Transient Electromagnetic Pulse Research Articles

A TEMPEST Attack Implementation based on Hidden Markov model in Smart Grid

Abstract A Smart Grid contains a large number of terminals to gather voltage, current, and power data. If these terminals are attacked by hackers to steal data and disrupt the operation of the grid, the grid will encounter a huge challenge. And side channel attack is an attack way that uses information signals (such as electromagnetic radiation, and computer hardware running sound) inadvertently released by the computer to decipher. The computer keyboard generates electromagnetic radiation signals during operation, and hackers may acquire your account and password through the keyboard’s tapping sound, resulting in the leakage of important data. This article analyzes the electromagnetic radiation leakage vulnerabilities of keyboards and designs a way to implement a TEMPEST (Transient Electromagnetic Pulse Emanation Surveillance Technology) Attack based on the Hidden Markov model, which can provide a foundation for avoiding potential risk.

Detection of the Compromising Audio Signal by Analyzing Its AM Demodulated Spectrum

The information technology and communication (IT&C) market consists of computing and telecommunication technology systems, which also include a variety of audio devices. Preserving the confidentiality of transmitted information through these devices stands as a critical concern across various domains and businesses. Notably, spurious electromagnetic emanations emitted by audio devices can be captured and processed, potentially leading to eavesdropping incidents. The evaluation of electronic devices for potential security vulnerabilities often involves employing Transient Electromagnetic Pulse Emanation Standard (TEMPEST) technology. This paper introduces a novel approach to TEMPEST testing specifically tailored for audio devices. The outcomes of the proposed approach offer valuable insights into TEMPEST equipment testing, aiming to mitigate the potential risks posed by threats exploitable by eavesdroppers in everyday scenarios. The present work delves into the examination of two ubiquitous global electronic devices: a notebook and a pair of in-ear headphones. The symmetrical framework of this study arises from the intrinsic similarity that, despite belonging to distinct categories, both devices possess the capability to emit electromagnetic emissions that contain compromised audio signals. This assertion is substantiated by the measurement results presented herein. The proposed methodology involves the analysis of the audio amplitude modulation (AM) demodulated signal in the frequency domain. This innovative approach not only mitigates operator fatigue but also significantly reduces the testing time required for these devices and instrument running hours and leads to the development of new applications.

Measurement of high-power transient electromagnetic pulse field with integrated photonic electric-field sensor

To satisfy certain special requirements for high-power transient electromagnetic pulse (EMP) field measurements, such as high electric field intensity, broad bandwidth, fast rise time, and compact size, here is described an integrated electro-optic sensor. The frequency response in the range from 100 kHz to 12 GHz and the time-domain input/output characteristics of a sub-nanosecond EMP field with an intensity from 5 to 100 kV/m were experimentally characterized. The sensor was demonstrated to measure the time-domain waveform of the ultrawideband EMP field signals with a rise time of 0.35 ns and bandwidth of 1 GHz. In addition, the minimal detectable electric field strength was 16 mV/m/Hz1/2 in the frequency domain, and an intense sub-nanosecond electromagnetic pulse with a peak amplitude of 100 kV/m was observed in the time domain. The reported sensor is expected to be broadly used for intense EMP measurements.

Simulation and Experimental Study on Coupling Effect of Fuze under Ultra-wide Spectrum Strong Electromagnetic Pulse

The lack of anti-strong electromagnetic interference ability of fuze has become an important aspect restricting the effectiveness of weapon system. Taking a certain type of fuze as an example, this paper analyzes the coupling mechanism of ultra-wide spectrum transient strong electromagnetic pulse to the fuze, analyzes the action mode of aperture coupling and field line coupling, establishes the mathematical model of space electromagnetic field, and then simulates the effect of aperture coupling and field line coupling of the fuze by using CST Microwave Studio software. It is concluded that the strongest coupling state is when the polarization direction of the electromagnetic field is parallel to the axis of the fuze. Combined with the theory and simulation, the ultra-wide spectrum transient strong electromagnetic pulse simulation system is used to conduct the strong electromagnetic pulse irradiation test, and the electromagnetic pulse effect threshold is obtained. It is concluded that the effect threshold leading to communication failure is about 27~40kV/m, which provides a certain theoretical and experimental basis for fuse strong electromagnetic protection.

ТЕХНОЛОГИЯ SOFT TEMPEST КАК ОБЪЕКТ ФУНКЦИОНАЛЬНОГО МОДЕЛИРОВАНИЯ

The present study introduces the software-controlled transient electromagnetic pulse emanation technology (Soft Tempest (ST) technology) and the ST-channel information leakage counteraction in terms of functional model. The paper describes the basic formalization of the actions of the intruder to prepare targeted interception of informative signals of сomputers technique (CT) via the ST-channel. This study also profiles the malware implementation in the working environment of CT and the initiation of a transient electromagnetic pulse emanation (TEMPE) from electronic equipment of CT. The detection of a TEMPE and interception of the informative signals of the TEMPE from electronic equipment of CT and processing these signals are observed. The basic formalization of processes of changing the configuration of the electronic equipment of the CT, its instrumental verification and technical control of the effectiveness of information protection from leakage through a ST-channel are desribed. The study presents a general mechanism for the decomposition of target functions «Intruder interception of informative signals of CE via ST-channel» and «Counteracting information leakage via the ST-channel». The classification basis for the three-level detailing of these target functions is substantiated. The results of detailing the actions of the intruder into certain stages, the ongoing activities to counteract information leakage, the processes taken by the intruder, taken countermeasures and the functions corresponding to these processes and countermeasures are provided. The obtained results are a prerequisite for the formalized representation of the processes described in terms of Markov processes and the development of mathematical models of the related temporal and stochastic characteristics to quantitatively measure the ability of the intruder to realize the threats of interception of a TEMPE from the electronic equipment of CT, caused by malware.

Microstrip Bandstop Filter for Preventing Conduction Electromagnetic Information Leakage of High-Power Transmission Line

The research of transient electromagnetic pulse emission monitoring technology (TEMPEST) protection is essential. Based on microstrip bandstop filter (MSBSF), a method to prevent electromagnetic information leakage of high-power transmission lines is proposed in this paper. The MSBSF with a high insertion loss and carrying large current in the frequency of 2.40–2.49 GHz is designed, fabricated, and experimentally measured. The fabricated MSBSF with the insertion loss of 38 dB at 2.41–2.49 GHz can carry a current greater than 10A and withstand a voltage of 1.7 kV. Compared with the traditional electromagnetic interference (EMI) filter, the MSBSF has the advantages of preventing conducted electromagnetic information leakage in the high-frequency bands, carrying greater current subject to higher voltage, and possessing lighter weight. The MSBSF may be used to prevent the leakage of high-frequency electromagnetic information of high-power transmission lines.

All-solid-state pulsed current injection source based on the light initiated multi-gate semiconductor switches.

To study the damage and protection mechanism of the transient electromagnetic pulse to the cables of the electronic equipment under test, an all-solid-state pulsed current injection source with light initiated multi-gate semiconductor switches is developed. The output peak current range of the prepared all-solid-state pulsed current injection source was 0.1-1kA, the risetime was 18ns, and the pulse width was 520ns. In addition, the waveforms of the output peak current were consistent.

Особенности обнаружения и измерения побочных электромагнитных излучений широкополосных сигналов

The article is devoted to the technical channels of Transient Electromagnetic Pulse Emanation (TEMPEST) information leakage. Methods of detection and measurement of TEMPEST, as well as broadband signals in general cases are briefly presented. The features of detection and measurement of broadband TEMPEST signals of modern digital interfaces (for example, DVI, HDMI, DisplayPort) are considered. These digital interfaces are selected as the most relevant at the moment, against analog ones that are coming out of mass use (VGA). The review of the main approaches to the identification of such signals is carried out. Detection and measurement of broadband TEMPEST signals is a non-trivial task, since both TEMPEST signals and broadband signals themselves have a low signal-to-noise ratio. A laboratory stand (an alternative measuring platform) is described in detail, where practical studies were carried out to identify and measure the broadband TEMPEST using the example of the HDMI interface. The influence of the shield camera on the results of research in cases of complete and partial screening of the object under study is demonstrated. The influence of the bandwidth value during measurements of the broadband TEMPEST on the displayed spectrum of such a signal is shown. After reaching a certain value of this bandwidth, the displayed spectrum becomes clearly distinguishable against the background of noise. The measurement of the signal levels of the broadband TEMPEST was carried out in two ways. The first method assumed that the spectrum of the broadband TEMPEST signal is continuous. In the second method, it was assumed that the spectrum of such a signal is discrete. Based on the results of these measurements, a conclusion was made about the actual nature of the spectrum of the signals of the broadband TEMPEST.

Shielding Performance of Materials Under the Excitation of High-Intensity Transient Electromagnetic Pulse

Shielding effectiveness (SE) dominates the shielding performance of materials. Under the excitation of high-intensity transient electromagnetic pulse, especially the wide-band transient electromagnetic pulse, how to characterize and calculate the SE of shielding materials is not clear. In order to reveal the shielding performance of materials towards the wide-band transient electromagnetic pulse, a systematic experimental investigation was performed on a home-made SE measurement system. The ‘peak value reduction ( $SE_{\mathrm {PR}}$ )’ is verified to be an effective approach for the characterization of SE of shielding materials. The SE of the employed materials shows no noticeable change even with the excitation field intensity increasing to 200 kV/m, which is significantly different from that of high-power microwave (HPM). Under the excitation of HPM, the SE of materials starts to increase at a field intensity of 19.4 kV/m and becomes saturated at 33.6 kV/m. Further analysis discloses that the variation of SE of materials is mainly dependent on two factors, one is the intrinsic property of the material itself, and the other is energy density spectrum of the excitation high-intensity transient electromagnetic pulse. The energy in per frequency unit (10 MHz) for wide-band transient electromagnetic pulse is far lower than that of HPM, resulting in an evident dissimilarity in the changes of SEs of shielding materials.

Methodological aspects of the presentation of information security threats recognition signs in the context of improving technical intelligence

Formulation of the problem. The completeness of the characteristics of one of the most serious threats to the security of information today – its leakage through the transient electromagnetic pulse emanation standard (TEMPEST) from computer equipment (CE) is determined not only by the number of detectable signs of leakage but also by several other parameters characterizing the dynamics of the implementation of such a threat. The established patterns in the scenarios of violators’ actions associated with the use of technical reconnaissance equipment (TRQ) to intercept informative TEMPEST signals from computer equipment made it possible to form a model of all possible options for using TRQ to obtain confidential information processed by computer equipment. The proposed model provides the implementation of the methodological principles of the recognition theory for a more complete characterization of threats of information leakage through the channels of spurious electromagnetic radiation and interference from CE in the process of their detection.Objective. Development of methodological grounds for presenting signs of the violator’s implementation of certain functions associated with the use of technical reconnaissance equipment to intercept informative signals of spurious electromagnetic radiation and interference from computer equipment as signs that identify the most significant conditions for the recognition and prevention of such threats.Results. Methodological solutions for the identification of three states significant for the prevention of threats are given based on the structuring of the functional representation of the intruder’s actions to implement such threats. Mathematical models for assessing the predicted amount of information disclosed in the process of intercepting TEMPEST informative signals from computer equipment, and assessing the level of security threats in case of interception of information are also presented.Practical significance. The paper presents the main options for the operation of a complex of programs for recognizing threats of information leakage through TEMPEST channels from computer equipment developed within the framework of the presented methodology.

Sources and space-time distribution of the electromagnetic pulses in experiments on inertial confinement fusion and laser-plasma acceleration.

When high-energy and high-power lasers interact with matter, a significant part of the incoming laser energy is transformed into transient electromagnetic pulses (EMPs) in the range of radiofrequencies and microwaves. These fields can reach high intensities and can potentially represent a significative danger for the electronic devices placed near the interaction point. Thus, the comprehension of the origin of these electromagnetic fields and of their distribution is of primary importance for the safe operation of high-power and high-energy laser facilities, but also for the possible use of these high fields in several promising applications. A recognized main source of EMPs is the target positive charging caused by the fast-electron emission due to laser-plasma interactions. The fast charging induces high neutralization currents from the conductive walls of the vacuum chamber through the target holder. However, other mechanisms related to the laser-target interaction are also capable of generating intense electromagnetic fields. Several possible sources of EMPs are discussed here and compared for high-energy and high-intensity laser-matter interactions, typical for inertial confinement fusion and laser-plasma acceleration. The possible effects on the electromagnetic field distribution within the experimental chamber, due to particle beams and plasma emitted from the target, are also described. This article is part of a discussion meeting issue 'Prospects for high gain inertial fusion energy (part 2)'.

ИССЛЕДОВАНИЕ ПОВЕДЕНИЯ ИНФОРМАТИВНЫХ СИГНАЛОВ ОТ НАКОПИТЕЛЯ НА ЖЕСТКИХ МАГНИТНЫХ ДИСКАХ ПРИ ОБРАБОТКЕ ИНФОРМАЦИИ В РАЗНЫХ ОБЛАСТЯХ ДИСКА

The article demonstrates the change in the spectrum of informative signals during the sim-ulation of work (reading or writing information) hard disk drive in its different areas with the help of specialized software from the composition of software and hardware complexes for en-gineering research and research transient electromagnetic pulse emanation standard in order to detect the possible frequencies of informative signals (which are likely to leak the processed information including of limited distribution)

Electromagnetic Pulse Sensor

ABSTRACTA simple dipole antenna maybe not intended to measure the transient electromagnetic pulse of sharp rise time in order of picoseconds. The pulse might be produced from numerous ways and their particular recognition is a need for proficient innovative work of the related systems. Magnetic-field sensor (B-dot) and Electric-field sensor (D-dot) are the more suited choice for precise detection of such pulse, owing to their pungent rise time. In this paper, the new conceptualized design of the B-dot sensor using a Mobius loop and detailed design of the Ground Plane D-dot sensors using an Equivalent Charge Distribution Method, followed by the principal, configuration, and calibration methods are introduced. Furthermore, an advanced prototype of the electric field sensor is developed based on simulation analysis and lightweight Aluminum (Al) Alloy. Moreover, the paper emphasizes the consequence of material choice on bandwidth and technically deployment of Al-Alloy in sensor manufacturing. The developed prototype is up to 3.0 times lesser in weight and up to 3.0 times, economical compared to a like Copper-based sensor and has a bandwidth greater than 12.1 GHz, which minimize multi-sensor requirement in the measurement of the electromagnetic pulse with wide-band EM systems.

Imaging Internal Defects with Synthetic and Experimental Data

This work concerns an inverse time-dependent electromagnetic scattering problem of imaging internal defects in a homogeneous isotropic medium. The position and cross section of the defects are detected by transient electromagnetic pulses in the case of TE polarization. We apply the Kirchhoff migration scheme to locate the position of small objects from both synthetic and experimental data. The multiple-input-multiple-out scheme is used to recover extended scatterers from the data generated by the software GprMax. Numerical experiments show that the Kirchhoff migration method is not only efficient but also robust with respect to polluted data at high noise levels. Experimental results show good quantitative agreement with numerical simulations.

Arecibo ALFA Array Observations in Search of Lunar Meteoroid-Strike EMPs

We present the preliminary results of a search for transient Electromagnetic Pulses (EMP) associated with the impact of meteoroids on the lunar surface as observed with the Arecibo Observatory ALFA (Arecibo L-band Feed Array) system. The ALFA system is a cluster of seven, dual-linear polarization feeds/beams arranged in a hexagonal manner and operated in the protected L-band region centered at 1.41 GHz. We analyzed 8 TB of data totaling nearly 5.5 h of on- and off-moon observations made in February 2016. We demonstrate the observing strategy and time–frequency methods for the detection and removal of the local-radar transient interference signals while identifying potential EMPs. Local out of band radar interference signals are observed as intermodulation artifacts in the protected L-band. Seven transient wideband EMP events with time scales of less than 10 μs have been detected following the extensive vetting process we describe. Assuming that these EMP-like events originate from gram-sized meteoroid strikes and using very approximate hypervelocity impact, plasma production theory, and EMP generation theory, we estimate the progenitor impact meteoroid kinetic energy to be approximately 1.8 × 107 J. Assuming that the observed EMPs are the result of 10 g meteoroid impacts, the resultant meteoroid flux is 3 × 10−7 km−2 h−1 based solely on lunar surface area observed and net observing period. Implications of the observed transient EMP events, measured lunar noise temperature and the comparison with energy estimates derived from the existing lunar impact optical observations are also discussed.

Transient Electromagnetic Pulse Emanation in Digital Systems in the Mode of Pulsed Excitation of the Printed Connector Elements

Specific features of the formation of transient electromagnetic pulse emanation fields induced by the pulsed excitation of printed elements are discussed. The field formation affects the electromagnetic compatibility of digital signal processing devices. It is shown that printed conductors in complex-layout boards with a specific geometrical configuration can work as electromagnetic emitters. It has been established that the video pulse length, clock frequency, and code sequence alternation phase determine the spectral behavior of a digital signal, which may coincide with the eigenfrequencies of printed emitters, in particular, forming a mode of excitation on the self-oscillations when decreasing video pulse length or front steepness. The results of investigations of potentially emitting printed element prototypes are reported.

The electromagnetic effect study of GIS enclosure under high‐frequency electromagnetic pulse

In gas insulated switchgear (GIS) substation, due to the operation of disconnect switch and circuit breaker, as well as short-circuit fault, SF6 will break down very rapidly. The superposition of refraction and reflection of high-frequency travelling waves will cause the very fast transient electromagnetic pulse (EMP). High-frequency EMP propagating along GIS core wire will couple to GIS enclosure which forms transient enclosure voltage (TEV). Through the study of new GIS enclosure coupling model which can be verified by site test and frequency effect on the enclosure coupling under high-frequency EMP, results indicate the generation of TEV is closely related to GIS structures and the electromagnetic wave propagation characteristics on its core wire and enclosure. Electromagnetic coupling model must consider the entire propagating and coupling process of EMP in GIS. Paper also shows that TEV is mainly formed by high frequency >0.1 MHz EMP coupling and the difference on coupling extent when frequency is >1 MHz is small.

Study of the time-domain electromagnetic pulse standard field generation setup and its application.

In this paper, a time-domain electromagnetic pulse standard field generation setup was designed and manufactured for transient electromagnetic pulse sensor calibration. The calibration setup is based on the mono-cone structure. It can produce a calculated electromagnetic pulse field with the electric field intensity from 100 V/m to 600 V/m. The quantity of the electric field intensity is traced to the national primary standard of the pulse parameter, the S parameter, and the length quantity. The standard uncertainty of the produced electric field is 2.4%. The waveform and field distribution of the standard field were verified by experiment. Based on this facility, the calibration methods and uncertainty evaluation methods for two types of electromagnetic pulse sensors (TEM horn and D-dot sensor) were proposed. Finally, we obtained the calibration results of the sensors. The standard uncertainties of the calibration are 3.6% for the TEM horn and 3.0% for the D-dot sensor.

Spectral and temporal characteristics of target current and electromagnetic pulse induced by nanosecond laser ablation

The current balancing the target charging and the emission of transient electromagnetic pulses (EMP) driven by the interaction of a focused 1.315 μm iodine 300 ps PALS laser with metallic and plastic targets were measured with the use of inductive probes. It is experimentally proven that the duration of return target currents and EMPs is much longer than the duration of laser-target interaction. The laser-produced plasma is active after the laser-target interaction. During this phase, the target acts as a virtual cathode and the plasma-target interface expands. A double exponential function is used in order to obtain the temporal characteristics of EMP. The rise time of EMPs fluctuates in the range up to a few tens of nanoseconds. Frequency spectra of EMP and target currents are modified by resonant frequencies of the interaction chamber.

ASSESMENT OF INFORMARTION SECURITY METHOD FROM OUTFLOW THROUGH TRANSIENT ELECTROMAGNETIC PULSE EMANATION

Recently, methods of information interception with transient electromagnetic pulse emanation of local network elements are getting developed. Separate computers security methods are worked out well and backed up with necessary regulatory documents. However, information security through TEMPEST is far more hard to do in local network then in separate devices. That’s why special institutional, algorithmic and methodological approaches should be used to detect electromagnetic pulse emanations. Methods of spotting TEMPEST were analyzed. There are panoramas difference method, audiovisual method, expert method and parametric correlation method. Development of methodology for assessing information security from the information outflow by the transient electromagnetic pulse emanation of computer technology by using the text signal as a continuous sequence of pulses was the main goal of this project The mathematical apparatus allows calculating the energy of a single signal by transfer logic 1 or a logical 0.These approaches can be considered into accounting by improving special researches of transient electromagnetic pulse emanation methods on EVT.