Tektronix MSO64B, MSO66B, MSO68B, MSO56, MSO58 Declassification and Security Instructions

...
5 Series and 6 Series B Mixed Signal Oscilloscopes
Declassification and Security Instructions
MSO54*, MSO56*, MSO58*
MSO54B, MSO56B, MSO58B
MSO64B, MSO66B, MSO68B
arning: The servicing instructions are for use by qualified personnel only. To avoid personal injury, do not perform any servicing unless you are qualified
W
to do so. Refer to all safety summaries prior to performing service.
Supports Product Firmware V1.28 and above.
Register now! Click the following link to protect your product. www.tek.com/register
*P077169402*
077-1694-02
Copyright © Tektronix. All rights reserved. Licensed software products are owned by Tektronix or its subsidiaries or suppliers, and are protected by national copyright laws and international treaty provisions. T and pending. Information in this publication supersedes that in all previously published material. Specifications and price change privileges reserved.
TEKTRONIX and TEK are registered trademarks of Tektronix, Inc.
Tektronix, Inc.
14150 SW Karl Braun Drive
P.O. Box 500
Beaverton, OR 97077
USA
For product information, sales, service, and technical support:
In North America, call 1-800-833-9200.
Worldwide, visit www.tek.com to find contacts in your area.
ektronix products are covered by U.S. and foreign patents, issued

Table of Contents

Table of Contents
List of Tables................................................................................................................................................................................. 4
Preface..........................................................................................................................................................................................5
Clear and sanitize procedure........................................................................................................................................................ 6
Memory device table terminology.......................................................................................................................................... 6
Memory devices.....................................................................................................................................................................6
Media and data export devices.............................................................................................................................................. 9
Option 5/6-SEC for a secure instrument................................................................................................................................ 9
Overwriting the user password.............................................................................................................................................. 9
Clearing or sanitizing SSDs................................................................................................................................................. 10
Troubleshooting...........................................................................................................................................................................11
How to sanitize a non-functional instrument.........................................................................................................................11
Repair charges.....................................................................................................................................................................11
Change log..................................................................................................................................................................................12
5 Series and 6 Series B MSO Declassification and Security Instructions document change log........................................ 12
5 Series and 6 Series B Mixed Signal Oscilloscopes Declassification and Security Instructions 3
List of Tables
List of Tables
Table 1: Volatile memory............................................................................................................................................................... 6
Table 2: Non-user-accessible memory.......................................................................................................................................... 7
Table 3: Media and Data export devices ...................................................................................................................................... 9
5 Series and 6 Series B Mixed Signal Oscilloscopes Declassification and Security Instructions 4

Preface

Preface
This document helps customers with data security concerns to sanitize or remove memory devices from their instrument.
This series of instruments contains an open architecture PC with removable mass storage. You can order additional removable mass storage devices to swap in and out of the instrument as needed for security reasons.
These products have data storage (memory) devices and data export interfaces (USB ports, Ethernet, and eSATA). These instructions describe how to clear or sanitize the memory devices and disable the data output interfaces. The instructions also describe how to declassify an instrument that is not functioning.
Products
The following Tektronix products are covered by this document.
5 Series MSO Instruments (MSO54, MSO56, MSO58) with a serial number of B020000 and above or C040000 and above
5 Series B MSO instruments (MSO54B, MSO56B, MSO58B)
6 Series B MSO Instruments (MSO64B, MSO66B, MSO68B)
Terms
The following terms may be used in this document:
Clear. This eradicates data on media/memory before reusing it in a secured area. All reusable memory is cleared to deny access to previously stored information by standard means of access.
Erase. This is equivalent to clear.
Media. Storage/data export device. A device that is used to store or export data from the instrument, such as a USB port/USB flash drive.
Sanitize. This removes the data from media/memory so that the data cannot be recovered using any known technology. This is typically used when the device will be moved (temporarily or permanently) from a secured area to a nonsecured area.
Scrub. This is equivalent to sanitize.
Remove. This is a physical means to clear the data by removing the memory device from the instrument. Instructions are available in the product service manual.
User Accessible. User is able to directly retrieve the memory device contents.
User-Modifiable. The memory device can be written to by the user during normal instrument operation, using the instrument user interface or remote control.
Volatile memory. Data is lost when the instrument is powered off.
Non-user-accessible memory. Data is retained when the instrument is powered off.
Power off. Some instruments have a “Standby” mode, in which power is still supplied to the instrument. For the purpose of clearing data, putting the instrument in Standby mode does not qualify as powering off. For these products, you must remove the power source from the instrument.
Instrument Declassification. A term that refers to procedures that must be undertaken before an instrument can be removed from a secure environment. Declassification procedures include memory sanitization and memory removal, and sometimes both.
5 Series and 6 Series B Mixed Signal Oscilloscopes Declassification and Security Instructions 5

Clear and sanitize procedure

Clear and sanitize procedure

Memory device table terminology

The following terms are used in the tables in this section:
User data. Describes the type of information stored in the device. Refers to waveforms or other measurement data representing signals connected to the instrument by users.
User settings. Describes the type of information stored in the device. Refers to instrument settings that can be changed by the user
Both. Describes the type of information stored in the device. It means that both user data and user settings are stored in the device.
None. Describes the type of information stored in the device. It means that neither user data or user settings are stored in the device.
Directly. Describes how data is modified. It means that the user can modify the data.
Indirectly. Describes how data is modified. It means that the instrument system resources modify the data and that the user cannot modify the data.

Memory devices

The following tables list the memory devices in the instrument.
.
Table 1: Volatile memory
Type & min. size
SDRAM
≥ 32 GB
SDRAM
≥4 GB
SDRAM
≥512 MB
CMOS RAM
≥256 Bytes
Function Type of user
Host processor memory
Holds active acquisition data
Holds video graphics data
Holds clock and BIOS configuration data
Backed up
info stored
Both No Directly Written by
User data No Indirectly Application
User data No Indirectly Application
None Yes Indirectly BIOS
by battery
Method of modification
Data Input method
processor system
software operations
software operations
operations
Location User
access
Module socket (SODIMM) on processor module board
Module socket (SODIMM) on acquisition board
Acquisition board
Processor module board
Yes Remove power from
No Remove power from
No Remove power from
Yes Remove power from
Clear Sanitize
the instrument for a minimum of 30 seconds.
the instrument for a minimum of 30 seconds.
the instrument for a minimum of 30 seconds.
the instrument and press the CMOS clear button for a minimum of 30 seconds.
5 Series and 6 Series B Mixed Signal Oscilloscopes Declassification and Security Instructions 6
Table 2: Non-user-accessible memory
Clear and sanitize procedure
Type & min. size
Linux Solid State Drive ≥256 GB
EEPROM
≥2 Kbit
EEPROM
≥2 Kbit
EEPROM
≥64 Kbit
EEPROM ≥1 Kb
depending on model
Flash Memory
≥16 Mbit
Two pieces
Function Type of user
info stored
Host instrument Linux operating system and application software. Holds user­storable data such as waveforms, measurement results, and instrument settings.
Stores factory data, maintenance data, and user password
Holds AFG calibration data
Holds the front panel USB configuration
Holds the SODIMM memory configuration data (SPD)
Holds a portion of the Acquisition FPGA configuration
Both Directly Written by
User settings User password is settable using PI commands
None Indirect Factory
None None Factory
None None Factory
None Indirect Application
Method of modification
Indirect Factory
Data Input method
processor system, software operations, user input
operations and programmatic commands
operations
operations
operations
software operations
Location User
access
2.5" SSD that is removable and is inserted in the socket on the bottom of the instrument.
Acquisition board
AFG riser board
Front panel LED board
Module socket (SODIMM) on processor module board and module socket (SODIMM) on acquisition board
Acquisition board
Yes There is no
Yes Overwrite user password.
No Not applicable, does not
No Not applicable, does not
No Not applicable, does not
No Not applicable, does not
Clear Sanitize
Remove the
ektronix
T recommended process for clearing the drive. To clear the Linux Solid State Drive, destroy the SSD and purchase a replacement (SUPx-LNX).
(see Overwriting the user
password on page 9.)
Clearing or sanitizing the entire memory device would disable instrument functionality.
contain user data or settings. Clearing or sanitizing would disable instrument functionality.
contain user data or settings. Clearing or sanitizing would disable instrument functionality.
contain user data or settings. Clearing or sanitizing would disable instrument functionality.
contain user data or settings. Clearing or sanitizing would disable instrument functionality.
SSD assembly from the instrument through the trap door in the bottom of the instrument.
Table continued…
5 Series and 6 Series B Mixed Signal Oscilloscopes Declassification and Security Instructions 7
Clear and sanitize procedure
Type & min. size
Flash Memory
≥128 Mbit
Flash Memory
Unspecifie d size, three pieces
Flash Memory
≥32 KB
Flash Memory
≥64 KB
one piece
Function Type of user
info stored
Stores processor BIOS firmware, BIOS configuration, and embedded controller firmware. The Ethernet MAC address is stored in this device.
Stores power supply configuration data
Stores power management controller firmware
Stores analog board microcontroller firmware
None Indirect BIOS
None Indirect Application
None Indirect Application
None Indirect Application
Method of modification
Data Input method
operations, operating system operations and factory operations
software operations
software operations
software operations
Location User
access
Processor module board
Internal to the UCD9248 power supply controller on the acquisition board and processor carrier board
Internal to the MC9S08 microcontroller on the acquisition board
Internal to the MKL14 microcontroller on the analog board
No Not applicable, does not
No Not applicable, does not
No Not applicable, does not
No Not applicable, does not
Clear Sanitize
contain user data or settings. Clearing or sanitizing would disable instrument functionality
contain user data or settings. Clearing or sanitizing would disable instrument functionality.
contain user data or settings. Clearing or sanitizing would disable instrument functionality.
contain user data or settings. Clearing or sanitizing would disable instrument functionality.
.
FLASH Memory on-chip 128KB and 32KB SRAM
Flash Memory
≥0.33 Mbit
5 Series and 6 Series B Mixed Signal Oscilloscopes Declassification and Security Instructions 8
Processor drives an EMMC NAND flash part that is 4 GB of memory and stores the factory calibration and licensing information
Stores the processor carrier FPGA configuration
None Indirect Application
software operations
None None Factory
operations
MKL27 microcontroller on the front panel board. MKL02 parts on the front­end acquisition board. They each have 32KB on-chip FLASH. There is one MKL02 per channel.
Internal to the LCMXO2 FPGA on the processor carrier board
No Not applicable, does not
contain user data or settings. Clearing or sanitizing would disable instrument functionality.
No Not applicable, does not
contain user data or settings. Clearing or sanitizing would disable instrument functionality.

Media and data export devices

The following table lists the data export devices in the instrument.
Table 3: Media and Data export devices
Clear and sanitize procedure
Type Function
USB Host port
(supports removable USB flash drive)
USB Device port
Ethernet Transfer data and
User storage of reference waveforms, screen images, and instrument setups, and installation of firmware updates
Supports remote control and data transfer to a PC
remote control of instrument.
Method of modification
Directly User writeable Three USB
Directly Remote control
Directly Remote
Data input method Location User access Disable
host ports on front panel of the instrument; four USB host ports on the back panel of the instrument
USB Device
using USBTMC
Control using LXI or Socket Server
port on back of the instrument
Ethernet port on back of instrument
No USB Host ports can be
disabled for use with USB Storage devices behind password control.
This option is available if Option 5/6-SEC is installed.
Yes The USB Device port can
be disabled by selecting
Utility > I/O > USB DevicePort, and setting USB Device port to Off.
This option is available if Option 5/6-SEC is installed
No Ethernet port can be
disabled behind password control.
This option is available if Option 5/6-SEC is installed.

Option 5/6-SEC for a secure instrument

Option 5/6-SEC provides the highest level of instrument security for 5 Series1, 5 Series B and 6 Series B MSO products. Option 5/6-SEC features include:
Password protection to enable/disable external communication ports
Password protection to enable/disable firmware upgrades or downgrades
There is also a special BIOS installed that includes a default password ("Tektronix"). Additionally when the CMOS reset is pressed the BIOS password is reset to "Tektronix" instead of being removed.
Note: Option 5/6-SEC must be ordered at the same time as ordering an instrument.

Overwriting the user password

Use this procedure to change the user password. The user password is not currently functional or accessible in the oscilloscope user interface, but it is accessible from the programmatic interface. The user password is used to protect a "user string" that can be set and
1
Serial numbers of B020000 and above or C040000 and above.
5 Series and 6 Series B Mixed Signal Oscilloscopes Declassification and Security Instructions 9
Clear and sanitize procedure
displayed in the UI. This functionality is a legacy functionality and while the user password does exist through the programmatic interface, there is no function to display the user string in the user interface on this instrument.
1. Connect a PC to the oscilloscope (Ethernet or USB Device port).
2. Use a Windows remote terminal or similar program to communicate with the oscilloscope. T
oscilloscope to see the current instrument settings.
3. Send the following commands to the oscilloscope:
a. :PASSWORD "XYZZY"
(or current password if changed from the default of "XYZZY")
b. :NEWPASS "NEWPASSWORD"
(Or other password up to 16 characters)
If you do not have access to a program that supports sending programmatic commands to the instrument, do the following:
1. Copy the preceding commands to a text file.
2. Compress the text file into a ZIP archive file that ends in ".set".
3. Copy the file to a USB drive.
4. Insert the USB drive into the oscilloscope.
5. Recall the file from the Recall Setup dialog box (File > Recall > Setup tab).
ap the Utility > I/O menu on the
For more information on using programmatic commands, refer to your product programmer manual, available at www.tek.com/manuals.

Clearing or sanitizing SSDs

Clearing means that all customer-generated data in reusable memory (acquisition records, settings, measurements, screen captures, reports, and so on) is modified such that the data cannot be recovered using standard means of access. Standard means of access includes typical OS file utilities. The data may still be on the memory device, but requires specialized software and/or hardware to recover. You typically clear an instrument when you want to erase files to clear space or turn the instrument over to another person or department.
Sanitizing means that all data in reusable memory is changed or overwritten such that the original data is no longer in memory, and the older data cannot be recovered using any known technology. You typically do a sanitize operation when you move an instrument (temporarily or permanently) from a secured area to a nonsecured area.
The instrument does not have any function to clear or sanitize the entire Solid State Drive (SSD) and retain instrument operation. To the clear, destroy your current SSD and order a replacement (SUPx-LNX).
For instruments where the drive is customer replaceable, reverse the installation steps in the 5/6 Series MSO Option SSD Upgrade Kit Installation Instructions (part number 0713524xx) to remove the drive. All documents are available at tek.com/downloads.
For instruments without customer replaceable drives, please contact Tektronix Calibrataion & Services to make arrangements.
5 Series and 6 Series B Mixed Signal Oscilloscopes Declassification and Security Instructions 10

Troubleshooting

How to sanitize a non-functional instrument

Troubleshooting
If your instrument is not functioning, proceed as follows to sanitize the instrument to return to T
1. Remove any attached USB flash drives or external USB drives from your oscilloscope. Refer to your company's internal policies regarding handling or disposal of the flash drives.
2. Follow your company's internal policies regarding handling or disposal of the these boards.
3. Reassemble the oscilloscope and return it to Tektronix. New boards will be installed. The oscilloscope will be calibrated and returned.
Note: Replacement of any missing or damaged hardware will be charged according to the rate at the time of replacement.
ektronix for repair:

Repair charges

Replacement of any missing hardware will be charged according to the rate at the time of replacement.
5 Series and 6 Series B Mixed Signal Oscilloscopes Declassification and Security Instructions 11

Change log

5 Series and 6 Series B MSO Declassification and Security Instructions document change log

Change log
Document part number
077-1694-01
077-1694-02
-
-
-
Revision date Change description
08-13-21 Support for 5 Series Models with a serial number of B020000 and above or C040000 and above.
11-24-21 Support for 5 Series B MSO Models.
5 Series and 6 Series B Mixed Signal Oscilloscopes Declassification and Security Instructions 12
Loading...