The Coast Guard adheres closely to the Department of Homeland Security, Department of Defense and the National Security Agency rules, regulations, and protocols for TEMPEST testing and certification. “TEMPEST” (not an acronym – it is a formerly classified DoD code word from the 1950s) is the short name referring to investigation, study, and control of compromising emanations from telecommunications and Automated Information Systems equipment. No classified information is permitted to be loaded on any system that does not meet these stringent requirements. TEMPEST consists of visual inspections and instrumented surveys of communications and information technology systems and infrstructure. On extremely complex C4ISR systems, especially those on a first-in-class cutter, such as CGC BERTHOLF, TEMPEST certification often occurs after preliminary delivery.
The Coast Guard's Technical Authority, with support and cooperation of the C4ISR Program Manager and National Security Cutter (NSC) Project Manager, conducted TEMPEST certification inspections prior to preliminary acceptance of CGC BERTHOLF in May 2008. These efforts, which began in 2007, helped to develop post-delivery Information Assurance (IA) & TEMPEST mitigation plans to ensure the condition of the cutter was fully understood at preliminary acceptance. They also enabled the Coast Guard to assess the progress the contractor had made towards resolving TEMPEST discrepancies idenified between June 2007 and February 2008. Going forward, the pre-delivery inspections provide a TEMPEST baseline, which the Coast Guard documented in the DD-250 preliminary acceptance document, to serve as a reference point for all future TEMPEST mitigation activities. The Coast Guard has employed the test-fix-test methodology since delivery.
All 122 visual TEMPEST discrepancies identified during the preliminary delivery of the ship (DD-250) have been resolved. The Coast Guard is conducting ongoing Instrumented TEMPEST surveys using a National Security Agency (NSA) approved contractor to prepare for final TEMPEST testing. The posture and readiness for testing of TEMPEST communications will be further improved with March 2009 hardware installations. The final Space and Naval Warfare Systems Command (SPAWAR) shipboard Instrumented TEMPEST survey is scheduled for April 2009.
For more information on the National Security Cutter, please visit the project’s website at http://www.uscg.mil/acquisition/NSC.