R&S FSVA3000 Series Manual
R&S®FSVA3000 / R&S®FSV3000
Signal and Spectrum Analyzer
Instrument Security Procedures
Instrument Security Procedures
Version 01
1179009702
(;Ý0ï2)
The following abbreviations are used throughout this manual: R&S®FSVA3000 is abbreviated as R&S FSVA. R&S®FSV3000 is
abbreviated as R&S FSV. R&S FSV/A refers to both the R&S FSV3000 and the R&S FSVA3000.
Contents
R&S®FSVA3000 / R&S®FSV3000
3Instrument Security Procedures 1179.0097.02 ─ 01
Contents
1 Overview................................................................................................. 3
2 Instrument Models Covered..................................................................4
3 Security Terms and Definitions............................................................ 4
4 Types of Memory and Information Storage in the R&S FSV/A.......... 5
5 Instrument Declassification.................................................................. 8
6 Functionality Outside the Secured Area............................................10
7 Validity of Instrument Calibration after Declassification..................10
8 Securing Self Alignment Data when Security Write Protection is
Enabled................................................................................................. 11
9 Secure User Mode................................................................................12
10 Special Considerations for USB Ports...............................................12
1 Overview
It is often imperative that R&S FSV/A Signal and Spectrum Analyzers are used in a
secured environment. Generally these highly secured environments do not allow any
test equipment to leave the area unless it can be proven that no user information
leaves with the test equipment. Security concerns can arise when devices need to
leave a secured area, e.g. to be calibrated or serviced.
This document describes the types of memory and their usage in the R&S FSV/A. It
provides a statement regarding the volatility of all memory types and specifies the
steps required to declassify an instrument through memory clearing or sanitization pro-
cedures. These sanitization procedures are designed for customers who need to meet
the requirements specified by the US Defense Security Service (DSS).
Instrument Models Covered
R&S®FSVA3000 / R&S®FSV3000
4Instrument Security Procedures 1179.0097.02 ─ 01
2 Instrument Models Covered
Product name Order number
R&S®FSV3004 1330.5000.04
R&S®FSV3007 1330.5000.07
R&S®FSV3013 1330.5000.13
R&S®FSV3030 1330.5000.30
R&S®FSV3044 1330.5000.43
R&S®FSVA3004 1330.5000.05
R&S®FSVA3007 1330.5000.08
R&S®FSVA3013 1330.5000.14
R&S®FSVA3030 1330.5000.31
R&S®FSVA3044 1330.5000.44
3 Security Terms and Definitions
Clearing
The term "clearing" is defined in Section 8-301a of DoD 5220.22-M, "National Industrial
Security Program Operating Manual (NISPOM)". Clearing is the process of eradicating
the data on media so that the data can no longer be retrieved using the standard inter-
faces on the instrument. Therefore, clearing is typically used when the instrument is to
remain in an environment with an acceptable level of protection.
Sanitization
The term "sanitization" is defined in Section 8-301b of DoD 5220.22-M, "National
Industrial Security Program Operating Manual (NISPOM)". Sanitization is the process
of removing or eradicating stored data so that the data cannot be recovered using any
known technology. Instrument sanitization is typically required when an instrument is
moved from a secure to a non-secure environment, such as when it is returned for ser-
vice of calibration.
The memory sanitization procedures described in this document are designed for cus-
tomers who need to meet the requirements specified by the US Defense Security Ser-
vice (DSS). These requirements are specified in the "Clearing and Sanitization Matrix"
in Section 14.1.16 of the ISFO "Manual for the Certification and Accreditation of Classi-
fied Systems under the NISPOM".
Types of Memory and Information Storage in the R&S FSV/A
R&S®FSVA3000 / R&S®FSV3000
5Instrument Security Procedures 1179.0097.02 ─ 01
Instrument declassification
The term "instrument declassification" refers to procedures that must be undertaken
before an instrument can be removed from a secure environment, for example when
the instrument is returned for calibration. Declassification procedures include memory
sanitization or memory removal, or both. The declassification procedures described in
this document are designed to meet the requirements specified in DoD 5220.22-M,
"National Industrial Security Program Operating Manual (NISPOM)", Chapter 8.
4 Types of Memory and Information Storage
in the R&S FSV/A
The R&S FSV/A Signal and Spectrum Analyzers contain various memory components.
The following table provides an overview of the memory components that are part of
your instrument. For further information, refer to the subsequent sections.
Table 4-1: Information on memory types
Memory type Size Content Volatility User
Data
Sanitization procedure
SDRAM
(CPU board)
8 Gbyte (IPC11/1)
or
16 Gbyte (IPC11/4)
or
16 Gbyte (IPS14)
Temporary information storage for
operating system and instrument
firmware
Volatile Yes Turn off instrument power
SDRAM
(motherboard)
2 Gbyte Measurement data Volatile Yes Turn off instrument power
SDRAM
(option R&S FSV3-
B200/-B400)
6 Gbyte
EEPROM
(smart card)
≤ 1 Mbyte Module-specific data:
●Serial number
●Product options
●Board internal correction
data
Non-volatile No None required (no user
data)
Flash
(CPU board)
8 Mbyte (IPC11/1)
or
8 Mbyte (IPC11/4)
or
8 Mbyte (IPS14)
BIOS Non-volatile No None required (no user
data)
Flash
(frontend)
4 Mbyte Module-specific data:
●Serial number
●Product options
●Board internal correction
data
●FPGA bitstream data
Non-volatile No None required (no user
data)
Flash
(microwave con-
verter)
4 Mbyte
Types of Memory and Information Storage in the R&S FSV/A
R&S®FSVA3000 / R&S®FSV3000
6Instrument Security Procedures 1179.0097.02 ─ 01
Memory type Size Content Volatility User
Data
Sanitization procedure
Flash
(motherboard)
32 Mbyte
Flash
(option R&S FSV3-
B200/-B400)
64 Mbyte
Flash
(option R&S FSV3-
B6)
4 Mbyte ●IP address
●MAC address
Non-volatile No None required (no user
data)
Standard configuration without option R&S FSV3-B20 (removable hard drive)
Memory type Size Content Volatility User
Data
Sanitization procedure
SSD (Solid-State
Drive type M.2 Sata)
(CPU board)
60 Gbyte ●Operating system
●Instrument firmware and
firmware options with license
keys
●Instrument states and setups
●Trace data
●Limit lines, transducer tables
●Screen images
Non-volatile Yes See "SSD Solid-State
Drive (CPU board)"
on page 7
Configuration with option R&S FSV3-B20 (removable hard drive)
Memory type Size Content Volatility User
Data
Sanitization procedure
CFAST memory card
(removable)
64 Gbyte ●Operating system
●Instrument firmware and
firmware options with license
keys
●Instrument states and setups
●Trace data
●Limit lines, transducer tables
●Screen images
Non-volatile Yes Remove CFAST memory
card, see "Removable
CFAST Memory Card
(R&S FSV3-B20, remova-
ble hard drive)"
on page 7
4.1 Volatile Memory
The volatile memory in the instrument does not have battery backup. It loses its con-
tents when power is removed from the instrument. The volatile memory is not a secur-
ity concern.
Removing power from this memory meets the memory sanitization requirements speci-
fied in the "Clearing and Sanitization Matrix" in Section 5.2.5.5.5 of the ISFO Process
Manual for the Certification and Accreditation of Classified Systems under the NIS-
POM.
Volatile Memory
Types of Memory and Information Storage in the R&S FSV/A
R&S®FSVA3000 / R&S®FSV3000
7Instrument Security Procedures 1179.0097.02 ─ 01
4.2 Non-Volatile Memory
The R&S FSV/A contains no user-accessible non-volatile memory, except for the inter-
nal SSD memory module and the removable CFAST memory card (option R&S FSV3-
B20, removable hard drive).
All other non-volatile memories of the R&S FSV/A are not a security concern.
SSD Solid-State Drive (CPU board)
(excludes CFAST memory card R&S FSV3-B20, removable hard drive)
The internal SSD memory module is located on the CPU board.
Basically, the SSD holds user data and is non-volatile. Hence, user data is not erased
when power is removed from the instrument.
Note: As you can equip the R&S FSV/A with the option R&S FSV3-K33 (security write
protection of solid state drive), the R&S FSV/A allows you to enable the Secure User
Mode. The sanitization procedure depends on the availability of this option:
●If R&S FSV3-K33 is not available or Secure User Mode disabled (default setting
on the instrument):
The R&S FSV/A saves user data and instrument setups permanently on the SSD.
All data, including user data leaves the secure area with the instrument.
Sanitization procedure: Sanitizing is not possible without physically removing the
SSD.
●If R&S FSV3-K33 is available with Secure User Mode enabled:
The R&S FSV/A redirects user data and instrument setups to the volatile memory
(SDRAM).
Sanitization procedure: Turn of instrument power.
See also Chapter 5, "Instrument Declassification", on page 8.
Removable CFAST Memory Card (R&S FSV3-B20, removable hard drive)
(excludes SSD)
Do not remove the CFAST memory card during operation as data can get lost.
●If the CFAST memory card is inserted:
Note: As you can equip the R&S FSV/A with the option R&S FSV3-K33 (security
write protection of solid state drive), the R&S FSV/A allows you to enable the
Secure User Mode. The sanitization procedure depends on the availability of this
option:
– If R&S FSV3-K33 is not available or Secure User Mode disabled:
The CFAST memory card holds user data and is non-volatile. User data is not
erased when power is removed from the instrument.
Sanitization procedure: Remove the CFAST memory card from the instru-
ment.
Non-Volatile Memory
Instrument Declassification
R&S®FSVA3000 / R&S®FSV3000
8Instrument Security Procedures 1179.0097.02 ─ 01
– If R&S FSV3-K33 is available with Secure User Mode enabled:
The R&S FSV/A redirects user data and instrument setups to the volatile mem-
ory (SDRAM).
Sanitization procedure: Turn of instrument power.
●If the CFAST memory card is not inserted:
Without the CFAST memory card, holding the operating system etc., you cannot
work with the R&S FSV/A.
Sanitization procedure: None required.
See also Chapter 5, "Instrument Declassification", on page 8.
5 Instrument Declassification
Before you can remove the R&S FSV/A from a secured area (for example to perform
service or calibration), all classified user data needs to be removed.
Overview for declassification of the R&S FSV/A depending on the configuration
The options R&S FSV3-B20 (removable hard drive) and R&S FSV3-K33 (security write
protection of solid state drive) determine the sanitization procedures for the
R&S FSV/A as shown in Figure 5-1.
Refer also to Types of Memory and Information Storage in the R&S FSV/A, Secure
User Mode, and chapter Protecting Data Using the Secure User Mode in the user man-
ual of the R&S FSV/A, see www.rohde-schwarz.com/manual/fsv3000/.
Figure 5-1 illustrates the different ways of data storage and sanitization procedures,
depending on the options the instrument is equipped with.
Instrument Declassification
R&S®FSVA3000 / R&S®FSV3000
9Instrument Security Procedures 1179.0097.02 ─ 01
Figure 5-1: Sanitizing overview: R&S
FSV/A with and without R&S
FSV3-B20 (removable hard drive)
and R&S
FSV3-K33
You can declassify the R&S FSV/A as shown in the diagram.
These declassification procedures meet the needs of customers working in secured
areas.
Functionality Outside the Secured Area
R&S®FSVA3000 / R&S®FSV3000
10Instrument Security Procedures 1179.0097.02 ─ 01
6 Functionality Outside the Secured Area
To establish the functionality outside the secured area:
1. Configuration without option R&S FSV3-B20 (removable hard drive)
a) Turn on the R&S FSV/A.
The internal SSD memory module holds all instrument data for operation.
2. Configuration with option R&S FSV3-B20 (removable hard drive)
As the CFAST memory card holds the operating system, the R&S FSV/A cannot be
operated without a CFAST memory card. For servicing and calibration,
Rohde & Schwarz provides a separate removable CFAST memory card (option
R&S FSV3-B18). This CFAST memory card contains the operating system and
required instrument data.
To establish the functionality:
a) Insert a second CFAST memory card (R&S FSV3-B18).
This memory card enables the R&S FSV/A to start the operating system.
b) Turn on the R&S FSV/A.
The instrument is ready for use.
7 Validity of Instrument Calibration after
Declassification
Calibration makes sure that measurements comply to the specified characteristics.
Rohde & Schwarz recommends that you follow the calibration cycle suggested for your
instrument.
The R&S FSV/A uses two different sets of alignment data.
Factory alignment data
These data are saved on EEPROMs. Therefore, replacing one removable CFAST
memory card with another card does not affect the availability of the factory alignment
data.
User action: none required.
Self alignment data
These data are saved on the CFAST memory card or the SSD.
User action: In the following cases, user action is required:
●When the CFAST memory card was replaced, the self alignment has to be run
once.
Securing Self Alignment Data when Security Write Protection is
Enabled
R&S®FSVA3000 / R&S®FSV3000
11Instrument Security Procedures 1179.0097.02 ─ 01
●When option R&S FSV3-K33 (security write protection) is enabled, the self align-
ment data cannot be written to the SSD or CFAST card.
In this case, two solutions are possible:
– Run a self alignment always after powering on the instrument. The self align-
ment data will not be stored on the instrument permanently.
– Temporarily disable the R&S FSV3-K33, security write protection, as described
in Securing Self Alignment Data when Security Write Protection is Enabled
8 Securing Self Alignment Data when Secur-
ity Write Protection is Enabled
When the security write protection (R&S FSV3-K33) is enabled, the R&S FSV/A redi-
rects the self alignment data to the volatile memory (SDRAM). The SDRAM memory
loses its data when you power off the instrument.
Note that the instrument has sufficient warm-up time before you perform the self-align-
ment.
To make sure, that no self alignment data get lost, keep closely to the instructions:
1. Deactivate the write protection of the SSD or the CFAST memory card to allow the
alignment data to be saved on the card. The write protection is disabled by deacti-
vating the secure user mode (requires administrator login):
Note: If you do not remove the write protection before, the self alignment data get
lost when you power off the instrument. As a result, the measurement values can
deviate later on.
a) Select [SETUP] > "System Configuration".
b) In the "Config" tab, select "Secure User Mode > Off".
This change does not take effect until you have restarted the instrument.
c) Reboot the R&S FSV/A.
2. Perform the self-alignment:
a) Select [SETUP].
b) Select the "Alignment" softkey.
c) Select "Start Self Alignment" button.
Once the system correction values have been calculated successfully, the
R&S FSV/A prompts a message.
The R&S FSV/A saves the self-alignment data on the SSD or the CFAST memory
card .
To reactivate the secure user mode:
1. Select [SETUP] > "System Configuration".
Secure User Mode
R&S®FSVA3000 / R&S®FSV3000
12Instrument Security Procedures 1179.0097.02 ─ 01
2. In the "Config" tab, select "Secure User Mode > On".
3. Reboot the R&S FSV/A to accept the change.
9 Secure User Mode
(R&S FSV3-K33, Security Write Protection)
If users must not obtain knowledge of other user's data, the optional secure user mode
is available. If enabled, the SSD is write-protected so that no information can be written
to its memory permanently. Data that the R&S FSV/A normally saves on the SSD is
redirected to volatile memory instead, which is not a security concern.
Data that is saved in volatile memory can be accessed just as in normal operation.
When the instrument’s power is removed, all data in this memory is cleared. Thus, in
secure user mode, the R&S FSV/A always starts in a defined, fixed state when turned
on.
10 Special Considerations for USB Ports
USB ports can pose a security risk in high-security locations. Generally, this risk comes
from small USB pen drives, also known as memory sticks or key drives. They can be
easily concealed and can quickly read/write several Gbyte of data.
Disabling USB ports for writing user data
You can disable the write capability on the USB ports of the R&S FSV/A with a soft-
ware utility.
If your R&S FSV/A is equipped with option R&S FSV3-B33 (USB mass memory write
protection), the software utility is already installed on the instrument.
Without option R&S FSV3-B33, Rohde & Schwarz provides the software utility on the
R&S FSV/A website attached to this document, see (https://www.rohde-schwarz.com/
manual/fsv3000/ and www.rohde-schwarz.com/manual/fsva3000.html).
Proceed as follows:
1. Download the software utility.
2. Copy the software utility to the R&S FSV/A.
3. Run it once.
After a reboot of the instrument, the write capability on any USB memory device is dis-
abled.
Special Considerations for USB Ports
R&S®FSVA3000 / R&S®FSV3000
13Instrument Security Procedures 1179.0097.02 ─ 01
© 2019 Rohde & Schwarz GmbH & Co. KG
Mühldorfstr. 15, 81671 München, Germany
Phone: +49 89 41 29 - 0
Fax: +49 89 41 29 12 164
Email: [email protected]
Internet: www.rohde-schwarz.com
Subject to change – Data without tolerance limits is not binding.
R&S® is a registered trademark of Rohde & Schwarz GmbH & Co. KG.
Trade names are trademarks of the owners.
Other manuals for FSVA3000 Series
2
This manual suits for next models
11
Table of contents
Other R&S Measuring Instrument manuals
