MDO3012,MDO3014,MDO3022,MDO3024,MDO3032,MDO3034,MDO3052,MDO3054,MDO3102,MDO3104
Table of contents
Loading...Tektronix MDO3012,MDO3014,MDO3022,MDO3024,MDO3032,MDO3034,MDO3052,MDO3054,MDO3102,MDO3104, MDO3000 Series Oscilloscope Declassification and Security Instructions
MDO3000 Series Oscilloscope
Declassification and Security
Instructions
*P077098000*
077-0980-00
MDO3000 Series Oscilloscope
Declassification and Security
Instructions
www.tektronix.com
077-0980-00
Copyright © Tektronix. All rights reserved. Licensed software products are owned by Tektronix or its subsidiaries
or suppliers, and are protected by national copyright laws and international treaty provisions. Tektronix products
are covered by U.S. and foreign patents, issued and pending. Information in this publication supersedes that in all
previously published material. Specifications and price change privileges reserved.
TEKTRONIX and TEK are registered trademarks of Tektronix, Inc.
Contacting Tektronix
Tektronix, Inc.
14150 SW Karl Braun Drive
P.O. Box 500
Beaverton, OR 97077
USA
For product information, sales, service, and technical support:
■
In North America, call 1-800-833-9200.
■
Worldwide, visit www.tektronix.com to find contacts in your area.
Table of Contents
Preface ................................................................................................................................................ iii
Memory devices
Volatile memory devices ................................................................................................................ 1
Nonvolatile memory devices .......................................................................................................... 3
Media and data export devices ....................................................................................................... 4
Clear and sanitize procedures
Disable the USB device port .......................................................................................................... 7
Use the MDO3SEC option to disable all I/O ports ........................................................................ 7
Disable the LAN port and clear the LAN Ethernet settings ........................................................... 8
Enable the USB device port ............................................................................................................ 9
Use the MDO3SEC option to enable the IO ports ........................................................................ 10
Enable the LAN port and set the LAN Ethernet settings ............................................................. 10
Built-in security features
When to use TekSecure
Use TekSecure to erase memory contents .................................................................................... 14
™
............................................................................................................. 13
Clear or sanitize a non-functional instrument
Acquisition board ......................................................................................................................... 15
USB flash drive ............................................................................................................................ 15
Charges ......................................................................................................................................... 15
MDO3000 Series Declassification and Security Instructions i
Table of Contents
ii MDO3000 Series Declassification and Security Instructions
Preface
This document helps customers with data security concerns to sanitize or remove
memory devices from the Tektronix MDO3000 Series Mixed Domain
Oscilloscopes.
These products have data storage (memory) devices and data output devices.
These instructions tell how to clear or sanitize the memory devices and disable
the data output devices. The instructions also tell how to declassify an instrument
that is not functioning.
Instrument code and calibration settings reside in nonvolatile flash memory.
Instrument setups and reference waveforms may also be stored in flash memory
or on USB drives connected to the instrument.
If you have any questions, contact the Tektronix Technical Support Center at
www.tektronix.com/support.
Reference
The procedures in this document are written to meet the requirements specified
in:
■
NISPOM, DoD 5220.22–M, Chapter 8
■
ISFO Process Manual for Certification & Accreditation of Classified Systems
under NISPOM
Products
The following Tektronix products are covered by this document:
■
MDO3012
■
MDO3014
■
MDO3022
■
MDO3024
■
MDO3032
■
MDO3034
■
MDO3052
■
MDO3054
■
MDO3102
■
MDO3104
Required documents
To perform the procedures in this document, you might need access to the
MDO3000 series manuals listed below. These manuals are available on the
Tektronix Web site at www.tektronix.com/downloads.
■
MDO3000 Series Service Manual (Tektronix part number, 077-0981-xx)
■
MDO3000 Series Technical Reference Manual (Tektronix part number,
077-0979-xx)
MDO3000 Series Declassification and Security Instructions iii
Preface
Terms used in this document
The following terms may be used in this document:
■
Clear. This removes data on media/memory before reusing it in a secured
area. All reusable memory is cleared to deny access to previously stored
information by standard means of access.
■
Erase. This is equivalent to clear.
■
Instrument Declassification. A term that refers to procedures that must be
undertaken before an instrument can be removed from a secure environment.
Declassification procedures include memory sanitization and memory
removal, and sometimes both.
■
Media storage/data export device. Any of several devices that can be used
to store or export data from the instrument, such as a USB port.
■
Nonvolatile memory. Data is retained when the instrument is powered off.
■
Power off. Some instruments have a “Standby” mode, in which power is still
supplied to the instrument. For the purpose of clearing data, putting the
instrument in Standby mode does not qualify as powering off. For these
products, you will need to either press a rear-panel OFF switch or remove the
power source from the instrument.
■
Remove. This is a physical means to clear the data by removing the memory
device from the instrument. Instructions are available in the product Service
Manual.
■
Sanitize. This eradicates the data from media/memory so that the data cannot
be recovered by other means or technology. This is typically used when the
device will be moved (temporarily or permanently) from a secured area to a
non-secured area.
■
Scrub. This is equivalent to sanitize.
■
User Accessible. User is able to directly retrieve the memory device
contents.
■
User-modifiable. User can write to the memory device during normal
instrument operation, using the instrument interface or remote control.
■
Volatile memory. Data is lost when the instrument is powered off.
iv MDO3000 Series Declassification and Security Instructions
Preface
Device terms
The following terms are used with the memory devices in this document:
■
User data. Describes the type of information stored in the device. Refers to
waveforms or other measurement data representing signals connected to the
instrument by users.
■
User settings. Describes the type of information stored in the device. Refers
to instrument settings that can be changed by the user.
■
Both. Describes the type of information stored in the device. It means that
both user data and user settings are stored in the device.
■
None. Describes the type of information stored in the device. It means that
neither user data nor user settings are stored in the device.
■
Directly. Describes how data is modified. It means that the user can modify
the data.
■
Indirectly. Describes how data is modified. It means that the instrument
system resources modify the data and that the user cannot modify the data.
MDO3000 Series Declassification and Security Instructions v
Preface
vi MDO3000 Series Declassification and Security Instructions
Memory devices
The following sections list the volatile and nonvolatile memory devices in the
standard instrument and listed options.
Volatile memory devices
DDR3
Type and size 1 GB standard
Function Holds active analog acquisition data
Type of user information
stored
Backed up by battery? No
Method of modification Indirectly
Data input method Firmware operations
Location Main board
User accessible No
To clear Remove power from the instrument for at least 20 seconds.
Process to sanitize Remove power from the instrument for at least 20 seconds.
User data
SDRAM
Type and size SDRAM 128 GB (standard)
Function Holds active digital acquisition data
Type of user information
stored
Backed up by battery? No
Method of modification Indirectly
Data input method Firmware operations
Location Main board
User accessible No
To clear Remove power from the instrument for at least 20 seconds.
Process to sanitize Remove power from the instrument for at least 20 seconds.
SDRAM
Type and size SDRAM 32 MB (standard)
Function ASIC execution memory
Type of user information
stored
Backed up by battery? No
Method of modification indirectly
Data input method Firmware operations
User data
User data and settings
MDO3000 Series Declassification and Security Instructions 1
Memory devices Volatile memory devices (cont.)
Location Main board
User accessible No
To clear Remove power from the instrument for at least 20 seconds.
Process to sanitize Remove power from the instrument for at least 20 seconds.
DDR3
Type and size DDR3 1 GB (standard)
Function Microprocessor system memory
Type of user information
stored
Backed up by battery? No
Method of modification Directly
Data input method Written by processor system
Location Main board
User accessible No
To clear Remove power from the instrument for at least 20 seconds.
Process to sanitize Remove power from the instrument for at least 20 seconds.
User data and settings
SRAM
Type and size SRAM 125 kB (standard)
Function Arbitrary waveform storage
Type of user information
stored
Backed up by battery? No
Method of modification Indirectly
Data input method Firmware operations
Location IO board
User accessible No
To clear Remove power from the instrument for at least 20 seconds.
Process to sanitize Remove power from the instrument for at least 20 seconds.
User data
2 MDO3000 Series Declassification and Security Instructions
Memory devices
Nonvolatile memory devices
Flash 128 MB
Type and size Flash 128 MB
Function Holds instrument calibration data, serial number, option key, instrument operating system and
application software. Also holds all user-storable data, such as waveforms, measurement results,
and instrument settings.
Type of user information
stored
Method of modification Indirectly
Data input method Firmware operations, user input
Location Main board
User accessible No
To clear Not applicable for calibration constants.
Process to sanitize Not applicable for calibration constants.
User data, user settings
Use the procedure Use TekSecure to erase memory contents to erase reference waveforms and
instrument setups. Then use the procedure Disable the LAN port and clear the LAN Eithernet
settings to disable the LAN ethernet and to clear information, such as IP addresses.
Use the procedure Use TekSecure to erase memory contents to erase reference waveforms and
instrument setups. Then use the procedure Disable the LAN port and clear the LAN Eithernet
settings to disable the LAN ethernet and to clear information, such as IP addresses.
Serial real-time clock
Type and size Serial real-time clock
Function Real-time clock with battery backup
Type of user information
stored
Method of modification Indirectly
Data input method Not applicable
Location Main board
User accessible Not applicable
To clear Not applicable, no user data
Process to sanitize Not applicable, no user data
EEPROM
Type and size EEPROM 1 Kbit
Function Holds signal generator calibration data
Type of user information
stored
Method of modification Indirectly
Data input method Not applicable
Location IO board
User accessible Not applicable
Time/date
None
MDO3000 Series Declassification and Security Instructions 3
Memory devices Nonvolatile memory devices (cont.)
To clear Not applicable, no user data
Process to sanitize Not applicable, no user data
EEPROM
Type and size EEPROM 1 Kbit
Function Application module firmware
Type of user information
stored
Method of modification Not applicable
Data input method Not applicable
Location MDO3000 application modules
User accessible Not applicable
To clear Not applicable, no user data
Process to sanitize Not applicable, no user data
None
Media and data export devices
Two USB host ports Supports removable USB flash drive
Function User storage of reference waveforms, screen images, and instrument setups
Method of modification Directly
Data input method User writeable
Location One USB host port on the front of the instrument
On USB host port on the rear of the instrument
Files can be deleted or over-written on the oscilloscope or on a PC. USB flash drive can be
removed or destroyed.
User accessible Yes
Process to disable The USB host port cannot be disabled with MDO3000 Series instruments without the MDO3SEC
option.
If your instrument has the MDO3SEC option, perform the procedure Use the MDO3SEC option to
disable all IO ports to disable the two USB host ports.
USB device port
Function Supports remote control and data transfer to a PC.
Method of modification Directly
Data input method Remote control via USBTMC
Location USB device port on rear of the instrument
User accessible Yes
4 MDO3000 Series Declassification and Security Instructions
Media and data export devices (cont.) Memory devices
Process to disable (for
instruments with the
MDO3SEC option)
Process to disable (for
instruments without the
MDO3SEC option)
LAN Ethernet connector
Function Transfer data
Method of modification Directly
Data input method Not applicable
Location CAT5 connector on rear of the instrument
User accessible Yes
Process to disable (for
instruments with the
MDO3SEC option)
Process to disable (for
instruments without the
MDO3SEC option)
Perform the procedure Use the MDO3SEC option to disable all I/O ports to disable the device
ports.
Perform the procedure Disable the USB device port to disable the USB device port.
Perform the procedure Use the MDO3SEC option to disable all I/O ports to disable the device
ports.
Perform the procedure Disable the LAN port and clear the LAN Ethernet settings to disable the
Ethernet port.
MDO3000 Series Declassification and Security Instructions 5
Memory devices Media and data export devices (cont.)
6 MDO3000 Series Declassification and Security Instructions
Clear and sanitize procedures
NOTE. Sanitizing or clearing the instrument cannot be reversed. But the
instrument application software and calibration information is left unchanged
after the sanitizing or clearing operations. There is no need for a postsanitization or clear procedure for the MDO3000 Series of instruments. The
instrument can begin normal use and function immediately after the sanitizing or
clearing procedures.
Disable the USB device port
Complete the following steps to disable the USB device.
1. Remove any USB cable or device from the USB device port on the rear of
the instrument.
2. Push the front-panel Utility button.
3. Push the Utility Page lower-bezel button and use the Multipurpose a knob
to select I/O.
4. Push the USB lower-bezel button.
5. Push the Disabled (Off Bus) side-bezel button to disable the USB device
port.
The USB device port is now disabled and no longer allows traffic in or out of the
port.
Use the MDO3SEC option to disable all I/O ports
If your instrument has the MDO3SEC option installed, use the following
procedure to turn off all of the I/O ports.
1. Push the front-panel Utility button.
2. Push the Utility Page lower-bezel button and use the Multipurpose a knob
to select Security.
3. Push the Security Password lower-bezel button.
4. Use the Multipurpose knob to enter a password.
5. Push the I/O Ports lower-bezel button.
To disable all USB and Ethernet ports on the oscilloscope, push the OK
Disable All Ports on the side-bezel button.
6. Push the Menu Off front-panel button to close the dialog box.
7. Power off the oscilloscope, and then power it back on to complete the
process.
MDO3000 Series Declassification and Security Instructions 7
Clear and sanitize procedures
To reset the instrument RAM, do the following:
1. Power off the instrument for at least 20 seconds.
2. Power on the instrument.
Disable the LAN port and clear the LAN Ethernet settings
To disable the LAN port and clear LAN Ethernet settings, such as IP addresses,
complete the steps in this procedure.
CAUTION. This procedure clears network connectivity information. Record all of
the settings before clearing them.
1. Remove the network cable from the LAN port on the rear of the instrument.
2. Push the front-panel Default Setup button.
3. Push the front-panel Utility button.
4. Push the Utility Page lower-bezel button and use the Multipurpose a knob
to select I/O.
5. Push the Network Configuration lower-bezel button.
6. Push the Manual side-bezel button. Wait for this operation to complete.
7. Push the Set IP Address Manually side-bezel button.
8. Push the ↑ or ↓ arrow side-bezel button to position the cursor on the
Instrument IP Address field.
9. Push the Clear lower-bezel button.
10. Push the ↓ arrow side-bezel button to position the cursor on the Gateway IP
Address field.
11. Push the Clear lower-bezel button.
12. Push the ↓ arrow side-bezel button to position the cursor on the Subnet
Mask field.
13. Push the Clear lower-bezel button.
14. Push the ↓ arrow side-bezel button to position the cursor on the DNS IP
Address field.
15. Push the Clear lower-bezel button.
16. Push the OK Accept side-bezel button.
17. Push the Ethernet and LXI lower-bezel button.
18. Push the –more- 1 of 2 side bezel button to get to the second page of side
bezel menus.
19. Push the Change Names side-bezel button.
8 MDO3000 Series Declassification and Security Instructions
Clear and sanitize procedures
20. Push the ↑ or ↓ arrow side-bezel button to position the cursor on the
Hostname field.
21. Push the Clear lower-bezel button.
22. Push the ↓ arrow side-bezel button to position the cursor on the Domain
Name field.
23. Push the Clear lower-bezel button.
24. Push the ↓ arrow side-bezel button to position the cursor on the Service
Name field.
25. Push the Clear lower-bezel button.
26. Push the OK Accept side-bezel button.
27. Push the Change e*Scope and LXI Password side-bezel button.
28. Push the Clear lower-bezel button.
29. Push the OK Accept side-bezel button.
The LAN system is disabled and no longer allows data traffic in or out. The
relevant LAN Ethernet settings are also cleared.
Enable the USB device port
Complete the following steps to enable the USB device.
1. Push the front panel Default Setup button.
2. Push the front-panel Utility button.
3. Push the Utility Page lower-bezel button and use the Multipurpose a knob
to select I/O.
4. Push the USB lower-bezel button.
5. Push the Connect to Computer or Connect to PictBridge Printer side-
bezel button to enable the USB device port.
MDO3000 Series Declassification and Security Instructions 9
Clear and sanitize procedures
Use the MDO3SEC option to enable the IO ports
If your instrument has the MDO3SEC option installed, use the following
procedure to turn on all of the I/O ports.
1. Push the front-panel Utility button.
2. Push the Utility Page lower-bezel button and use the Multipurpose a knob
to select Security.
3. Push the Security Password lower-bezel button.
4. Use the Multipurpose knob to enter a password.
5. Push the I/O Ports lower-bezel button.
To disable all USB and Ethernet ports on the oscilloscope, push the OK
Enable All Ports on the side-bezel button.
6. Push the Menu Off front-panel button to close the dialog box.
7. Power off the oscilloscope, and then power it back on to complete the
process.
Enable the LAN port and set the LAN Ethernet settings
To Enable the LAN port and set the LAN Ethernet settings, such as IP addresses,
complete the steps in this procedure.
1. Push the front panel Default Setup button.
2. Push the front-panel Utility button.
3. Push the Utility Page lower-bezel button and use the Multipurpose a knob
to select I/O.
4. Push the Network Configuration lower bezel button.
5. Push the Manual side bezel button. Wait for this operation to complete.
6. Push the Set IP Address Manually side bezel button.
7. Push the ↑ or ↓ arrow side-bezel button to position the cursor on the
Instrument IP Address field.
8. Enter the relevant field data using the lower bezel buttons and Multipurpose
a knob.
9. Push the ↓ arrow side-bezel button to position the cursor on the Gateway IP
Address field.
10. Enter the relevant field data using the lower bezel buttons and Multipurpose
a knob.
11. Push the ↓ arrow side-bezel button to position the cursor on the Subnet
Mask field.
12. Enter the relevant field data using the lower bezel buttons and Multipurpose
a knob.
10 MDO3000 Series Declassification and Security Instructions
Clear and sanitize procedures
13. Push the ↓ arrow side-bezel button to position the cursor on the DNS IP
Address field.
14. Enter the relevant field data using the lower bezel buttons and Multipurpose
a knob.
15. Push the OK Accept side-bezel button.
16. Push the Ethernet and LXI lower-bezel button.
17. Push the –more- 1 of 2 side bezel button to get to the second page of side
bezel menus.
18. Push the Change Names side-bezel button.
19. Push the ↑ or ↓ arrow side-bezel button to position the cursor on the
Hostname field.
20. Enter the relevant field data using the lower bezel buttons and Multipurpose
a knob.
21. Push the ↓ arrow side-bezel button to position the cursor on the Domain
Name field.
22. Enter the relevant field data using the lower bezel buttons and Multipurpose
a knob.
23. Push the ↓ arrow side-bezel button to position the cursor on the Service
Name field.
24. Enter the relevant field data using the lower bezel buttons and Multipurpose
a knob.
25. Push the OK Accept side-bezel button.
26. Push the Change e*Scope and LXI Password side-bezel button.
27. Enter the relevant field data using the lower bezel buttons and Multipurpose
a knob.
28. Push the OK Accept side-bezel button.
MDO3000 Series Declassification and Security Instructions 11
Clear and sanitize procedures
12 MDO3000 Series Declassification and Security Instructions
Built-in security features
When to use TekSecure
™
Use the TekSecure function to erase setup and reference waveform data stored in
internal flash memory. Using TekSecure will not affect the calibration of the
instrument because the calibration constants are stored on the Acquisition board,
completely separate from any acquisition data. This allows complete erasure or
removal of any secure data without affecting the oscilloscope calibration. It also
allows the oscilloscope to be calibrated in a non-secure site and then used in a
secure site with the need for recalibration.
The MDO3000 Series oscilloscopes have two USB host ports: one on the front
panel and one on the rear panel. Any USB flash devices can be removed and
stored or destroyed.
The TekSecure function does the following:
■
Replaces all waveforms in all reference memories with null sample values
■
Replaces the current front-panel setup and all stored setups with the default
setup values
■
Calculates the checksums of all reference waveform memory and setup
memory locations to verify successful completion of waveform and setup
erasure
■
Displays a dialog indicating whether the secure erase was successful or
unsuccessful
NOTE. TekSecure does not erase or change factory calibration constants or
Ethernet settings.
MDO3000 Series Declassification and Security Instructions 13
Built-in security features
Use TekSecure to erase memory contents
To use TekSecure, do the following:
1. Push the front-panel Utility button.
2. Push the Utility Page lower-bezel button and use the Multipurpose a knob
to select Security.
3. Push the TekSecure Erase Memory lower-bezel button.
4. Push the OK Erase Setup and Ref Memory side-bezel button. Wait for the
“TekSecure operation complete” dialog box to display.
5. Push the Menu Off front-panel button to close the dialog box.
6. Power off the oscilloscope, and then power it back on to complete the
process.
To reset the instrument RAM, do the following:
1. Power off the instrument for at least 20 seconds.
2. Power on the instrument.
14 MDO3000 Series Declassification and Security Instructions
Clear or sanitize a non-functional instrument
Use the following procedures to clear or sanitize a non-functional instrument.
Acquisition board
Only qualified personnel should perform service procedures. Read the General
Safety Summary and the Service Safety Summary in the MDO3000 Series
Service Manual (Tektronix part number, 077-0981-xx) before performing any
service procedures.
Remove the Acquisition board and return the product to Tektronix. A new
Acquisition board will be installed and the instrument will be repaired and
adjusted as necessary.
For removal instructions, refer to the MDO3000 Series Service Manual available
on the Tektronix Web site at www.tektronix.com/manuals.
After removing the Acquisition board, refer to your company's internal policies
regarding handling or disposal of the board.
USB flash drive
Charges
Remove the USB flash drive and return the instrument to Tektronix for repair.
After removing the USB flash drive, refer to your company's internal policies
regarding handling or disposal of the flash drive.
Replacement of any missing hardware will be charged according to the rate at the
time of replacement.
MDO3000 Series Declassification and Security Instructions 15
Clear or sanitize a non-functional instrument
16 MDO3000 Series Declassification and Security Instructions
Loading...