Keysight N8973B Security Features And Document Of Volatility Download Page 32 | Manualshive

Page: 32 / 46

Keysight N8973B Security Features And Document Of Volatility Download Page 32

Security Features and Document of Volatility

User and Remote Interface Security Measures

32

8

User and Remote Interface Security Measures

This chapter discusses options that are available to you to control and

configure user and remote access to the instrument, including:

—

SCPI/GPIB Control of Interfaces

—

Operating System Security Features

—

. This topic includes information about how to set the

instrument’s USB ports to read-only.

—

IMPORTANT

Users are responsible for providing security for the I/O ports for remote

access, by controlling physical access to the I/O ports. The I/O ports must be

controlled because they provide access to most user settings, user states,

and the display memory.

SCPI/GPIB Control of Interfaces

The GPIB command

LLO

(local lockout) can be sent by the controller to disable

operation of the instrument’s front-panel keys and softkey menus.
However, sending the

LLO

command does

not

disable access to the instrument

via its USB ports. For details of how to restrict the operation of the USB ports,

see

“Configuring USB for Read-only” on page 33

below.

Operating System Security Features

The instrument’s Windows operating system includes a variety of features that

you can invoke or modify to enhance system security. These include the

following:

— The ability to create custom user accounts, and assign different security

levels to each account by adding it to an existing group. The group types

predefined by Windows are: Administrator, Power User, User, Backup

Operator, and Guest, but you can also define new group types.

«
...
30
31
32
33
34
...
»

Summary of Contents for N8973B

Page 1: ...lyzers This manual provides documentation for the following analyzers PXE EMI Receiver N9048B UXA Signal Analyzer N9040B N9041B PXA Signal Analyzer N9030B MXA Signal Analyzer N9020B EXA Signal Analyzer N9010B CXA Signal Analyzer N9000B NFA Noise Figure Analyzer N8973B N8976B ...

Page 2: ...mputer software documentation No additional government requirements beyond those set forth in the EULA shall apply except to the extent that those terms rights or licenses are explicitly required from all providers of commercial computer software pursuant to the FAR and the DFARS and are set forth specifically in writing elsewhere in the EULA Keysight shall be under no obligation to update revise ...

Page 3: ...om find exa http www keysight com find cxa http www keysight com find nfa To receive the latest updates by email subscribe to Keysight Email Updates http www keysight com find emailupdates Information on preventing instrument damage can be found at http www keysight com find PreventingInstrumentRepair Is your product software up to date Periodically Keysight releases software updates to fix known ...

Page 4: ...orage 23 Replacement of Disk Drive 23 Items Required 23 Procedure 23 Archiving and Restoring Factory Calibration Data Files 25 Selection of USB Memory Device 25 Tools Required 25 Data Backup or Restore using Alignment Data Wizard 25 6 Disk Drive Removal Procedure 27 7 SD Memory Card Removal Procedure 30 8 User and Remote Interface Security Measures 32 SCPI GPIB Control of Interfaces 32 Operating S...

Page 5: ...tents 5 SCPI Commands 37 Option SF2 38 Operating System Changes 38 Menu Command Changes 38 Front panel Keys 38 File Menu 39 Preset Menu 39 System Menu 39 Disabled SCPI Commands 39 Appendix A References 45 ...

Page 6: ... local Keysight office is available via the internet at http www keysight com find assist If you do not have internet access please contact your designated Keysight representative N O T E In any correspondence or telephone conversation refer to the instrument by its model number and full serial number With this information the Keysight representative can determine whether your unit is still within...

Page 7: ...IMPORTANT Be sure that all information stored by the user in the instrument that needs to be saved is properly backed up before attempting to clear any of the instrument memory Keysight Technologies cannot be held responsible for any lost files or data resulting from the clearing of memory Be sure to read this document entirely before proceeding with any file deletion or memory clearing Product Na...

Page 8: ... assembly type 1 Press the System hardkey on the front panel or tap the gear icon in the user interface The System Settings panel opens 2 Select the System tab at left then in the Show group tap Show System 3 A screen appears that displays all installed options and indicates the instrument s processor assembly type For more details see the User Interface or System Settings sections of the instrume...

Page 9: ...include memory sanitization or memory removal or both Sanitization As defined in Section 4 4 2 of the ODAA Process Manual for the Certification and Accreditation of Classified Systems under the NISPOM sanitization is a procedure by which classified information is completely removed from memory so that even a laboratory attack using known techniques or analysis will not recover any information Henc...

Page 10: ... Document of Volatility Instrument Memory Volatility 10 4 Instrument Memory Volatility This chapter summarizes all memory types in the instrument The descriptions are divided between 1 Non Volatile Memory 2 Volatile Memory ...

Page 11: ...ion Data Retained When Powered Off Purpose Contents Data Input Method Location in Instrument and Remarks Sanitization Procedure 1 Front Panel EEPROM 64 kbit No Yes Contains software for running front panel microcontroller Operates front panel LEDs and transmits key presses to processor Programmed before installation A1A2 Front Panel Interface Board Contains no user data None 2 EDID Memory 2 kbit E...

Page 12: ... SD card controller configuration memory 2 Kbit EEPROM No Yes Configuration for the SD card controller on boot up Programmed before installation A4 Processor Assy Contains no user data None 9 PCIe retimer configuration 8 Kbit EEPROM No Yes Configuration for the PCIe retimer for external PCIe communication Programmed before installation A4 Processor Assy Contains no user data None 10 FPGA configura...

Page 13: ...ROM 64 Mbit SPI EEPROM No Yes COMe BIOS SPI ROM Programmed before installation A4 Processor Assy Contains no user data None 17 Disk Drive 80 GByte This drive is partitioned as detailed in Disk Drive Partitioning on page 18 Yes Yes Contains Operating System Instrument Software Factory Calibration Data Diagnostic software Crash recovery image user instrument states user data files user trace data an...

Page 14: ...ROM used to identify the assembly Programmed before installation A13 Front End Assy Contains no user data None 22 Config Cal Memory 8 kbit EEPROM No Yes Header EEPROM used to identify the assembly Programmed before installation A14 Synthesizer Assy Contains no user data None 23 Config Memory 8 Mbit Flash 1024 x 8 No Yes Contains measurement and control software which is preloaded into FPGA during ...

Page 15: ...ntains no user data None 28 Config Cal Memory 8 kbit EEPROM No Yes Header EEPROM used to identify the assembly Programmed before installation A16 Reference Assy Contains no user data None 29 FPGA Config Memory 2 Mbit Flash No Yes Contains measurement and control software Programmed before installation A16 Reference Assy Contains no user data None 30 Digital Potentiometer 112 bits EEPROM No Yes Con...

Page 16: ...lation A21 WBIF Assy Contains no user data None 36 PSoCMA configuration memory 64 kByte Flash No Yes Contains configuration for PSoCMA processor Programmed before installation A21 WBIF Assy Contains no user data None 37 PSoCD configuration memory 64 kByte Flash No Yes Contains configuration for PSoCD processor Programmed before installation A21 WBIF Assy Contains no user data None 38 PSoCMD config...

Page 17: ... no user data None 43 Spartan6 configuration memory 4 Mbit Flash No Yes Contains configuration for Spartan6 FPGA Programmed before installation A21 WBIF Assy Contains no user data None 44 Virtex6 configuration memory 0 32 Mbit Flash No Yes Contains configuration for Virtex6 FPGA Programmed before installation A21 WBIF Assy Contains no user data None 45 Virtex6 configuration memory 1 32 Mbit Flash ...

Page 18: ...tory into three visible partitions labeled C D and E plus a fourth hidden partition Details of the functions of all partitions are provided in Table 4 2 below Table 4 2 Disk Drive Partitions Partition Label Purpose C Primary partition for applications and secondary data D Default location for user data E Calibration data Hidden Factory recovery image of the C partition ...

Page 19: ...by firmware Not accessible by user A3 Digital IF Assy Contains raw measurement data Turn off instrument power a 2 Processor SDRAM 16 GByte Yes No Main dynamic RAM memory for processor Contains working copies of Operating System instrument measurement applications calibration data and measurement data Programmed before installation or by factory service center calibration procedure software or by f...

Page 20: ...ible by user A23 Digital IF Option B5X Contains raw measurement data Turn off instrument power Keysig ht Red a a This memory is not battery backed up or connected to standby power Table 4 3 Summary of Volatile Instrument Memory Memory Type and Size Writable During Normal Operation Data Retained When Powered Off Purpose Contents Data Input Method Location in Instrument and Remarks Sanitization Proc...

Page 21: ...tification and Accreditation of Classified Systems under the NISPOM Memory sanitization We recommend always removing the Disk Drive to achieve sanitization For program classifications lower than Top Secret this media type can be sanitized using method d as defined in the Clearing and Sanitization Matrix in Section 14 1 16 of the ODAA Process Manual for the Certification and Accreditation of Classi...

Page 22: ...tended purpose of the SD Memory Card is for backing up the instrument calibration database file The backup and restore process used by the instrument will default to this location Users can also write to this memory since it appears as another disk drive to the instrument Size 16 Gigabytes Memory clearing Software utilities are available that comply with the clearing requirements specified for Mag...

Page 23: ...the instrument software revision on the secondary non classified disk drive matches that of the classified drive in the controlled area If the non classified drive receives a software upgrade or if the non classified drive is replaced with a drive that contains a newer revision of software than that of the classified drive the classified drive will require a software upgrade inside the controlled ...

Page 24: ...e instrument from controlled area Without the Disk Drive instrument is sanitized 9 Install secondary non classified Disk Drive 2 Note that calibration files archived in Step 4 may need to be copied into this Disk Drive 10 Instrument is now operational with original calibration data Deliver to service center for cal repair 11 Service center generates new calibration files on Disk Drive 12 Instrumen...

Page 25: ...disc The optical disc can be written using an external writer device outside the controlled area and then read using a further external reader device situated in the controlled area Tools Required To perform backup or restore operations you need a mouse with a USB interface an alphanumeric keyboard with a USB interface a portable USB Memory Device For details see Selection of USB Memory Device on ...

Page 26: ...zation and Removal Procedures Archiving and Restoring Factory Calibration Data Files Figure 5 1 Alignment Data Wizard Dialog 7 Follow the wizard s on screen instructions to back up the calibration data to the external USB memory device or restore the data from the device ...

Page 27: ...n Item 18 of Table 4 1 on page 11 Therefore when replacing the Disk Drive you do not need to back up and restore the license keys When installing a replacement Disk Drive ensure that the instrument software revision on the replacement drive matches that of the original drive To remove the disk drive follow the steps below The numbered items in the figures correspond to the step numbers in the proc...

Page 28: ... s rear panel as shown in Figure 6 1 2 Locate the removable drive and its retaining thumbscrew as shown in Figure 6 1 Figure 6 1 Instrument Rear Panel Processor Assembly 3 Turn the thumbscrew to release the drive from the panel as shown in Figure 6 2 below If the thumbscrew is too tight to turn by hand use a TORX T10 screwdriver to loosen it ...

Page 29: ...ment of Volatility 29 Disk Drive Removal Procedure Figure 6 2 Removable Disk Drive Unit fully extracted 4 Pull the U shaped handle attached to the drive unit to remove the drive from the Processor Assembly as shown in Figure 6 2 ...

Page 30: ...ent s disk drive is removed To remove the SD Memory Card 1 Remove the disk drive by following the Disk Drive Removal Procedure on page 27 Once the disk drive has been removed the SD Memory Card is accessible 2 Push in on the SD Memory Card and release The Card springs back out and can then be removed Figure 7 1 on page 31 below shows the instrument rear panel with the Disk Drive Assembly and SD Me...

Page 31: ...cedure Figure 7 1 Instrument Rear Panel showing Removable Disk Drive Assembly and SD Memory Card 3 Reinstall the disk drive assembly Removing the SD Memory Card does not interfere with normal operation of the instrument operating system or the instrument application software ...

Page 32: ...ngs user states and the display memory SCPI GPIB Control of Interfaces The GPIB command LLO local lockout can be sent by the controller to disable operation of the instrument s front panel keys and softkey menus However sending the LLO command does not disable access to the instrument via its USB ports For details of how to restrict the operation of the USB ports see Configuring USB for Read only ...

Page 33: ...ecting appropriate actions when new media and devices are detected The AutoRun feature is disabled in the instrument by default for improved security unless the Administrator account is running In Administrator mode AutoRun is enabled to aid with program installation You can disable or enable AutoPlay via the Control Panel Open the Control Panel and select Hardware and Sound AutoPlay then uncheck ...

Page 34: ...nu select More Security USB 6 Select the option Read Only 7 To activate the configuration change either log out and then back in under your usual user name which by default is instrument or cycle the instrument power SD Memory Card The SD Memory Card can either be write protected or removed from the instrument To remove the SD Memory Card follow the instructions in SD Memory Card Removal Procedure...

Page 35: ... Instrument Even if the instrument is not able to power on it may be declassified by 1 Removing the disk drive from the instrument using the appropriate procedure as described in Disk Drive Removal Procedure on page 27 2 Removing the SD Memory card if present using the procedure described in SD Memory Card Removal Procedure on page 30 ...

Page 36: ...s that provide security related functionality The following available options are described in this chapter Option SF1 on page 37 Option SF2 on page 38 To determine which of these options if any are installed in your instrument use the procedure described in Determining Installed Options Processor Assembly Type on page 8 ...

Page 37: ...zed or undesirable third party programs or scripts This section summarizes the functional modifications to the instrument capabilities when Option SF1 is installed Menu Command Changes Installing Option SF1 causes the following menu and command changes in the instrument File Menu In the File menu the File Explorer key is not available System Menu In the System menu the keys Control Panel and Web B...

Page 38: ...s Windows memory page files The reason for this change is to ensure that memory page swapping does not inadvertently cause the instrument to create on disk copies of RAM data Note that one effect of disabling memory page files is to reduce the available memory space for preloading applications at power on T I P If a disk recovery and software update is performed memory paging files will automatica...

Page 39: ...and User Preset All Modes icons are not available System Menu In the System Power On menu the Power On Type selection keys Mode Preset User Preset and Last State are not available Disabled SCPI Commands The following SCPI commands are not available Attempting to use any of these commands generates the Error message 113 Undefined header Note that some of the commands listed are specific to individu...

Page 40: ...nce DATa MMEMory LOAD DPD REFerence SRATe MMEMory LOAD DTRaces MMEMory LOAD ENR MMEMory LOAD EVMSetup MMEMory LOAD FMT MMEMory LOAD FREQuency MMEMory LOAD IQRef MMEMory LOAD LIMit MMEMory LOAD LIMit DDIRectory MMEMory LOAD LOSS MMEMory LOAD MASK MMEMory LOAD MPADapter CORRection MMEMory LOAD PDATa MMEMory LOAD PSET MMEMory LOAD RDATa MMEMory LOAD RECording MMEMory LOAD REGister MMEMory LOAD SCAN M...

Page 41: ...e LOAD LOSS MMEMory NFIGure STORe ENR MMEMory NFIGure STORe FREQuency MMEMory NFIGure STORe LOSS MMEMory REGister STATe LABel MMEMory REGister STATe LABel MAXimum MMEMory REGister STATe MAXimum MMEMory REGister TRACe LABel MMEMory REGister TRACe LABel MAXimum MMEMory REGister TRACe MAXimum MMEMory RESults CORRection MODE MMEMory RESults LIMits MODE MMEMory RESults OUTPut MMEMory RESults SCAN MMEMo...

Page 42: ...ct ITEM TRACe ACTive MMEMory SELect ITEM TRANsducer ALL MMEMory STORe ALIMit MMEMory STORe ALISt MMEMory STORe ATRace MMEMory STORe AXConfig MMEMory STORe CAPTured MMEMory STORe CHTable MMEMory STORe CORRection MMEMory STORe CORRection GROup MMEMory STORe CPData MMEMory STORe DLISt MMEMory STORe DTRaces MMEMory STORe ENR MMEMory STORe FMT MMEMory STORe FREQuency MMEMory STORe IQRef MMEMory STORe L...

Page 43: ...PDW MMEMory STORe RESults TABLe PDW FULL MMEMory STORe RESults TABLe PULSe MMEMory STORe RESults TABLe PULSe FULL MMEMory STORe RESults TABLe VPDW MMEMory STORe RESults TABLe VPDW FULL MMEMory STORe SCAN MMEMory STORe SCONfig MMEMory STORe SCReen MMEMory STORe SCReen THEMe MMEMory STORe SLISt MMEMory STORe STATe MMEMory STORe T2Config MMEMory STORe TMMConfig MMEMory STORe TRACe MMEMory STORe TRACe...

Page 44: ... TRACe OPERator STATe MMEMory TRACe PDEScription MMEMory TRACe PDEScription STATe MMEMory TRACe TITLe MMEMory TRACe TITLe STATe SYSTem Subsystem SYSTem PON TYPE SYSTem PRESet SAVE SYSTem PRESet TYPE SYSTem PRESet USER SYSTem PRESet USER ALL SYSTem PRESet USER SAVE SYSTem PRINt THEMe ...

Page 45: ...M Defense Security Service Version 3 2 November 15 2013 May be downloaded in PDF format from https www dss mil Portals 69 documents odaa ODAA Process Manual Version 3 2 pdf 2 Installation Note Keysight X Series Signal Analyzers Option SF2 Keysight Technologies 2018 Part Number N9020 90234 May be downloaded from http literature cdn keysight com litweb pdf N9020 90234 pdf ...

Page 46: ...This information is subject to change without notice Keysight Technologies 2014 2019 Edition 7 July 2019 N9040 90005 www keysight com ...

Reviews:

No comments