Next Article in Journal
The Use of Thyme and Lemongrass Essential Oils in Cereal Technology—Effect on Wheat Dough Behavior and Bread Properties
Next Article in Special Issue
A Security-Oriented Data-Sharing Scheme Based on Blockchain
Previous Article in Journal
Imaging and 3D Analysis Based on Two or More Three-Dimensional CBCT Recordings before and after Orthodontic Treatment and Maxillofacial Therapy
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 14
Issue 11
10.3390/app14114830
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Protecting Data at Risk of Unintentional Electromagnetic Emanation: TEMPEST Profiling

by
Vladimir Antić
1,
Danijela Protić
1,
Miomir Stanković
2,
Radomir Prodanović
1,*,
Miodrag Manić
3,
Gordana Ostojić
4,
Stevan Stankovski
4 and
Denis Kučević
5
1
Center of Applied Mathematics and Electronics, 11000 Belgrade, Serbia
2
Mathematical Institute of SASA, 11000 Belgrade, Serbia
3
Faculty of Mechanical Engineering, University of Nis, 18106 Nis, Serbia
4
Faculty of Technical Sciences, University of Novi Sad, 21000 Novi Sad, Serbia
5
Faculty of Agriculture, University of Novi Sad, 21000 Novi Sad, Serbia
*
Author to whom correspondence should be addressed.
Appl. Sci. 2024, 14(11), 4830; https://doi.org/10.3390/app14114830
Submission received: 12 May 2024 / Revised: 26 May 2024 / Accepted: 29 May 2024 / Published: 3 June 2024
(This article belongs to the Special Issue Information Security and Privacy Protection in Networks and Communication)
Browse Figures
Versions Notes

Abstract

:
Unintentional electromagnetic (EM) emissions often include information about the data processed by electronic devices. Intrusion based on an unintentional EM emission leaves no evidence of an attacker’s activity, while the data owner is unaware that it has been lost. EM attacks can be performed without physically damaging a device that operates regularly. The most typical intrusion activities involve sensitive data exfiltration using various methods that do not require the physical connection of devices to the computer network or communication channels. This research examines EM emissions from computer monitors, wireless keyboards and mice, printers, scanners, conductors, piezoelectric sensors (PES), and radio frequency identification (RFID) devices. The telecommunication electronics material protected from emanating spurious transmissions (TEMPEST) profiling as a performance engineering of the EM footprint is discussed. This study also presents different TEMPEST standards and highlights their importance concerning unintentional EM radiation.

1. Introduction

Information security (IS) over time has become a major issue for both the scientific community and business. The massive growth of data has made it difficult for organizations to maintain visibility into their data, resulting in an incomplete understanding of data storage and processing. The data at risk are mostly data stored on outdated or deteriorating media that are difficult to access or are readily available but at risk of being lost or modified. Intrusion by electromagnetic (EM) emission leaves no trace of an attacker’s presence; the attacked device operates regularly and the infiltration does not cause any physical damage. The emitted EM waves often contain important data being processed by devices. It may be possible in some cases to reconstruct the hidden information by intercepting unwanted EM emissions (leakage). There are many sources of EM leakage, including computer monitors, wireless keyboards and mice, scanners, printers, piezoelectric sensors (PES), radio-frequency identification devices (RFIDs), and conductors.
Various sources of unintentional EM emissions have been thoroughly explored from different viewpoints [1,2,3,4,5,6,7,8,9,10,11,12]. Computer monitors emit EM waves related to the horizontal frequency and pixel frequency, as well as the refresh rate used to display video images. In [1], the authors describe problems caused by four types of EM emissions from (1) displays, (2) keyboard input data, (3) printed information, and (4) communication data. The authors of [2] investigated the radiation effects of cathode ray tubes (CRTs), laptops, and flat panel displays. Recognizing the potential risks associated with EM leaks has proven to be important in maintaining the monitoring of information security. Furthermore, other protective measures can be applied. A special glass providing EM protection (a shielding window) can be placed on the computer monitor to eliminate high-frequency components, which increases the difficulty of reproducing the EM signals [3]. In [4], the authors consider the interception and security risks of wireless keyboard signals, regardless of communication protocols, noise, and physical obstacles. This article further explores the topic of wireless keyboards, mice, and universal serial bus (USB) dongles and focuses on preventive measures against attackers’ malicious activity. Printers as sources of unintentional EM emissions are discussed in [5,6,7]. Using commercial printers connected via a local area network is quite common for printing large amounts of data in office environments. These printers are typically equipped with various components, such as hard drives, power and signal lines, connectors, and wireless transceivers. Measuring the EM emissions near the printer enables the reconstruction of printed data. EM leakage from various sources, such as signal lines, power lines, telephone lines, and water pipes, can also cause numerous security issues, as discussed in [8]. The main cause of concern in such scenarios is the characteristic of the conductor acting as an antenna at high frequencies. Advances in wireless communications research have led to numerous new applications that require the acquisition and transmission of vast amounts of sensor data. Processing and storage of data from sensors subjected to EM interference (EMI) and inductive coupling are discussed in [9]. In the context of RFID, attackers primarily focus on probing a wide range of operating frequencies from the device’s EM spectrum. It is important to emphasize that accessibility makes RFID tags very vulnerable to side-channel attacks. Different types of security issues in RFID are discussed in [10,11,12].
The main problem associated with unwanted EM emanation is that the data can be accessed via EM emissions from electronic components and devices that process sensitive information. One type of protection against intrusions based on unintentional EM emissions is to place electronic equipment and devices in Faraday cages and shielded chambers. Other measures include shielding, zoning, separating transmission lines, and masking. In the context of unintentional EM emissions, we have discussed in detail the security issues associated with EM leakage from computer monitors [13] and wireless keyboards [4] in our previous work. This research aims to expand our understanding of the EM emanation of devices such as laser printers, scanners, conductors, PES, and RFID devices in the context of the growing concern over security threats once reserved exclusively for the military and now for general-purpose devices. More precise computing and greater storage capabilities available in recent years have played a significant role in this transition. Attacks on sensitive data through EM leaks have become simpler and more frequent as a consequence of the above.
The contribution of this study can be summarized based on several objectives, main goals, and considerations:
  • The first objective of this study is to advance the prevention of EM data leakage by providing valuable insights into the latest trends and standards to effectively mitigate the risk of unintentional EM emissions.
  • We provide a comprehensive analysis of side-channel attacks and various telecommunication electronics materials protected from emanating spurious (TEMPEST) specifications and settings by reviewing the available references. TEMPEST specifications include EM shielding, zoning, and masking, as well as the minimum physical distance between wires or equipment that transmit or process sensitive data.
  • Another goal is to provide a detailed analysis of TEMPEST specifications and configurations, emphasizing their relevance and implications in the context of unintentional EM emanations.
  • We also discuss countermeasures against malicious activity and techniques for protecting devices, tools, and equipment with EM shielding.
  • Finally, we consider TEMPEST profiling associated with various EM leakage sources.
This paper is organized as follows: Section 1 is an introduction, followed by a related work. Section 3 describes the sources of electromagnetic leakage. Section 4 focuses on TEMPEST profiling. Section 5 contains a comparative analysis and discussion. Section 6 concludes the paper.

2. Related Work

Attacks against user information can be either passive or active [14]. Passive attacks do not affect the transmitter, receiver, or data sent over the communication channel, while active attacks can be performed by malicious users to compromise any of these. An active attack is a type of cyber security breach in which an unauthorized intruder attempts to modify or delete data or disrupt the regular function of a system or network. The malicious user in this attack directly takes action against the targeted system or network [15]. Cybercriminals often use tactics to disguise their true identity or impersonate themselves to infiltrate restricted areas within networks or systems to reach the data. During an active attack, they aim to use or modify compromised data to facilitate access to more confidential and valuable data. The most used types of active attacks are denial-of-service, masquerading, message tampering, replay, and bounce. Denial-of-service occurs when an attacker disrupts the regular operation of communication systems. In a masquerade attack, malicious users impersonate themselves to obtain confidential information. Message tampering is an attack on the integrity of the original data. A replay attack involves intercepting and resending a message to achieve a semblance of authorization. A bounce attack occurs when a malicious user manipulates data and stores false data in log files. To improve protection against an active attack, it is critical to implement certain protective measures that may include the use of one-time passwords for transaction and session authentication, a unique session key for each transaction, an authentication protocol, and cyber risk ratings to monitor the threat environment in real time. Passive attacks include various techniques allowing attackers to monitor or exploit system data without any noticeable impact on system resources or data modifications. These attacks can be difficult to detect, leaving the victim unaware of the attack. The primary goal of passive attacks is to gather sensitive information or identify network vulnerabilities. An example of a passive attack is eavesdropping; attackers intercept and use data transmitted between two devices connected to a computer network. Eavesdropping attacks often involve inserting software into the network that intercepts and analyzes current network traffic. The release of messages is another form of passive attack; attackers install malware on the device to monitor activities such as sending messages, email exchanges, or file sharing. Protection against passive attacks involves access control and data encryption. Two encryption methods are most commonly used: symmetric key encryption, which uses a single encryption/decryption key for both parties, and public key encryption, where each party has a public and private key in communication.
A side-channel attack is a passive attack based on monitoring communication between two (or more) parties by “sniffing” on devices, equipment, and transmissions without leaving any trace. This attack uses specific factors such as EM emission, timing, and power consumption [16]. The side-channel attack goal is to exploit unintentional EM emissions [13,17]. According to [18], side-channel attacks usually involve physical intrusions. An attacker steals protected and sensitive data by observing the physical behavior of a system. This problem is also related to the compromising EM radiation (CER) associated with devices protected by some of the cryptographic techniques [19]. The best way to effectively counter side-channel attacks is to develop encryption systems resistant to physical observation and manipulation. This can be achieved through the implementation of various techniques, such as balancing, blinding, and masking. To effectively counter side-channel attacks, it is also necessary to monitor and detect unusual behavior within the encryption system using sensors that measure and document various system parameters, such as energy consumption or EM radiation. Authentication can also be used to confirm the identity and credibility of users. If side-channel attacks cannot be prevented or detected, they can be mitigated by reducing their impact or effectiveness. This can involve implementing different strategies, including encryption, key management, or appropriate countermeasures [20].
In [2], the author investigated compromised emanation from CRTs, laptops, and flat panel displays. He successfully reconstructed an image on a CRT display from a three-meter distance. The authors of [21] published another study on information leakage in optical emissions. They demonstrated that LED status indicators on data transmission devices can transmit modulated optical signals correlating with the information being processed. According to [22], eavesdropping on emitted video signals is another EM security issue because the information shown on displays requires a high level of security, and the amount of related data is much greater than others. The emanation strength of wireless devices is weaker than the displayed signal, making it difficult to decipher the original signal.
Wireless communication is regulated worldwide. The choice of frequency range and RF communication system power can be determined by specific application requirements and existing regulations [23]. The industrial, scientific, and medical (ISM) bands range from 2.4 GHz to 2.5 GHz and are determined by the International Telecommunication Union (ITU) radio regulations (RR). The family of standards created by the Institute of Electrical and Electronics Engineers (IEEE) 802.11 specifies the set of medium access control (MAC) and physical layer protocols for implementing computer communication over wireless local area networks (WLANs) [24]. The standards use 2.4 GHz, 5 GHz, 6 GHz, and 60 GHz frequency bands. Since wireless keyboards use the ISM band, information can also be intercepted via wireless local area networks [25]. It should be noted that well-designed systems take into account various factors such as data transfer rate, quality of service, interference, security, and coverage. The security risks caused by wireless signal interception, regardless of the communication protocol, radio noise, or physical obstacles, are discussed in [4]. In [1], the authors describe the problems caused by EM emissions from keyboards and communication data. They were able to decode the keys pressed on the keyboard by the operator. The authors of [26,27,28] discussed the security risks of wireless USB keys because an unencrypted input signal can be intercepted and used to access the attached device.
One of the issues related to EM leakage is conducted emission. A conductor charged to a nonzero potential or carrying electrical current acts as an antenna that releases energy into the environment in the form of an EM wave. Emissions can be conducted directly into the circuit on the input lines or through near-field energy that is capacitive coupled (electrical field). Conductive coupling occurs when the coupling path between a source and receptor forms contact through a wire, cable, or transmission line [29]. Conductive emissions can also be conducted unintentionally through near-field energy magnetically coupled to a circuit (a magnetic field). Energy from these fields can couple to other conductors within the device and radiate into the environment outside the device. Conversely, every conductor acts as an antenna that converts the energy of the EM field into voltages and currents [30]. The possibility of EMI caused by unintentional emissions from cables is discussed in [31]. The authors studied the emission of unshielded twisted pair (UTP) cables carrying high-frequency signals (up to 10 GHz) and found that UTP cables emit unwanted emissions in the 6 GHz band.
A printed image can be reconstructed by receiving radiation emitted by a laser printer [1]. The authors of [32] improved the measurement of monochrome laser printer radiation using several special test patterns. In [20], the authors analyzed compromising emanations of laser printers from signal line conductors, power cables, and electrical radiation testing. The authors of [33] investigated the acoustic emanations of the printer and succeeded in distinguishing the letters W and J. An attack method based on dot matrix printer sound recording is presented in [34].
In most scanners, the sensing medium is an electronic, photosensitive integrated circuit known as a charge-coupled device (CCD). A light-sensitive photo is placed along the CCD that converts the brightness level into an electrical signal, which is then processed into a digital image [35]. Scanners create digital files from paper documents. Therefore, it is important to consider file security to ensure its confidentiality. In [36], the authors used two methods to securely scan documents: (1) scan to an encrypted, password-protected pdf file sent via USB device or e-mail; (2) scan to a local USB drive that provides hardware encryption.
Piezoelectric sensors convert mechanical energy (pressure, strain, and vibration) into electrical signals. Researchers have so far succeeded in producing sensors that are durable, efficient, and lightweight. These sensors can be used as stand-alone energy sensors, useful for medical, industrial, and home applications [37,38]. Their typical application is in the flat area between the two extremes of the frequency response curve. The response of the sensor decreases at low frequencies because the generated charge cannot be retained. At high frequencies, there is a peak at the resonant frequency [9]. Data transmission, reception, and processing over wireless channels are of particular interest when it comes to personal information generated by PES that must be transmitted in this way [39] due to EM interference and inductive coupling.
Digital data processed by RFID have a limited number of signal transmissions, which affects the data rate. The transmitter and receiver must use the same data rate and be synchronized to transmit the correct data. Current RFID technologies are primarily designed to optimize performance and are less concerned with resilience or security [11]. The threats and attacks described in [12] are classified based on network layers. In [40], the authors also consider the network protocol as a source of attacks on RFID systems. The authors of [41] investigate side-channel attacks on RFID systems and discuss information leakage during their activities related to time information, energy consumption, or EM leakage. The authors demonstrated the high efficiency of side-channel attacks. A software-defined radio involves many radio components replaced by their software variants, allowing flexible software control of the radio [42].
It is necessary to emphasize the application of network security standards designed to prevent, detect, and address network compromises. The US National Institute of Standards and Technology (NIST) has developed cybersecurity standards to meet the specific needs of US industry, government, and the public. NIST focuses on key areas such as cryptography, education, technologies, risk management, identity and access management, and privacy, as well as ensuring the reliability of networks and platforms [23]. The ISO/IEC 27k [43] international standard for cyber security offers a best practice approach to helping organizations manage their information security by addressing people, processes, and technology [24]. It is important to note, however, that these standards do not include protection against EM leakage. Due to the general improvement in information technology, in some cases, hidden information can be reconstructed by intercepting EM emissions. TEMPEST is considered a tool for identifying vulnerabilities in information systems processing sensitive data and plays a key role in improving security measures. EM waves can partially or completely interrupt communication, depending on their strength. TEMPEST integrates various security measures, such as zoning, shielding, filtering, and masking, to protect sensitive data. Devices must be positioned at certain distances with additional built-in protection [4,7]. Wires transmitting sensitive data should be isolated from those transmitting unclassified data through RED/BLACK separation [44]. Overlapping jamming signals can also be used to mask real data [1].
This study aims to improve the understanding of EM leakage from devices designed for general purposes, as there is increasing concern about security threats to sensitive data. Compromising security through EM leaks has become simpler and more cost-effective, so attackers can perform their malicious activities in shorter periods. This study also makes a valuable contribution to EM data leakage prevention research by providing insight into the latest trends and standards for effectively mitigating the potential risk of inadvertent EM emanation.

3. Sources of Electromagnetic Leakage

Electronic devices and gadgets are getting smaller, lighter, faster, have longer battery life, and continue to increase computing power. Such devices require smaller electronic components, which reduce electromagnetic interference. A compact design, on the other hand, also means smaller distances between components, traces, and packages, leading to increased field interactions, current loops, ground loops, and other potential sources of EM leakage [45]. An electrical device characteristic that allows it to function properly in the presence of other devices without affecting them is called electromagnetic compatibility (EMC) [4]. The main focus of EMC is to analyze unwanted EM emissions, which are categorized into two groups: conductive coupling and radiative coupling. Conductive coupling requires physical support due to transmission interference within the system. Although the radiation is usually low, the circuits are often connected with long conductors or wires, which act as antennas [46]. Radiative coupling occurs when internal circuit components act as antennas and emit EM waves [47]. Radiation emissions usually originate from electronic circuits acting as electric dipoles produced by the voltage between signal conductors or as magnetic dipoles produced by a current flowing in a loop [46]. EM emissions from computer monitors, wireless keyboards and mice, printers, scanners, conductors, PES, and RFID devices are discussed below.

3.1. Computer Monitors

Computer monitors emit electromagnetic information due to three important factors used to display video images: (1) refresh rate, (2) horizontal frequency, and (3) pixel frequency [48]. Information from a computer screen can be reconstructed as it appears by monitoring and demodulating the radiation generated by the computer and its peripherals [1]. The video signals processed by the monitor, both video graphics array (VGA) and digital video interface/high-definition multimedia interface (DVI/HDMI), have strictly defined time frames and maintain the image framing principle [13,49]. In [50], the authors conducted a study on EM interference unintentionally generated by electronic devices and showed that information leakage is a consequence of displayed video signals, from a TEMPEST perspective. The authors of [51] discussed the relation between the image recovery frequency and the compromising leakage degree. Furthermore, the authors analyzed the unwanted emissions from a display and introduced a secure font used against eavesdropping. The authors also emphasized the effectiveness of shielding against EM leakage, including display housings and Faraday cages. Advanced types of protection for display assemblies are listed in Table 1.
A computer monitor can be equipped with a construction such as a metal mesh between two layers of glass or transparent foil. This construction directs most of the information towards the ground through the ground wires. Even if eavesdroppers manage to intercept the signals, they will not be able to reconstruct the information. Eavesdroppers often take advantage of the high-frequency spectrum to reproduce the image from the monitor. The elimination of high-frequency components is therefore an advantage, as it makes the reproduction of EM signals more difficult [3].
Several well-known manufacturers offer North Atlantic Treaty Organization (NATO) TEMPEST-protected monitors available in SDIP-27 Level A, B, or C versions. C2 company (Riga/Latvia) provides a wide range of equipment products and services, including computer monitors and large format displays offered in Level A, B, and C versions [52]. SIPAL (Turin/Italy) offers monitors available at TEMPEST Level B [53]. Eurotempest (Neuen/The Netherlands) specialized the production of TEMPEST Level A and B monitors [54]. Siltec (Pruszkov/Poland) is another reputable manufacturer offering Level A and B protected monitors [55]. Cissecure (Ashbrun, VA 20147/USA) is also widely known as a prominent manufacturer of TEMPEST monitors [56]. More detailed descriptions of the TEMPEST monitors and screens are given in Table 2.

3.2. Wireless Keyboards and Mice

Wireless devices using event-driven communication present critical privacy concerns, primarily due to inherent information leakage resulting from radio frequency (RF) emissions [51]. RF communication relies on two key elements: a transmitter and a receiver. The transmitter, located in the device, emits an EM signal that encodes the user’s activity information. On the other hand, the receiver connected to the computer receives the signal, decodes it, and then transmits it to the operating system. Wireless signals travel through the air and can be intercepted and read by a skilled attacker. That is why wireless devices and connectivity technologies are almost always a security risk, regardless of the communication protocol, radio noise, or physical obstacles [4]. The IEEE 802.11 wireless network protocol family enables wireless interaction between devices [57].
The most usual vulnerability sources are wireless peripherals open to keystroke injection attacks, according to the authors of [58]. Tracking data from the keyboard and mouse is unidirectional. Hacked wireless keyboards or mice can reveal sensitive information due to encryption errors, firmware bugs, keyloggers, key readers, and compromised access points. The problems arise from the way the key manages communication. Wireless USB dongles are susceptible to security risks because the unencrypted input signal can be intercepted and used to gain access to the attached computer [26]. A malicious user can passively and covertly record everything typed on a wireless keyboard from several meters away using an antenna, a wireless dongle, and a few lines of software code [27,28]. Attackers often target network protocols, configurations, and encryption mechanisms of wireless devices. That is why strong protection of wireless keyboards and mice, as well as wireless networks, is crucial. There are various preventive measures against malicious attacks, including turning off the Service Set Identifier (SSID), changing the default SSID name of the device, or data encryption. In 1993, the Navy prepared a document to help naval centers implement network environment security regulations. The authors of this document claim that anyone within range of the transmitter, using the appropriate equipment, can receive and read the information being transmitted if the wireless communication is not encrypted [59]. It should be noted that wireless connections are usually protected by a widely used encryption algorithm, Advanced Encryption Standard—AES [4,60]. Wireless devices should use a secure connection-only mode, and an anti-rollback feature for security-based device firmware upgrades should be considered [61,62].

3.3. Printers

Printers convert the data symbolic form processed by the computer into a graphic form. Printers are, like other electronic devices, sources of electromagnetic emissions [5]. In addition to control signals that do not convey sensitive data, useful signals correlate with the information in process [5,6,7]. The author of [46] discusses the increased current loop emissions in combination with large cable loops and gives an example of a dramatic increase in emissions when a computer is connected to a printer and both main cables are connected to the same wall outlet. The radiation from the laser printer is compromised, and the magnetic field near the laser printer can be measured and used to reconstruct the printed image [63]. Few companies make printers with EM leakage protection. The Eurotempest offers a TZ551 pull printing system for customers with high-security requirements for their IT infrastructure [64]. The TZ551 printer is based on the standard HP 500 series network printer and is equipped with TEMPEST and encryption capabilities. The pull printer feature provides additional security by first sending the data to the pull server for printing. The TZ551 includes a formally assessed authentication architecture designed to meet secret security levels. The OSPL (Eindhoven/The Netherlands) Tempest offers a wide range of printers with different security levels determined by the SDIP-27 standard. The OSPL Tempest printers have a high-speed USB interface, a 1.8 m shielded cable (DB9), and TEMPEST-filtered AC input [65]. C2 offers a diverse range of Hewlett-Packard office laser B/W and color printers designed for desktop or small workgroup use, meeting the requirements of SDIP-27 Levels A, B, and C [66]. Siltec offers a wider range of printers using Epson and Hewlett-Packard technology, suitable for A4, A3, and A0 paper formats [67]. These printers come in Level A, B, and C versions. A detailed description of these printers is given in Table 3.
These manufacturers also offer multifunctional TEMPEST printers that have print, scan, copy, and fax performance and fulfill Level A, B, and C security requirements.

3.4. Scanners

Scanners transfer information by scanning documents into searchable PDF, BMP, GIF, or JPEG formats and sending the scanned image to pre-programmed destinations such as a printer, editing software application, or email. A scanner uses a light-sensitive sensor to read the content of a document. The document is placed, scanning begins, a light source illuminates the document, a sensor detects the reflected light, and the light pattern is converted into digital information. The scanning function is based on the quantum nature of light and the photoelectric effect on the metals it hits. When light with energy above the threshold hits the metal, the number of emitted electrons is proportional to the intensity of the light beam, and the kinetic energy of the emitted electrons is proportional to the frequency of the light [35].
There are different types of document scanners on the market. Drum scanners are primarily used in the publishing industry because they print high-resolution images; flatbed scanners scan documents placed on a flat glass surface; portable scanners scan text-based documents; handheld scanners are designed to scan text documents by swiping the scanner over the text or images; and paper scanners scan text and images by simply holding and dragging the scanner across the page. All-in-one scanners are usually designed to combine multiple functions (printing, copying, and scanning) into one device. The market also offers different types of scanners protected against unwanted EM emanations. Eurotempest offers eight Modulus TEMPEST scanners based on EPSON, HP, and Avision scanners [68]. OSPL [65] produces four scanners based on the HP Scanjet Pro 2500. All OSPL scanners are equipped with a high-speed DB9 cable and a TEMPEST filtered AC input with 100–230 VAC, 50/60 Hz operation, and a C/w 1.8 m shielded power cable with country-specific plug. Siltec provides SDIP Level A scanners based on A4, A3, and A0 Avision scanners [67]. C2 offers two Modulus T-scanners: a Flatbed/ADF scanner and a Flatbed/ADF network scanner [69] (Table 4.).

3.5. Conductors

Switches, contacts, relays, power cables, wires, connectors, and other components emit radio frequency or acoustic energy whenever a device processes information electrically. The emanations can be transmitted over considerable distances through free space or be induced into nearby conductors such as signal lines, power cables, telephone lines, or water pipes, and then conducted along these paths for some distance. The information emitted by these devices can lead to sensitive data reconstruction [8]. The authors of [70] investigated the process of reconstructing a personal computer (PC) display image.
The power cable, linked to the external electrical grid, acted as an antenna for both emitted and conducted noise, resulting in a significant security concern (Figure 1).
Interfering signals generally appear in the form of EM waves emitted into the surrounding space by radiation or conducted currents emitted along various conductors connected to the involved hardware. In most cases, there is an interaction between these signals. Radiated interference is caused by induced currents in conductors connected to or near hardware, such as feeders and transmission lines. Similarly, an unshielded conductor transmitting interference signals can act as a transmitting antenna. Conductors that connect multiple devices, whether internal or external, in addition to the basic functions of providing energy transport between two points, act as an interfering medium. The conductor then plays the role of a receiver. Interferences can also be reflected from conductors by EM radiation or conduction. The conductor then becomes the transmitter.
A solution that can eliminate interference in conductors is to reduce the sensitivity of the cable to the unacceptable effects of electromagnetic fields. For this purpose, it is recommended to use shielded cables and symmetrical wires in addition to disturbed cables. In [71], the author describes cable products for military, marine, and aerospace applications that are designed to provide superior EMI protection. One of the most known shielded cables are Black Box cables used to connect serial devices (printer, monitor) and are protected from interference by 100% aluminum foil [72]. One of the fully shielded, end-to-end (E2E) cabling systems is Siemon’s TERA (Watertown, CT 06795-04000/USA) cables, tested for superior performance and security and validated for TEMPEST high-security applications [73]. The cables are terminated with connectors with a slim, insulated quadrant design that accepts one, two, and four patch cord pairs. The cable assembly manufactured by Cinch Connectivity Solution (Lombard, IL 60148/USA) has, at its end, a robust, compact, and lightweight high-performance connector with gold-plated copper alloy screw-in contacts that provide multiple contacts for maximum reliability. It also has EMI ground spring gaskets on the plug shells and a braided EMI sleeve connected to the integrated back shells, providing 360° EMI shielding. In [74], the author outlines the use of cable shielding as one of the hardware solutions implemented to ensure compliance with rigorous information security standards during processing and transmission over a computer network. Shielded copper cables offer an additional layer of physical security by significantly limiting emanations. Implementing shielded cable can reduce cable separations, remove or reduce the need for signal isolation and filtering, and potentially reduce or eliminate the need for additional cable shielding. The paper suggests that foil-shielded/unshielded-twisted-pair (UTP) cable consists of a complete foil shield surrounding four unshielded twisted pairs and is typically used in situations where shielded cable is required; however, it may not be adequate for all TEMPEST installations. Additional signal isolation in some cases can be achieved through braided shields, tighter braids, braided foil, or individual pair shields with an overall foil shield. The author mentions independent testing showing that a combination of cabling and connectivity solutions effectively minimizes, if not eliminates, emanations when used within a secure network system.

3.6. Piezoelectric Sensors

The ability of a material to generate an electrical charge in response to an applied mechanical stress is called the piezoelectric effect. Piezoelectric sensors use piezoelectricity to measure physical stimuli such as pressure, force, temperature, and strain [75]. An electric charge arises at the crystal surface when a force is applied to the piezoelectric diaphragm. Since the output signal is generated by the piezoelectric element itself, it is inherently a low-power device. Piezoelectric sensors are sensitive to dynamic pressure changes over a wide frequency and pressure range. These sensors generate output signals directly from the applied strain instead of using an external voltage source. They are robust, shock-resistant, small, and compact. Robustness, high frequency, and fast response make them useful for security alarms, smartphones, smart watches, accelerometers, aviation, and medical devices. It should be noted that piezoelectricity has also been found in bones, indicating the presence of important signals involved in tissue function [76]. Flexible piezoelectric biosensors applicable to the skin have been developed in recent years, making them promising candidates for use in Internet-of-Things (IoT) technologies [77]. In [76], the authors presented a self-monitoring analysis and reporting technology (SMART) implant containing PES. Monitoring the mechanical response of the external fixation device reveals the relative translation and rotation of the external fixation pins and determines the state of long bone healing [78]. SMART implants not only provide but also analyze the data, independently recognize normal or abnormal patterns, and proactively alert the physician [79]. A PES frequency response decreases at low frequencies because the generated charge cannot be held. At high frequencies, there is a peak at the piezoelectric element resonant frequency. Sensors are usually used within the flat region of the response curve between two extreme values (see Figure 2) [80].
Piezoelectric sensors generally have a wide frequency range and are not affected by EM radiation. Storage, processing, and wireless data transmission in SMART systems containing these sensors, however, are susceptible to EM interference and inductive coupling [9]. In [39], the authors describe a simple wireless piezoelectric strain measurement using the FM technique. The sensors use a piezoelectric transducer that generates an electrical voltage under mechanical stress. After connecting the PES to a single-transistor FM circuit, the output voltage of the sensor induces a shift in the frequency of the modulation circuit. Subsequently, the modulated signal is transmitted wirelessly to the remote location, where the demodulation circuit acquires the data in real time. This type of sensor finds application in various fields, especially in stress measurement in moving or rotating structures. It is advisable to increase the protective distance and apply EM shielding to reduce the risk of EM leakage. Wireless connectivity within a shielded space can be influenced by absorbing and reflecting RF waves, resulting in a reduction in signal strength; they become attenuated, while the extent of attenuation is determined by the thickness and composition of the shielding material. Shielding can reduce signal diversity, i.e., the number of available paths for the wireless signal to reach its intended receiver. Shielding is more effective in blocking lower frequencies than higher frequencies because of longer wavelengths, which are more easily absorbed and reflected. Additionally, the type of shielding material also affects the attenuation rate. Moreover, the thickness of the shielding material influences blocking RF signals. However, achieving effective protection measures can be a challenge due to the compact structure and dimensions of these systems [81].

3.7. Radio Frequency Identification

A deep understanding of how high-frequency (HF) radio signals move through a real circuit is imperative for RF design and analysis. The fact is that the components inside the circuit have tolerances and temperature dependencies, as well as parasitic elements; wires have resistance, inductance, and capacitance; and signals are susceptible to noise. Low-frequency (LF) systems, on the other hand, are less affected by non-ideal signals or component behavior. Radio-frequency identification is a wireless technology using EM or capacitive coupling in the RF spectrum to identify subjects or objects. RFID consists of an RFID tag (transponder), antenna, RFID transceiver, and software [82]. The tag contains a microchip with a unique ID number and an antenna. There are three types of RFID tags: (1) passive tags without a power source that receive power from radio signals sent by the RFID receiver and operate when the reader is near the tag; (2) battery tags that have built-in batteries for the logic chips but still require a RF signal from the reader to activate and operate; and (3) active tags that use batteries and do not require reader power. RFID antennas are designed to operate at specific frequencies, depending on the application. The antenna is usually attached to the RFID reader and is available for tag attachment. Some handheld devices often have an attached antenna. An RFID reader is a hardware component that reads information from tags, connects them to a database, and transmits data. The specifications for low-frequency, high-frequency, ultra-high-frequency (UHF), and microwave RFID readers are shown in Table 5.
The most important electrical parameter of RFID is tag sensitivity, which determines the maximum working distance. It should be noted that the specified reading distance is a theoretical open-space reading distance and may be reduced due to incorrect tag or reader usage. It can also be expanded due to multi-path propagation. UHF tags operate in the far-field region, which is significantly different from LF and HF technologies. RFID uses a specific application system depending on the service provider; local regulations on radio transmission dictate the frequencies for RFID operation.
The software controls the RFID reader, initiates the scan, retrieves information from the tag, stores the data on a local computer, or sends it to cloud storage. The reading process begins by using the reader to access the information on the tag. RFID sends an RF signal using an antenna and receives a signal from a reader to activate the tag. An activated tag sends data back to the reader using the same antenna and inductive coupling method.
Some tags have no security features, and some are protected and/or encrypted to improve security and privacy [10]. The attacks described by the authors of [12] are classified by network layers. Physical layer attacks are those that permanently or temporarily disable RFID tags. Network and transport layer attacks are based on how the RFID system communicates and transfers data between entities such as tags (spoofing, cloning), readers (eavesdropping, spoofing), and network protocols. Application layer attacks target information related to the application and the binding between the user and the RFID tag (unauthorized tag reading, tag modification, middleware attacks). There are also various multi-layered attacks, such as denial-of-service, covert channels, traffic analysis, replay attacks, and side-channel attacks [41]. In [83], the authors investigated a possible vulnerability of RFID to side-channel attacks. They demonstrated a non-invasive attack method involving information capturing from the EM field using the device during cryptographic operations. This technique requires placing near-field probes close to the chip to gather the relevant data. It turns out that more robust hardware or cryptographic computation techniques will improve protection against attacks. Limiting the EM emissions of the system can prevent side-channel attacks, but this usually limits the operating range. Another approach is to increase the RFID chip complexity and make it difficult for attackers to find out information about its internal system and operations. This solution is, however, limited by the small physical dimensions of the tags and cost factors. The author of [84] examines the integrated circuit bandwidths and emphasizes the importance of their performance in a wide frequency range. The author investigates EM perturbations of HF waves caused by differential electrical and physical characteristics of an integrated circuit and proposes a new authentication methodology that exploits the process variation effects through EM and RF-based approaches.

4. From van Eck Phreaking to TEMPEST Profiling

Whenever an electronic device is used to process information, the various components can unintentionally emit EM radiation that may pose a security risk. Intercepted and recorded emissions can be analyzed, and the information processed by the device can be recovered [60]. EM leaks can be monitored in different ranges, depending on the environmental conditions. In most cases, the signal can be detected and observed even hundreds of meters from the device. If the signal is, however, transmitted over a conductive medium such as a transmission line, monitoring can be performed over a much greater distance (several kilometers) [85]. In 1985, van Eck first presented a type of eavesdropping, known as van Eck phreaking, or van Eck radiation. This activity involves the interception and decoding of EM radiation emitted from video displays, with the aim of unauthorized access to information. His research revealed that this method of information theft could be easily accomplished using a standard television receiver, specialized equipment, advanced technical expertise, and proximity to the target device [86]. Countermeasures against van Eck’s phreaking include shielding devices to minimize or distort EM emission, using specialized software and hardware, and maintaining physical security measures to prevent potential attackers from being near the target device for executing such an attack.
The protective area of the device against EM leakage can be determined based on the distance to the device location and the boundaries of the controlled area. The TEMPEST profile, or footprint, is the point from the processing device to the farthest point where unwanted EM radiation can be detected or exploited. The footprint measures were first identified by Bell Laboratories during World War II. Bell Laboratories proposed shielding against radiation through space and magnetic fields, filtering of conducted signals on power and signal lines, and masking of spatial radiation or conducted signals [7]. TEMPEST uses a combination of distance, shielding, filtering, and masking techniques to protect target devices. Devices must be installed at certain distances, including additional shielding; wires transferring sensitive data must be separated from those transferring unclassified data (RED/BLACK separation); and overlapping jamming signals can be used for masking real data. The United States National Security Agency (NSA) established regulations for EM emissions, as outlined in National Communications Security Memorandum (NACSIM) 5100A [87]. Electrical devices and equipment that meet NSA standards are considered secure. Surveillance and countersurveillance investigation tools are overseen by the government and a small number of NACSM 5100A-licensed companies. Since certification for private sector needs is extremely expensive, this has led to the development of zoning regulations that provide more cost-effective alternatives but with a slightly lower level of security.

4.1. Shielding and Zoning Standards

The United States and NATO have SDIP standards for shielding and zoning. SDIP stands for SECAN doctrine and information publication. SECAN stands for security and evaluation agency. The SDIP standards are shown in Table 6.
The SDIP-27 shielding standard is divided into three levels of protection requirements according to the following zones: Zone 0—an environment where an attacker is expected to have almost immediate access (up to 1 m distance); Zone 1—an environment where an attacker is expected to be unable to approach within approximately 20 m or an environment where building materials are assumed to provide attenuation equivalent to 20 m; and Zone 2—an environment where an attacker must deal with an equivalent free space attenuation of 100 m or equivalent attenuation through building material (see Table 7).
SDIP-28 defines attenuation measurement methods for dividing individual areas into zones within a security perimeter and specifies the standards required for installed equipment processing sensitive data. SDIP-29 defines installation requirements such as grounding and cable spacing. SDIP-30 describes how to install electrical equipment for sensitive data processing [88]. Shielded devices and rooms with metal materials are a reliable method to reduce emissions. Achieving complete protection is difficult and expensive, especially when it concerns rooms or buildings.

4.2. RED/BLACK Separation and Filtering

Careful design can greatly reduce conductive information leakage by properly filtering and suppressing power supplies and signal cables [89]. The RED/BLACK separation is a TEMPEST security strategy for separating systems, components, cables, and circuits handling sensitive information from those that do not [44]. The NSA uses the term baseband RED signal to describe compromising emanations that can reveal national security information. RED is a generic term referring to conductors, optical fibers, components, devices, and systems transmitting unencrypted and classified defense signals and the areas where those signals occur. The TEMPEST specification can be applied to RED devices as protection against EM leakage. BLACK is a generic term describing conductors, optical fibers, components, equipment, or systems transmitting unclassified or encrypted signals and the areas where those signals occur. It is necessary to separate the part processing the RED information and the part processing the BLACK information. The RED/BLACK concept allows for defining the architecture and needs of TEMPEST protection, the protective device type, and these device locations. The goal is that an unauthorized entity can only access BLACK information (Figure 3) [90].
Several designs need to be considered to ensure physical and logical RED/BLACK separation and minimize the risk of data leakage and compromise. One aspect is efficient cable management within the RED/BLACK engineering installation. This includes using separate conduits, pathways, or dedicated cable trays for RED and BLACK cables. The possibility of data leakage is significantly reduced by physically separating the cables. Another key factor is the careful selection and configuration of equipment. Routers, switches, and firewalls play a vital role in ensuring the secure flow of information. Proper configuration of these components is essential to preventing data leakage. Maintaining RED/BLACK separation requires robust network architecture. This can be achieved by using separate networks, virtual local area networks (VLANs), or physically isolated network segments. The author of [91] described the concept of separating classified and unclassified information as a RED/BLACK separation through physical distance and the implementation of appropriate shielding measures. According to NSTISSAM TEMPEST/2-95 (the document specifies the shielding or minimum physical distance between wires or equipment that transmits or processes RED and BLACK signals), RED and BLACK computers should be kept a minimum distance of 1 m (39 inches) from each other. In [92], however, the authors demonstrated a technique for effective communication over this distance. This technique used silent high-frequency sounds emitted by the target device speakers to transmit data to a nearby computer equipped with a microphone. The authors of [93] introduced RED/BLACK separation within the power supply. The uninterruptible power supply (UPS) was tested to evaluate asymmetric, symmetric, and non-symmetric isolation. The results indicated an exceptional level of isolation that, in combination with the existing power transmission line filters in the equipment, adequately met the necessary isolation requirements for RED/BLACK separation. In the study of [94], the authors investigate the application of an air-gap strategy as a preventive measure against potential security breaches in computer networks that store or handle sensitive and confidential data. Air-gapped networks are designed to be completely isolated from public networks and to keep data safe and protected. This approach is particularly useful when the information stored or generated by the system is considered highly sensitive and any risk of data leakage is unacceptable. Attackers exploit the emanations emitted by various computer components to exfiltrate data from such networks, thus establishing covert communication channels with external entities operating outside regular data transmission channels. The author of [95] introduced a new approach to compromising isolated air-gapped workstations. Air-gapped computers can still be vulnerable to attacks, despite the lack of wireless connectivity. The authors showed that attackers can use a Serial Advanced Technology (SATA) cable commonly used for data transmission as a wireless antenna. This technique enables radio signal transmissions in the 6 GHz frequency range. The results show that even highly secure air-gapped computers can wirelessly leak sensitive information to a nearby receiver over a SATA cable.
It can be concluded that the implementation of RED/BLACK separation significantly reduces the risk of unintentional data leakage and information disclosure. The success of this approach depends on several factors, including effective cable management, careful equipment selection, proper configuration, and a robust network architecture.

4.3. Masking and Overlaying

Masking and noise addition are countermeasure techniques used to add random noise or meaningless signals to the original emanation. Masking is a successful, cost-effective countermeasure, although the masking signal and additional noise must be carefully selected, as the signal may affect the proper functioning of other devices or nearby systems. Spatial noise is one of the active protection techniques usually used when passive methods are not feasible for various reasons. EM noise, including EMI, radio noise, radio interference, and active interference masking, refers to a dynamic EM phenomenon that has no informational content and can overlap or merge with a valuable signal. Spatial EM noise generators aim to prevent informative signal interception for subsequent analysis and retrieval of original information [96]. A study described in [97] demonstrates the use of an EM noise generator as a technique for obfuscating side-channel attack analysis that complicates the sensitive data extraction from EM emanations. The software defense mechanism is explored through a case study involving the Raspberry Pi. The authors investigated the sensitivity of devices using the AES algorithm. The AES implementation was found to be prone to side-channel attacks. In [98], the authors introduce a new cognitive approach to the mitigation of side-channel attacks without relying on architecture or operating system. The proposed method, unlike current protection strategies relying on randomization, is based on cognitive perturbations that appear legitimate but are designed to deceive attackers and lead them to wrong conclusions. By strategically inserting perturbations at key points in time to introduce an additional operation, the attacker is misled, and any extracted data are rendered useless. The proposed methodologies are listed in Table 8.
Another effective countermeasure is to superimpose an EM field stronger than the leaking emanation. The effectiveness of the eavesdropping barrier, however, is highly dependent on the interfering signal modulation pattern, so the interfering signal must be chosen very carefully [1]. This can be achieved by designing devices to reduce emissions at the component, system, circuit board, and device level [99].

5. Discussion

The primary goal of this study was to analyze the scope of existing research on sensitive information and unintentional emission through EM leakage. Various challenges are associated with TEMPEST-protected devices and equipment due to the limited access to TEMPEST standards available only to the US government, NATO, and a selected group of manufacturers and vendors (see Table 9).
In the domain of TEMPEST equipment development, there are numerous companies not included in Table 9, such as Advanced Programs Inc (Columbia, MD 21046/USA), Advanced Technologies Institute (Bucharest/Romania), API CRIPTEC (Columbia, MD 21046/USA), ATM Computer Systems GmbH (Konstanz/Grmany), EMCON Emanation Control (Kanata, Ontario, K2K 2P5, CA/Canada), Head Italia S.p.A. (Rome/Italy), IDE-INTRACOM Defense Electronics (Koropi/Greece), Siemens AG (Munich/Germany), Secure Systems and Technologies Ltd. (Glouchester/UK), and others. A lot of vendors also sell TEMPEST and zoning equipment worldwide, including cables, connectors, filters, foils, honeycomb vents, shielding glasses, protective tents, TEMPEST gaskets, and waveguides. Although all these companies claim to offer TEMPEST protection (TEMPEST certificates), none of the standards are available to customers. A comparison of devices and TEMPEST protection measurements is shown in Table 10.
Complex devices using an AC source for operation create a stronger EM field that results in reading data from a greater distance. TEMPEST equipment manufacturers try to eliminate or reduce the risk of data leakage by implementing TEMPEST-filtered AC input, cable shielding, or EM shields. It is very difficult to reduce this risk to zero, but it can be reduced with appropriate measures. One way is to prevent an attacker from exploiting EM radiation from a safe distance. Another measure of protection is to filter the AC input. Connecting a filter to the device circuit can suppress EM noise transmitted through the line. Power supply filters typically consist of passive components such as inductors and capacitors connected to form an LC circuit. Inductors allow DC or LF currents to pass through while suppressing unwanted HF currents. In this way, the filter removes unwanted current to flow freely. Cables can also be a major source of EMI, both as sources and receivers. The shield works in both directions. First, it can reflect the energy. Second, it can absorb noise and transmit it to the ground. Typically, two types of shielding are used in cables: foil and braid. A foil shield is a thin layer of aluminum, usually attached to a surrounding conductor support. Braids are woven meshes made from bare copper wire or tinned copper wire. Braid provides a low-resistance path to the ground and is much easier to terminate by crimping or soldering when attaching the connector. Protection against unwanted EM emissions also includes placing electronic equipment and devices in Faraday cages or shielded chambers. A Faraday cage scatters the charge or radiation to the outside of the cage and cancels out the charge or radiation inside the cage. The use of a shielded chamber also ensures an EMI-free environment. The chamber filters out unwanted background signals and noise, and the internal components are protected from external EM radiation by a special enclosure, ensuring a controlled environment.
Manufacturers of active TEMPEST equipment (monitors, scanners, and printers) use existing devices from renowned manufacturers and install appropriate TEMPEST protection measures them (A, B, and C levels). Users without sufficient financial resources can choose equipment with a lower level of TEMPEST protection, but they can complement it with physical protection measures and obtain a satisfactory level of EM protection for security-sensitive data.
It is difficult to implement shielding measures for equipment (keyboards, mice, cables, PES, and RFID) that is not directly connected to AC (excluding cables) because their basic functions would be disabled. Solutions for TEMPEST protection are increasing distance, EM shielding of equipment, increasing complexity, include applying robust cryptographic techniques.
In addition to direct TEMPEST protection measures on equipment (AC input filtering, EM shields, and cryptography), indirect measures such as RED/BLACK separation and filtering, zoning, masking, and overlaying are also applied. NATO introduces SDIP standards for shielding and zoning. Zoning regulations provide more cost-effective alternatives for the private sector to avoid costly certification. Such alternatives can be used in an environment with a lower level of security, while other TEMPEST measures must be used for security-sensitive data. RED/BLACK separation and filtering imply the physical separation of cables, data flows, and public and private networks to reduce unintentional data leakage. Recent research by air-gapped networks shows that this kind of protection cannot be considered reliable because attackers can use the emanations of individual computer components. Masking and overlaying are techniques that can prevent an attacker from detecting and interpreting emanations. It is very important with these techniques to carefully select the EM noise generator.
This work is motivated by growing concerns about security threats to general-purpose devices. The study presents an analysis of different TEMPEST standards and configurations and highlights their importance concerning unintentional EM emissions. It also contributes to the field of EM data leakage prevention, providing valuable information on the latest trends in effectively reducing the risks of EM leakage.

6. Conclusions

Unintentional intrusion by EM emission leaves no trace of an attacker’s presence; the attacked device operates properly, and the infiltration does not cause physical damage. It is possible in some cases to intercept and reconstruct hidden information based on electromagnetic leakage. This study investigates various sources of EM leakage, including computer monitors, wireless keyboards and mice, printers, scanners, conductors, piezoelectric sensors, and radio-frequency identification devices. The TEMPEST profile is used to describe how devices are protected against EM leakage.
Side-channel attacks are significant security threats to hardware systems and applied software. The risks of these attacks can be mitigated by applying various preventive measures. It is difficult to completely prevent side-channel attacks, but designers can implement several strategies to mitigate the potential risks. The strategies involve either eliminating EM data leakage and/or removing the link between sensitive data and information leakage.
The expansion of innovative devices and services driven by the growing interest in the Internet of Things and 5G technologies will lead to an increase in potential vulnerabilities in the foreseeable future. Conducting basic TEMPEST measurements on newly developed electronic devices would therefore be useful and would mean significant progress in this particular domain.
This paper provides a comprehensive overview of the literature and highlights interesting research directions and their future potential. Future work includes applications to real-life EM side-channel attack scenarios, such as data encryption, network protocols, and file system reads and writes. Establishing future standards and tools requires consideration of relevant standards and tools in both the hardware and software security areas. It can be important to assess the potential of machine learning models in classifying data arising from EM radiation from electronic equipment and devices. EM side-channel attacks to recover cryptographic keys and other sensitive information can be evaluated as a possible solution to cryptographic challenges in digital forensics, especially on IoT devices. Our further work will focus on researching EM leakage protection measures, which mainly include strategies aimed at eliminating EM leakage by protecting vulnerable components and devices from potential security threats.

Author Contributions

Conceptualization, V.A., R.P., D.P. and M.M.; methodology, V.A., D.P., R.P. and M.S.; validation, M.S., R.P. and M.M.; formal analysis, G.O., S.S., M.M., M.S. and D.K.; investigation, V.A., D.P. and R.P.; resources, S.S., G.O. and M.M.; data curation, D.K., M.S. and R.P.; visualization: D.P., V.A. and R.P.; writing— original draft preparation, V.A., D.P., R.P., M.S., M.M., G.O., S.S. and D.K.; writing—review and editing V.A., D.P., R.P., M.S., M.M., G.O., S.S. and D.K.; supervision, M.S., M.M. and S.S.; funding acquisition, G.O., S.S. and D.K. All authors have read and agreed to the published version of the manuscript.

Funding

This research was funded by the Provincial Secretariat for Higher Education and Scientific Research of Autonomous Province of Vojvodina, Republic of Serbia, through project no. 142-451-3507/2023-01-02.

Data Availability Statement

The original contributions presented in the study are included in the article, further inquiries can be directed to the corresponding author.

Conflicts of Interest

The authors declare no conflicts of interest.

References

  1. Suzuki, Y.; Masugi, M.; Tajima, K.; Yamane, H. Countermeasures to prevent eavesdropping on unintentional emanations from personal computers. NTT Tech. Rev. 2008, 6, 269–286. [Google Scholar]
  2. Kuhn, M.G. Optical time-domain eavesdropping risks of CRT displays. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, Berkeley, CA, USA, 12–15 May 2002; pp. 3–18, ISBN 0-7695-1543-6. [Google Scholar]
  3. Yu, Y.; Deng, Y. Research of computer electromagnetic information leakage based on three layers of protection models. J. Chem. Pharm. Res. 2014, 6, 210–217. [Google Scholar]
  4. Jovanovic, S.V.; Protic, D.D.; Antic, V.D.; Grdovic, M.M.; Bajic, D.A. Security of wireless keyboards: Threats, vulnerabilities and countermeasures. Vojnoteh. Mil. Tech. Cour. 2023, 71, 296–315. [Google Scholar] [CrossRef]
  5. Kubiak, I.; Loughry, J. LED arrays of laser printers as valuable sources of electromagnetic waves for acquisition of graphic data. Electronics 2019, 8, 1078. [Google Scholar] [CrossRef]
  6. Huzurbazar, S.; Kuang, D.; Lee, L. Landmark-based algorithms for group average and pattern recognition. Pattern Recognit. 2019, 86, 172–187. [Google Scholar] [CrossRef]
  7. Toledo, J.I.; Carbonell, M.; Fornés, A.; Lladós, J. Information extraction from historical handwritten document images with a context-aware neural model. Pattern Recognit. 2019, 86, 27–36. [Google Scholar] [CrossRef]
  8. NSA. TEMPEST: A Signal Problem. Approved for Release by NSA on 09-07-2007, FOIA Case #51633, 26–30. Available online: https://www.nsa.gov/portals/75/documents/news-features/declassified-documents/cryptologic-spectrum/tempest.pdf (accessed on 21 December 2023).
  9. Selvolini, G.; Marrazza, G. MIP-based sensors: Promising new tools for cancer biomarker determination. Sensors 2017, 17, 718. [Google Scholar] [CrossRef]
  10. Knospe, H.; Pohl, H. RFID security. Inf. Secur. Tech. Rep. 2004, 9, 39–50. [Google Scholar] [CrossRef]
  11. Burmester, M.; de Medeiros, B. RFID Security: Attacks, Countermeasures and Challenges. Available online: https://www.cs.fsu.edu/~burmeste/133.pdf (accessed on 19 January 2024).
  12. Mitrokotsa, A.; Rieback, M.R.; Tanenbaum, A.S. Classifying RFID Attacks and Defenses. Inf. Syst. Front. 2009, 12, 491–505. [Google Scholar] [CrossRef]
  13. Grdović, M.M.; Protić, D.D.; Antić, V.D.; Jovanović, B.Ž. Screen reading: Electromagnetic Information Leakage from the Computer Monitor. Vojnoteh. Mil. Tech. Cour. 2022, 70, 836–855. [Google Scholar] [CrossRef]
  14. Keerthika, M.; Shanmugapriya, D. Wireless Sensor Networks: Active and Passive Attacks—Vulnerabilities and Countermeasures. Glob. Transit. Proc. 2021, 2, 362–367. [Google Scholar] [CrossRef]
  15. Pawar, M.V.; Anuradha, J. Network security and types of attacks in network. Procedia Comput. Sci. 2015, 48, 503–506. [Google Scholar] [CrossRef]
  16. Mangard, S.; Oswald, E.; Popp, T. Power Analysis Attacks: Revealing the Secrets of Smart Cards; Springer: Dordrecht, The Netherlands, 2007; ISBN 978-0-387-30857-9. [Google Scholar] [CrossRef]
  17. Sayakkara, A.; Le-Khac, N.-A.; Scanlon, M. Accuracy enhancement of electromagnetic side-channel attacks on computer monitors. In Proceedings of the ARES 2018: 13th International Conference on Availability, Reliability and Security, Hamburg, Germany, 27–30 August 2018. [Google Scholar] [CrossRef]
  18. Barthe, G.; Gregorie, B.; Laporte, V. Secure compilation of side channel countermeasures: The case of cryptographic “constant-time”. In Proceedings of the 2018 IEEE 31st Computer Security Foundations Symposium (CSF), Oxford, UK, 9–12 July 2018; pp. 328–343. [Google Scholar] [CrossRef]
  19. Markagić, M.S. Compromising electromagnetic radiation–challenges, threats and protection. Vojnoteh. Mil. Tech. Cour. 2018, 66, 143–153. [Google Scholar] [CrossRef]
  20. Das, D.; Danial, J.; Golder, A.; Modak, N.; Maity, S.; Chatterjee, B.; Seo, D.-H.; Chang, M.; Varna, A.L.; Krishnamurthy, H.K.; et al. EM and Power SCA-Resilient AES-256 through >350× Current-Domain Signature Attenuation and Local Lower Metal Routing. IEEE J. Solid-State Circuits 2021, 56, 136–150. [Google Scholar] [CrossRef]
  21. Loughry, J.; Umphress, D.A. Information leakage from optical emanations. ACM Trans. Inf. Syst. Secur. 2002, 5, 262–289. [Google Scholar] [CrossRef]
  22. Ulas, C.; Aşık, U.; Karadeniz, C. Analysis and reconstruction of laser printer information leakages in the media of electromagnetic radiation, power, and signal lines. Comput. Secur. 2016, 58, 250–267. [Google Scholar] [CrossRef]
  23. Gillis, A.S. NIST (National Institute of Standards and Technology). Available online: https://www.techtarget.com/searchsoftwarequality/definition/NIST (accessed on 6 March 2024).
  24. ISO/IEC 27000. Available online: https://www.iso.org/search.html?q=27000 (accessed on 6 March 2024).
  25. Tomsic, N. Penetration Testing Wireless Keyboards. Are your Devices Vulnerable? Master Thesis, Degree Project in Computer Science and Technology. KTH Royal Institute of Technology, Stockholm, Sweden. (Completed on 5 August 2022). Available online: https://urn.kb.se/resolve?urn=urn%3Anbn%3Ase%3Akth%3Adiva-319693 (accessed on 5 January 2023).
  26. de Jesus Rugeles Uribe, J.; Guillen, E.P.; Cardoso, L.S. A technical review of wireless security for the internet of things: Software defined radio perspective. J. King Saud Univ. Comput. Inf. Sci. 2022, 34, 4122–4134. [Google Scholar] [CrossRef]
  27. Weiss, B. Can Your Wireless Keyboard Be Hacked? WyzGuys Cybersecurity. Available online: https://wyzguyscybersecurity.com/can-yourwireless-keyboard-be-hacked/ (accessed on 5 January 2023).
  28. Whittaker, Z. Flaws in Wireless Keyboards Let Hackers Snoop on Everything You Type. ZD Net (26 July 2016). Available online: https://www.zdnet.com/article/millions-of-wireless-keyboards-at-risk-of-spyingby-hackers-in-new-attack/ (accessed on 5 January 2023).
  29. CUI Inc. Electromagnetic Compatibility Consideration for Switching Power Supplies. Characterization of EMI Problem Requires Understanding the Interference Source. Available online: https://www.cui.com/catalog/resource/emi-considerations-for-switching-power-supplies (accessed on 30 January 2024).
  30. Skyworks. AN1131: Design Guide for Reducing Radiated and Conducted Emissions in Isolated Systems Using Skyworks Isolators. 2021; pp. 1–42. Available online: https://www.skyworksinc.com/-/media/Skyworks/SL/documents/public/application-notes/an1131-layout-guide.pdf (accessed on 30 January 2024).
  31. Igarashi, S.; Miyawaki, D.; Yamagishi, S.; Kuwayama, I.; Iokibe, K.; Toyota, Y. Unintentional Radiated Emission from Unshielded Twisted Pair Cable Attributed to Twist Structure. IEICE Commun. Express 2022, 11, 691–696. [Google Scholar] [CrossRef]
  32. Przesmycki, R. Measurement and analysis of compromising emanation for laser printer. In Proceedings of the PIERS Proceedings, Guangzhou, China, 25–28 August 2014; p. 2661. [Google Scholar]
  33. Briol, R. Emanation: How to keep your data confidential. In Proceedings of the Symposium on Electromagnetic Security for Information Protection, Rome, Italy, 21–22 November 1991; pp. 225–234. [Google Scholar]
  34. Backes, M.; Dürmuth, M.; Gerling, S.; Pinkal, M.; Sporleder, C. Acoustic side-channel attacks on printers. In Proceedings of the 19th USENIX Conference on Security, Washington, DC, USA, 11–13 August 2010. [Google Scholar]
  35. Zajonc, A. Light reconsidered. In The Nature of Light; CRC Press: Boca Raton, FL, USA, 2008; p. 452. [Google Scholar] [CrossRef]
  36. University of Regina. Secure Printing and Scanning. 2023. Available online: https://www.uregina.ca/is/security/resources/resource-printscan.html (accessed on 29 January 2024).
  37. Xie, M.; Zhang, Y.; Krasny, M.J.; Bowen, C.; Khanbareh, H.; Gathercole, N. Flexible and active self-powered pressure, shear sensors based on freeze casting ceramic-polymer composites. Energy Environ. Sci. 2018, 11, 2919–2927. [Google Scholar] [CrossRef]
  38. Ranwa, S.; Kumar, M. Materials and devices. In Encyclopedia of Sensors and Biosensors, Reference Work, 1st ed.; Narayan, R., Ed.; Elsevier: Amsterdam, The Netherlands, 2023; Volume 2, ISBN 978-0-12-822549-3. [Google Scholar]
  39. Yoon, H.-S.; Kim, S.-H.; Kim, M.H.; Jung, D.; Kim, J.; Kim, H.J.; Lee, H.-S. Wireless piezoelectric strain sensing measurements using a frequency modulation technique. J. Intell. Mater. Syst. Struct. 2014, 26, 1103–1109. [Google Scholar] [CrossRef]
  40. Pohl, J.; Noack, A. Automatic wireless protocol reverse engineering. In Proceedings of the 13th USENIX Workshop on Offensive Technologies (WOOT 19), Santa Clara, CA, USA, 12–13 August 2019; USENIX Association: Berkeley, CA, USA. Available online: https://www.usenix.org/conference/woot19/presentation/pohl (accessed on 5 January 2023).
  41. Oren, Y.; Shamir, A.; Power Analysis of RFID Tags. Appeared in the Rump Session of Advances in Cryptology 2006. Available online: http://www.wisdom.weizmann.ac.il/%3C (accessed on 19 January 2024).
  42. Sadiku, M.N.O.; Akujuobi, C.M. Software-defined radio: A brief overview. IEEE Potentials 2004, 23, 14–15. [Google Scholar] [CrossRef]
  43. ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection—Information security management systems—Requirements. Available online: https://www.iso.org/standard/27001 (accessed on 12 May 2024).
  44. Turca, C.; Andriesei, C. Considerations on TEMPEST measuring. Bul. Inst. Polit. Iaşi 2016, 62, 1–10. Available online: https://www.researchgate.net/publication/340249866_CONSIDERATIONS_ON_TEMPEST_MEASUREMENTS (accessed on 12 May 2024).
  45. Hare, C. Fundamentals of Electromagnetic Compliance. 2024. Available online: https://incompliancemag.com/article/fundamentals-of-electromagnetic-compliance/ (accessed on 31 January 2024).
  46. Berend, D. Dipoles, unintentional antennas and EMC. Serbian J. Electr. Eng. 2008, 5, 31–38. [Google Scholar] [CrossRef]
  47. Vuagnoux, M.; Pasini, S. Compromising Electromagnetic Emanations of Wired and Wireless Keyboards. USENIX. Available online: https://www.usenix.org/legacy/events/sec09/tech/full_papers/vuagnoux.pdf (accessed on 5 January 2023).
  48. Mao, J.; Liu, P.; Liu, J.; Han, Z. Method for detecting electromagnetic information leakage from computer monitor. Mechatron. Syst. Control 2005, 45, 37–42. [Google Scholar] [CrossRef]
  49. Kubiak, I.; Przybysz, A. Measurements and correctness criteria determining the line length of the data image obtained in the process of electromagnetic infiltration. Appl. Sci. 2022, 20, 10384. [Google Scholar] [CrossRef]
  50. Trip, B.; Butnariu, V.; Vizitiu, M.; Boitan, A.; Halunga, S. Analysis of compromising video disturbances through power line. Sensors 2022, 22, 267. [Google Scholar] [CrossRef]
  51. Kubiak, I.; Boitan, A.; Halunga, S. Assessing the security of TEMPEST fonts against electromagnetic eavesdropping by using different specialized receivers. Appl. Sci. 2020, 10, 2828. [Google Scholar] [CrossRef]
  52. C2. Our Main Specialization Is: NATO TEMPEST Products and SDIP-27 Services. Available online: https://www.c2.lv/pkategorijas/monitors/ (accessed on 27 March 2024).
  53. SPIAL TEMPEST Peripherals. Available online: https://sipal.it/tempest-peripherals/ (accessed on 27 March 2024).
  54. Eurotempest. Category: TEMPEST. Available online: https://eurotempest.net/category/tempest/page/2/ (accessed on 27 March 2024).
  55. Siltec. Monitors. Available online: https://www.siltec.pl/en/systemy-it-i-tempest/oferta/tempest/monitory (accessed on 27 March 2024).
  56. Cissecure. TEMPEST High-Definition 24-Inch Monitor. Available online: https://cissecure.com/product/tempest-high-definition-24-inch-monitor/ (accessed on 27 March 2024).
  57. The IEEE 802.11 Wireless Local Area Networks. Available online: https://www.ieee802.org/11/ (accessed on 19 March 2024).
  58. Oligeri, G.; Sciancalepore, S.; Raponi, S.; Di Pietro, R. Broken strokes: On the (in)security of wireless keyboards. In Proceedings of the WiSec ‘20: 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Linc, Austria, 8–10 July 2020; pp. 231–241. [Google Scholar] [CrossRef]
  59. Naval Command, Control, and Ocean Surveillance Center. Network Security Guideline. Technical Document 2519, June 1993. Available online: https://apps.dtic.mil/sti/tr/pdf/ADA267425.pdf (accessed on 1 February 2024).
  60. National Institute of Standard and Technology (NIST). Advanced Encryption Standard (AES). In Federal Information Processing Standards; NIST Technical Series Publications: Gaithersburg, MD, USA, 2021; Volume 197. [Google Scholar] [CrossRef]
  61. Griskenas, S. What Is Wireless Keyboard Security? Everything You Need to Know. Nord VPN. 2023. Available online: https://nordvpn.com/blog/what-iswireless-keyboard-security/ (accessed on 5 January 2023).
  62. Liu, H.; Spolaor, R.; Turrin, F.; Bonafede, R.; Conti, M. USB powered devices: A survey of side-channel threats and countermeasures. High Confid. Comput. 2021, 1, 100007. [Google Scholar] [CrossRef]
  63. Tosaka, T.; Taira, K.; Yamanaka, Y.; Nishikata, A.; Hattori, M. Feasibility study for reconstruction of information from near field observations of the magnetic field of laser printer. In Proceedings of the 2006 17th International Zurich Symposium on Electromagnetic Compatibility, Singapore, 27 February–3 March 2006; pp. 630–633. [Google Scholar]
  64. Eurotempest. Eurotempest Secure Pull Printing System. 2015. Available online: https://eurotempest.net/2015/02/11/eurotempest-secure-pull-printing-system/#more-794 (accessed on 1 February 2024).
  65. OSPL TEMPEST. OSPL TEMPEST Product Catalogue. Rev 2.7 ASM 2020. Available online: https://files.builder.misssite.com/53/8b/538b49e1-2f92-4210-9868-e6b01fff3455.pdf (accessed on 1 February 2024).
  66. C2. Our Main Specialization Is: NATO TEMPEST Products and SDIP-27. Printers. Available online: https://www.c2.lv/pkategorijas/printers/ (accessed on 27 March 2024).
  67. Siltec. Peripherals. Available online: https://www.siltec.pl/en/systemy-it-i-tempest/oferta/tempest/urzadzenia-peryferyjne (accessed on 27 March 2024).
  68. Modulus T FB-A TEMPEST Scanner. 2015. Available online: https://eurotempest.net/product/modulus-t-fb5000-a-tempest-scanner/ (accessed on 12 February 2024).
  69. C2. Our Main Specialization Is: NATO TEMPEST Products and SDIP-27. Scanners. Available online: https://www.c2.lv/pkategorijas/scanners/ (accessed on 27 March 2024).
  70. Ngyen-Van, T.; Senda, M. Reconstruction of PC display from common-mode noise emitting on electrical power line. Appl. Sci. 2019, 9, 2328. [Google Scholar] [CrossRef]
  71. Cohen, F. Military TEMPEST Requirements. 1995. Available online: http://all.net/edu/curr/ip/Chap5-3.html (accessed on 21 December 2023).
  72. Black Box. RS232 Shielded Cable—Metal Hood, DB9, Black. Available online: https://www.blackbox.com/en-nz/store/product/detail/RS232-Shielded-Cable-Metal-Hood-DB9-Black/EDN12BLK?item=EDN12BLK-0005-MF (accessed on 1 February 2024).
  73. Stieglitz, C. Mil-Spec Cable Product Group 2020. Available online: https://connectorsupplier.com/mil-spec-cable-product-roundup/ (accessed on 1 February 2024).
  74. Higbie, C. Shielded, Twisted-Pair Cable Assemblies Provide Critical Support for the Secure Networking of Classified Data. Available online: https://connectorsupplier.com/shielded-twisted-pair-cable-assemblies-provide-critical-support-for-the-secure-networking-of-classified-data/ (accessed on 26 March 2024).
  75. Antic, V.; Misic, D.; Manic, M.; Mitkovic, M. Smart orthopedic implant: Conceptual solution. In Proceedings of the 39th International Conference on Production Engineering of Serbia, Novi Sad, Serbia, 26–27 October 2023; pp. 366–370. [Google Scholar]
  76. D’Alessandro, D.; Ricci, C.; Miazzo, M.; Strangis, G.; Forli, F.; Buda, G.; Petrini, M.; Berrettini, S.; Uddin, M.J.; Danti, S.; et al. Piezoelectric signals in vascularized bone regeneration. Biomolecules 2021, 11, 1731. [Google Scholar] [CrossRef]
  77. Wang, Y.; Yu, Y.; Wei, X.; Narita, F. Self-powered wearable piezoelectric monitoring of human motion and physiological signals for the postpandemic era: A review. Adv. Mater. Technol. 2022, 7, 2200318. [Google Scholar] [CrossRef]
  78. Ledet, E.H.; Liddle, B.; Kradinova, K.; Harper, S. Smart implants in orthopedic surgery, improving patient outcomes: A review. Innov. Entrep. Health 2020, 5, 41–51. [Google Scholar] [CrossRef] [PubMed]
  79. Ernst, M.; Richards, R.G.; Windolf, M. Smart Implants in Fracture Care—Only Buzzword or Real Opportunity? Injury 52S2 2021, $100–$105. Available online: https://www.injuryjournal.com/article/S0020-1383(20)30766-X/fulltext (accessed on 22 December 2023).
  80. Avnet Abacus. Pressure Sensors: The Design Engineer’s Guide. Available online: https://my.avnet.com/abacus/solutions/technologies/sensors/pressure-sensors/core-technologies/piezoelectric/ (accessed on 19 January 2024).
  81. Li, W.; Li, J. The development direction of information security in wireless communication. Adv. Soc. Sci. Educ. Humanit. Res. 2022, 666, 177–180. [Google Scholar]
  82. Puri, R. Components of RFID Technology and Applications. RF Page. Available online: https://www.rfpage.com/components-of-rfid-technology-and-applications/ (accessed on 19 January 2024).
  83. Kasper, T.; Oswald, D.; Paar, K. EM side-channel attacks on commercial contactless smartcards using low-cost equipment. In Proceedings of the Information Security and Applications, 10th International Workshop, WISA, Busan, Republic of Korea, 25–27 August 2009. [Google Scholar] [CrossRef]
  84. Ahmad, M.M. Integrated Circuit Authentication Based on Electromagnetic Signature. Optics/Photonic. Université Grenoble Alpes. 2019. Available online: https://theses.hal.science/tel-03131528/document (accessed on 5 March 2024).
  85. Interelectronics Scope of Codename: TEMPEST. 2024. Available online: https://www.interelectronix.com/scope-codename-tempest.html (accessed on 12 February 2024).
  86. van Eck, W. Electromagnetic Radiation from Video Display Units: An Eavesdropping Risk? Comput. Secur. 1985, 4, 269–286. [Google Scholar] [CrossRef]
  87. Seline, C.J. Eavesdropping on the compromising emanations of electronic equipment: The laws of England and the United States. Case West. Reserve J. Int. Law 1991, 23, 359–398. [Google Scholar]
  88. Interelectronics Shielding Standards. 2024. Available online: https://www.interelectronix.com/shielding-standards.html (accessed on 12 February 2024).
  89. Guo, P.; Yan, Y.; Zhao, Z.; Zhang, L.; Zhu, C.; Dai, Z. R/B SecArch: A strong isolated SoC architecture based on red/black concept for secure and efficient cryptographic services. Microelectron. J. 2023, 142, 106024. [Google Scholar] [CrossRef]
  90. Red/Black Concept. 2013. Available online: https://en.wikipedia.org/wiki/File:RedBlack.png (accessed on 7 March 2024).
  91. McConell, J.M. Red/Black installation guidance. In NSTISSAM TEMPEST 2-95; National Security Telecommunications and Information System Security: Gaithersburg, MD, USA, 1995. [Google Scholar]
  92. O’Malley, S.J.; Choo, K.-K.R. Bridging the air gap: Inaudible data exfiltration by insiders. In Proceedings of the 20th Americas Conference on Information Systems, 7–10 August 2014; pp. 1–12. [Google Scholar]
  93. Bregsma, H.; Leferink, F. Using and in-line uninterruptable power supply as TEMPEST ‘filter’ for naval vessels. In Proceedings of the 2015 IEEE International Symposium on Electromagnetic Compatibility (EMC), Dresden, Germany, 16–22 August 2015; pp. 1106–1110. [Google Scholar] [CrossRef]
  94. Guri, M.; Yuval, E. Bridgeware: The air gap malware. Commun. ACM 2018, 61, 74–82. [Google Scholar] [CrossRef]
  95. Guri, M. SATAn: Air-gap exfiltration attack via radio signals from SATA cables. In Proceedings of the 19th Annual International Conference on Privacy, Security & Trust (PST), Fredricton, NB, Canada, 22–24 August 2022; pp. 1–10. [Google Scholar] [CrossRef]
  96. Smailov, N.; Batyrgaliyev, A.; Akhmediyarova, A.; Seilova, N.; Koshkinbayeva, M.; Baigulbayeva, M.; Romaniuk, R.; Orunbekov, M.; Assem, K.; Kotyra, A. Approaches to evaluating the quality of masking noise interference. Int. J. Electron. Telecommun. 2021, 67, 59–64. [Google Scholar] [CrossRef]
  97. Frieslaar, I.; Irwin, B. Developing an Electromagnetic Noise Generator to Protect a Raspberry PI from Side Channel Analysis. SAIEE Afr. Res. J. 2018, 109, 85–101. [Google Scholar] [CrossRef]
  98. Dhavlle, A.; Rafatirad, S.; Khasawneh, K.; Homayoun, H.; Dinakarrao, S.M.P. Imitating Functional Operations for Mitigating Side-Channel Leakage. IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst. 2022, 41, 868–881. [Google Scholar] [CrossRef]
  99. Vidakovic, M.; Vinko, D. Hardware-based methods for electronic device protection against invasive and non-invasive attacks. Electronics 2023, 12, 4507. [Google Scholar] [CrossRef]
Applsci 14 04830 g001
Figure 1. Reconstruction of PC display from common-mode noise emitting on electrical power line (source [70]).
Figure 1. Reconstruction of PC display from common-mode noise emitting on electrical power line (source [70]).
Applsci 14 04830 g001
Applsci 14 04830 g002
Figure 2. Frequency response of a PES (source [80]).
Figure 2. Frequency response of a PES (source [80]).
Applsci 14 04830 g002
Applsci 14 04830 g003
Figure 3. RED/BLACK separation (source [90]).
Figure 3. RED/BLACK separation (source [90]).
Applsci 14 04830 g003
Table 1. Display shielding.
Table 1. Display shielding.
Type of ProtectionDescription
Transparent glassIndium tin oxide (ITO) technology is applied to the glass surface. Disperses EMI while preserving display visibility.
Copper meshCooper’s conductivity effects block EMI. Monitor and maintain its performance.
Silver coated frameA frame surrounds the EMI glass, serves as a grounding mechanism, and creates a Faraday cage. Unwanted EMI energy is dissipated and interference neutralized.
CoatingsShield coated through painting, spraying, dispensing, and electroplating. Typically used in lightweight applications (mobile devices).
Screen housingThe screen housing is based on the Faraday cage principle. Filter modules can be added to protect the cable connection to the screen.
Table 2. Manufacturers of TEMPEST monitors.
Table 2. Manufacturers of TEMPEST monitors.
ManufacturerLevelMonitor/ScreenDescription
SiltecA
B
C		Samsung-based monitors and screens.A wide range of monitors and large screens are available in Level A, B, and C versions.
EurotempestAModulus T Dell P2722H-BDell-based, 27″ monitor.
Modulus T NEC M551-ANEC-based, 55″ monitor.
BModulus T NEC EA271Q-B
Modulus T NEC M751-B
Modulus T NEC M861-B		NEC-based 27″, 75″, and 86″ monitors.
Modulus T XB2483HSU-AIiyama-based, 24″ monitor.
CissecureADTD-LED-24-08-L124 inches high-definition desktop monitor.
Enhances full-featured Neovo LW-24G to make it TEMPEST-compliant.
SIPALBSPIAL Level B27″ 4K27″ IPS/3FL flat screen, UHD 4K resolution.
SPIAL Level B 24″Level B 24″ FHD multimedia Monitor.
C2A
B
C		Modulus T-24, T-27, T-32;Iiyama-based 24″, 27″, and 32″ LED monitors.
C2 also offers a Modulus T High-Clarity Privacy filter compatible with Levels A and B and certified displays.
Table 3. Manufacturers of TEMPEST printers.
Table 3. Manufacturers of TEMPEST printers.
ManufacturerPrinterDescription
C2Modulus T A4-BWHP-based A4 printer.
Fulfills Level A, B, and C requirements.
Modulus T A4-ColorHP-based A4 color printer.
Fulfills Level A, B, and C requirements.
Modulus T A4-BW-NEpson-based A4 TEMPEST network printer.
Fulfills Level A, B, and C requirements.
Modulus T A4-Color-NEpson-based A4 TEMPEST color network printer.
Fulfills Level A, B, and C requirements.
EurotempestTZ551 DNBased on HP Laser Jet 500 color series of printers.
TEMPEST and encryption capabilities.
OSPLTP 454n-A and -BColor A4 laser printers. Based on HP Laser Jet M454n. Fulfills Level A and B requirements.
TP 150a-A and -BColor A4 laser printer engines. Based on HP Laser Jet 150a. Fulfills Level A and B requirements.
SiltecTEMPEST HPHP-based A4, A3, and A0 printers.
Fulfills Level A, B, and C requirements.
Table 4. TEMPEST scanners.
Table 4. TEMPEST scanners.
ManufacturerScannerDescription
C2Modulus T Scanner-N TEMPEST network flatbed/ADF scanner.
Fulfills Level A, B, and C requirements.
Modulus T ScannerTEMPEST flatbed/ADF scanner.
Fulfills Level A, B, and C requirements.
EurotempestDS50000N-ABased on Epson Workforce DS-50000N A3 scanner.
Fulfills Level B requirements.
DS60000n-ABased on the Epson Workforce DS-60000N A3 scanner.
Fulfills Level A requirements.
DS6500-ABased on the Epson Workforce DS-6500 A3 scanner.
Fulfills Level A requirements.
FB5000-ABased on the Avision FB-5000 A3 scanner.
Fulfills Level A requirements.
GT-1500-BBased on the Epson GT-1500 scanner.
Fulfills Level A requirements.
2500-ABased on HP Scanjet Pro 2500 scanner.
Fulfills Level A requirements.
3500-ABased on HP Scanjet Pro 3500 scanner.
Fulfills Level A requirements.
4500-ABased on HP Scanjet Pro 4500 scanner.
Fulfills Level A requirements.
HP Flow 7000-ABased on HP Scanjet Enterprise Flow 7000 scanner. Fulfills Level A requirements.
OSPLTCS4500-A and -BBased on HP Scan Jet Pro 4500 fn1.
Fulfills Level A and B requirements.
TCS2500-A and -BBased on HP Scan Jet Pro 2500 f1.
Fulfills Level A and B requirements.
SiltecTEMPEST AvisionAvision-based A4 scanners.
Fulfills Level A, B, and C requirements.
Table 5. Operating characteristics of the RFID reader.
Table 5. Operating characteristics of the RFID reader.
RFID Reader TypeFrequency BandRangeData Rate
LF RFID120–150 kHz10 cmLow
HF RFID3–30 MHz0.1–1 mLow to moderate
UHF RFID433433 MHz1–100 mModerate
UHF RFID865–868865–868 MHz1–12 mModerate to high
UHF RFID902–908902–908 MHz>8 mModerate to high
Microwave RFID2.4–5.82.45–5.8 GHz1–2 mHigh
Microwave RFID3.1–103.1–10 GHzup to 200 mHigh
Table 6. SDIP standards.
Table 6. SDIP standards.
Standard
SDIP-27LEVEL A: Compromising emanation laboratory test standard.
LEVEL B: Laboratory test standard for protected facility equipment.
LEVEL C: Laboratory test standard for tactical mobile equipment
SDIP-28NATO zoning procedure.
SDIP-29Installation of electrical equipment for the processing of classified information
SDIP-30Installation of electrical equipment for processing classified data
Table 7. Level of protection according to zones.
Table 7. Level of protection according to zones.
Zone DistanceEnvironment
Zone 0Up to 1 mAn attacker is expected to have almost immediate access.
Zone 1~20 mAn attacker’s access or building materials provide attenuation equivalent to 20 m.
Zone 2~100 mFree space or building materials provide attenuation equivalent to 100 m.
Table 8. Masking methodologies.
Table 8. Masking methodologies.
Author(s)Methodology
Smailov et al. (2021) [96]Use of spatial EM noise generators to prevent from interception of informative signals.
Frieslaar; Irwin (2018) [97]Use of EM noise generator as a software technique for obfuscating SCA analysis.
Dhavlle et al. (2022) [98]The cognitive approach to mitigating SCA is not reliant on the architecture or operating system.
Table 9. Manufacturers of the TEMPEST-protected devices.
Table 9. Manufacturers of the TEMPEST-protected devices.
Company
1Digital platforms—S.p.A. (Rome/Italy)
2Eurotempest BV
3GBS TEMPEST and Service GmbH (Diepholz/Germany)
4OSPL Netherland
5S.C. BLUESPACE TECHNOLOGY S.R.L. (Ilfov/Romania)
6SILTEC S.p z o.o (Pruszków, Poland)
7SIPAL—S.p.A.
8Thales SIX GTS France SAS (Gennevilliers/France)
Table 10. Comparison of devices and TEMPEST protection measurements.
Table 10. Comparison of devices and TEMPEST protection measurements.
Device TypeSourceProtection MeasuresProtection LevelManufacturer
Computer monitorsRefresh rate;
horizontal frequency;
pixel frequency.		Housing;
Faraday cage;
shielding.		A, B, CSiltec
A, BEurotempest
ACissecure
BSIPAL
A, B, CC2
Wireless keyboards and miceRF emission.Turning off SSID;
changing default SSID name;
data encryption.		--
PrintersEM radiation.TEMPEST filtered AC input;
encryption;
shielded cables.		A, B, CSiltec
EncryptionEurotempest
A, BOSPL
A, B, CC2
A, B, CSiltec
ScannersEM radiation.TEMPEST filtered AC input;
shielded cable.		A, B, CSiltec
A, BEurotempest
A, BOSPL
A, B, CC2
ConductorsRF;
acoustic energy; induced currents.		Shielding cables;
symmetrical wires.		Tested for TEMPEST high-security applicationsSiemon TERA
Cinch Connectivity
PESEM interference;
inductive coupling.		Increasing distance;
EM shielding.		--
RFIDEM radiation.Limiting EM emission of the system.
Increasing RFID chip complexity;
robust cryptographic computation techniques.		--
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Antić, V.; Protić, D.; Stanković, M.; Prodanović, R.; Manić, M.; Ostojić, G.; Stankovski, S.; Kučević, D. Protecting Data at Risk of Unintentional Electromagnetic Emanation: TEMPEST Profiling. Appl. Sci. 2024, 14, 4830. https://doi.org/10.3390/app14114830

AMA Style

Antić V, Protić D, Stanković M, Prodanović R, Manić M, Ostojić G, Stankovski S, Kučević D. Protecting Data at Risk of Unintentional Electromagnetic Emanation: TEMPEST Profiling. Applied Sciences. 2024; 14(11):4830. https://doi.org/10.3390/app14114830

Chicago/Turabian Style

Antić, Vladimir, Danijela Protić, Miomir Stanković, Radomir Prodanović, Miodrag Manić, Gordana Ostojić, Stevan Stankovski, and Denis Kučević. 2024. "Protecting Data at Risk of Unintentional Electromagnetic Emanation: TEMPEST Profiling" Applied Sciences 14, no. 11: 4830. https://doi.org/10.3390/app14114830

APA Style

Antić, V., Protić, D., Stanković, M., Prodanović, R., Manić, M., Ostojić, G., Stankovski, S., & Kučević, D. (2024). Protecting Data at Risk of Unintentional Electromagnetic Emanation: TEMPEST Profiling. Applied Sciences, 14(11), 4830. https://doi.org/10.3390/app14114830

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop