Definition[]
TEMPEST (Transient Electromagnetic Pulse Emanations Standard) refers to the
“ | technical investigations for compromising emanations from electrically operated information processing equipment; these investigations are conducted in support of emanations and emissions security.[1] | ” |
“ | investigation, study, and control of compromising emanations from telecommunications and information systems equipment.[2] | ” |
“ | Certified Equipment/System Equipment or systems that have complied with the national requirements of National Security Telecommunications and Information Systems Security Advisory Memorandum (NSTISSAM) TEMPEST/1-92 Level I or previous editions.[3] | ” |
Overview[]
"Any time a machine is used to process classified information electrically . . . that machine may emit radio frequency or acoustic energy. These emissions, like tiny radio beacons, may radiate through free space for considerable distances. . . . Or they may be induced on nearby conductors like signal lines, power lines, telephone lines, or waste pipes and be conducted along those paths for some distance. . . . When these emissions can be intercepted and recorded, it is frequently possible to analyze them and recover the intelligence that was processed by the source equipment. The phenomenon affects not only cipher machines but any information-processing equipment — teletypewriters, duplicating equipment, intercoms, facsimile, computers. . . ."[4]
"TEMPEST equipment is specially protected with copper shielding around the periphery of the device in order to reduce compromising emanations from leaving a controllable area."[5]
"[P]rior to 1988, TEMPEST equipment was purchased in large quantities by DOD and the rest of the government at a time when world tensions were high and security budgets were well-funded. In 1988, however, a new national policy was adopted to relax TEMPEST requirements within the continental United States because of a reduced threat. NSA ofFIcials said that the new policy reflected concerns that TEMPEST costs were too great, and that countermeasures must be based on the actual threat."[6]
References[]
- ↑ Terms & Definitions of Interest for DoD Counterintelligence Professionals, at 320.
- ↑ OPSEC Glossary of Terms (full-text).
- ↑ Glossary of Security Terms, Definitions, and Acronyms, at 248.
- ↑ Office of Counterintelligence (DXC), Defense CI & HUMINT Center, Defense Intelligence Agency, "Terms and Definitions of Interest for DoD Counterintelligence Professional," at GL-170 (May 2, 2011) (full-text).
- ↑ Classified Information: Costs of Protection Are Integrated With Other Security Costs, at 19 n.1.
- ↑ Id. at 20.