatile memory components are non-user accessible internal memory types, e.g. EEPROM, Flash, etc.
Media
Media are types of non-volatile memory components. In the context of this document,
media are user-accessible and retain data when you turn off power.
Media types are Hard Disk Drives (HDD), Solid State Drives (SSD), Memory Cards,
e.g. SD, microSD, CFast, etc., USB removable media, e.g. Pen Drives, Memory Sticks,
Thumb Drives, etc. and similar technologies.
4 Statement of volatility
The R&S SMM100A contains various memory components. See the subsequent sections for a detailed description regarding type, size, usage and location.
Notes on memory sizes
Due to the continuous development of memory components, the listed values of memory sizes may not represent the current, but the minimal configuration.
4.1 Volatile memory
Volatile memory modules refer to non-accessible internal storage devices, as described in Security terms and definitions > Volatile memory.
5Instrument Security Procedures 1179.4711.02 ─ 01
Loading...