TÜV SÜD Product Service has been appointed by CESG, the Information Security arm of GCHQ and UK’s National Technical Authority for Information Assurance, as the UK’s only commercial laboratory accredited to perform Tempest first-of-type platform testing.
Unintentional signals from Information & Communications Technology (ICT) equipment, on board platforms such as military vehicles, may make sensitive data vulnerable. The TEMPEST service helps manufacturers and end-users understand its level of electromagnetic vulnerability, to ensure that countermeasures are put in place.
In addition to performing first-of-type platform testing, TÜV SÜD can perform in-service TEMPEST testing to Ministry of Defence (MoD) requirements.
Jean-Louis Evans, Managing Director of TÜV SÜD Product Service, said: “Security, for both the military and other government departments, is about understanding the vulnerabilities associated with radio frequency emanations ICT equipment and mobile platforms processing classified information.
“Our appointment as the UK’s only commercial TEMPEST first-of-type test laboratory is testament to TÜV SÜD’s pedigree in EMC conformance testing. We have a strong international reputation for impartiality and familiarity with an extensive range of ICT products, as well as experience of working with many governments and NATO.”
This appointment extends TÜV SÜD’s TEMPEST service beyond the accreditation it received from CESG in 2012, which allows TÜV SÜD to evaluate and certify products on under the CESG Formal TEMPEST Certification Scheme (CFTCS).
As well as submitting products for testing by TÜV SÜD, manufacturers will have to undergo regular TEMPEST production audits to achieve and maintain certification for their ICT equipment, thereby ensuring that compromising electromagnetic emanations remain within the limits defined in NATO standards.