ITU-T K 115-2015 Mitigation methods against electromagnetic security threats (Study Group 5)《消除电磁安全威胁的方法(研究组5)》.pdf

1、 I n t e r n a t i o n a l T e l e c o m m u n i c a t i o n U n i o n ITU-T K.115 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (11/2015) SERIES K: PROTECTION AGAINST INTERFERENCE Mitigation methods against electromagnetic security threats Recommendation ITU-T K.115 Rec. ITU-T K.115 (11/2015) i R

2、ecommendation ITU-T K.115 Mitigation methods against electromagnetic security threats Summary Recommendation ITU-T K.115 specifies mitigation methods against electromagnetic (EM) security threats such as high-altitude electromagnetic pulse (HEMP), high-power electromagnetic (HPEM), information leaka

3、ge and lightning for telecommunication equipment and facilities. This Recommendation applies to all types of telecommunication equipment and facilities such as switching equipment, modems and buildings where equipment is installed. History Edition Recommendation Approval Study Group Unique ID* 1.0 I

4、TU-T K.115 2015-11-29 5 11.1002/1000/12664 Keywords Electromagnetic security, EM security, high-altitude electromagnetic pulse, HEMP, high-power electromagnetic, HPEM, information leakage, lightning. * To access the Recommendation, type the URL http:/handle.itu.int/ in the address field of your web

5、browser, followed by the Recommendations unique ID. For example, http:/handle.itu.int/11.1002/1000/11830-en. ii Rec. ITU-T K.115 (11/2015) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications, information and communicati

6、on technologies (ICTs). The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The Worl

7、d Telecommunication Standardization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In

8、some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recogn

9、ized operating agency. Compliance with this Recommendation is voluntary. However, the Recommendation may contain certain mandatory provisions (to ensure, e.g., interoperability or applicability) and compliance with the Recommendation is achieved when all of these mandatory provisions are met. The wo

10、rds “shall“ or some other obligatory language such as “must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTSITU draws attention to the possibility that

11、 the practice or implementation of this Recommendation may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendati

12、on development process. As of the date of approval of this Recommendation, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementers are cautioned that this may not represent the latest information and ar

13、e therefore strongly urged to consult the TSB patent database at http:/www.itu.int/ITU-T/ipr/. ITU 2016 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. Rec. ITU-T K.115 (11/2015) iii Table of Contents Page 1 Sc

14、ope . 1 2 References . 1 3 Definitions 3 3.1 Terms defined elsewhere 3 3.2 Terms defined in this Recommendation . 5 4 Abbreviations and acronyms 5 5 Conventions 5 6 Mitigation methods against electromagnetic security threats . 6 6.1 High-altitude electromagnetic pulse . 6 6.2 High-power electromagne

15、tic 10 6.3 Information leakage 15 6.4 Lightning 20 Bibliography. 23 Rec. ITU-T K.115 (11/2015) 1 Recommendation ITU-T K.115 Mitigation methods against electromagnetic security threats 1 Scope This Recommendation specifies mitigation methods against electromagnetic (EM) security threats for telecommu

16、nication equipment and facilities. This Recommendation applies to all types of telecommunication equipment and facilities such as switching equipment, modems and buildings where equipment is installed. 2 References The following ITU-T Recommendations and other references contain provisions which, th

17、rough reference in this text, constitute provisions of this Recommendation. At the time of publication, the editions indicated were valid. All Recommendations and other references are subject to revision; users of this Recommendation are therefore encouraged to investigate the possibility of applyin

18、g the most recent edition of the Recommendations and other references listed below. A list of the currently valid ITU-T Recommendations is regularly published. The reference to a document within this Recommendation does not give it, as a stand-alone document, the status of a Recommendation. ITU-T K.

19、11 Recommendation ITU-T K.11 (2009), Principles of protection against overvoltages and overcurrents. ITU-T K.12 Recommendation ITU-T K.12 (2010), Characteristics of gas discharge tubes for the protection of telecommunications installations. ITU-T K.20 Recommendation ITU-T K.20 (2015), Resistibility

20、of telecommunication equipment installed in a telecommunication centre to overvoltages and overcurrents. ITU-T K.21 Recommendation ITU-T K.21 (2015), Resistibility of telecommunication equipment installed in customer premises to overvoltages and overcurrents. ITU-T K.27 Recommendation ITU-T K.27 (20

21、15), Bonding configurations and earthing inside a telecommunication building. ITU-T K.28 Recommendation ITU-T K.28 (2012), Parameters of thyristor-based surge protective devices for the protection of telecommunication installations. ITU-T K.36 Recommendation ITU-T K.36 (1996), Selection of protectiv

22、e devices. ITU-T K.44 Recommendation ITU-T K.44 (2012), Resistibility tests for telecommunication equipment exposed to overvoltages and overcurrents Basic Recommendation. ITU-T K.45 Recommendation ITU-T K.45 (2015), Resistibility of telecommunication equipment installed in the access and trunk netwo

23、rks to overvoltages and overcurrents. ITU-T K.46 Recommendation ITU-T K.46 (2012), Protection of telecommunication lines using metallic symmetric conductors against lightning-induced surges. ITU-T K.47 Recommendation ITU-T K.47 (2012), Protection of telecommunication lines against direct lightning f

24、lashes. ITU-T K.48 Recommendation ITU-T K.48 (2006), EMC requirements for telecommunication equipment Product family Recommendation. 2 Rec. ITU-T K.115 (11/2015) ITU-T K.66 Recommendation ITU-T K.66 (2011), Protection of customer premises from overvoltages. ITU-T K.77 Recommendation ITU-T K.77 (2009

25、), Characteristics of metal oxide varistors for the protection of telecommunication installations. ITU-T K.78 Recommendation ITU-T K.78 (2009), High altitude electromagnetic pulse immunity guide for telecommunication centres. ITU-T K.81 Recommendation ITU-T K.81 (2014), High-power electromagnetic im

26、munity guide for telecommunication systems. ITU-T K.82 Recommendation ITU-T K.82 (2010), Characteristics and ratings of solid-state, self-restoring overcurrent protectors for the protection of telecommunications installations. ITU-T K.84 Recommendation ITU-T K.84 (2011), Test methods and guide again

27、st information leaks through unintentional electromagnetic emissions. ITU-T K.85 Recommendation ITU-T K.85 (2011), Requirements for the mitigation of lightning effects on home networks installed in customer premises. ITU-T K.87 Recommendation ITU-T K.87 (2011), Guide for the application of electroma

28、gnetic security requirements Overview. ITU-T K.95 Recommendation ITU-T K.95 (2014), Surge parameters of isolating transformers used in telecommunication devices and equipment. ITU-T K.96 Recommendation ITU-T K.96 (2014), Surge protective components: Overview of surge mitigation functions and technol

29、ogies. ITU-T K.98 Recommendation ITU-T K.98 (2014), Overvoltage protection guide for telecommunication equipment installed in customer premises. ITU-T K.99 Recommendation ITU-T K.99 (2014), Surge protective component application guide Gas discharge tubes. ITU-T K.101 Recommendation ITU-T K.101 (2014

30、), Shielding factors for lightning protection. ITU-T K.102 Recommendation ITU-T K.102 (2014), Parameters of fixed-voltage thyristor overvoltage protector components used for the protection of telecommunication installations. ITU-T K.103 Recommendation ITU-T K.103 (2015), Surge protective component a

31、pplication guide Silicon PN junction components. ITU-T X.1051 Recommendation ITU-T X.1051 (2008) | ISO/IEC 27011:2008, Information technology Security techniques Information security management guidelines for telecommunications organizations based on ISO/IEC 27002. IEC 61000-2-9 IEC 61000-2-9 (1996)

32、, Electromagnetic compatibility (EMC) Part 2: Environment Section 9: Description of HEMP environment Radiated disturbance. IEC 61000-2-10 IEC 61000-2-10 (1998), Electromagnetic compatibility (EMC) Part 2-10: Environment Description of HEMP environment Conducted disturbance. IEC 61000-2-13 IEC 61000-

33、2-13 (2005), Electromagnetic compatibility (EMC) Part 2-13: Environment High-power electromagnetic (HPEM) environments Radiated and conducted. Rec. ITU-T K.115 (11/2015) 3 IEC 61000-4-4 IEC 61000-4-4 (2012), Electromagnetic compatibility (EMC) Part 4-4: Testing and measurement techniques Electrical

34、fast transient/burst immunity test. IEC 61000-4-5 IEC 61000-4-5 (2014), Electromagnetic compatibility (EMC) Part 4-5: Testing and measurement techniques Surge immunity test. IEC 61000-4-23 IEC 61000-4-23 (2000), Electromagnetic compatibility (EMC) Part 4-23: Testing and measurement techniques Test m

35、ethods for protective devices for HEMP and other radiated disturbances. IEC 61000-4-24 IEC 61000-4-24 (2015), Electromagnetic compatibility (EMC) Part 4-24: Testing and measurement techniques Test methods for protective devices for HEMP conducted disturbance. IEC 61000-4-25 IEC 61000-4-25 (2001), El

36、ectromagnetic compatibility (EMC) Part 4-25: Testing and measurement techniques - HEMP immunity test methods for equipment and systems. IEC 61000-5-5 IEC 61000-5-5 (1996), Electromagnetic compatibility (EMC) Part 5: Installation and mitigation guidelines Section 5: Specification of protective device

37、s for HEMP conducted disturbance Basic EMC Publication. IEC 61000-5-7 IEC 61000-5-7 (2001), Electromagnetic compatibility (EMC) Part 5-7: Installation and mitigation guidelines Degrees of protection provided by enclosures against electromagnetic disturbances (EM code). IEC 61000-6-6 IEC 61000-6-6 (2

38、003), Electromagnetic compatibility (EMC) Part 6-6: Generic standards HEMP immunity for indoor equipment. IEC TR 61000-1-5 IEC TR 61000-1-5 (2004), Electromagnetic compatibility (EMC) Part 1-5: General High power electromagnetic (HPEM) effects on civil systems. IEC TR 61000-5-3 IEC TR 61000-5-3 (199

39、9), Electromagnetic compatibility (EMC) Part 5-3: Installation and mitigation guidelines HEMP protection concepts. IEC TR 61000-5-6 IEC TR 61000-5-6 (2002), Electromagnetic compatibility (EMC) Part 5-6: Installation and mitigation guidelines Mitigation of external EM influences. IEC TS 61000-5-4 IEC

40、 TS 61000-5-4 (1996), Electromagnetic compatibility (EMC) Part 5: Installation and mitigation Guidelines Section 4: Immunity to HEMP Specifications for protective devices Against HEMP radiated disturbance Basic EMC Publication. ISO/IEC 27001 ISO/IEC 27001 (2013), Information technology Security tech

41、niques Information security management systems Requirements. ISO/IEC 27002 ISO/IEC 27002 (2013), Information technology Security techniques Code of practice for information security controls. 3 Definitions 3.1 Terms defined elsewhere This Recommendation uses the following terms defined elsewhere: 4

42、Rec. ITU-T K.115 (11/2015) 3.1.1 antenna port IEC 61000-6-6: A port that is connected to an antenna, either directly or by a cable. The antenna may be external or internal to the building. NOTE Antenna ports connected to antennas internal to the building are covered by signal ports. 3.1.2 availabili

43、ty ISO/IEC 27001, ISO/IEC 27002: Ensuring that authorized users have access to information and associated assets when required. 3.1.3 cable port IEC 61000-6-6: A port at which a conductor or cable is connected to the apparatus. 3.1.4 confidentiality ISO/IEC 27001: Ensuring that information is access

44、ible only to those authorized to have access. 3.1.5 electrical fast transient/burst (EFT/B) IEC 61000-4-4: The 5/50 ns pulse defined in IEC 61000-4-4. 3.1.6 emanation b-IETF RFC 2828: A signal (electromagnetic, acoustic, or other medium) that is emitted by a system (through radiation or conductance)

45、 as a consequence (i.e., byproduct) of its operation, and that may contain information. (See: TEMPEST.) 3.1.7 emanations security (EMSEC) b-IETF RFC 2828: Physical constraints to prevent information compromise through signals emanated by a system, particularly by the application of TEMPEST technolog

46、y to block electromagnetic radiation. In this Recommendation, the term EMSEC is used only for information leakage due to unintentional electromagnetic emission. 3.1.8 enclosure port IEC 61000-6-6: A physical boundary of the apparatus which electromagnetic fields may radiate through or impinge upon.

47、The equipment case is normally considered the enclosure port. 3.1.9 functional earth port IEC 61000-6-6: A cable port other than a signal, control or power port, intended for connection to earth for purposes other than safety. 3.1.10 HEMP immunity test IEC 61000-4-25: The HEMP immunity test is made

48、up of four types of tests. The radiated test is defined in section 5 of IEC 61000-4-25, and is used with a large HEMP simulator and a small radiated test facility. The other three types are the conducted tests along the HEMP waveforms; early-, intermediate- and late-HEMP. These are also defined in s

49、ection 5 of IEC 61000 4-25. 3.1.11 high voltage (HV) transmission line IEC 61000-4-25: Power line with a nominal a.c. system voltage equal to or greater than 100 kV. 3.1.12 immunity (to a disturbance) b-IEC 60050-161: The ability of a device, equipment or system to perform without degradation in the presence of an electromagnetic disturbance. 3.1.13 integrity ISO/