Custom Search
|
|
|
||
 MIL-HDBK-232A
5.3 RED equipment installation. The goal of any RED equipment installation
is to create physical, electrical, and EM barriers around equipment that
processes classified information to prevent that information from being
exploited by hostile intelligence service activities. The design begins by
establishing an REA within the LEA. The space is established to contain the
RED processing equipment and related support functions with barriers to
exclude all other functions. The ideal situation is to establish the REA
adjacent to the REA such that the LEA is contiguous (see figure 1). This may
not be possible for some facilities (see figure 25). In some instances, the
cognizant security agency and cognizant TEMPEST agency should assess the
facility for the protective measures required to interface the respective
areas. See paragraph 5.7.3 for requirements of a protected distribution
system (PDS).
5.3.1 Contiguous LEA. Figure 26 depicts a typical small facility in which
an REA has been established by segregating all RED equipment away from all
BLACK equipment. Where TEMPEST approved equipment is used, or the equipment
radiation TEMPEST zone (ERTZ) is known, such designs rely upon the use of
separation tables or the ERTZ data to size the REA. Figure 1 depicts a
typical large facility. In this case, separate but adjacent rooms compose
the LEA with each area physically separated.
5.3.2 Equipment separation. The separation of equipment in the LEA is
dependent upon the class of equipment, e.g., TEMPEST approved, nonTEMPEST,
low-level or high-level signaling. Figure 27 depicts a single-line secure
teletypewriter system using TEMPEST approved equipment. The equipment layout
keeps dissimilar equipment separated by at least 2 inches (50 mm). Signal
and power runs associated with this installation are also separated by 2
inches (50 mm). Should the RED and BLACK signals cross at 90-degree angles,
the separation may be reduced to 1 inch (25 mm). All equipment should be
located at least 3 feet (0.9 m) from the walls to aid in visual technical
inspection. Figure 1, which depicts a large facility, follows the same
minimum separation requirements. Typically, greater separation is used in
the design due to specific installation practices such as minimum cable
bending radius plus size of interconnecting ducts and conduits. An
additional requirement is separation of long parallel RED and BLACK duct
runs. Where these runs exceed 100 feet (30 m), separation should be
increased to 6 inches (150 mm) over the length of the run. Figure 28 depicts
a small single-line teletypewriter facility using nonTEMPEST, high-level
equipment. In this type of installation, the communications security
(COMSEC) equipment establishes a bench mark for equipment separation. All
RED equipment, including patching and distribution frames, are separated from
the COMSEC by at least 3 feet (0.9 m). All BLACK equipment is also separated
from the COMSEC by 3 feet (0.9 m), resulting in a separation of 6 feet (1.8
m) between RED and BLACK equipment. Separation of signal and power ducts and
conduits is as with low-level TEMPEST equipment. See tables I and II for
specific separation requirements.
5.3.3 Special considerations. Some systems are procured under restriction
to use commercially available nondevelopmental items (NDIs) . When such a
situation occurs, the engineer should design to the separation requirements
of high-level systems, unless a known equipment profile exists. Consult the
cognizant TEMPEST authority.
5.3.3.1 Interface to other equipment. Many NDIs use the EIA-RS-232C
standard to interface with other equipment. This standard allows as much as
15 volts on interface lines. Unless the device is demonstrated to operate at
levels defined in MIL-STD-188-114, high-level installation is indicated. If
the device can comply with MIL-STD-188-111, the shorter separations may be
|
 
|
|
|
||
