There are three domains in which physical protection is typically important. The electromagnetic domain includes all effects due to electric or magnetic fields and waves. This includes all electrical devices (especially computing equipment), and any electromagnetic material that connects to that equipment (e.g. wires and drains). The sonic domain includes all effects due to waves in air or other substances in the environment. Sonic waves are limited by sealing them inside a vacuum, but is only completely effective when there is no physical link between the environment and the area being protected (e.g. in outer space). The mechanical domain includes explosive devices, breaking and entering, flood, fire, enemy attack, etc.
The physical control requirements for military systems are quite stringent. Equipment must be kept physically secure by providing physical controls to prevent, delay, and detect unauthorized access to the central computer facility, internal controlled areas, peripheral devices, remote terminals, and storage media. In many cases, the physical controls consist of determining what personnel may enter or leave a given site, and what equipment must be kept under controlled circumstances. The current emphasis in military systems is on dedicated computer systems. This seems an expensive proposition, but because of the inability to trust current operating systems with maintaining protection, and because of the potential for TEMPEST or other attacks in non dedicated operations, it is considered necessary.
The word tempest refers to the investigations and studies of compromising emanations. It is often used synonymously with 'compromising emanations'. The importance of tempest protection cannot be underestimated. The basic problem is that compromising emanations may be generated by any electrical information processing equipment. In many cases, facilities are required to be kept within complete metal enclosures to prevent electromagnetic leakages, and vacuum seals to prevent sonic leakages. High noise environments are sometimes artificially generated to make the detection of signals very difficult. Many other techniques may also be used.
Tempest attacks are based on emanations that may be propagated through space, over telephone lines, by fortuitous conductors (e.g. water pipes), grounding wires, etc. The tempest goals are to prevent compromising emanations from being carried to any area where unauthorized interception could occur. This type of event is assumed for the purposes of tempest to be; unintentional, classified, data related, intelligence bearing, and intercepted by unauthorized persons.
Tempest protection requires that information under one classification and compartment be isolated from other classifications and compartments. The separation requirements are based on 'Equipment Radiation Transmission Zone (ERTZ)'. The basic ERTZ regulations are; emanations are allowed within the ERTZ; ERTZ determination is based on engineering estimates, ambient noise levels (masking), facility construction, and distance from source; equipment maintenance must not reduce tempest protection; and inspections must be used to detect interception efforts and tempest problems.
Tempest measures should be commensurate with the sensitivity of information, the amount of classified information, and the probability of facility becoming an intercept target. The tempest requirements include, but are not limited to; power lines for classified equipment must be isolated, all incoming and outgoing telephone lines must be protected, and each classification level must be isolated. This includes communications signal lines, communications equipment, and particularly telephone lines. Fortuitous conductors must be isolated at the point of egression, including drains, pipes, and conduits. Station earth ground point must not be shared by any other facility
Tempest protection can be provided by minimizing the strength of electromagnetic signals generated, filtering signals and other leads, using tempest approved equipment, modifying existing equipment, separating classified and unclassified equipment transmission paths, and shielding areas and facilities.