The Coast Guard adheres closely to the Department of Homeland Security, Department of Defense and the National Security Agency rules, regulations, and protocols for TEMPEST testing and certification.
“TEMPEST” (not an acronym – it is a formerly classified DoD code word from the 1950s) is the short name referring to investigation, study, and control of compromising emanations from telecommunications and Automated Information Systems equipment. No classified information is permitted to be loaded on any system that does not meet these stringent requirements.
TEMPEST consists of visual inspections and instrumented surveys of communications and information technology systems and infrastructure. On extremely complex C4ISR systems, especially those on a firqt-in-class cutter such as the Bertholf, TEMPEST certification often occurs after preliminary delivery.
The Coast Guard's Technical Authority, with support and cooperation of the C4ISR Program Manager and National Security Cutter (NSC) Project Manager, conducted TEMPEST certification inspections prior to preliminary acceptance of Bertholf in May 2008. These efforts, which began in 2007, helped to develop post-delitery Information Assurance (IA) $amp; TEMPEST mitigation plans and ensured that the condition of the cutter was fully understood at preliminary acceptance.
These pre-delivery inspections also enabled the Coast Guard to assess the progress the contractor had made towards resolving TEMPEST discrepancies identified between June 2007 and February 2008. In addition, it provided a TEMPEST baseline which the Coast Guard documented in the DD-250 preliminary acceptance document and which served as reference point for all future TEMPEST mitigation activities. The Coast Guard has employed the test-fix-test methodology since delivery.
The first significant milestone in the post delivery TEMPEST activities occurred in September 2008 when the Coast Guard's TEMPEST Inspectors conducted successful Visual TEMPEST Inspections of electronics cabinets located in the operations center. The Coast Guard TEMPEST technical authority concurred with the inspection results. This winter, the remaining cabinets in the Local Area Network (LAN) room will be TEMPEST inspected.
The second significant milestone occurred this month, October 2008, when Coast Guard Visual TEMPEST Inspectors validated that 114 of the 122 DD250 Visual TEMPEST discrepancies have been resolved. The remaining eight discrepancies, located within the LAN room, will be resolved by December 2008.
The final SPAWAR shipboard Instrumented TEMPEST Survey is scheduled for April 2009.
For more information on the National Security Cutter, please visit the project’s website at http://www.uscg.mil/acquisition/NSC.