Tracewell Systems

The Problem

The Red side deals with the signals in their native, un-encrypted form, and requires the most shielding, filtering, or other isolation/protection techniques.  The Black side can be less secure because the signals have been encrypted.  Besides interception of the unencrypted information, a major concern is preventing the interception of both the Red and Black signals for comparison, which could compromise the encryption algorithm.

The term TEMPEST was coined in the late 60's and early 70's as a codename for the NSA efforts to secure electronic communications equipment from potential eavesdroppers.  Officially, it is not an acronym for anything, especially "Tiny ElectroMagnetic Particles Emitting Secret Things."   NSTISSAM TEMPEST/1-92 and 2-95 form the public part of what is commonly called "the TEMPEST spec", but finer technical details remain secret.  The most stringent non-secret EMI/RFI specification is MIL-STD-461, and TEMPEST can be thought of as 461 on steroids.  Both specs state specific limits for electromagnetic field strengths at frequencies out to 40 gHz.

The overall problem with Red / Black systems is that two functions usually separated by several feet and multiple shielding barriers (chassis, racks, brick walls) are now only inches apart.  While both TEMPEST and MIL-STD-461 deal with susceptibility as well as emissions, containing emissions usually is the greater problem.  An additional problem is that there usually is a common power feed for both the Red and Black sides.  Signal crosstalk through the power supplies is one of the most difficult problems to solve.  In a recent project, crosstalk isolation had to be greater than 120 dB.  That's 16 times better than the noise floor of a perfect CD recording.  Put another way, assuming a 3 volt data stream on the Red side, crosstalk on the Black side had to be less than 3 microvolts - and that was not the full extent of the TEMPEST spec.

The Approach

There are three separate problems in a Red / Black design: keeping the Red side isolated from the outside world to TEMPEST criteria, keeping the Red side isolated from the Black side to TEMPEST criteria, and keeping the Black side isolated from the outside world, usually to MIL-STD-461 criteria.  This three-sided analysis of the problem has driven many of our designs.  Each isolation path has both a mechanical and electrical component.  Often, the mechanics of the system can be manipulated to handle some aspects of the electrical isolation issues.  Also, we can negotiate some of the spec requirements to improve isolation. 

For example, one customer had the arrangement of board locations in a backplane optimized for the flow of their signals.  But looking at the system with an emphasis on isolation, we suggested rearranging the boards to increase the distance between the most sensitive Red and Black boards, which decreased the amount of physical shielding we needed to add to the system. 

The Solution

For one particularly difficult system, we applied the three-sided approach to the power line filter.  In most Red/Black applications, power comes from the Black side.  The system had two separate backplanes, each with a plug-in DC/DC power supply.  There was no room for a single, massive, TEMPEST-rated power line filter, so we broke the filter up into three units.  One had the power input connector and circuit breaker integrated within a custom, 461-rated filter, and mounted it directly to the rear panel for a perfect RF seal.  The chassis had a central tunnel between the Red and Black sides for power distribution and some auxiliary electronics. 

Working with one of our custom filter vendors, we designed a smaller filter that made up the performance difference between 461 and Tempest, and broached the tunnel wall with them, eliminating connectors and RF gaskets.  The secondary filters formed the interfaces between the tunnel and the Red and Black sides.  No single filter met the full crosstalk requirements, but each of the three crosstalk paths had to pass through two filters in series.  Three smaller filters were more expensive than two larger filters, but they also fit in with the mechanical elements of this Red/Black design, and shifted the center of gravity away from the rear of the chassis, closer to the rack mounting flanges at the front, reducing their size and weight.

The overall problem with Red / Black systems is that two functions usually separated by several feet and multiple shielding barriers (chassis, racks, brick walls) are now only inches apart.