RU2445736C1 - Apparatus for protecting computer hardware of information technology facilities from stray electromagnetic radiation - Google Patents

Abstract

FIELD: information technology.

SUBSTANCE: apparatus for protecting computer hardware of information technology facilities from stray electromagnetic radiation has a radio camouflage device, a spectrum analyser, a switching unit, electrically alterable read-only memory and a probabilistic forecasting device.

EFFECT: high security of computer hardware of information technology facilities from stray electromagnetic radiation.

10 dwg

Description

The invention relates to the field of radio engineering, and in particular to devices that allow for continuous monitoring of spurious electromagnetic radiation (PEMI) from electronic computer equipment (EECS) of information objects (OI).

A device is known that allows the protection of computer equipment from spurious electromagnetic radiation ("Device for protecting computer technology from spurious electromagnetic radiation", RF patent No. 2204882, publ. 30.07.2001).

The disadvantage of this device is the low protection of the CMEA from PEMI.

The closest in technical essence and the functions performed is a prototype device containing a noise generator in the form of a system of two coupled generators, the first of which is a generator with delayed feedback and inertial auto-bias, the second generator with adjustable feedback, the output of the first generator is connected to the input of the second generator using a communication element, and a radiator, as well as a splitter with one input and N outputs, N buffer stages, made in the form of amplifiers with inertial auto-bias and (N-1) additional emitters, while the output of the noise generator is connected to the input of the splitter, each output of the latter is connected to the input of the corresponding buffer cascade, and the input of each emitter is connected to the output of the corresponding buffer cascade ("Radio masking device" RF patent No. 2224376, publ. 02/20/2004). With such a combination of the described elements and relationships, the ability to protect the information of electronic computer technology (EECS) by masking their radiation is achieved. The disadvantage of the prototype device is the low protection of the CMEA from PEMI.

The objective of the invention is to provide a device for protecting electronic computers from computerization from PEMI, which allows to increase their security by reducing the unmasking signs of the radio masking device by constantly monitoring spurious electromagnetic radiation from electronic computers, and, based on the prediction results, carry out advance turning on the radio masking device in order to mask in a given frequency range.

This problem is solved in that the device for protecting electronic equipment from computerization objects against electromagnetic side radiation, comprising a radio masking device, which consists of a system of two coupled generators and a capacitive coupling element between them, a radiating antenna and a low-frequency noise source, according to the invention, is supplemented with a spectrum analyzer (AS), a switching unit (BC), an electrically programmable read-only memory (EEPROM), a probabilistic prediction device (UVP), moreover, the AC output is connected to the first input of the BC, the first output of which is connected to the input of the EEPROM, the output of which is connected to the input of the UVP, the output of which is connected to the second input of the switching unit, the second output of which is connected to the radio masking device.

The listed new set of essential features makes it possible to increase the protection of the CECS from PEMI by reducing the unmasking signs of the operation of the radio masking device by continuously monitoring the PEMI from the CECM, and, based on the prediction results, enable the radio masking device in advance to mask in a given frequency range.

The analysis of the prior art made it possible to establish that analogues that are characterized by a combination of features identical to all the features of the claimed technical solution are absent, which indicates the compliance of the claimed device with the patentability condition of "novelty".

Search results for known solutions in this and related fields of technology in order to identify features that match the distinctive features of the claimed object from the prototype showed that they do not follow explicitly from the prior art. The prior art also did not reveal the popularity of the impact provided by the essential features of the claimed invention, the transformations on the achievement of the specified technical result.

Therefore, the claimed device meets the condition of patentability "inventive step".

"Industrial applicability" of the device for protecting electronic computers from informatization objects against secondary electromagnetic radiation is due to the presence of an elemental base on which it can be made.

The claimed device is illustrated by drawings, which show:

figure 1 - device protection means of electronic computing technology objects of informatization from spurious electromagnetic radiation;

figure 2 - spectrum analyzer;

figure 3 - algorithm of the spectrum analyzer;

figure 4 - switching unit;

5 is an algorithm for the operation of the switching unit;

Fig.6 is a graph of the increase in the electric field strength of the CMEA;

7 is an electrically programmable read-only memory;

Fig - algorithm for the operation of EEPROM;

Fig.9 is a device for probabilistic forecasting;

figure 10 - algorithm for predicting the appearance of PEMI.

Technical means of carrying out the invention with the realization of the purpose indicated in the application (Fig. 1): spectrum analyzer 1, electromagnetic environment control device 2, consisting of a switching unit (BC) 2.1, electrically programmable read-only memory (EEPROM) 2.2, probabilistic prediction device (UVP ) 2.3, radio masking device 3.

The spectrum analyzer 1 (figure 2) is a known device and is intended to measure the levels of electromagnetic fields (EMF) ("Spectrum Analyzer", RF patent No. 2111441, publ. 06/27/1998). As an option, it can be performed on the basis of the IC-PCRIOOO scanner receiver as a separate unit and operating under the control of a PC via the built-in RS-232 computer interface (A. Khorev. Information protection against leakage through technical channels. Part 1. Technical channels of information leakage. Textbook. M.: State Technical Commission of Russia, 1998. - P.67, section 3.1. Scanner receivers).

The algorithm of the spectrum analyzer is presented in figure 3. At the initial stage of work, the input data (operating modes) of the spectrum analyzer are input. Then, the analyzer is automatically tuned. When the analyzer is turned on, the radio frequency range is scanned. The display shows the analyzer tuning frequency, the type of modulation and the level of the received signal E _meas . Then, the received signal level is transmitted to the first input of the switching unit. In the event that the analyzer's operating frequency goes beyond the studied range, it provides automatic frequency adjustment.

The switching unit 2.1 (figure 4) is a known device and is intended to enable the radio masking device in advance.

The switching unit is a hardware complex that manages the switching modes and the interconnection of the units connected to it via an interface in accordance with the RS-232 standard.

The functions of this switching unit are the switching of digital signals from the output of the spectrum analyzer to an electronic programmable memory device (EEPROM), and the switching of signals controlling the signal masking device. In the book (A. Abilov, Communication Networks and Switching Systems. - Izhevsk: IzhGTU Publishing House, 2002, - 352 pp., Ill.) On pp. 249-257 in sections 8.4. “Switching fields and block: basic concepts and definitions” and 8.5. “Methods for constructing switching blocks” provides a definition and functions performed by switching blocks, possible methods for constructing them.

The first input of the switching unit is connected to the output of the spectrum analyzer, for the purpose of subsequent switching of the digital signal that displays the level of the electric field PEMI of the work of electronic computing equipment, to an electrically programmable read-only memory device (EEPROM), which is connected to the first output of the switching unit. The second input of the switching unit is connected to the output of the probabilistic forecasting device, which at a certain point in time determines the probability of the instantaneous value of the electric field strength exceeding the permissible limits. The second output of the switching unit is connected to the radio masking device for the purpose of switching the control signal - the enable signal from the output of the probabilistic forecasting device. Alternatively, it can be performed on the basis of the KVM-1600 switch according to the scheme shown in figure 4. The composition and principle of operation of the KVM-1600 are described in more detail in PLANET Technology Corp. KVM-1600 16-port KVM Switch with OSD and Daisy Chain., Min Chuan Road, Hsin Tien, Taipei, Taiwan, R.O.C. 11F, No.96. http://www.planet.com.tw.

The switching algorithm is disclosed in the book (A. Abilov, Communication Networks and Switching Systems. - Izhevsk: Izhevsk State Technical University publishing house, 2002, - 352 pp., Ill.) On pages 341-342 in subsection 10.6. “Control systems in the CSK” in the sub-item “Centralized management” describes the methods and principles of switching based on uniprocessor and multiprocessor switching systems that perform general station (centralized) tasks for the management and interaction of modules and blocks of a digital switching system.

The process of functioning of the switching unit is illustrated by the algorithm presented in figure 5, and a graph of the increase in the electric field strength of the EECS, presented in figure 6.

The output of a spectrum analyzer (AS) the instantaneous level of the electric field E SEVT _edited in digital form is supplied to a first input of BC electromagnetic environment monitoring device. From the first output BC signal indicating the level of the electric field intensity SEVT E _edited in a digital form is supplied to the EEPROM which is recorded in the table as a 4-bit two-digit code as a reference the reference value E _fl at which there is no leakage of information from SEVT through PEMI. Thus, the first measured value of the electromagnetic field strength, which does not lead to information leakage through the PEMI, is recorded in the EEPROM as a reference value of the electromagnetic field strength. The EEPROM memory also stores the calculated first predetermined minimum value of the electric field strength E _min1, in which removal is not possible with SEVT information and compromising emanations through a predetermined first maximum value calculated intensity E _max1, in which the possible removal information. From the output of the EEPROM, the reference value E _et and the subsequent measured values of the electric field strength E _ISM are fed to the input of the UVP.

The probabilistic prediction device 2.3 continuously evaluates the changing parameters. At the first stage of UVP 2.3 operation, the cells of the memory block 2.3.2, which also stores the value of the electric field strength, which leads to the collection of information through the PEMI, are fed and multiplied by the EEPROM 2.2 through the switching and measuring unit 2.3.1 by the unit weight coefficients and recorded reference reference value of electric field strength E _et . Then, using the blocks for calculating the probabilistic characteristics of a priori information BV1 UVP 2.3.4 and the block for calculating the conditional a posteriori probabilities BV2 2.3.5, we predict the time of occurrence of the possibility of information retrieval through PEMI, i.e. time (t _lead ) with a given probability during which it will be impossible to retrieve information through the PEMI. The memory unit UVP 2.3.2, using the switching and measuring unit 2.3.1, compares the value of the electric field strength coming from the EEPROM 2.2 with the predetermined calculated first minimum value of the electric field strength E _min1 , which does not lead to the collection of information from the NECS through the PEMI and the first the maximum value of tension E _max1 , leading to the collection of information through PEMI. If the value of the electric intensity of the electromagnetic field tends to a value that exceeds the permissible limits, then the UVP 2.3.7 display unit gives an alarm about the likelihood of a threat of information leakage through the PEMP and the minimum time (T _min ) of preservation of the protection of the PECC from information pickup through the PEMI the time interval until the first tolerance is reached by the measured parameter. In this case, the control unit UVP 2.3.8 from the output of the probabilistic forecasting device 2.3 issues a control signal “UPR-1” to the second input of the BC 2.1 to turn on the radio masking device 3, in order to noise the specified frequency range and protect the CECS from information leakage through the PEMI. At the same time, the UVP 2.3.7 display unit includes an alarm, and on the front panel of the switching unit of the electromagnetic environment monitoring device 2.1, a light alarm appears indicating that the switching has occurred.

If the level of electric field remains between the predetermined calculated first minimum E _min1 and the first maximum values of E _max1 , the second stage of work begins. UVP 2.3 compares the instantaneous value of the electric field strength generated by AC 1 with a predetermined calculated second minimum value of E _min2 corresponding to the value of the electric field at which normal operation of the CECS is performed and a predetermined calculated second maximum value of E _max2 corresponding to the value of electric the field at which information is acquired through the PEMI. Accordingly, predicting the appearance of a threat of information retrieval is carried out similarly to the previous stage. If the probabilistic forecasting device 2.3 determines the probability of the instantaneous value of the electric field strength exceeding the permissible limits at a certain point in time, i.e. above a predetermined second maximum value, first a control signal is output from the UVP 2.3 output to the second input of the BC 2.1 about the possibility of information retrieval, and then at the end of the time T _min, the switching unit 2.1 also uses the UVP 2.3 control unit to turn on the radio masking device 3. In addition , similarly to the first stage of operation, the display unit 2.3.7 includes an alarm.

In accordance with the norm at the given stage of the diagnosed parameters, the display unit 2.3.7 gives information about the impossibility of retrieving information from the CECS through the PEMI, and the control unit UVP 2.3.8 of the probabilistic forecasting device 2.3 sends a command through the BC to turn off the radio masking device. When the diagnostic parameter is again outside the normal range, the first stage of work is repeated.

Electrically programmable read-only memory 2.2 is a known device (Tokheim R. "Fundamentals of Digital Electronics": Translated from English. - M.: Mir, 1988, - 392 p.) (Pp. 268-269) and is intended for storing reference reference values electric field strength, as well as electric field strength, leading to the leakage of information of the EECS through PEMI. Alternatively, it can be performed on the basis of the AT28BV64B chip (Atmel Corporation. AT28BV64B 64 K (8K × 8) Battery-Voltage Parallel EEPROM with Page Write and Software Data Protection. 2005) (p. (1-17), shown in Fig. 7 . In the book (O. Lebedev, Memory Chips and Their Application. - M .: Radio and Communications, 1990, - 160 pp., Ill: (Mass Radio Library. Issue 1152) on pages 7-31 in the chapter "General characteristic of memory microcircuits "presents the purpose of memory microcircuits and their varieties, as well as the use of memory microcircuits as a functional unit. On pages 111-119 in section 4" Permanent memory microcircuits ( Memory) ”in the subsection“ Masked microcircuits ROM ”presents a classification of microcircuits by the organization of memory and their programming. It is indicated that the common property of all microcircuits of ROMs is their multi-digit (dictionary) organization, read mode as the main operating mode and non-volatility. On page 119 -125 of this book, in the subsection “ROM microcircuits”, it is indicated that programmable ROM microcircuits according to the principle of construction and operation are similar to mask ROMs (once programmed by the manufacturer according to the method of custom photoshoot it (the mask), but there are significant differences that allow programming in place of the user application. On p.147-153 in the section "Programming EPROM chips" describes the process of programming EEPROM. The functioning of the EEPROM is presented in the form of the algorithm in Fig. 8.

In the book (Kuzminov A.Yu. RS232 interface. Communication between a computer and a microcontroller. - M.: Radio and communications, 2004. - 168 .: ill.) On pages 25-27 in section 3.2 "Traditional RS232 level converters" and on pages 82-90 in section 7 “Using the RS232 interface to load the microcontroller program memory” the principle of programming the EEPROM using RS232 using various microcircuits is presented, for example, MAX232A - a dual linear transceiver designed to convert the serial code of the EIA / TIA-232E and V interfaces .28 / V.24 conforming to specification RS-232, in a parallel code (TTL level) operation circuits.

The device of probabilistic forecasting 2.3 known device (Diagnostic tools: Handbook / V.V. Klyuyev and others. Under the general editorship of V.V. Klyuyev. - M .: Mechanical Engineering, 1989, - 672 p.) (P. 158- 159, Fig. 17) and is intended to determine the appearance of a technical channel for information leakage by means of secondary electromagnetic radiation, as well as signaling the operation of the radio masking device.

Alternatively, the UVP can be performed according to the scheme shown in Fig.9. (Ivanov V.A., Grechishnikov E.V., Dvilyansky A.A., Belov A.S. Device for active protection and technical readiness of distributed LAN elements under external destructive influences. Patent No. 2316810 of 02/10/2008). It includes a switching and measuring unit (BKI) 2.3.1, a memory unit (BP) 2.3.2, a weight coefficient block (BVK) 2.3.3, a unit for calculating the probabilistic characteristics of a priori information (BV1) 2.3.4, a unit for calculating conditional a posteriori of probabilities (BV2) 2.3.5, block of correction of results (BKR) 2.3.6, indication blocks (BI) 2.3.7 and control (BU) 2.3.8. The relationship between the process of predicting the appearance of PEMI with the functioning of the switching unit and the connection of the radio masking device is illustrated by the algorithm shown in Fig. 10.

The device protection means of electronic computing technology objects of informatization from spurious electromagnetic radiation works as follows.

The output of a spectrum analyzer (AS) the instantaneous level of the electric field E SEVT _edited in digital form is supplied to a first input of BC electromagnetic environment monitoring device. From the first output BK signal representing the level of intensity of the electric field SEVT E _edited digital form is supplied to the EEPROM which is recorded in the table as a 4-bit two-digit code as a reference the reference value E _fl at which there is no leakage of information from SEVT through PEMI. Thus, the first measured value of the electromagnetic field strength, which does not lead to information leakage through the PEMI, is recorded in the EEPROM as a reference value of the electromagnetic field strength. The memory of the EEPROM also stores predetermined calculated first minimum values of the electric field strength E _min1 , at which it is impossible to retrieve information from the NECS via PEMI and the first maximum values of the voltage E _max1 at which information can be _taken . From the output of the EEPROM, the reference value E _et and the subsequent measured values of the electric field strength E _ISM are fed to the input of the UVP.

The probabilistic prediction device 2.3 continuously evaluates the changing parameters. At the first stage of UVP 2.3 operation, the cells of the memory block 2.3.2, which also stores the value of the electric field strength, which leads to the collection of information through the PEMI, are fed and multiplied by the EEPROM 2.2 through the switching and measuring unit 2.3.1 by the unit weight coefficients and recorded reference reference value of electric field strength E _et . Then, using the blocks for calculating the probabilistic characteristics of a priori information BV1 UVP 2.3.4 and the block for calculating the conditional a posteriori probabilities BV2 2.3.5, we predict the time of occurrence of the possibility of information retrieval through PEMI, i.e. time (t _lead ) with a given probability during which it will be impossible to retrieve information through the PEMI. The memory unit UVP 2.3.2, using the switching and measuring unit 2.3.1, compares the value of the electric field strength coming from the EEPROM 2.2 with a predetermined calculated first minimum value of the electric field strength E _min1 , which does not lead to the collection of information from the NECS via PEMI and in advance specified calculated first maximum value of the intensity E _max1 , leading to the collection of information through the PEMI. If the value of the electric intensity of the electromagnetic field tends to a value that exceeds the permissible limits, then the UVP 2.3.7 display unit gives an alarm about the likelihood of a threat of information leakage through the PEMP and the minimum time (T _min ) of preservation of the protection of the PECC from information retrieval through the PEMI, which corresponds to the time interval until the first tolerance is reached by the measured parameter. In this case, the control unit UVP 2.3.8 from the output of the probabilistic forecasting device 2.3 issues a control signal “UPR-1” to the second input of the BC 2.1 to turn on the radio masking device 3, in order to noise the specified frequency range and protect the CECS from information leakage through the PEMI. At the same time, the indication unit UVP 2.3.7 turns on the alarm, and on the front panel of the switching unit of the device for monitoring the electromagnetic environment 2.1, a light alarm appears indicating the registration of the changes that have taken place.

If the level of electric field remains between the predetermined calculated first minimum E _min1 and the first maximum values of E _max1 , the second stage of work begins. UVP 2.3 compares the instantaneous value of the electric field strength generated by AC 1 with a predetermined calculated second minimum value of E _min2 corresponding to the value of the electric field at which normal operation of the CECS is performed and a predetermined calculated second maximum value of E _max2 corresponding to the value of electric the field at which information is acquired through the PEMI. Accordingly, predicting the appearance of a threat of information retrieval is carried out similarly to the previous stage. If the probabilistic forecasting device 2.3 determines the probability of the output, at a certain point in time, of the instantaneous value of the electric field strength beyond acceptable limits, i.e. above a predetermined second maximum value, first a control signal is output from the UVP 2.3 output to the second input of the BC 2.1 about the possibility of information retrieval, and then at the end of the time T _min, the switching unit 2.1 also uses the UVP 2.3 control unit to turn on the radio masking device 3. In addition , similarly to the first stage of operation, the display unit 2.3.7 includes an alarm.

If the diagnosed parameters are normal at this stage, the display unit 2.3.7 gives information about the impossibility of retrieving information from the AECS through the PEMI, and the control unit UVP 2.3.8 of the probabilistic forecasting device 2.3 sends a command through the BC to turn off the radio masking device. When the diagnostic parameter is again outside the normal range, the first stage of work is repeated. The end of the work.

Evaluation of the effectiveness of the device for protecting the EECS OI from PEMI is carried out by comparing the probabilities of detecting unmasking signs (DMF).

The prototype device is characterized by h (N) - the entropy coefficient of quality of the masking signal (EKMS). This coefficient according to (Theory of electrical communications: Textbook for universities / D.D. Klovsky, 1999, - 432 pp.) Is the differential entropy of additive white Gaussian noise (ABGS) with zero mean and variance σ ² = R _w (1):

where R _W - noise power.

Based on the expression (1), we obtain an expression for determining the noise power:

Dispersion D according to (Handbook of Mathematics. Bronstein I.N., Semendyaev K.A. - M .: Nauka, 1981, - 720 p., Ill.) Is determined using the following expression:

where X is a random variable representing the amplitude of the URM signal at random times. According to (Theory of electrical communications: Textbook for universities / D.D. Klovsky, 1999, - 432 p.) The value of the amplitude of the random process ABGS takes the form:

where G ₀ (f ₀ ) is the spectral power density (PSD) of a random process (SP) (determined from the SPM schedules of the prototype (Bezrukov V.A., Ivanov V.P., Lebedev M.N. Radio masking device. Patent No. 2224376 from 06/07/2002)); δ (f ₁ -f ₀ ) = 1 - delta function (correlation function of a random process); M _x is the mathematical expectation of the joint venture, which in turn is determined by the following expression:

where P _k = P _DMP is the probability of detecting unmasking signs of the work of URM.

Thus, based on expressions (3) and (5), we obtain:

Representing (1-P _DMP ) as the probability of turning on the URM R _URM , we obtain an expression for determining the probability of occurrence of unmasking signs of URM operation:

According to the expressions (2) - (7), we obtain the dependence of the probability of detection of URM DMP on the probability of turning on the radio masking device:

. Энтропийный коэффициент качества маскирующего сигнала h(N)=0,95 (задан техническими характеристиками устройства-прототипа).For a radio masking device, the SPM SP value is

. The entropy coefficient of quality of the masking signal h (N) = 0.95 (specified by the technical characteristics of the prototype device).

Considering that during the operation of the prototype device, the probability of information leakage through PEMI is assumed to be 100%, and therefore the probability of turning on the URM is equal to P _{URM prot} = 1, and for a developed device containing UVP and capable of more accurately predicting the likelihood of PEMI, it is equal to P _{URM device} = 0.95. For the considered operating modes, the following probabilities of detecting unmasking signs were obtained:

P _{PDM prot} = 0.96,

P _{DMP device} = 0.87.

The effectiveness of the claimed device protection means of electronic computing equipment of objects of informatization from spurious electromagnetic radiation is determined by the following expression:

Claims (1)

A device for protecting electronic computers from informative electromagnetic radiation, containing a radio masking device, which consists of a system of two coupled generators and a capacitive coupling element between them, a radiating antenna and a low-frequency noise source, characterized in that a spectrum analyzer (AS ), a switching unit (BC), an electrically programmable read-only memory (EEPROM), a probabilistic prediction device (UVP), and the AC output is connected inen with the first input of the BC, the first output of which is connected to the input of the EEPROM, the output of which is connected to the input of the UVP, the output of which is connected to the second input of the BC, the second output of which is connected to the radio masking device.

Images