R&S FSL Spectrum Analyzer Resolving Security Issues When Working in Secure Areas

Similar documents
Resolving Security Issues When Working with the R&S ESIB in Secure Areas

Resolving Security Issues when working with R&S SMU200A, R&S SMATE200A, R&S SMJ100A, R&S AMU200A, or R&S AFQ100A or R&S AFQ100B in Secure Areas

Resolving Security Issues When Working with the R&S FS315 in Secure Areas

R&S SMW200A Vector Signal Generator Instrument Security Procedures

R&S ZN-Z154 Calibration Unit Instrument Security Procedures

R&S RTC1002 Digital Oscilloscope Release Notes Firmware Version

R&S SGS100A SGMA RF Source Instrument Security Procedures

R&S ESU EMI Test Receiver. Release Notes. Firmware Version V5.74 SP1. Only an ESU with Windows 7 Operating System is supported

R&S SMB100A RF and Microwave Signal Generator Instrument Security Procedures

R&S SMBV100A Vector Signal Generator Instrument Security Procedures

BitLocker White Paper Windows 10

LabVIEW driver history for the R&S HMC8012 Driver Documentation

R&S GNSS Test Automation Release Notes Software Version 1.3.2

TopSec Mobile Secure voice encryption for smartphones and laptops

Replacing R&S CMU200 with R&S CMW500 in 2G and 3G Speech Test Applications Application Note

R&S RTA4000 Digital Oscilloscope Release Notes Firmware Version

R&S NRP-Z5 USB Sensor Hub Instrument Security Procedures

R&S AVG Pattern Import Release Notes Firmware Version 02.25

R&S NRP2 Power Meter Instrument Security Procedures

R&S RECAL + Release Notes Software Version 4.01

R&S SMB100B Release Notes Firmware Version

R&S ESR EMI Test Receiver Release Notes Firmware Version V3.36 SP2

How to Apply MS17-10 to prevent WannaCrypt Attacks

How to Apply MS17-10 to prevent WannaCrypt Attacks

R&S NRP-Z51/-Z52/-Z55/-Z56/- Z57/-Z58 Thermal Power Sensors Release Notes

R&S MSD Modular System Device Flexible antenna switching and rotator control

R&S NRP USB and LAN Power Sensors Instrument Security Procedures

R&S Broadcast Drive Test Release Notes Software Version 03.13

TopSec Product Family Voice encryption at the highest security level

R&S Spectrum Rider FPH Release Notes Firmware Version V1.40

R&S TSMAx Release Notes Firmware Version

R&S ELEKTRA EMC Test Software Swift and reliable measurement of electromagnetic disturbances

R&S SMA100B Release Notes Firmware Version

R&S ESW Test Receiver Release Notes Firmware Version V1.40 SP1

Simple Sequencing Tool for SCPI Commands Application Note

Firmware Release V1.83 SP3

R&S SGT100A RF Source Base Unit Release Notes FW Version

R&S Spectrum Rider FPH Release Notes Firmware Version V1.50

R&S ELEKTRA Release Notes Software Version V2.10

R&S QuickStep Test Executive Software Flexibility and excellent performance

R&S TSMA Release Notes Firmware Version

R&S CMW Bluetooth Release Notes Software Version V3.2.70

R&S VISA Release Notes Software Version 5.8.6

.NET programming interface for R&S GTSL and R&S EGTSL

Voice Quality Measurements with R&S ROMES. Application Note

R&S RTB2000 Oscilloscope Release Notes Firmware Version

R&S NGE100 Power Supply Series Reduced to the max

R&S DSA DOCSIS Signal Analyzer Release Notes Firmware Version 2.2.1

R&S Pulse Sequencer DFS Software Release Notes Software Version 1.6

R&S Power Meter NRP Release Notes Firmware Version

R&S RTO and R&S RTE Oscilloscopes Release Notes Firmware Version

Sending s without the risk! The Rohde & Schwarz Secure Web Interface

Release Notes. R&S FSC Spectrum Analyzer

R&S Pulse Sequencer DFS Software Release Notes Software Version 1.7

R&S CMW500 CDMA2000 1XRTT and 1xEV-DO Release Notes Software Version

R&S NRP-Z27/-Z37 Power Sensor Module Release Notes Firmware Version 04.18a

R&S AVBrun Sequencer Software. Release Notes. Firmware Version Release Notes. Broadcasting

R&S NRPV Virtual Power Meter Release Notes Application Version 3.2

R&S ZN-Z15x Calibration Units User Manual

How to deal with the effects of CVE

TSML-W Radio Network Analyzer

R&S ZN-Z5x Calibration Units User Manual

R&S SpycerBox Ultra TL Spec Sheet

NQDI Classic Transform data into insights to support business decisions

R&S CLIPSTER Mastering excellence.

Release Notes Revision: 01

Release Notes. Revision: 01. R&S FSH4/FSH8/FSH13/FSH20 Handheld Spectrum Analyzer. Firmware Release 2.40

EMC Measurement Software EMC32

TopSec Mobile Tap-proof phone calls

Firmware Version Build 170 SP1

R&S DigIConf Software Release Notes Firmware Version Build 170 SP1

R&S DVMS DTV Monitoring System Release Notes Firmware Version

Brochure Version IP-based broadcast contribution and primary distribution revolution or evolution?

Complimentary Reference Material

RSA5100A Series Real-Time Signal Analyzers Declassification and Security Instructions

R&S FSH4/8/13/20 Spectrum Analyzer Quick Start Guide

PQA500 Picture Quality Analyzer Declassification and Security Instructions

PSA-Series Spectrum Analyzers

R&S SITLine ETH Ethernet Encryptor Secure data transmission via landline, radio relay and satellite links up to 40 Gbit/s

Statement of Volatility WorkCentre 5845/5855/5865/5875/5890

Firmware Release ( 32-Bit-WINDOWS version )

DECT Signalling Test Unit PTW15

IT security for energy infrastructures

R&S FSVA and R&S FSV Signal and Spectrum Analyzer Release Notes Firmware Version V3.40

R&S LXI Class C Support V1.21 (XP)

Keysight N5191A/93A UXG X-Series Agile Signal Generator

R&S WinIQSIM2 Simulation Software Release Notes Firmware Version

R&S VSE Vector Signal Explorer Release Notes Firmware Version V1.40

Keysight Technologies Using FieldFox RF and Microwave Analyzers with Mass Storage Devices. Application Brief

Statement of Volatility Xerox Wide Format IJP 2000

*P *

Sending s without the risk! Secure Communications with Rohde & Schwarz

R&S InstrumentView Spectrum Analyzer Software Manual

Statement of Volatility WorkCentre 7525/7530/7535/7545/7556

QualiPoc Android Probe Non-stop service quality monitoring and optimization

Statement of Volatility WorkCentre 7220/7225

Firmware Release 2.92 SP3 (NT)

R&S SFC / SFC-U / VT-B600 Compact Modulator / USB Compact Modulator / Broadcast TX Modulator Release Notes Firmware Version 02.96

R&S InstrumentView Software Manual

Floppy Disk Control of the I/Q Modulation Generator AMIQ

Transcription:

Spectrum Analyzer Resolving Security Issues When Working in Secure Areas Based upon the user s security requirements, this document describes the Rohde&Schwarz options available to address the user s spectrum analysis needs. It also covers the different memory types and locations where user information can be stored in the spectrum analyzer R&S FSL For secure environments, it describes an approach to remove the user data from the spectrum analyzer. 1171.5731.52-02 November 2011

Table of Contents Table of Contents 1 Overview... 3 2 Instrument Models Covered... 3 3 Battery Information... 3 4 Types of Memory in the R&S FSL Spectrum Analyzer and their Security Concerns... 4 5 Information Storage within the R&S FSL Spectrum Analyzer... 5 6 Information Security in Highly Sensitive Areas... 6 7 Performing Service, Calibration and Maintenance on the R&S FSL Spectrum Analyzer... 7 8 Performing Firmware Updates and Backing-Up User Data in Sensitive Areas... 8 9 Considerations for USB ports... 9 1171.5731.52-02 2

1 Overview In many cases it is imperative that the R&S FSL spectrum analyzer be used in a secured environment. Generally these highly secured environments will not allow any test equipment to leave the area unless it can be proven that no user information will leave with the test equipment. Security concerns can arise when spectrum analyzers need to leave a secured area to be calibrated or serviced. This document describes the types of memory and their usage in the R&S FSL spectrum analyzer. It also addresses methods of ensuring that no user data will leave the secured area should the product be removed for calibration or service needs. 2 Instrument Models Covered R&S FSL Spectrum Analyzers FSL FSL3 FSL6 FSL18 3 Battery Information There are no batteries in the R&S FSL spectrum analyzer other than the one on the CPU board used to power the clock in the chipset. 1171.5731.52-02 3

4 Types of Memory in the R&S FSL Spectrum Analyzer and their Security Concerns SDRAM The R&S FSL spectrum analyzer has 512 MByte of SDRAM on the CPU board. SDRAM is volatile memory and it loses its memory as soon as power is removed. The SDRAM will be unreadable within one minute after the power is removed from the instrument. The SDRAM is not a security concern. EEPROM Each board assembly in the R&S FSL spectrum analyzer has one serial EEPROM device. These devices hold 32 kbytes up to 1 MByte and contain information related to the installed hardware, such as board serial number, options, correction constants, etc. The EEPROM does not hold user data nor can the user access the EEPROM storage. The EEPROM is not a security concern. FLASH The CPU board of the R&S FSL spectrum analyzer has one 512 kbyte flash memory device which contains the BIOS. The Flash memory does not hold user data nor can the user access the Flash memory. The Flash memory is not a security concern. Compact Flash Memory The main non-volatile device is the Compact Flash Memory which is used like a mechanical hard drive. The size of the compact flash disk is 1 GByte or 4GByte depending on the CPU board version. The compact flash disk is used to store: Instrument operating system (Windows P) Instrument firmware and firmware options (measurement personalities) with option license keys Instrument states and setups Trace data Limit Lines, Transducer tables Screen images The compact flash disk content is non-volatile, so nothing is lost when power is removed from the instrument. The compact flash disk is a security concern. 1171.5731.52-02 4

5 Information Storage within the R&S FSL Spectrum Analyzer DATA SDRAM Not a security concern EEPROM Not a security concern FLASH Not a security concern COMPACT FLASH MEMORY Temporary Information storage for the functionment of the CPU (CPU Cache, and Swap area) Hardware Info, Serial Number Product Options and Calibration Correction Constants BIOS Operating System and Instrument Firmware Instrument states, setups, Limit Lines and Transducer tables Trace data, Measurement Results and Screen Images 1171.5731.52-02 5

6 Information Security in Highly Sensitive Areas Since the SDRAM is erased when power is removed from the spectrum analyzer it does not pose a security risk. No user data is written to the EEPROM and FLASH memories; hence, it is deemed that they do not pose a risk either. The COMPACT FLASH MEMORY is the only device that does not lose its memory when power is removed and can contain user data. The files containing user data have to be erased in conformance to the DoD-5220.22 specification (see below). 1171.5731.52-02 6

7 Performing Service, Calibration and Maintenance on the R&S FSL Spectrum Analyzer Clearing the different types of memory Compact Flash Memory All user specific data like Instrument states and setups Trace data Limit Lines, Transducer tables Screen images are stored on the internal compact flash memory drive. Simply deleting these files is not sufficient from a security perspective. For deleting files there are several Windows programs available to shred files according to the DoD 5220 standard which are working with the NSA approved algorithm. One example of these that has been tested by Rohde & Schwarz is "Wipe & Delete" from AEVITA Software (www.aevita.com). Refer to the operating manual for details on installing Windows software on the instrument. http://www.aevita.com/ftp/wipedelete_setup.exe The file shredder program works by overwriting the file seven (7) times with an alternating pattern of bits which not only stops all software programs from retrieving data contents, but also helps to prevent physical magnetic data sensors from retrieving a proper image of the data. This is standard government regulation for secure data erasure and conforms to Department of Defense specification DOD-5220.22M. SDRAM This memory is volatile. To remove all data stored in the SDRAM turn-off the spectrum analyzer with the AC power supply switch on the rear panel. The spectrum analyzer can now leave the secured area Calibration and the validity of the spectrum analyzer's calibration after clearing the COMPACT FLASH MEMORY The calibration ensures a user that their measurements are traceable to a government standard. Rohde & Schwarz highly recommends that users follow the calibration cycle suggested for their instrument. The EEPROM is the only location used to hold permanent adjustment values required to maintain the validity of the spectrum analyzer's calibration. 1171.5731.52-02 7

After clearing the compact flash memory, the board assembly EEPROMs need to be registered. This operation has to be executed once: Turn the instrument Off Turn the instrument back On while holding down the decimal point key [.] on the number keypad on the front panel Continue to hold this key for 10 seconds after pressing the "On" button The instrument will now recognize the changes and then power up After clearing the compact flash memory, the self-alignment function has to be executed once. This is done with the SETUP - ALIGNMENT function. This function uses the high-stability internal reference generator to produce the temporary adjustment values. Using the permanent and temporary values, the necessary adjustment information is then stored on the compact flash memory. Rohde & Schwarz recommends that users perform the self-alignment function on a weekly basis after the analyzer has had sufficient time to warm-up. 8 Performing Firmware Updates and Backing- Up User Data in Sensitive Areas Rohde & Schwarz highly recommends, but does not require, the users of its products, to maintain their products with the latest updates and to regularly back-up important user data that can be erased. Firmware updates are available from the R&S website. How does a user perform firmware updates and back-up user data in sensitive areas? There are several options available for the user to safely perform these operations without compromising the security of the sensitive areas. Via the USB port Rohde & Schwarz spectrum analyzers are equipped with USB ports as standard equipment. The instrument firmware update can be performed directly from the USB stick. The USB stick can likewise hold or transport user data back-ups to an approved storage medium. As described below, users can disable the capability of the USB ports for saving data (set to "read only"). For users that have not elected to disable the USB ports for writing data a memory stick can be used for backing-up user data. Via the LAN interface The R&S FSL spectrum analyzer is equipped with a LAN interface as standard interface. A user can transport the firmware update into the secure area via a CD or another medium that meets the security requirements. The update can then be placed on a system on the LAN within the secure area. The spectrum analyzer can be updated directly from the LAN. The LAN can likewise be used to back-up user data to an approved storage medium. 1171.5731.52-02 8

9 Considerations for USB ports USB ports can pose a security threat in high-security locations. Generally, this threat comes from small USB pen drives (a.k.a. memory sticks, key drives, etc) which can be very easily concealed, yet can quickly read/write several GBytes of data. Disable USB Ports for Writing User Data The R&S FSL spectrum analyzer can be updated with an utility to disable the write capability on any USB Port for storage devices. This utility is available from Rohde & Schwarz FSL web site w/o any charge. To disable the write capability copy the utility software to the spectrum analyzer and run it once. After reboot of the instrument the write capability on any USB memory device is disabled. 1171.5731.52-02 9

About Rohde & Schwarz Rohde & Schwarz is an independent group of companies specializing in electronics. It is a leading supplier of solutions in the fields of test and measurement, broadcasting, radiomonitoring and radiolocation, as well as secure communications. For more than 75 years, Rohde & Schwarz has a global presence and a dedicated service network in over 70 countries. Company headquarters are in Munich, Germany. Environmental commitment Energy-efficient products Continuous improvement in environmental sustainability ISO 14001-certified environmental management system Regional contact Europe, Africa, Middle East Phone +49 89 4129 12345 customersupport@rohde-schwarz.com North America Phone 1-888-TEST-RSA (1-888-837-8772) customer.support@rsa.rohde-schwarz.com Latin America Phone +1-410-910-7988 customersupport.la@rohde-schwarz.com Asia/Pacific Phone +65-65 13 04 88 customersupport.asia@rohde-schwarz.com China Phone +86-800-810-8228 +86-400-650-5896 customersupport.china@rohde-schwarz.com R&S is a registered trademark of Rohde & Schwarz GmbH & Co. KG; Trade names are trademarks of the owners. Rohde & Schwarz GmbH & Co. KG Mühldorfstraße 15 D - 81671 München Phone + 49 89 4129-0 Fax + 49 89 4129 13777 1171.5731.52-02 10 www.rohde-schwarz.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback