19 November 1999
Source: Hardcopy from the National Security Agency TEMPEST Endorsement Programs, received November 17, 1999. Three packages, listed in the cover letter below, were provided by NSA in response to a telephone request. None of the material is classified.

This is the Endorsed TEMPEST Products Program (ETPP) Procedures Package, 96 pages total.

See the other two packages, Endorsed TEMPEST Test Services Program (ETTSP) Procedures Package (56 pages) and the Zoned Equipment Program (ZEP) Procedures Package (16 pages).

The material was requested as follow-up to other TEMPEST-related documents obtained by FOIA.



NATIONAL SECURITY AGENCY
FORT GEORGE G. MEADE, MARYLAND 20755-6000

Serial: V14-263-99
10 November 1999

John Young
251 West 89th Street
Suite 6E
New York, NY 10024

Dear Mr. Young:

As requested, enclosed is the National Security Agency's Endorsed TEMPEST Test Services Program (ETTSP) Procedures Package, the Endorsed Products Program (ETPP) Procedures Package and the Zoned Equipment Program (ZEP) Procedures Package. Please note that TEMPEST Export Controls can be found on page 18 of the Endorsed Products Program (ETPP) Procedures Package.

If you have any questions in regards to the NSA TEMPEST Programs, please give me a call at (410) 854-6091.

Sincerely,

[Name omitted by request]
Program Manager
for
NSA TEMPEST Endorsement Programs


[1 page.]

TEMPEST ENDORSEMENT
Products Program
(TEP)
Procedures Package
Dated: 9/24/93

Enclosures:

1. TEMPEST Endorsement Products Program Procedures

2. Technical and Security Requirements Document (TSRD)

3. Memorandum of Understanding (MOU)

4. Memorandum of Agreement (MOA)

5. TEMPEST Endorsement Program Objective Standards for Product Assurance

6. TEMPEST Endorsement Program Process Assessment

7. Guidelines for Standardization of ETPL Product Descriptions

POINT OF CONTACT FOR THE
TEMPEST ENDORSEMENT PROGRAM

V14, ISSO BUSINESS AFFAIRS OFFICE
NATIONAL SECURITY AGENCY
9800 SAVAGE ROAD
FORT GEORGE G. MEADE, MD. 20755-6740
(410) 854-6091


[12 pages.]

ENDORSED TEMPEST PRODUCTS
PROGRAM PROCEDURES

PART ONE:

ELIGIBILITY REQUIREMENTS AND PROGRAM OVERVIEW

The Endorsed TEMPEST Products Program (the Program) was established to combine industry's leadership and expertise in telecommunications and automated information processing equipment design, development, and high volume production with the TEMPEST experience of the National Security Agency. The objective of the Program is to enable industry's development, production, and sale of TEMPEST products meeting the national TEMPEST standard for use by the U.S. Government departments and agencies and their contractors to process classified information.

Initial and continued eligibility to participate in the Program to develop, produce, and sell a TEMPEST product is conditioned on a company meeting minimum requirements:

1. The company must not be under disqualifying foreign ownership, control, or influence (FOCI) as defined by the National Industrial Security Program Operating Manual.

2. The company must have or obtain a secret facility security clearance and storage capability to handle classified TEMPEST information necessary to the design and development of a TEMPEST product.

3. The company must neither be debarred or suspended from contracting with the U. S. Government.

4. The Agency has not excluded the Company from future participation in the Program in accordance with Part Three of these Procedures.

The information which follows is intended to provide the potential TEMPEST product manufacturer with an overview of the seven sequential events in the process of this Program. The steps are:

1. Memorandum of Understanding between the Agency and the company

2. Company submission of the Process Assessment

3. Agency evaluation of the company Process Assessment

4. Memorandum of Agreement between the Agency and the company

5. Company submission of a Product Specific Proposal

6. Agency evaluation of the company Proposal

7. Product Development Agency Evaluation, and Product Endorsement

A description of each sequential event is provided below:

1. Memorandum of Understanding (MOU) between the Agency and the company:

The MOU is designed to enable companies who otherwise do not have access to the classified technical standard for the Program (i.e., National TEMPEST Standard) to review the classified technical standard before making a decision to participate in the Endorsed TEMPEST Products Program (ETPP). The MOU is only available to companies who are not under disqualifying foreign ownership, control, or influence (FOCI) and who have a secret facility clearance and storage capability. Companies meeting these requirements should send a letter to the Agency Point of Contact for this program, sighting their interest to develop a TEMPEST product and to obtain the classified technical standard in order to determine the feasibility of submitting a Process Assessment to the Agency under the auspices of the ETPP. The letter must include a DD From 441 "Department of Defense Security Agreement" and DD Form 441s "Certificate Pertaining to Foreign Interests", evidencing the Company has a secret facility security clearance and storage capability.

Upon receipt of the letter and the Form DD 441 and 441s, the Agency, in conjunction with the Defense Investigative Service (DIS), will review the company's FOCI Status to determine its eligibility for access to TEMPEST information. Upon a favorable finding that the Company is not unacceptably FOCI, the Agency will forward the Memorandum of Understanding (MOU) to the company for execution. The purpose and function of the MOU is to establish a formal relationship between the Company and the Agency, under which the Company is authorized access to the Program's classified technical standard for the purpose of determining whether it will participate in the Endorsed TEMPEST Products Program.

The Company agrees to protect the information in accordance with Government regulations and to only use the information for the purposes specified above. The Company is provided 120 days from receipt of the classified information to make a decision and submit a written Process Assessment 2 (PA). At the end of the 120 days, the Company must either submit a PA or return the classified information. Companies electing to submit a PA will be permitted to retain the information through Agency review of the report.

Companies interested in obtaining the classified national standard, but do not possess a secret facility clearance and secret information storage capability should also send a letter to the Agency Point of Contact for this program stating the company's interest to develop a TEMPEST product and to obtain the classified technical standard for purposes of determining whether it will participate in the ETPP. The Company's letter should request the Agency to sponsor the company to DIS for the requisite clearances and storage capability certification. The Agency will then sponsor the company to DIS. Upon Company submission to the Agency of the Form DD 441 and 441s, evidencing that the company now possesses a secret facility security clearance and storage capability, and Agency evaluation that the Company is not unacceptable FOCI, the Agency will forward the company an MOU.

Companies that do not execute an MOU are required to submit a Form DD 441 and 441s for Agency review and approval prior to submission of its Product Assurance Report. The Form DD 441 and 441s are reviewed by the Agency, in conjunction with the DIS, to determine whether the company lacks the necessary clearances and/or is unacceptably FOCI, and thus, ineligible to participate in the Program. The Agency will notify the company in writing of the result of its Form DD 441 and 441s review. It is recommended that the company not prepare or submit the Product Assurance Report until it has received a favorable review of its DD 441 and 441s. After initial approval of the company's Form DD 441, the company need only submit certification by an appropriate Company official with signature authority for the Company that there have been no changes to the company's foreign ownership, control and influence status (if there have been, the Company must submit an updated form DD 441s).

2. Company Submission of Process Assessment:

The Process Assessment (PA) is intended to outline the companies processes for product development TEMPEST documentation preparation, quality assurance, manufacturing, training, maintenance, and configuration management. Companies shall include with their completed PA, photographs or a video depicting the manufacturing facility and all processes to be used in the development and production of the TEMPEST product. The "NSA TEMPEST Endorsement Program Objective Standards for Product Assurance" provides an overview of the PA and is included as part of this document.

3. Agency Evaluation of the company Process Assessment:

Upon receipt of the Company's Process Assessment, NSA will make a general assessment as to whether the Company possesses the technical and manufacturing capability to successfully develop and produce a TEMPEST product. The Agency will notify the company in writing of the results of its evaluation. Under normal circumstances, the Agency will endeavor to evaluate the Process Assessment within 30 working days.

The Agency (at its option) may require a Site Survey (visit to Company facilities by Agency Engineers). This survey is intended to verify compliance with the processes referenced in the PA.

4. Memorandum of Agreement (MOA) between the Agency and the company:

Upon acceptance of the Process Assessment NSA will forward the MOA to the company for execution. The purpose and function of the MOA is to establish a formal relationship between the company and NSA under which the Company obtains necessary TEMPEST information, agrees to protect the Agency provided information in accordance with Government regulations, and agrees to design, develop, produce, market, and sell a specified TEMPEST product at its own risk and expense. Attached to the MOA is the Technical and Security Requirements Document (TSRD), and the List of Active Products (LAP). For its part under the MOA, the Agency agrees to protect Company proprietary information and to evaluate, and, if appropriate, endorse the Company's product. The MOA also formally establishes the responsibilities and obligations of the parties with respect to the Company's marketing and sales of TEMPEST products subsequent to endorsement as well as the terms and conditions for continued endorsement.

5. Company submission of a Product Specific Proposal:

All companies interested in participating in the Program are required to submit a written product specific proposal for each product the Company wants considered. Product proposals should detail:

A) A description of the proposed product, including its Model number, application and function. If the proposed product involves modifying an existing product, please include product brochures and specifications of the existing product. The Company must distinguish between components which are integral parts of the proposed product and those which are merely ancillary accessories to be offered as options to the endorsed product. The description should also include a copy of the proposed product description as it would appear in the ETPL. A standardized format for ETPL listing is included in the enclosed document entitled "Guidelines for Standardization of ETPL Product Descriptions".

B) The Company's target production schedule as well as proposed delivery dates for endorsement deliverables.

C) Plans to employ subcontractors at any time during the product's life cycle. This portion of the proposal should include:

1) The name of the subcontractor and the services to be provided;

2) A statement by the company that all terms and conditions of the MOA between the company and the Agency will be passed down to the subcontractor, and the company will be responsible for the subcontractor's compliance;

3) A DD Form 441s, Certificate Pertaining to Foreign Interest, completed for each subcontractor which will require access to classified information or unclassified TEMPEST design technology;

4) A Process Assessment and Company Site Survey (see paragraph 3 above) may also be required depending upon the extent of subcontractor involvement in the product's development, manufacture or production. Agency acceptance of proposals which propose subcontracting the development, manufacture or production of the Product is contingent upon: 1) Agency determination that the proposed subcontractor satisfies the program's minimum eligibility requirements, 2) Company agreement to ensure subcontractor compliance with the terms and conditions of the ETPP MOA and all attached and incorporated documents, and 3) proposed subcontractor agreement to be bound by all the terms and conditions of the ETPP MOA and all attachments and incorporated documents.

D) A Company Profile: Endorsed TEMPEST Products Program participants must satisfy certain security and suitability criteria prior to establishing a relationship with the Agency. Vendors are required to submit a Company Profile as defined in the TEP Objective Standards for Product Assurance and the TEP Process Assessment documentation. A Company is only required to submit a Company Profile with its initial product proposal. The Company is, however, required to include the following certifications with its subsequent Proposals:

- The FOCI certification previously discussed.

- Certification by the appropriate Company official with signatory authority for the Company that the information provided in the original Company Profile is still true and accurate and that there have been no changes or deviations if there have been changes or deviations, the Company shall identify them and submit them to the Agency along with the product specific proposal for Agency review and approval).

- Certification by the appropriate Company official with signatory authority for the Company that the information provided in the accepted Process Assessment is still true and accurate and that there have been no changes or deviations (if there have been changes or deviations, the Company shall identify them and resubmit the PA to the Agency along with the product specific proposal for Agency review and approval).

One copy of the complete proposal package should be mailed or faxed to the Point of Contact for the TEMPEST Endorsement Program (TEP). The address and telephone number are noted on the cover letter to this procedures package.

Questions regarding the Endorsed TEMPEST Products Program proposal process can be answered by writing to the Point of Contact for the TEP or by calling the TEP office.

6. Agency Evaluation of company Proposal:

Upon receipt of the Company's Product Specific Proposal, NSA will review the proposal in accordance with the Program's eligibility requirement and assess the acceptability of the product specific proposal. The Agency will notify the company in writing of the results of its evaluation. Under normal circumstances, the Agency will endeavor to evaluate product specific proposals within 10 working days.

7. Product Development, Agency Evaluation, and Product Endorsement

Once the MOA is executed, the company and the Agency perform the tasks necessary to satisfy the requirements for product development and evaluation. Companies are eligible to have their products listed on the Endorsed TEMPEST Products List (ETPL) upon satisfying the following Program requirements toward Product endorsement for each product:

1. Company submission and Agency acceptance of its Product Specific Proposal;

2. Company submission and Agency acceptance of the TEMPEST Test Plan;

3. Company submission of the TEMPEST Test Report;

4. Company submission of the Critical Features List;

5. Company submission of the Configuration Baseline List;

Upon its determination that the Product is in compliance with the TSRD, the Agency will notify the company in writing within 20 working days that the Product is endorsed. Agency endorsement is a statement of the Agency's findings that the product satisfies the technical and security requirements set forth in the TSRD.

Upon Product endorsement, a brief description of the product, along with the Company's name and point of contact will then be placed on the Endorsed TEMPEST Products List published quarterly as part of the Information Systems Security Products and Services Catalogue. The List is available to assist U.S. Government buyers and users to readily identify equipment which they may acquire directly from vendors and which meet the national TEMPEST standard. Listing on the Endorsed TEMPEST Products List is done on a product specific basis. Endorsement and placement of the Product on the Endorsed TEMPEST Products List does not occur until the Agency determines that the Company has satisfied all the requirements of the TSRD. Generally, this includes Company submission of the Test Plan, Company execution of the Test Plan on a production unit and Company submission of the Test Report, Critical Features List, and Configuration Baseline List. A Production and Inventory Report is required annually after product endorsement (Reference TSRD 88-9C, paragraph 3.4.2).

PART TWO:

AGENCY PRODUCT ENDORSEMENT TERMINATION PROCESS
STANDARDS AND PROCEDURES

Continued product endorsement is permitted only if the Company continues to satisfy the eligibility requirements for the Program as well as to comply with the terms and conditions of the Memorandum of Agreement and its attachments. The Agency may initiate processes to terminate the Product endorsement if it finds:

a. The Company's MOA has been terminated;

b. Failure or refusal by the Company to correct TEMPEST deficiencies discovered in the Product subsequent to endorsement;

c. The Company refuses or fails to adhere to the requirements for product integrity as delineated in the TSRD;

d. The Company refuses or demonstrates failure to adhere to the security, procedural, and administrative requirements delineated in the MOA and incorporated references;

e. Company failure or refusal to make available to the Agency designated representative sample unit(s) of the Product as required in the TSRD, for testing and inspection against the standards set forth in the TSRD;

f. Company failure or refusal to allow the Agency designated representative access to the Company's facility and records for audits against the standards set forth in the TSRD;

g. Company incorporation of engineering changes, waivers and deviations that affect the TEMPEST integrity of the Product without Agency approval;

h. Company refusal or demonstrated failure (2 incidents) to ensure subcontractor compliance with the terms and conditions of the MOA and incorporated references.

The Agency will notify the Company in writing, certified mail, return receipt requested, of its interest to terminate, inform the Company of the grounds upon which such termination is founded and afford the Company a reasonable opportunity (at least 14 days) to show cause why such Product Endorsement should not be terminated. Product endorsement shall be suspended effective immediately upon Company receipt of the letter. Once endorsement is suspended, the Company cannot continue to advertise the product as NSA endorsed or take any new orders from U.S. Government departments and agencies which require NSA endorsed product. Products with suspended endorsement are listed in Section IV (Blue pages-products with suspended endorsement pending product endorsement termination and appeal). After reviewing the Company's response, if any, to the termination notification, the Agency will determine whether Product endorsement should be terminated. The Agency will notify the Company, in writing, of its decision. The letter, which shall be mailed certified mail, return receipt requested, will state the effective date of termination, provide any special instructions pertaining to completion of existing purchase orders for the Product and include instructions on how to appeal the Agency's decision should the Company elect to do so.

Upon termination of a Company's Product endorsement, the Product is listed in Section V (Red Pages-terminated endorsement) of the Endorsed TEMPEST Products List. Once a Product endorsement is terminated, the Product cannot be reendorsed with the same model number and the Company must reapply to the Agency as if the Product was a new product proposal.

Notice of Product Endorsement termination will not be listed in Section V of the Endorsed TEMPEST Products List for an additional 14 days following Company receipt of the termination letter, to allow the Company an opportunity to appeal the decision to the Agency's Deputy Director for Information Systems Security (DDI). The Company must submit its appeal in writing. The appeal must specify the Company's grounds for appeal and include all pertinent evidence. Product endorsement termination will be stayed until receipt of the DDI decision. DDI decision will be based solely on the written evidence submitted and there will be no opportunity for oral argument. The DDI will be the final arbiter of the disputes and his decision is final. Notice of DDI decision will be sent in writing to the Company within 10 working days.

PART THREE:

COMPANY PARTICIPATION TERMINATION PROCESS STANDARDS
AND PROCEDURES

Company participation in the Endorsed TEMPEST Products Program is permitted only if the Company continues to satisfy the eligibility requirements for the Program and comply with the terms and conditions of the Memorandum of Agreement and its attachments. The Agency may initiate processes to terminate the MOA if it finds:

a. The Company's facility security clearance and storage capability have been or will be revoked;

b. The Company becomes unacceptably foreign owned, controlled, or influenced;

c. The Company is suspended or debarred from contracting with the U.S. Government;

d. The Agency has terminated two or more of the Company's product endorsements for non-compliance with one or more of the grounds delineated in Part Two b through h;

e. The Company has knowingly misrepresented, on at least two occasions, the status of its products with respect to their compliance to the National TEMPEST Standard or their status in the Program;

f. Company demonstrated process failure (2 incidents) per the approved Process Assessment over a period of two calendar years from the date of the MOA, or Company refusal to correct any identified process failure;

g. Company lack of participation (i.e., non production of a product) for a period of one calendar year from the date of the MOA.

The Agency will notify the Company in writing, certified mail, return receipt requested, of its intent to terminate, inform the Company of the grounds upon which such termination is founded and afford the Company a reasonable opportunity (at least st 14 days) to show cause why the MOA should not be terminated. After reviewing the Company's response, if any, to the termination notification, the Agency will determine whether the MOA should be terminated. The Agency will notify the Company, in writing, of its decision. The letter, which shall be mailed certified mail, return receipt requested, will state the effective date of termination, request the Company to immediately return all information, materials, parts, components, assemblies, and equipment provided pursuant to performance under the MOA, and include instructions on how to appeal the Agency's decision should the Company elect to do so.

The Agency shall not terminate the MOA and all Product listings on the ETPL, for an additional 14 days following Company receipt of the termination letter, to allow the Company an opportunity to appeal the decision to the Agency's Deputy Director for Information Systems Security (DDI). The Company must submit its appeal in writing. The appeal notice must specify the Company's grounds for appeal and include all pertinent evidence. Termination of the MOA will be stayed until receipt of the DDI decision. DDI decision will be based solely on the written evidence submitted and there will be no opportunity for oral argument. The DDI will be the final arbiter of the dispute and his decision is final. Notice of DDI decision will be sent in writing to the Company within 10 working days.

PART FOUR:

PROCESS FOR ENDORSEMENT OF PRODUCT OPTIONS

After the product achieves endorsement the company may desire to enhance the product or extend the product's life cycle by making additional optional features available to their customers. Since the endorsement of an ETPL product is limited to the configuration(s) originally tested and documented at the time of endorsement an additional process is necessary to accommodate the listing of the new optional features which may be added subsequent to endorsement.

If a company desires to add new options to its proposed ETPL product listing while the product is still pursuing endorsement the company must submit an addendum to its original Product Specific Proposal to include, as a minimum, a copy of the proposed revised product description as it would appear on the ETPL and target production schedule. The company then must resubmit any previously submitted data deliverables which will be affected by the addition of the new option.

If a company desires to add new options to its ETPL product listing subsequent to endorsement, the company must submit a written request to the TEP which must include a copy of the new proposed ETPL product listing reflecting the addition of the new option(s). The TEP staff will evaluate the proposed product description using the criteria set forth in the "Guidelines for Standardization of ETPL Product Descriptions". Upon making the determination that the proposed option(s) is (are) acceptable, the TEP staff will notify the company of acceptance. In order to receive endorsement of the option(s), the company must test every option with the basic unit or system and revise all data deliverables for the product. The TEP will accept an addendum to each data deliverable in lieu of an entirely new document.

Refer to the "Guidelines for Standardization of ETPL Product Descriptions" for a definition of "Stand-alone" and "Dependent" options. Stand-alone options can be endorsed either as a separate product or as an option to a basic system, dependent options can only be endorsed as an option to a basic system. If a company wishes to list stand-alone options with its basic system, the option must be tested with the system rather than independent of the system.


[1 page.]

NSA TSRD No. 88-9C

NSA TSRD No. 88-9C
DATED: 24 Sep 1993
SUPERCEDING
NSA TSRD No. 88-9B
DATED: 8 March 1991


NATIONAL SECURITY AGENCY

TECHNICAL AND SECURITY REQUIREMENTS DOCUMENT

FOR THE

ENDORSED TEMPEST PRODUCTS PROGRAM (ETPP)





UNCLASSIFIED


[2 pages.]

NSA TSRD No. 88-9C

TABLE OF CONTENTS

SECTION I - INTRODUCTION

SECTION II - PRODUCT EVALUATION PROCESS

2.1 Steps in the Process
2.1.1 The Company Designs a TEMPEST Product
2.1.2 TEMPEST Test Plan
2.1.3 Performance of TEMPEST Tests
2.1.4 TEMPEST Test Report
2.1.5 Product Specific Proposal

SECTION III - PRODUCT INTEGRITY PROCESS

3.1 Critical Features List
3.2 Configuration Baseline List
3.3 Product Configuration Change Procedure
3.3.1 Company Responsibilities for ECOs That Affect Critical Features
3.3.2 Company Responsibilities for ECOs That Do Not Affect Critical Features
3.3.3 Agency Audits
3.3.3.1 Agency Scheduled Audits
3.3.3.2 Unannounced TEP Audits
3.4 Product Assurance
3.4.1 Product Lot Size Inspection/Tests
3.4.1.1 Basic Testing Requirements
3.4.1.2 Increased Testing Requirements
3.4.2 Annual Production and Inventory Report
3.4.3 Agency Sample Test Requirements
3.4.4 Aperiodic Production Tests
3.4.5 TEMPEST Deficiency Resolution Requirements
3.4.6 TEMPEST Deficiency Confirmation and Notification
3.4.6.1 TEMPEST Deficiencies Discovered by Company Product Assurance Testing or Customer Feedback
3.4.6.2 TEMPEST Deficiencies Discovered by Agency Sample Testing or User Feedback
3.4.7 Confirmed Deficiency Resolution Procedures
3.4.8 Deficiency Processing Effects on Product Listing

SECTION IV - GENERAL REQUIREMENTS

4.1 Markings
4.1.1 Marking of Documentation Submitted
4.1.2 Marking of Resubmitted Documentation
4.2 Security Requirements for Access Control  of Classified Information
4.3 Manufacturing and Market Controls
4.4 Export Controls

APPENDIX A - EXAMPLES OF CRITICAL FEATURES

AGREEMENT DATA REQUIREMENTS LIST

DATA ITEM DESCRIPTIONS

LIST OF TABLES

TABLE I - BASIC TESTING REQUIREMENTS

TABLE II - DEFINITION OF SIGNAL TYPES FOR PRODUCT ASSURANCE TESTING

TABLE III - INCREASED TESTING REQUIREMENTS


[27 pages.]

NSA TSRD No. 88-9C

NATIONAL SECURITY AGENCY TECHNICAL AND SECURITY
REQUIREMENTS DOCUMENT (TSRD)

FOR THE

ENDORSED TEMPEST PRODUCTS PROGRAM

SECTION I - INTRODUCTION

1.1 This document delineates the technical, security, and data requirements necessary for endorsement of a product under the auspices of the Endorsed TEMPEST Products Program. Agency endorsement of a product is contingent upon the Company's satisfactory demonstration that its product complies with the requirements of current National TEMPEST Standard and that the Company has in place and applies to the product, the manufacturing capability and product assurance controls necessary to ensure the continued TEMPEST integrity of the product subsequent to endorsement. Changes to this document may be made as necessary. Users should verify that they are using the most up to date version. CAVEAT: Nothing in these procedures shall be construed by the Company as affecting any obligations the Company may have pursuant to U.S. Government contracts or as satisfying any export control obligations the Company may otherwise have under U.S. laws and regulations and the export control requirements addressed in paragraph 4.4 of this TSRD.

1.2 Through a Product Evaluation Process that begins upon execution of a product Memorandum of Agreement (MOA), we determine whether a company's product satisfies the requirements of NSTISSAM TEMPEST/1-92. Successful completion of this process and the Product Integrity Process (discussed below), is necessary before the Agency will endorse the product. Section II below discusses Agency requirements to be satisfied in the Product Evaluation Process. Companies may proceed through the development and testing process prior to submission of data deliverables, BUT DO SO AT THEIR OWN RISK. Agency endorsement is conditioned on its review of the data deliverables required in this TSRD and Agreement Data Requirements List (ADRL).

1.3 An essential adjunct of the Product Evaluation Process is the Product Integrity Process. This process consists of two parts, i.e., configuration management and control and product assurance processes. Through the configuration Management and Control process, the Agency ensures the engineering changes which effect the TEMPEST characteristics of a product can be identified, properly evaluated, and controlled regardless of whether these changes occur before or after the product has been endorsed. Product Assurance processes provide the Agency and the company, reasonable assurance that subsequent production units perform at least as well as the initial production unit did with respect to TEMPEST characteristics. The product Integrity Process is discussed in Section III of this document. The agency recommends sequential; submission of the Product Integrity data deliverables (i.e., Test Plan/Test Report and Configuration Baseline List) but sequential submission is not a program requirement.

1.4 Certain general requirements that are not specifically relevant to either the Product Evaluation or Product Integrity Processes are set out in Section IV, below.

SECTION II - PRODUCT EVALUATION PROCESS

2.1 Steps of the Process: As noted above, initial and continued endorsement of a product is conditioned on satisfaction of the requirements of the current National TEMPEST Standard through successful completion of each step of the Product Evaluation Process and its associated requirements. The steps and requirements of this process are:

2.1.1 The Company Designs a TEMPEST Product.

2.1.2 TEMPEST Test Plan. (Refer to ADRL A001.) The company shall submit to the Agency, for its review a TEMPEST Test Plan prior to the performance test as described in paragraph 2.1.3. Test plans detail the test methodology and the test procedures to be used to verify the Equipment Under Test (EUT) compliance with the current National TEMPEST Standard. THE TEMPEST TEST PLAN MUST BE PREPARED BY A CURRENTLY CERTIFIED TEMPEST PROFESSIONAL LEVEL II (CTP II). Certification of CTP IIs is a function of the U.S. Government TEMPEST Certification Program (TCP)*.

___________________

*Note: The TCP is administered by the TEMPEST Certification Special Committee (TCSC) of the TEMPEST Advisory Group (TAG) established by the National Security Telecommunications and Information Systems Security Committee (NSTISSC). There are two categories of certification under this program: Certified TEMPEST Professionals, Level II (CTP II) and Certified TEMPEST Professionals, Level I (CTP I). These categories were previously referred to as Certified TEMPEST Engineer (CTE) and Certified TEMPEST Tester (CTT), respectively. Information can be obtained about this program by calling (202) 282-2037 or writing:
Commanding Officer
Naval Electronic Systems Security Engineering Center
ATTN: Code 220 (TCMWG:TCP)
3801 Nebraska Avenue, NW
Washington, DC 20390-5270

The TEMPEST Test Plan must be prepared as specified in the current National TEMPEST Standard. In addition, the Test Plan must include a section on design methodology which will contain, as a minimum, details on construction techniques, interface techniques, and other TEMPEST design features. This section should provide sufficient detail to enable Agency evaluators to understand the Product's TEMPEST design in order to meaningfully evaluate the adequacy of the Test Plan. The Test Plan must be signed by the CTP II that prepared it and be reviewed by a CTP II other than the author. In lieu of a second CTP II the company may request review and approval by the TEP Office (allow 30 days for TEP review). Indicate the name of the CTP II's employer, if other than the product manufacturer.

2.1.3 Performance of TEMPEST Test(s). Performance of the TEMPEST test(s) must be accomplished on a production unit, by a TEMPEST Test Services facility endorsed by the Agency under the auspices of the Agency's Endorsed TEMPEST Test Services Program. A production unit is a unit produced by individuals on the manufacturing line (vice in a laboratory by development engineers), using the production techniques, processes, and equipment by which all subsequent units are to be produced. The Agency reserves the right to witness performance of the tests(s).

2.1.4 TEMPEST Test Report. (Refer to ADRL A002.) The Company shall submit to the Agency an abbreviated TEMPEST Test Report which provides a description of the TEMPEST test(s) performed and the test results. Preparation of the Test Report must be accomplished by the Endorsed TEMPEST Test Services facility which performed the TEMPEST testing. The report must indicate the name of the endorsed TEMPEST Test Service facility that executed the TEMPEST Test Plan and be signed by the CTP Level I or II that performed the testing and prepared the report. The Test Report must be reviewed by a CTP II other than the author. In lieu of a second CTP II the company may request review and approval by the TEP Office (allow 30 days for TEP review). The report must be prepared in accordance with the abbreviated test report format in the current National TEMPEST Standard. The report must satisfy the Certification requirements for Facility, Detection System, and Test Setup Certification as detailed in the current National TEMPEST Standard. The TEMPEST Test Report must demonstrate whether the product tested is fully compliant with the requirements of current National TEMPEST Standard and include the originator/author's (CTP Level I or II) assessment to that effect.

2.1.5 Product Specific Proposal. (Refer to ADRL A003) The Company shall submit a Product Specific Proposal to the Agency upon satisfying all the requirements of the TSRD. Generally, this includes company submission and Agency approval of the Test Plan, Company execution of the Test Plan on a production unit, and Company submission of the Test Report and all product integrity data deliverables.

SECTION III - PRODUCT INTEGRITY PROCESSES

3.1 Critical Features List (CFL). (Refer to APPENDIX A and to ADRL B001) The company shall establish a Critical Features List which identifies specific critical features of product manufacturing, (i.e., parts, material, workmanship, techniques, assemblies, assembly procedures, and manufacturing processes) which are of paramount importance to the TEMPEST integrity of the product. The Company Appointed TEMPEST Authority (CATA) shall be responsible to ensure that the CFL has been reviewed and approved by the engineer primarily responsible for the design and development of the product and the CTP II responsible for developing the Test Plan. The CFL shall provide the drawing or process number with the revision level of each critical feature, and the assembly on which it is found.

3.2 Configuration Baseline List. (Refer to ADRL B002) The Company shall establish a Configuration baseline. The configuration baseline list is to be maintained current to provide configuration control. The Company shall submit to the Agency, a list of all production release engineering drawings, parts list, and manufacturing processes for all piece parts and assemblies. This document list shall be maintained current for the whole product and submitted within two months of every engineering change approval that changes the revision level of a critical feature document. In no case shall the time between submittals of this list exceed one year.

3.3 Product Configuration Change Procedure. The Company shall ensure that no changes are made to the product which could degrade the TEMPEST integrity of the product. The CFL shall constitute a basis upon which all engineering changes, waivers, and deviations are measured to determine whether the changes could affect the TEMPEST integrity of the product. The CATA shall ensure that all engineering changes, waivers, and deviations receive a TEMPEST assessment by a CTP II, the engineers primarily responsible for the TEMPEST design of the product, and the individuals primarily responsible for Product Assurance and Configuration Management for the product.

3.3.1 Company Responsibilities for ECOs That Affect Critical Features. Company responsibilities for those engineering changes that DO affect a critical feature and/or could affect the TEMPEST integrity are as follows:

a. The CATA, CTP II or design engineer determine that the engineering change has an affect or potential affect on the TEMPEST integrity of the product, and/or affects a critical feature.

b. The Company shall submit to the Agency a revised Configuration Baseline List based on the engineering change order (ECO). The CATA is responsible for submitting the ECO which must include the CTP II's and/or the design engineer's technical assessment and supporting documentation, (e.g., test plan and test report, as appropriate). A summary of testing performed and a summary test report shall be prepared in accordance with the requirements of Section II.

c. The engineering change will contain, as a minimum, the approval signatures of the CATA, CTP II, and design engineer.

d. The engineering change shall be marked as affecting a critical feature.

e. The CATA may authorize shipment of the product containing the changes prior to Agency review and approval of the change. Agency review and approval of the changes shall be accomplished within 30 working days of Agency receipt of the change. In the event the Agency disapproves the change proposal and the Company has shipped the product, the Company is responsible to recall/correct any product unit containing the disapproved engineering change within three months of the Company's receipt of the Agency's disapproval notice. Failure to recall/correct the product within this time frame constitutes grounds for the Agency to initiate proceedings to terminate the product's endorsement.

3.3.2 Company Responsibilities for ECOs That Do Not Affect Critical Features. Company responsibilities for those engineering changes that DO NOT affect a critical feature and DO NOT affect the TEMPEST integrity of the products are as follows:

a. The CATA, CTP II and design engineer determine that the engineering change has no affect or potential affect on the TEMPEST integrity of the product and does not affect a critical feature.

b. The engineering change can be approved by the CATA.

c. Submission of the engineering change to the Agency for review/approval or record keeping is NOT required.

d. The configuration baseline list will be updated in accordance with Paragraph 3.2.

3.3.3 Agency Audits.

3.3.3.1 Agency Scheduled Audits. Aperiodically, but no more frequently than once a year, the Agency may use its current Configuration Baseline List to perform an audit at the Company's facility. This is done to ensure that no unauthorized changes have been made to the endorsed manufacturing process or the endorsed product configuration that could affect the TEMPEST integrity, and to verify the continuing accuracy and completeness of the Process Assessment as well as completeness of the technical drawings and lists. The Agency shall afford the Company two weeks advance notice of each audit.

3.3.3.2 Unannounced TEMPEST Endorsement Program (TEP) Audits. The Agency may, no more frequently than twice a year, conduct a TEP audit for the purpose of assessing the Company's compliance with the requirements of the MOA and this TSRD. The Agency shall afford the Company 24 hours advance notice of these audits. The Company shall make available the necessary resources and documentation to facilitate the Agency's audit.

3.4 Product Assurance. The Company is also required, as a condition of initial and continued endorsement, to establish and maintain a Product Assurance system, in accordance with the accepted Process Assessment and the requirements of this section, as described below:

3.4.1 Production Lot Size Inspection/Tests. The Company is required to perform Product Assurance testing in two categories: basic Product Assurance testing (Table I) of production units and increased testing based on discovery of TEMPEST failures (Table III). The Company must retain all test data including but not limited to measurements of all compromising emanations (CE) and data-related emanations (DRE), test data sheets, graphs, photographs and any other reporting medium used in performing Product Assurance sample tests. This test data must be retained for the duration of the product's endorsement, and shall be requested by Agency representatives during TEP audits (see paragraph 3.3.3).

Note: For the purpose of conducting a TEP Audit, the Agency will accept, in lieu of the actual test data, a certification statement, signed by the CTP II, indicating the serial numbers of the units tested, signals verified, and results of the tests. However, the responsibility for retaining the actual test data still resides with the company. Therefore, if the company chooses to delegate the storage of this data to the test facility which conducted the tests, the company assumes the risk of loss of that data. The Agency reserves the right to require the company to provide the actual test data within one week of the Agency's request. If the Agency requires the company to provide the test data, and the data has been lost or destroyed by the test facility, the company must recreate that data by conducting new Product Assurance tests at its own expense. Prior to making the decision on whether to store data at the test facility, the company should consider the requirements of paragraph 3.4.2. (Annual Production and Inventory Report) so that the information necessary can be easily accessed by the company.

3.4.1.1 Basic Testing Requirements: This table contains the basic minimum testing requirement for Product Assurance testing of each lot. A production lot is defined by a maximum time frame of one year or whenever a production line is subjected to major process changes.

This table contains the basic minimum testing requirements for Product Assurance testing of each lot.

TABLE I - BASIC TESTING REQUIREMENTS

LOT SIZE

SAMPLE SIZE

1-99

3% (Min 1)

100-179

2.5% (Min 3)

180- +

2% (Min 5)

Note: 1) Fractional sample size shall be rounded up.
2) For lot sizes of 1000 or more a request for
reduced sample rate can be submitted to the TEP.

Product Assurance testing shall be performed by an endorsed TEMPEST test service facility.

The intent of this requirement is to promote continuous sample testing of each product in manufacture to verify compliance to the current National TEMPEST Standard. Samples shall be selected on a random basis and should be uniformly distributed over the production lot. Testing shall be performed immediately upon sample selection. Each year or whenever a production line is subjected to major process changes, one of the first 10 production units shall be included as a production test sample. If multiple production lines or facilities are employed these requirements will be independently applied to each line or facility.

TABLE II - DEFINITION OF SIGNAL TYPES FOR
Product Assurance TESTING

Type A-

(1) All signals qualifying as Signal Class I per the current National TEMPEST Standard.

(2) High energy signals such as those associated with print hammer activation or stepping motor movement.

Type B- all signals other than type A and type C.

Type C-

(1) All signals qualifying as Signal Class 3 per the current National TEMPEST Standard.

(2) Parallel signals greater than 8 bits.

Table II categorizes the signals to be tested into three types. Each sample will be tested for Type A signals. Type B signals may be tested on a rotating basis for each sample but testing for all Type B signals must be performed on each lot. Type C testing may be spread over two lots but not less than one unit per year.

3.4.1.2 Increased Testing Requirements. TEMPEST failures require increased testing. If an equipment failure is identified (by the Agency, by a customer, by sample testing, or by manufacturer production testing), then the following increased production testing schedule shall be adopted: (Testing is required through two production lots if the lots are less that 99 units in size, and through one production lot if the lot is more than 100 units).

TABLE III - INCREASED TESTING REQUIREMENTS

LOT SIZE

SAMPLE SIZE

1-99

7% (Min 1)

100-179

5% (Min 7)

180- +

4% (Min 10)

Note: Fractional sample size shall be rounded up.

3.4.2 Annual Production and Inventory Report. (Refer to ADRL COO1). To ensure Agency product lists are current and as a condition of continued product endorsement, the Company shall submit to the Agency, no later than 1 April of each year, an annual production and Inventory Report which contains the following information:

(1) Company name and location.

(2) MOA number and endorsement date.

(3) Product model number.

(4) A summary of the test results of product assurance audit testing conducted over the past year (reference paragraph 3.4.1). The summary shall indicate lot size, percent of units sampled, and serial numbers of units sampled. The summary shall include a list referenced to the test plan, of tests performed on each sample (identified by individual serial number).

(5) Number of units sold in the calendar year (January through December) preceding date of this report.

(6) Is the Product still available for production or should it be moved to section VI (Green pages - no longer available for production).

(7) If to be moved to Section VI, please note date of last production and serial number of last unit produced.

3.4.3 Agency Sample Test Requirement. As a condition of continued product endorsement, unless the product is listed in Section VI of the Endorsed TEMPEST Products List (Green Pages - no longer in production), the Company shall provide at no cost to the Agency designated representative, upon Agency request and no more frequently than twice a year, a sample unit of the product for Agency testing and inspection against the requirements of the current National TEMPEST Standard and this TSRD. Agency testing of the Product will be non-destructive and the sample will be returned to the company after testing is complete. Agency testing of the unit will not exceed 90 days from receipt of the sample unit

3.4.4 Aperiodic Production Test. In addition to the testing described above, the Agency reserves the right to require the Company to conduct a full or partial production test of the Product when:

a. The Agency has received user complaints about the Product's TEMPEST integrity that the company can not explain or justify and which do not appear to be unique to the unit tested;

b. The Agency's TEP Audit (see paragraph 3.3.3) revealed at least three (3) deviations from the product testing requirements (see paragraph 3.4.1.1) and the Company submitted product assurance procedures;

c. The Company has failed to perform Product Assurance testing of all three signal types over the course of the past year as required by 3.4.1.

The Agency shall notify the Company in writing of its determination that a full or partial production test is required. Upon receipt of the Agency's test notice, the Company shall contact the Agency Program Manager by phone to negotiate a mutually agreeable time frame for initiation and conclusion of the test. Under normal circumstances, the Company is expected to commence the test within 30 days of its receipt of the Agency notice. A copy of the amended Test Plan (if appropriate) and Test Report documenting this full or partial production test must be forwarded to the agency within thirty days after completion of the test. Selection of the samples for production testing shall be made on a random basis. There shall be no advance indication that a unit is scheduled for the production test and it shall not be subjected to any additional or unusual pretest or screening or rework. The Agency reserves the right to select the samples and be present to witness the production test. The Company shall: give the Agency 15 days advance notice of the scheduled production test. If failures are detected, sufficient rework and testing must be performed to fix any failed units in accordance with the requirements of 3.4.5 below.

3.4.5 TEMPEST Deficiency Resolution Requirement. To maintain product endorsement, companies are required to take corrective action to resolve confirmed TEMPEST deficiencies. A confirmed TEMPEST deficiency exists when an endorsed TEMPEST product is found to have compromising emanations in excess of the limits of the national TEMPEST standard and the emanations are not unique to one unit of the product line or clearly caused by incorrect operation or maintenance. In the event a company chooses not to resolve confirmed deficiencies, the Agency will initiate product endorsement termination in accordance with the Endorsed TEMPEST Product Program Procedures. In these circumstances, the Company shall provide the Agency a complete listing of units sold and their purchasers in order for the Agency to notify the purchasers of affected units.

3.4.6 TEMPEST Deficiency Confirmation and Notification. The initial steps of the deficiency resolution process depend upon how the deficiency was discovered and confirmed.

3.4.6.1 TEMPEST Deficiencies Discovered By Company Product Assurance Testing or Customer Feedback. The following steps must be completed in the order listed:

a. Upon Company discovery and confirmation of a TEMPEST deficiency, the company shall immediately notify the Agency Program Manager by telephone.

b. To facilitate Agency analysis of the security ramifications of the deficiency, the Company shall within 15 days of deficiency confirmation, provide the Agency Program Manager a classified report which includes:

1) a narrative description of the problem,

2) the signal monitor,

3) the fault mechanism,

4) the escape media,

5) the frequencies of the compromising emanations (CE) that exceed appropriate limits,

6) the signal levels of the CE expressed as both an absolute and as a db above the limit,

7) the test category and signal class,

8) the detection system bandwidth, and

9) the detected signal Rd/Rt.

c. The company shall, within 30 days of deficiency confirmation, provide written notice of the confirmed deficiency to all current and prospective purchasers of affected units. The written notice shall be limited to the following language: (any additional information could result in a security violation).

_______________ (Company name) has discovered and confirmed the existence of a TEMPEST deficiency within (name and model of product). We are currently in the process of developing a modification to correct this deficiency and will contact you upon its availability. THIS PRODUCT SHOULD NOT CONTINUE TO BE USED TO PROCESS CLASSIFIED INFORMATION WITHOUT FIRST CONSULTING (insert name of Company) at (insert phone number) or your TEMPEST authority.

d. A copy of the written notice as well as a list of all affected users shall be forwarded to the Agency Program Manager within 30 days of deficiency confirmation.

3.4.6.2 TEMPEST Deficiencies Discovered by Agency Sample Testing or User Feedback. If, through its testing or user feedback, the Agency discovers a TEMPEST product deficiency, the following steps will be used to start the process:

a. The Agency shall immediately provide written notice to the company by certified mail, return receipt requested. The notice shall identify the suspected deficiency, the circumstances under which the deficiency was detected, and the requirement to notify current and prospective purchasers of confirmed deficiencies. The notice will invite the Company to witness a demonstration of the deficiency, and request the Company to bring a list of prospective production unit serial numbers to the demonstration from which the Agency will randomly select the serial numbers of other units to be tested, if required (see below). Demonstration shall take place within two weeks of Company receipt of the notice, unless the parties mutually agree otherwise.

b. The deficiency will be considered a "confirmed deficiency" after the aforementioned demonstration, unless there is reason to believe the identified deficiencies are unique to the unit tested, in which case, the Company is required to submit within 15 working days, three additional units of the same production lot (if available), which have been randomly selected by the Agency from the Company provided list of prospective production unit serial numbers. If, after testing, one or more of the units has the same deficiency, the deficiency is "confirmed." In the event the Company is unable to furnish at least one additional unit, the deficiency will be considered "confirmed."

c. The Company shall within 30 days of deficiency confirmation, provide written notice of the confirmed deficiency to all current and prospective purchasers of affected units. The written notice shall include the language outlined in item paragraph 3.4.6.1 above.

d. A copy of the written notice as well as a list of all affected users shall be forwarded to the Agency Program Manager within 30 days of deficiency confirmation.

3.4.7 Confirmed Deficiency Resolution Process. To resolve confirmed deficiencies as necessary to maintain product endorsement, companies are required to incorporate Agency approved product modifications in prospective production units and to notify and make modification kits/services available to purchasers of affected units.

a. Companies wishing to resolve the deficiency are required to provide to the Agency for its review and approval:
1. A copy of the classified description, written notice, and list of affected users as specified in 3.4.6.1 and 3.4.6.2 above;

2. Company documentation of the cause of the TEMPEST deficiency and a description of the product modification proposed by the company to correct the deficiency, both for fielded units and for future production units.

3. Test plans and reports evidencing that a quantity of units (minimum of 3) with the proposed modification installed were tested by an endorsed TEMPEST Test Services facility and determined to be compliant "with the current National TEMPEST Standard. Agency approval of the proposed modification shall be evidenced by Agency review and approval of the Test reports on these units.

4. Company Plan to Implement the Agency-Approved Modification in Fielded Units. This plan must include a copy of the Company's notice to purchasers of affected units making available modification kits/services to resolve the confirmed deficiency. However, the modification kits shall not be shipped to purchasers of affected units prior to Agency approval (step 3 above).

5. Company Plan to Incorporate the Agency-Approved Modification Into the Product's Manufacturing Process. This plan must include a description of all actions necessary to correct the deficiency (i.e., manufacturing process changes/enhancements, quality system changes, vendor/incoming inspection activity, etc.) Since this step requires the generation of an Engineering Change Order (ECO) which effects the TEMPEST integrity of the product, the company's established product configuration change procedure must be followed in order to receive Agency approval of the ECO thereby closing out the final step of the deficiency resolution process.

a. The CATA may authorize shipment of the product containing the changes prior to Agency review and approval of the change. Agency review and approval of the changes shall be accomplished within 30 working days of Agency receipt of the change . In the event the Agency disapproves the change proposal and the Company has shipped the product, the Company is responsible to recall/correct any product unit containing the disapproved engineering change within three months of the Company's receipt of the Agency's disapproval notice. Failure to recall/correct the product within this time frame constitutes grounds for the Agency to initiate proceedings to terminate the product's endorsement.

b. Agency approval of the proposed modification and associated documentation is based upon its finding that:

1. the test reports evidence that the units the company tested containing the proposed modification comply with the current National TEMPEST Standard:

2. that users are made aware of the product modification and are afforded a reasonable means of resolving the deficiency in their affected units; and

3. the action proposed by the Company to implement the product modification in the production process can reasonably be expected to ensure that the product modification will be properly implemented in subsequent production units.

c. Upon Agency approval of the product modification and associated documentation, the Company shall incorporate the corrective action into the production process and perform increased production TEMPEST testing per TABLE III. Testing at the rates specified in TABLE III is required through two production lots if the lots are less than 99 units in size and through one lot if the lot is 100 or more units.

3.4.8 Deficiency Processing Effects on Product Listing.

a. Products determined to have confirmed deficiencies on the dates set forth below (COLUMN I) will be listed in Section III (Yellow pages - confirmed deficiencies) of the Endorsed TEMPEST Products List, in the quarter listed below (COLUMN II), unless the Agency has received, reviewed, and approved the corrective action and associated documentation required by 3.2.8, above on or before the date set forth below (COLUMN III):

COLUMN I

Deficiency confirmed
on or after:

COLUMN II

Listed in Section
III during Quarter:

COLUMN III

Document
Rec'd & App'd
on or before:


1 Oct. but before 1 Jan April 1 February
1 Jan. but before 1 April July 1 May
1 April but before 1 July        October 1 August
1 July but before 1 Oct January 1 November

Upon Agency receipt, review and approval of the corrective action and associated documented required by 3.4.7, the product will once again be listed in Section II (White Pages - Endorsed Products).

b. If after the Product is listed in Section III, the Company fails to submit and receive Agency approval of the corrective action and associated documentation as required in 3.4.7 by the cut off date for submission of data for inclusion in the next quarter publication of the ETPL, the Agency will initiate action to terminate the product endorsement in accordance with the Endorsed TEMPEST Products Program Procedures. This will result in the product being listed in section IV (Blue pages - product with suspended endorsement pending product endorsement termination and appeal). Suspension of endorsement means that a Company cannot continue to advertise the product as NSA-endorsed or take any new orders from U.S. Government departments and agencies which require an NSA-endorsed product.

To avoid placement in Section IV, products which are placed in Section III during the quarter listed in COLUMN I below must submit and receive Agency approval of the corrective action and associated documentation required by 3.4.7 by the date set forth in COLUMN II below. Failure to do so will result in Agency initiation of product endorsement termination proceedings.

Column I

Section III
Publication Quarter

Column II

Data Submission & Approval Deadline
to Avoid-Initiation of Endorsement
Termination:

October 1 August
January 1 November
April 1 February
July 1 May


SECTION IV - GENERAL REQUIREMENTS

4.1 Markings.

4.1.1 Marking of Documentation Submitted. All documentation including changes submitted for evaluation must be clearly and completely identified. The title page shall include the Company's name, address, and point of contact; MOA number; name of product; classification of project; date of submittal; revision level of documentation; and other data deemed appropriate by the Company. Additional identification requirements, if any, are stated elsewhere in this requirements document, as appropriate. The identification information is to aid the Agency personnel in evaluation of the submittal.

4.1.2 Marking of Resubmitted Documentation. Plans and reports that are resubmitted for evaluation must include a Revision Status page indicating the revision level of each page contained in the resubmission. Additionally, the individual changes on each page must be highlighted. (E.g., use change-bar symbols, underlining, asterisks, bold or emphasized print, or similar marking.)

4.2 Security Requirements for Access Control of Classified Information:

4.2.1 To acquire and retain classified information, a Company is required to comply with the requirements of DoD 5220.22M, "Industrial Security Manual for Safeguarding Classified Information," dated January, 1991 and all amendments thereto and the DoD 5220.22-S-1, "COMSEC Supplement of the Industrial Security Manuals for Safeguarding Classified Information," dated March 1988, and all amendments thereto. Both documents are incorporated by reference into the MOU and MOA. For purposes of classification and control, all TEMPEST information is considered to be communications security (COMSEC) information. However, TEMPEST information is not subject to the requirements of the NSA/CSS CSCM-1, "National Security Agency COMSEC Material Control Manual", dated February, 1985. The Company is not required, therefore, to establish a COMSEC account for TEMPEST information.

4.2.2 The Company is required to comply with the terms of the contract Security Classification Specification, DD Form 254, which is incorporated by reference into each MOU and MOA. The DD Form 254 constitutes the vehicle by which the Government releases Classified information to the Company and the vehicle the Company is required to use to release classified information to its subcontractors. The Company may only use classified information for purposes other than that specifically provided in the MOU/MOA or DD Form 254 if the Company has requested and the agency has approved, in writing, such use. Approval is contingent upon Agency determination that the proposed use is consistent with the stated policies and objectives of the Program and the national security interests of the U.S. Government.

4.2.3 The use of classified information related to TEMPEST products, instrumentation, or services, whether provided to or generated by a Company, to institute or prosecute any suit, action at law, claim, or other action to resolve a dispute is NOT authorized. Companies shall notify the Agency Program Manager, as soon as possible, of any such actions in which the company is or may become involved and which, in anyway relates to the Company's work with the Agency in respect to a TEMPEST product, instrumentation, or service. If necessary to ensure classified information is not disclosed in such actions, the Agency may request, and the company shall afford, reasonable opportunity (1) for the Agency to review all pleadings, motions, correspondence, or other documents prior to use of filing, and (2) to attend any depositions or interviews at which such TEMPEST information may be discussed.

4.3 Manufacturing and Market Controls.

4.3.1 Manufacturing and assembly of the TEMPEST aspects of products shall be performed in the United States. TEMPEST design technology shall not be made available, directly or indirectly, to any foreign manufacturing entity without the express written approval of the Agency and compliance with applicable U.S. export control laws and regulations and export control requirements addressed in paragraph 4.4 of this TSRD.

4.3.2 Consultation with foreign technical or commercial interests to develop, manufacture, or repair TEMPEST features of the product is prohibited without the express written approval of the Agency and compliance with applicable U.S. export control laws and regulations and the export control requirements addressed in paragraph 4.4 of this TSRD.

4.3.3 The Company may not subcontract any work or enter into any third party agreements for the development, manufacture, testing, marketing/distribution, and sale of the product without the prior written approval of the Agency.

4.3.3.1 Agency approval of subcontracts/agreements for the development, manufacture and/or production of the product or its subassemblies and/or major components shall occur during the Product Specific Proposal (PSP) Phase (reference ETPP Procedures). Once the proposal is accepted in writing by the Agency and the MOA is signed by both parties, the company is obligated to obtain the Agency's written approval whenever a subcontract/agreement is added to the product's production process. (Refer to Part One, item 5C, page 5 of the ETPP procedure.)

4.3.3.2 Agency approval of subcontracts/agreements for the TEMPEST testing of the product shall be evidenced by the TEP Manager's signature on the DD Form 254 for the subcontract. The company must prepare the DD form 254 and submit it to the Agency for approval.

4.3.3.3 Agency approval of subcontracts/agreements for the marketing, distribution and/or resale of the product shall be evidenced by a letter of approval, coordinated with the AGC(I), from the TEP office. The Company shall submit to the Agency a copy of its DRAFT subcontract/agreement (i.e., prior to signatures by both parties). The subcontractor/agreement must contain the following provisions as a minimum requirement: (A) the third party must abide by all terms and conditions of the company's MOA with the Agency; (B) the third party may not make any changes to the product as configured on the ETPL; and (C) there will be no exchange of classified information between the company and the third party.

4.3.4 The Company may not enter into any third party agreements with foreign companies for the marketing, distribution, resale and/or maintenance of the product without prior written approval of the Agency. The approval process for foreign agreements shall be the same as for domestic agreements (reference paragraph 4.3.3.3) except that the TEP office will coordinate this request with the AGC(I) and the Office of INFOSEC International Relations (I1) who will respond directly to the company regarding the approval/disapproval status of the agreement.

4.3.5 The company may not provide TEMPEST education or training to any foreign entity without prior written approval of the Agency. TEMPEST education is defined as any information which defines the TEMPEST phenomenon, the techniques used to discover it, and the technology used to protect against it. The written approval of the Agency does not alleviate the Company's obligations to comply with applicable U.S. export control laws and regulations and the export control requirements addressed in paragraph 4.4 of this TSRD. This does not include maintenance training, provided that there is no information beyond what needs to be done to repair failed equipment. Company requests for authorization to conduct foreign training shall be submitted to the TEP office and coordinated through the AGC(I) and (I1). I1 will respond directly to the company regarding the approval/disapproval status.

4.3.6 All third party agreements are subject to, as applicable, the terms and conditions set forth in the MOA and incorporated documents. Company refusal or demonstrated failure (two incidents) by the company to ensure subcontractor compliance with the terms and conditions of the MOA and incorporated documents constitutes grounds, in accordance with Endorsed TEMPEST Product Program procedures, to terminate product endorsement.

4.3.7 Upon product endorsement, the company shall assign a model number to the product which identifies the product as being NSA endorsed. The company may not use that model number on any product which is not NSA-endorsed or continue to apply that model number to product units upon Agency termination of the product's endorsement.

4.3.8 The Company's name and the product's model numbers, as they appear on the ETPL, must be prominently displayed on all product units. The word "TEMPEST" is not to appear on the product or on packing cartons.

4.4 Export Controls.

4.4.1 TEMPEST products, TEMPEST test instrumentation and TEMPEST information may only be exported for sale to Government and military departments of NATO, NATO member governments or the governments of Australia or New Zealand.

(i.e., exports to companies or non-military organizations in these countries or government of countries other than those listed below are prohibited)

1. Canada
2. Australia
3. New Zealand
4. Great Britain
5. Germany
6. Italy
7. Norway
8. Denmark
9. France
10. Luxembourg
11. Netherlands
12. Belgium
13. Iceland
14. Portugal
15. Greece
16. Spain
17. Turkey
[Following handwritten]
18. Poland
19. Hungary
20. Czech Republic

4.4.2 An export license is required to export equipment manufactured or modified to meet the national TEMPEST standard or to be used as TEMPEST test instrumentation. Classified TEMPEST information as well as all unclassified TEMPEST information which is related to the design, engineering, development, production, processing, manufacture, use, operation, overhaul, repair, maintenance, modification, or reconstruction of TEMPEST products or TEMPEST test instrumentation is transferred to foreign governments through a government-to-government transfer. Classified materials to be forwarded to a foreign government on a government-to-government basis shall be provided to the Agency, Attn: INFOSEC International Relations, along with a cover letter which provides the name of the foreign government and the address to which the material is to be sent. Clearance information of company visitors to the foreign government or foreign government visitors to the Company should likewise be provided to the Agency for forwarding (reference paragraph 2.d.2 on page 4 of the MOA).

4.4.3 Application forms and information regarding report licenses can be obtained from the Center for Defense Trade, Department of State, Washington, DC 20520 or by calling the licensing division at (703) 875-6644. General information may be obtained by calling (703) 875-6652.

4.4.4 Exports to the Canadian Government do not require an export license (requirements for a technical assistance agreement and/or warehousing agreement continue to apply). The company is, however, required to notify the Canadian Department of National Defense, in writing, of any product(s) to be exported to the Canadian Government. The notice should be sent to the following address:

Department of National Defense
Communications Security Establishment
101 Colonel By Drive
Ottawa, Ontario KLAOK2
Canada


APPENDIX - EXAMPLES OF CRITICAL FEATURES

Designed-in-features

- Addition of signal conditioning components
- Addition of shielded compartment
- Addition of overall shield
- Special ground configuration/point
- Software restrictions

Inherent features

- Use of "slow" transistors/IC's in a critical circuit
- Bandwidth capability of analog circuit
- Size of buss
- Switching power supply rate

Special Parts

- Powerline filters
- Shielded wire
- Gasket
- Connectors/backshells

Design Features of Non-Added Parts

- Keyboard sense lines current limit
- Use of capacitive type keyboard
- Strobe skew control for print head drive wires

Important Tolerance

- Gasket gap under compression
- Gasket surface flatness
- Plating thickness
- Control minimum and maximum transition times
- Print head shield dimension/gaps

Important Process

- Torque wrench usage
- Flux and solder used for bonding
- Preparation of gasket mating surface
- Wire routing consistency

Important Material

- Use of steel/aluminum
- Type of plating
- Type of chemical film coating
- Type of gasket wire used
- Cable shielding (wire type, % coverage)

AGREEMENT DATA REQUIREMENTS LIST
FOR THE
ENDORSED TEMPEST PRODUCTS PROGRAM

Preface:

1. Preparations and delivery of the applicable technical data named in this Agreement Data Requirements List (ADRL) is a requirement for initial and continued endorsement of the product.

2. The ADRL's are presented in a sequence in which the Company is likely to encounter them in the endorsement process. The sequence numbers assigned to each data requirement represent documentation categories. Category A (e.g., A001) refers to the Product Evaluation data deliverables (TSRD Section II). Category B (e.g., B001) refers to the Product Integrity data deliverables (TSRD Section III). Category C (e.g., C001) refers to the Post Endorsement data deliverable (TSRD paragraph 3.4.2 ).

3. The purpose of the ADRL is to stipulate the quantity, media and format of the data that must delivered to the Program Office. The content of each data requirement has been specified in the TSRD.

4. The Agency will notify the Company of unacceptable documentation. For the endorsement process to continue, the Company must schedule the resubmission of the corrected/update documentation within ten days after receipt of Agency notification, unless otherwise stated in the notification.

AGREEMENT DATA REQUIREMENTS LISTS

(ADRL A001) TEMPEST Test Plan

1. Quantity: 1 copy

2. Media: bound, typewritten on 8-1/2" by 11" paper

3. Format: depends upon product, refer to current National TEMPEST Standard

(ADRL A002) TEMPEST Test Report

1. Quantity: 1 copy

2. Media: bound, typewritten on 8-1/2" by 11" paper

3. Format: depends upon product, refer to current-National TEMPEST Standard

(ADRL A003) Product Specific Proposal

1. Quantity: 1 copy

2. Media: bound, typewritten on 8-1/2" by 11" paper

3. Format: See Guidelines for Standardization of ETPL Product Description (enclosed)

(ADRL B001) Critical Features List

1. Quantity: 2 Copies

2. Media: bound, typewritten on 81/2" by 11" paper

3. Format: in accordance with Data Item Description (DID) attached to this ADRL.

(ADRL B002) Configuration Baseline List

1. Quantity: 1 copy

2. Media: bound, typewritten on 8-1/2" by 11" paper.

3. Format: In accordance with Data Item Description (DID) attached to this ADRL.

(ADRL C001) Annual Production and Inventory Report

1. Quantity: 1 copy

2. Media: bound, typewritten on 8-1/2" by 11" paper.

3. Format: Letter format, containing information required by TSRD paragraph 3.4.2.

DATA ITEM DESCRIPTIONS (DID's)

[Balance of page blank]

PRODUCT SPECIFIC PROPOSAL (PSP) - ADRL A003

Recommended guidance, format, and contents for submission of data for ADRL item deliverable included in the TSRD.

1. Cover Page
- ADRL sequence number
- Company name and address
- Point of contact
- MOA number
- Equipment nomenclature
- Number of pages
- Revision level - Date of submittal

2. Contents

The following list of items is provided as a general outline to follow. The inclusion/addition of items will depend upon the configuration of the product; however, the format presented should be followed as closely as possible.

- Basic unit description
- OEM and Model Number
- CPU and Clock Rate
- CPU cache RAM
- Bus type and clock rate
- Expansion slots
- Ports
- RAM installed
- Interfaces
- Display adaptor
- Power supply
- Keyboard
- Drives/storage devices
- Monitor
- Chassis design
- Configured options
- Additional options
- Model specific options

CRITICAL FEATURES LIST (CFL) - ADRL B001

Recommended guidance, format, and contents for submission of data for ADRL item deliverable included in the TSRD.

1. Cover Page
- ADRL sequence number
- Company name and address
- Point of contact
- MOA number
- Equipment nomenclature
- Number of pages
- Revision level
- Date of submittal

2. Introductory Page

- Scope/purpose of document
- Required approval signatures of CATA, CTP II and primary design engineer

3. Contents

- Identify and describe specific critical features of product manufacturing.
- Provide the drawing and process numbers without the revision levels of each critical feature and the assembly on which it is found.

CONFIGURATION BASELINE LIST - ADRL B002

Recommended guidance, format, and contents for submission of data for ADRL item deliverable included in the TSRD.

1. Cover Page

- ADRL sequence number
- Company name and address
- Point of contact
- MOA number
- Equipment nomenclature
- Number of pages
- Revision level
- Date of submittal

2. Contents

- List of the drawings, processes, CFL (including titles, numbers and revision levels) for the critical features as well as the assembly drawings for the product as a whole. The critical feature documents shall be identified by asterisk or bold type.


[1 page.]

MEMORANDUM OF UNDERSTANDING

BETWEEN

THE NATIONAL SECURITY AGENCY INFORMATION SYSTEMS
SECURITY ORGANIZATION

AND

(COMPANY NAME)
(COMPANY DIVISION)
(COMPANY ADDRESS)

CONCERNING

TRANSFER OF CLASSIFIED TEMPEST INFORMATION





EFFECTIVE DATE: ______________________


[4 pages.]

MEMORANDUM OF UNDERSTANDING BETWEEN
THE NATIONAL SECURITY AGENCY
INFORMATION-SYSTEMS SECURITY ORGANIZATION

AND

(THE COMPANY)

CONCERNING
TRANSFER OF CLASSIFIED TEMPEST INFORMATION

I. PURPOSE

This Memorandum of Understanding (MOU) between the National Security Agency, Information Systems Security Organization (the Agency) and Company Name (the Company) is entered into for the purpose of describing the terms and conditions under which the Agency shall provide to the company the classified technical standard utilized under the auspices of the Agency's TEMPEST Endorsement Program (TEP). The Agency has established this program to facilitate the commercial development and sale of TEMPEST products and/or testing services to U.S. Government departments and agencies, U.S. Government contractors, and certain other eligible purchasers. The company is formally considering participation in TEP. Having satisfied the security requirements to obtain and store classified TEMPEST information, the company is requesting this information in order to determine the feasibility of achieving a product or test service endorsement under the TEP.

II. RESPONSIBILITIES

Therefore, in consideration of the foregoing, the parties agree:

1. The Agency shall:

a. Provide to the company, on a strict need-to-know basis, the TEMPEST information required for the company to determine the feasibility of achieving a product or test service endorsement under the TEP.

b. Authorize the company to use the information for a period of 120 days or until company submission and Agency evaluation and acceptance or rejection of the company's TEMPEST product or test services Process Assessment in accordance with the applicable Standard Operating Procedure (SOP).

c. Hold in strict confidence and use properly-marked company proprietary information and data submitted under this MOU only as necessary to perform the responsibilities and obligations set forth in this MOU. If required, the Agency will actively solicit the company's assistance in establishing a supportable basis for protecting company records in response to Freedom of Information Act requests.

2. The company shall:

a. Use the Agency-provided TEMPEST information solely for the purpose of determining the feasibility of achieving a product or test service endorsement under the TEP.

b. Within 120 days of its receipt of the TEMPEST information, submit to the Agency a product or test services Process Assessment in accordance with the applicable program's Standard Operating Procedure (SOP). If the report is not received within this time period, the MOU shall be terminated and the company shall either return the classified TEMPEST information to the Agency, or dispose of the information in accordance with the regulations set forth in the documents listed under paragraph c below.

c. Agree to abide by all of the terms and conditions of the following documents which are incorporated into and form a part of this MOU:

(1) DoD 5220.22-M, "Industrial Security Manual for Safeguarding Classified Information", dated January 1991, and all amendments thereto:

(2) DoD 5220.22-S-1 "COMSEC Supplement to the Industrial Security Manual for Safeguarding Classified Information," dated March 1988, and all amendments thereto. For purposes of classification and control, all TEMPEST information is considered to be COMSEC information. However, TEMPEST information is not subject to the requirements of the NSA/CSS CSCM-1, the "NSA COMSEC Material Control Manual", dated February 1985. Therefore, the company is not required to establish a COMSEC account for TEMPEST information:

(3) DD Form 254, "Contract Security Classification Specification", dated and all subsequent revisions thereto. The parties understand and agree that Agency provision of classified material not listed in this DD Form 254, as well as company return of classified materials, are administrative actions which neither affect the terms and conditions nor are to be construed as modifications of either this MOU or the DD Form 254;

d. Not disclose any classified information provided by or at the direction of the Agency or generated by the company in furtherance of its efforts undertaken in accordance with the purposes of this MOU unless:

(1) the individual to receive information has all required clearances and has a need to know the information in order to perform functions related to this MOU and;

(2) the individual to receive information, unless a company employee, is specifically authorized by an Agency representative in writing, in advance of disclosure, to receive such information.

e. Not disclose outside the company unclassified technical TEMPEST information provided by or at the direction of the Agency, or generated by the company in furtherance of its efforts undertaken in accordance with the purposes of this MOU, without the prior written approval of the Agency, unless the information has already been approved for release in writing by the Agency.

f. Clearly identify and properly mark all company trade secrets or confidential commercial information provided to the Agency on a privileged or confidential basis so that such company information can be protected to the full extent authorized by law.

III. MUTUAL AGREEMENTS

3. It is mutually understood and agreed that execution of this MOU by the parties is intended to enable the Agency to provide, and the company to receive, TEMPEST information for the purposes specified herein, and shall not be construed as a commitment by the company to participate in the Agency's TEP, or as a commitment by the Agency to accept the company's Process Assessment.

4. It is mutually understood and agreed that no promise of payment is made herein, and that this MOU constitutes the total obligation of the parties. No other promises, either expressed or implied, are made or are to be imputed between them. Changes to this MOU shall not be effective unless committed to writing and signed by both parties.

IV. DISPUTES RESOLUTION

5. In the event of any disagreement arising out of, in connection with, or under this agreement, the parties shall, in good faith, reach a negotiated resolution by designating officers of appropriate authority to resolve the disagreement.

V. CHOICE OF LAW

6. This agreement shall be governed by, and construed in accordance with, Federal statutes and regulations, notwithstanding any State conflict of law statutes, practices or rules of construction.

VI. ASSIGNMENTS

7. The Company shall not assign or otherwise transfer any rights or obligations incident to the performance of this agreement without the prior written approval of the Agency.

VII. REVIEW/TERMINATION

8. This MOU shall be effective as of the date of the latest signature, and shall terminate 120 days after the company's receipt of the TEMPEST information, unless the company submits a written Process Assessment in accordance with the applicable Standard Operating Procedure (SOP). If the company submits a report, the MOU shall be extended while the Agency evaluates the report. If the report is accepted, the MOU shall be terminated upon the execution of a Memorandum of Agreement (MOA) for the development and endorsement of a TEMPEST product or test service. If the report is rejected, the MOU shall terminate upon the company's receipt of the Agency's written notification of report rejection.

9. The Agency shall terminate this MOU if:

a. The company becomes ineligible to receive or store the classified TEMPEST information provided under this MOU;

b. The company fails to abide by the terms and conditions of this MOU.

COMPANY NAME

BY: _______________________________

TITLE: ____________________________

DATE: ____________________________

NATIONAL SECURITY AGENCY,
INFORMATION SYSTEMS SECURITY
ORGANIZATION

BY: _______________________________

TITLE: ____________________________

DATE: ____________________________



[1 page.]

MOA NUMBER

MEMORANDUM OF AGREEMENT

BETWEEN

THE NATIONAL SECURITY AGENCY INFORMATION SYSTEMS
SECURITY ORGANIZATION

AND

(COMPANY NAME)
(COMPANY DIVISION)
(COMPANY ADDRESS)

CONCERNING

THE TEMPEST ENDORSEMENT PROGRAM (TEP)

FOR LEVEL I TEMPEST PRODUCTS






EFFECTIVE DATE: _________________________


[7 pages.]

MEMORANDUM OF AGREEMENT
BETWEEN
THE NATIONAL SECURITY AGENCY
INFORMATION SYSTEMS SECURITY ORGANIZATION
AND
(THE COMPANY)
CONCERNING
THE TEMPEST ENDORSEMENT PROGRAM (TEP)
FOR LEVEL I TEMPEST PRODUCTS

I. PURPOSE

This Memorandum of Agreement (MOA) between the National Security Agency, Information Systems Security Organization (the Agency) and Company Name (the Company) is entered into for the purpose of describing the responsibilities and obligations of the parties with respect to the Company's design, development, production, and marketing of TEMPEST products under the auspices of the Agency's TEMPEST Endorsement Program (TEP). The Agency has established the TEP to facilitate the commercial development of TEMPEST products which may be endorsed by the Agency for use in processing U.S. Government classified information. The attached List of Active Products (LAP) shall determine which TEMPEST products are covered by this MOA.

The Company is engaged in the manufacture of telecommunications and information processing products, and wishes to design and develop TEMPEST products for Agency endorsement under the TEP.

II. RESPONSIBILITIES

Therefore, in consideration of the foregoing, the parties agree:

1. The Company shall:

a. On a voluntary basis, at its own risk and expense, and as a condition for receiving TEMPEST information enter into this program to design, develop, produce, market, and sell endorsed TEMPEST products to U.S. Government departments and agencies, U.S. Government contractors who are eligible to purchase endorsed TEMPEST products, and certain other eligible purchasers approved by the Agency on a case-by-case basis.

b. Demonstrate to the Agency that each product designed and developed under the TEP satisfies the national TEMPEST standard, and that the product integrity procedures established in the applicable TSRD have been implemented by the Company.

c. Abide by all the terms and conditions of the following documents which are hereby incorporated into this MOA by reference:

(1) DoD 5220.22M, "Industrial Security Manual for Safeguarding Classified Information," dated January 1991, and all amendments thereto:

(2) DoD 5220.22-S-1, "COMSEC Supplement of Industrial Security Manual for Safeguarding Classified Information," dated March 1988, and all amendments thereto. For the purposes of classification and control, all TEMPEST information is considered to be COMSEC information:

(3) DD Form 254, "Contract Security Classification Specification," dated ___________, and the List of Active Products (LAP) and all subsequent revisions thereto. The LAP is both an enclosure to the MOA and an addendum to the DD Form 254. The LAP is a current record of all products accepted into the TEP and included under the MOA. As an addendum to the DD Form 254, the LAP specifies those products upon which the Company is authorized to generate and retain classified documents . The parties understand and agree that Agency provision of classified material not listed in this DD Form 254, as well as Company return of classified materials, are administrative actions which neither affect the terms and conditions nor are to b e construed as modifications of either this MOA or the DD Form 254;

(4) The Technical and Security Requirements Document, TSRD Nr. ___________ dated ___________ and all revisions thereto:

(5) The Agreement Data Requirements List (ADRL) for Level I products, as applicable, and all revisions thereto (the ADRL is an appendix to the TSRD);

(6) The Program Procedures for the Endorsement of Level I TEMPEST Products, as applicable, and all subsequent revisions thereto;

d. Not disclose any classified information provided by or at the direction of the Agency or generated by the Company in furtherance of the Company's design, development, production, marketing, and sales of TEMPEST products which are the subject of this MOA, unless:

(1) The individual to receive information has all required clearances and has a need to know the information in order to perform functions related to this MOA; and

(2) The individual to receive information, unless a Company employee, is specifically authorized by an Agency representative in writing, in advance of disclosure, to receive such information.

e. Not disclose outside the Company unclassified technical information provided by or at the direction of the Agency or generated by the Company in furtherance of the company's design, development, and production of TEMPEST products without the prior written approval of the Agency, unless the information has already been approved by the Agency in writing for release in accordance with this paragraph or paragraph 2.g. of this MOA.

f. Clearly identify and properly mark all Company trade secrets or confidential commercial information and other data proprietary to the company provided to the Agency on a privileged or confidential basis so that such Company information can be protected to the full extent authorized by law.

g. Designate a Company TEMPEST focal point with technical expertise and cleared for secret, hereinafter referred to as the Company Appointed TEMPEST Authority (CATA), who may also be a Certified TEMPEST Professional (CTP) level II, to coordinate Company efforts to comply with the requirements of this MOA and to act as the Company point of contact on all matters pertaining to the terms of this MOA.

h. Authorize the Agency's designated representative, upon Agency request, and at reasonable intervals, access to Company facilities and records, for inspection against the standards set forth in the applicable TSRD.

i. Provide to the Agency for approval any Company prepared Product Manuals, Product-related brochures, advertisements, marketing materials, press releases, articles for publication, or speeches containing TEMPEST information, at least thirty (30) working day s prior to proposed distribution or release for publication. The materials are reviewed in accordance with Agency regulations governing the dissemination of COMSEC and COMSEC-related information to ensure the submitted materials do not contain classified information or other information the Agency is authorized by statute to protect. No material shall be distributed or released for publication without the prior written approval from the Agency. The thirty (30) working days shall begin upon receipt of the material by the Agency pursuant to this paragraph.

j. Not institute against the U.S. Government any suit or action at law or otherwise, nor in any way aid in the institution or prosecution of any claim, demand, action, or cause of action for damages, costs, loss of service, expenses or compensation for or on account of the performance under this MOA or in any way incident thereto, to the manufacture and sale of TEMPEST Products. Further, the Company shall hold harmless and indemnify the U.S. Government in any and all capacities for any loss occasioned by the performance under this MOA.

k. Promptly notify the Agency of the initiation of any bankruptcy proceedings.

l. Promptly notify the Agency of any lawsuit or legal action to which the Company is a party and which involves the NSA TEMPEST Endorsement Program (TEP) or TEMPEST equipment developed, manufactured or tested under the TEP. The use of classified information, whether provided to or generated by the Company, in any suit, action at law, claim, or other action is not authorized.

2. The Agency shall:

a. Provide or authorize other sources to provide on a strict need to know basis, TEMPEST and TEMPEST-related information required in performance of this MOA.

b. Evaluate, and if appropriate, endorse the Company's TEMPEST products if the Agency finds from an examination of the products, the product integrity procedures, and all data required by the ADRL, that the requirements of the applicable TSRD have been satisfied. No endorsement shall be effective until written notification of the endorsement has been received by the Company. It is understood and agreed that the Agency's endorsement of the Company's product(s) is a statement of the Agency's findings that the product(s) satisfy the requirements set forth in the applicable TSRD.

c. Upon endorsement, authorize the Company to produce, market, and sell the product(s) as NSA endorsed to U.S. Government departments and agencies and U.S. Government contractors who are eligible to purchase TEMPEST equipment, and certain other purchasers approved by the Agency on a case-by-case basis.

d. Upon endorsement, authorize the Company to market and sell the product(s) as NSA endorsed to NATO, NATO member governments, and the governments of Australia and New Zealand, in accordance with export control laws and the requirements delineated in the applicable TEP TSRD and procedures.

(1) For purposes of this MOA, the term "market" shall be construed to mean "advertise or demonstrate." The Company shall obtain written approval from the Agency prior to initiation of marketing efforts with any foreign government or international organization.

(2) Each visit, which involves the exchange of classified information, to a foreign government by the Company to market or sell the product(s) shall be approved in advance by the Agency. To ensure the Agency can fully evaluate proposed visits, the Company shall provide, in writing, to ATTN: International Relations (I1), National Security Agency, 9800 Savage Rd., Fort George G. Meade, MD 20755-6000, the names of the foreign government organization(s) to be visited, the names and titles of the representatives of that government which will be present, the names of visitors to be present for the Company, the dates and reasons for the visit, topics and classification level of discussion(s), a copy of the export license application submitted to the Department of State, and clearance information for each visitor (e.g. clearance level, date clearance granted, citizenship , Social Security number, date of birth, etc.) On initial visits to a foreign government, this information shall be provided to the Agency no less than three weeks prior to the proposed visit. For subsequent proposed visits to the same organization , the Company shall provide the aforestated information in writing at least 24 hours before the proposed visit.

e. Include the product(s), once endorsed, in the appropriate chapter of the Information Systems Security Products and Services Catalogue.

f. Hold in strict confidence and only use properly marked Company proprietary information and data submitted under this MOA as necessary to perform responsibilities and obligations under this MOA. If required, the Agency will actively solicit the Company's assistance in establishing supportable bases for protecting Company records in response to Freedom of Information Act requests.

g. Review and approve the dissemination of Company-prepared brochures, advertisements, press releases, written publications, speeches or other material which contain TEMPEST information so long as the submitted materials do not contain classified information or other information the Agency is authorized by statute to protect. Such brochures, advertisements, and other publications shall be submitted to the TEP Office for review and approval.

h. Review and, if appropriate, approve Company-proposed engineering changes, waivers and deviations affecting or potentially affecting the TEMPEST integrity of Level I TEMPEST products.

i. Perform sample testing of the endorsed Products and inspect Company manufacturing processes as necessary to ensure continued compliance with the requirements set forth in the applicable TSRD.

III. MUTUAL AGREEMENTS

3. It is mutually understood and agreed that product evaluations and product sample testing will be conducted by Agency personnel or authorized agent(s) under contract with the Agency or other U.S. Government departments or agencies. All individuals or organizations conducting such testing will be placed under an obligation to abide by all terms and references of this MOA. As such, all Company information submitted in support of this effort may be released to the authorized agents designated by the Agency to conduct portions of the evaluation .

4. It is understood and agreed that execution of this MOA by the Agency shall not be construed as an endorsement of the Company's Products, or a commitment to the Company for the procurement of equipment, nor shall it preclude the U.S. Government from seeking full and open competition to meet its future requirements for such equipment.

5. It is understood and agreed that the Company shall not assign or otherwise transfer any rights or obligations incident to the performance of this MOA without the prior written approval of the Agency.

6. It is mutually understood and agreed that no promise of payment is made herein and that this MOA constitutes the total obligation of the parties. No other promises, either expressed or implied, are made or are to be imputed between them. Changes to this MOA will not be effective unless reduced to writing and signed by both parties.

7. It is understood and agreed that the terms of this agreement apply to every product on the LAP. The LAP shall be revised every time a product is either accepted into or deleted from the program.

IV. DISPUTES RESOLUTION

8. In the event of any disagreement arising out of, in connection with, or under this agreement, the parties shall, in good faith, reach a negotiated resolution by designating officers of appropriate authority to resolve the disagreement.

V. CHOICE OF LAW

9. This agreement shall be governed by, and construed in accordance with, Federal statutes and regulations, notwithstanding any State conflict of law statutes, practices or rules of construction.

VI. ASSIGNMENTS

10. The Company shall not assign or otherwise transfer any rights or obligations incident to the performance of this agreement without the prior written approval of the Agency.

VII. REVIEW/TERMINATION

11. This MOA may be terminated by the Company for any reason upon written notice to the Agency. Such termination shall be effective immediately upon Agency receipt of the Company's termination notice, unless otherwise mutually agreed by the parties. Company termination of the MOA subsequent to any product endorsements will result in automatic revocation of the Agency's endorsement for every product in the program.

12. In accordance with Parts 2, 3, and 4 of the applicable Program Procedures, the Agency may terminate a single product or all products and the MOA if it determines that one or more of the grounds for termination exist.

13. It is understood and agreed that upon termination of the MOA for any reason, each party shall return to the other all information, materials, parts, components, assemblies, and equipment which were provided pursuant to the performance of this MOA.

14. This MOA shall be reviewed by both parties at two year intervals after its effective date.

15. This MOA will become effective as of the date of the latest signature.

COMPANY NAME

BY: _______________________________

TITLE: ____________________________

DATE: ____________________________

NATIONAL SECURITY AGENCY,
INFORMATION SYSTEMS SECURITY
ORGANIZATION

BY: _______________________________

TITLE: ____________________________

DATE: ____________________________



[1 page.]

SAMPLE LIST OF ACTIVE PRODUCTS (LAP) ADDENDUM TO
MOA # ___________________

Product
Number
Model
Number
Product
Type
Start
Date
Termination
Date
Retention
Authorized
L1-P2* 250TE Printer 1/10/89 N/A N/A
L2-P1 386XE PC 7/15/89 9/28/91 Yes, 9/28/92
* L1 refers to a Level I product P2 refers to the second product in chronological sequence to apply for endorsement under the Level I Procedures.

When "N/A" appears in the "Termination Date" and the "Retention Authorized" columns, those columns are not applicable because the product is still active under the TEP.

When dates appear in the "Termination Date" and the "Retention Authorized" columns, they reflect the date that the product was terminated from the program, and the expiration date of the authorization for retention of classified information.


[1 page.]



NSA

TEMPEST ENDORSEMENT PROGRAM

OBJECTIVE STANDARDS




[12 pages.]

PREFACE

The objective standards represent the compilation of NSA experience in observing the characteristics possessed by companies engaged in the development and production of quality security products. It is intended to serve as a guide for companies and should be used to assess the adequacy of existing practices and procedures.

These standards are divided into sections which provide objective implementation guidance and considerations that can be helpful in understanding and achieving the stated objective. Alternative approaches which adequately address the objectives are welcome and may be submitted for consideration.

I. Management

Objective: To provide as much detailed documentation as necessary to establish the company's management structure, authority, responsibility, capability, and suitability for the program.

Guidance: The key features that characterize successful management is that no single contractor's organization, function, or person is responsible for the fulfillment of the requirements.

Considerations:

1. Company name and address.

2. Corporate Quality statement.

3. Organizational authority/responsibilities.

4. Products and services offered.

5. Expertise and clearance levels of key personnel.

II. TEMPEST Documentation

Objective: To provide guidance for generating TEMPEST documentation processes and to ensure the correct application of established standards.

Guidance: The establishment of acceptable TEMPEST documentation processes will require a good working knowledge of the applicable TSRD requirements and a demonstrated expertise in applying the national TEMPEST Standard.

Considerations:

1. Use of internal TEMPEST services required for product endorsement.

2. Use of external TEMPEST services subcontractors for meeting product endorsement requirements.

3. Steps to be used for compliance with NSA TSRD No. 88-9C, paragraph 2.1.2 TEMPEST Test Plan and with NSTISSAM TEMPEST/1-92, paragraph 6.2. Test Plan Requirements/Contents.

4. Product availability to the CTP II and the estimated amount of time to be allotted for study.

5. Review of the Test Plan by a currently certified CTP II or agency approval upon company request.

6. Steps to be used for compliance with NSA TSRD No. 88-9c, paragraph 2.1.4 TEMPEST Test Report and with NSTISSAM TEMPEST/1-92, Paragraph 6.8 Abbreviated Documentation and Certification Requirements.

7. Steps to be used for compliance with NSA TSRD No. 88-9C, paragraph 3.4 Product Assurance.

8. How the Company plans to meet the specific requirements indicated in items a through k of paragraph 6.8.1 and the data requirement in paragraph 6.8.2 of NSTISSAM TEMPEST/1-92.

9. Review of the Test Report by a currently certified CTP II or agency approval upon company request.

Note: The document reviewer must not be the author or preparer of the Test Plan or the Test Report being reviewed. The process must include steps for implementing corrective actions to document discrepancies required by the CTP II before acceptance. Each document must include a certifying statement to be signed by the CTP II reviewer.

II. Product Assurance

Objective: To outline key elements of an acceptable product assurance system.

Guidance: The key elements of a successful product assurance system include early planning, implementation of adequate controls to ensure product quality and reliability, close coordination among key organizational elements, continued maintenance of equipment, and closed-loop corrective action efforts. An integral part of this program is an effective and efficient quality assurance system addressing all phases of production beginning with procurement initiatives and continuing through delivery of the product.

Considerations:

1. Identification and interpretation of all requirements consistent with the objectives.

2. Definition of all procedures and processes required for product fabrication and quality control, including a product flow plan.

3. Complete, comprehensive set of approved documentation, including drawings, specifications, maintenance manuals, and procedures, as applicable.

4. Continued quality planning throughout the life of the program, updating plans, and assuring adequate controls for product quality, reliability, and validation of tests.

Key Elements:

IA. Quality Management

IB. Materials/Parts Control

IC. Manufacturing Process Control

ID. In-Process and Final Inspection/Test

IE. Reliability

IIIA. Quality Management

Objective: To ensure the continued application of established standards and procedures implemented to assure the delivery of product meeting all requirements.

Guidance: Management of the quality function is dependent upon the support received from corporate management. Successful quality management is involved with all aspects of the quality program and verifies the systematic controls are properly applied .

Considerations:

1. Generation and maintenance of Quality Assurance Manual, Procedures, and Work Instructions.

2. Organizational authority/responsibilities.

3. Audits by Independent Evaluators.

4. Calibration of Measuring and Test Equipment.

5. Training/Certification of Personnel.

6. Control of Nonconforming Material.

7. Indication of Inspection Status.

8. Closed-Loop Corrective Action Efforts.

9. Verification of Product Configuration.

10. Record Keeping and Recall System (traceability).

IIIB. Materials/Parts Control

Objective: To optimize the economic production, assure the quality and reliability, and maintain configuration control of deliverable product.

Guidance: A successful materials/parts control program controls purchases, utilizes initial and follow-up vendor surveys, and provides for the storage, integration and analysis of procured materials/parts.

Considerations:

1. Selection and evaluation (qualification) of materials/parts consistent with quality and reliability requirements.

2. Maintenance of sufficient documentation to ensure that product configuration is not adversely impacted by procured materials/parts.

3. Implementation of a supplier control and rating program.

4. Performance of incoming inspection using documented and controlled procedures, including the selection of initial and periodic samples of materials to verify compliance and substantiate adequacy of vendors system.

5. Storage and control of inventory including the maintenance of proper environment and verification of applicable shelf life before and after integration into the manufacturing process.

IIIC. Manufacturing Process Control

Objective: To control processes used during manufacturing efforts.

Guidance: A successful manufacturing process control program verifies that a manufacturing process produces equipment reflecting the proper configuration and quality level consistent with the objective. These controls ensure that the process is kept current with product and manufacturing technology.

Considerations:

1. Maintenance of sufficient records identifying the original configuration of the process and approved changes.

2. Process changes properly reflected in the product configuration and quality baseline.

3. Applicable workmanship requirements and drawings invoked on all in-process fabrication cycles involving parts, subassemblies, and assemblies.

4. Implementation of product manufacturing flow plans reflecting process and inspection/test functions.

5. Definition of procedures and criteria required for inspection and test points identified in the product flow.

IIID. In-Process and Final Inspection/Test

Objective: To demonstrate that the product meets all of the subassembly mechanical and electrical performance standards.

Guidance: Successful in-process inspections and tests utilize procedures that provide quantitative accept/reject decision criteria for each level of assembly.

Considerations:

1. One-Hundred Percent Inspection/Test - The need for performing inspections/tests on each product produced.

2. Sampling - Performance of sampling inspections/tests based on established, proven statistical techniques.

3. Test Standards - Utilization of properly calibrated measuring and test equipment, software, procedures, and data sheets required to accomplish necessary inspections/tests.

IIIE. Reliability

Objective: To provide deliverable product to the customer that will meet advertised standards.

Guidance: A successful reliability program utilizes reliability experts during the design and fabrication phases to ensure that reliability is designed into the product and that the product meets the advertised level of performance. These efforts verify that the product design met the intended purpose and that the product Is not inherently degraded during the fabrication process.

Considerations: Stress-Screening - the use of environmental stress screening (burn-in) techniques to detect workmanship defects; weed out suspect or weak parts; and remove other anomalies from the product.

IV. Configuration Management

Objective: To ensure that all product conforms to approved drawings and specifications.

Guidance: A dynamic configuration management system establishes, maintains and Implements an approved configuration baseline which is used to control manufacturing processes and product. Provisions for the timely evaluation and processing of required changes beginning in the earliest stages of production and extending over the service life of the product are integral parts of the system.

Considerations:

1. Definition of all documentation necessary for product fabrication and test including drawings, parts lists, work instructions, configuration baseline list, and manufacturing processes.

2. Accurate and complete descriptions of the materials, parts, subassemblies, and assemblies incorporated into the finished product, including those identified in the critical features list.

3. Designation of applicable and appropriate management levels having the necessary authority to implement and maintain the established system.

4. Systematic procedures and forms for the proposal, evaluation, coordination, implementation, and traceability of required changes (ECOs).

V. Training

Objective: To provide a maintenance training program for technicians to enable them to perform all maintenance tasks on a product, consistent with the maintenance philosophy, and the level of maintenance they are designated to perform.

Guidance: The key feature that characterizes successful maintenance training is the development of training courses prepared for the degree of understanding to be expected of technicians performing different levels of maintenance. Different levels of knowledge and expertise will be required because the maintenance philosophy will dictate them.

Considerations:

1. Courses of instruction should reference appropriate paragraphs, illustrations, etc., in the maintenance manual being used by the technician.

2. Instruction on any special equipment required to be used in maintaining the product.

3. A system of follow-on testing or instruction should be established to assure that the technician maintains proper level of expertise.

4. As the configuration of the product changes, consideration should be given to the need for additional training to cover the changes being made.

VI. Maintenance

Objective: To provide documentation necessary to support maintenance of the deliverable product consistent with the maintenance philosophy for the life of the product.

Guidance: The key feature that characterizes successful maintenance manuals is documentation that completely describes the procedures that are required to maintain the product, as prescribed by the maintenance philosophy. The instructions should be clear, concise, logical, and written for the education level of the technician performing the maintenance.

Considerations:

1. Sufficient theory of operation should be presented to give the technician the level of understanding of the operation of the product needed to perform required maintenance.

2. All procedures, including accompanying troubleshooting charts, schematics, wiring diagrams, illustrations, etc., necessary to perform required maintenance.

3. Any special equipment required to test or repair the product should be specified.

4. As the configuration of the product changes, any associated changes in the maintenance procedures should be reflected in the manual.

5. The availability of maintenance services as necessary for TEMPEST product customers to assure the continuing TEMPEST integrity of the Product.

6. The availability of an unclassified hardware maintenance manual for the product. Manuals shall include documentation as necessary to support maintenance of each critical TEMPEST feature of the product (e.g., maintenance procedures, including accompanying troubleshooting charts, schematics, wiring diagrams, and illustrations).

7. If a TEMPEST vendor elects not to do sole maintenance of the equipment, the documentation must be made available to any agency or subcontractor representative so that the user can conduct its own maintenance. A company will provide user maintenance manuals if the company has not specified that it will do all servicing, or at any time during the life of the MOA that the company elects to stop servicing the equipment. U.S. Government agencies which contract for equipment with the TEP company need not complete vendor training in order to receive the equipment's technical documentation.


[1 page.]




NATIONAL SECURITY AGENCY

TEMPEST Endorsement Program

Process Assessment




[5 pages.]

PREFACE

As part of the process whereby a decision is made whether to enter into a formal relationship with a company for the purpose of developing a TEMPEST product, the National Security Agency (NSA) must establish the existence of capabilities and qualifications within the company which should be present for the successful development and production of that product.

This "Process Assessment" (PA) is designed to provide preliminary information as a prelude to a visit by an NSA survey team to your company's facility. The PA questions should be answered as completely as possible using the attached Objective Standards as a guide. Please include a reason if you determine a question is not applicable to your company and/or proposed product development.

NOTE: At the company's option, video tapes and/or pictures may be submitted with the PA to additionally clarify their responses and facilitate the review process. The company is cautioned however, that should they elect to provide these items, the tapes/photos will not be used in lieu of a site survey or returned to the company.

I. MANAGEMENT

1. Describe your organizational structure, authority, responsibilities, capability, and suitability for the program.

2. Provide company name and address, principal point of contact, a technical point of contact, marketing point of contact, and alternates. For each include name and title, business address, business telephone, citizenship, security clearance (if applicable), social security number, and date/place of birth.

3. Describe the expertise and clearance levels of the key personnel to be involved with the proposed product development, with emphasis on previous TEMPEST experience.

4. Describe the products and services offered (this could be supplemented with a company capabilities brochure).

II. TEMPEST DOCUMENTATION PROCESSES

1. Describe your process for utilization of Endorsed TEMPEST Test Services, both internal and external (if applicable).

2. Describe your process for generating TEMPEST Test Plans.

3. Describe your process for TEMPEST testing the original Test Sample (first production sample) and subsequent Product Assurance testing.

4. Describe your process for documenting deviations to the Test Plan found necessarY during testing.

5. Describe your process for generating TEMPEST Test Reports.

6. Describe your process for document reviews/certifications by the CTP II, who is not an author of the document.

7. Describe your process for updating Test Plans/Reports to cover Engineering Change Orders/Numbers (ECOs/ECNs).

8. Describe your process for updating NSA's copy of Test Plans/Reports to cover revisions made after original submissions.

III. PRODUCT ASSURANCE

1. Describe your Quality system. What controls (procedures, work instructions, etc) are used to perform quality functions (inspection, test, audit) on the production floor?

2. Describe your system for controlling nonconforming material. Who makes the final determination regarding material disposition?

3. Describe your system for documenting parts control and incoming inspection, including the testing of parts.

4. Describe the nature and extent of your typical end item final inspection and test.

5. Describe your system for implementing corrective action efforts (failure analysis, correction of defect/cause, steps taken to close loop and preclude recurrence).

6. Describe your system for evaluating supplier performance (supplier rating system, approved/qualified supplier program, etc).

7. Describe the controls used to ensure the quality, reliability, and integrity of subcontracted product (conveying of requirements, verification of compliance, etc).

8. Describe your Reliability organization. Does it operate independently of other functional elements? How does it interface with and report to the project team and upper management?

9. Describe the typical end item level chamber/temperature stress screening or burn-in testing applied to finished product.

10. Briefly describe the manufacturing capability of your production facility in terms of size, product types, product complexities, and production rates.

11. List your major manufacturing and automated process equipment (environmental/temperature chambers, vibration tables, wave solder, auto insertion, etc) used in the production of your product.

12. Briefly describe your system for traceability.

IV. CONFIGURATION MANAGEMENT

1. Describe your Configuration Management system and the checks and balances (controls) applied to engineering changes (include the review cycle applied and functional responsibility for approval).

2. Describe your system for developing a comprehensive drawing package capable of fully describing the end product. How do you ensure continued compliance and preclude unauthorized changes being made to established processes?

3. Describe the methodology used to verify the "as-built" configuration of your finished product.

4. Describe the methodology used to create and maintain the critical features list and the configuration baseline list.

V. TRAINING

1. Describe your maintenance training program.

VI. MAINTENANCE

1. Describe your maintenance philosophy for a given product and the documentation (i.e., Maintenance Manual) to support that philosophy for the life of the product.


[9 pages.]

GUIDELINES FOR STANDARDIZATION OF ETPL PRODUCT DESCRIPTIONS

l. In an effort to eliminate confusion and redundancy, and to provide users of the ETPL listings clear and meaningful information, the following guidelines will be used in preparing product descriptions. This guidance is aimed at products falling into the following categories: Computer, Computer System, Personal Computer, Portable Computer, Workstation. In the future, we may deem it necessary to expand these guidelines to include other products.

2. For a product to be considered for inclusion in the above categories, it must be a fully testable, stand-alone information processing electronic/ electromechanical apparatus (unit) or an arrangement of units that the Government can accept with a reasonable degree of certainty that the product can comply with the requirements of the TSRD and the NSTISSAM TEMPEST/1-92 TEMPEST standard. The product must be equipped to provide input, output, and mass storage commensurate with the capabilities and intended market of the product. Input and output subsystems are generally recognized as a keyboard and a monitor with video display adapter. However, subsystems that provide two-way, interactive communication between the user and applications are acceptable. Mass storage subsystems must be included with the product and should be of sufficient capacity for the storage of the operating system, application programs, and user data. For example, it is unreasonable and unacceptable for a product produced as a dedicated UNIX workstation to have the basic configuration include only a floppy disk drive for mass storage unless the listing also includes an option for increased mass storage which has been fully tested with the basic system. Similarly, products based on powerful microprocessors (i.e. 80386, 68030) are not reasonably useful without a mass storage subsystem of greater capacity than standard floppy disks.

3. Options to products fall into two general categories: standalone and dependant. Stand-alone options are fully-testable devices that operate from direct connection to AC power or a battery pack. Monitors are an example of a stand-alone option. Dependant options cannot be fully tested by themselves and do not directly connect to AC power or a battery pack. Keyboards and most disk subsystems fall into this category. Dependant options cannot be endorsed as a separate product, they can only be endorsed as an option to a basic system. Stand-alone options may be endorsed as separate products provided that the Company agrees to pursue endorsement according to every step of the ETPP procedures (i.e. separate MOA and data deliverables). 4. Separate product listings will not be accepted for products possessing the same model numbers if the products are considered to be in the same model family. When determining family grouping, microprocessor type, internal operating speeds, chassis design, motherboard/backplane layout, and I/O configurations should be considered. Any enhancement that will not "plug in" to an existing system or results in the replacement of major system components, such as the CPU, will require the vendor to submit a new proposal for a new product. For instance, a change in CPU would constitute a new model line (e.g. changing the CPU from an 80286 to an 80386 or an 80386 to an 80486). Similarly, the addition of a prefetch queue or cache to a system that results in physically altering the motherboard would constitute a new model. Additionally, the changing of the chassis design (e.g. desktop to tower) would not require a new product provided the system board, power supply, and peripherals remain the same in both chassis. It is important to note that altering the clock speed of a system may or may not require a new model line, depending on the design of the system. For instance, if a new system board is necessary or a large number of supporting chips on the motherboard need to be replaced then a new model would be required. However, if the system is designed around the technology of replaceable CPU boards and the increased speed requires the replacement of a single CPU board then the system would be able to remain in the same model family. The ability to add a new family member verses initiating a new product does not release the vendor from performing full product testing on the new family member. Descriptions for products should follow the format described below:

I. Basic Unit Description The basic unit description should provide a detailed description of the features available in all units within a model family. The description should be a factual statement of the hardware and should not contain unnecessary descriptive language (i.e. this machine is the most powerful available in its class, or unsurpassed flexibility.) Additionally, the description should address those items in the configuration that are important from a performance standpoint without becoming too detailed and technical. For example, stating a system is based upon an 80386 microprocessor is a sufficient level of detail; describing the number and size of the microprocessor's internal registers is too detailed and does not provide information critical to the end user's decision process. Another example of superfluous information is the inclusion of such items as available ROM. The amount of ROM in a system is not important to the operation of the system; the functions provided by that ROM is important.

The following list of items is provided as a general outline to follow. The inclusion/addition of items will depend upon the configuration of the product; however, the format presented should be followed as closely as possible.

a. OEM and Model Number - The original manufacturer's name and model designator the product is based on.

b. CPU and Clock Rate - The designator of the CPU and the operating speed (in MHZ).

c. CPU Cache RAM - The size of the cache, in kilobytes, and method of implementation (e.g. 64KB discrete logic cache expandable to 128KB, an 82385 cache controller with 32KB cache.)

d. Bus Type and Clock Rate - The bus design (e.g. ISA, EISA, MCA) and speed, in MHz, of the system I/O bus.

e. Expansion Slots - The number, type, and data path width of the expansion slots on the mother-board (e.g. 1 32-bit proprietary memory slot, 2 8-bit and 6 16bit slots.)

f. Ports - The number, type, and location of I/O ports (e.g. card with 1 parallel and 1 DB-9 serial port, built-in mouse port.)

g. RAM Installed - The location, amount, and data path width of the system RAM (e.g. 1MB of 32-bit RAM on motherboard.) Note: If desired the maximum system RAM may be included in the description (e.g. 1MB of 32-bit RAM on the motherboard, expandable to 16MB with optional 32-bit memory expansion card.)

h. Interfaces - The type, location, data path width, capacity, and capabilities of peripheral interfaces (e.g. 16bit ESDI controller card with support for 2 internal hard disks and 2 internal 360K to 1.44MB floppy disks.)

i. Display Adapter - The type of video display adapter (e.g. CGA, EGA, VGA), location of the adapter (e.g. motherboard, card), data path width, and connector type (e.g. DB-9, HD-15.)

j. Power Supply - The voltage the power supply will operate on and the power supplied to the system. If the power supply will operate on more than one voltage (e.g. 110V and 220V) the method of switching between voltages should be listed.

k. Keyboard - The type of keyboard (e.g. 101-key enhanced.)

l. Drives/Storage Devices - The form factor, formatted capacity and average advertised access time of each device (e.g. full-height 120MB SCSI drive with 18ms access time and a half-height 1.2MB floppy drive.)

m. Monitor - The diagonal screen size, resolution, and type display (e.g. 14-inch color VGA monitor with 1024 x 768 resolution on a tilt-swivel base.)

n. Chassis Design - The design of the chassis, form factor, and number of internal device bays (e.g. desktop chassis with two half-height front panel access bays and one full-height device bay for removeable devices.)

II. Configured Options. This section will include a breakdown of configured options for individual models. In many cases the differences between models within a model family which determine the model numbers are the standard drive configurations, type of display adaptor/monitor, and amount of RAM installed. These listings will be terse but informative lists of the components installed in addition to the basic configuration and will not be verbose descriptions of the systems.

III. Additional Options. This section will include options available on all models. The listing will be terse but informative and will not contain verbose descriptions of the options being offered.

IV. Model Specific Options. This section will include options available only for specific models within the model family. The listings will be grouped by model and, as with the Additional Options, be terse but informative and not contain verbose descriptions of the options.

EXAMPLE DESCRIPTION:
Using the guideline of the Basic Unit Description the information to compile is as follows:

OEM - Acme Computers, Model 386/33D CPU - 33MHz 80386 CACHE 64KB discrete logic BUS - selectable 8 or 10 MHz ISA SLOTS -1 32-bit proprietary memory slot 1 8-bit 6 8/16-bit PORTS expansion card with 1 parallel and 1 DB-9 serial port RAM 2MB of 32-bit RAM on motherboard expandable to 8MB on motherboard, total 32-bit RAM 16MB with optional memory expansion card

INTERFACE - 16-bit MFM disk interface with support for 2 internal hard disks and 2 internal 360K to 1.44MB floppy disks

DISPLAY ADAPTER - 8-bit color EGA card with DB-9 connector

POWER SUPPLY - 230 watt auto-selecting 110/220VAC KEYBOARD - 101 key enhanced

DRIVES - half-height 1.2MB floppy, half-height 40MB MFM hard disk with 28ms access

MONITOR - 14 inch color EGA with 720 x 350 resolution

CHASSIS - desktop chassis with 3 half-height front panel access and 2 half-height internal device bays

MANUFACTURER CITY, STATE

EQUIPMENT

Computer, Personal Sometown, USA

DESCRIPTION

ABC Systems, Inc.

MODEL NUMBER PC-33-xxx

The PC-33-xxx family of personal computers is based on the Acme Model 386/33D computer. The PC-33-xxx is a desktop computer with 2 half-height internal and 3 half-height front panel access device bays, equipped with a 33MHz 80386 CPU and a 64KB discrete logic processor cache. The system board is an ISA design operating at 8 or 10 MHz, software selectable, with 8 expansion slots (1 32-bit proprietary memory slot, 1 8-bit and 6 8/16-bit slots). The basic configuration includes: 1 parallel and 1 DB-9 serial port on an 8-bit expansion card; 2MB of 32-bit RAM on the motherboard; a 16-bit MFM disk interface card that supports 2 internal hard drives and 2 internal 360K to 1.44MB floppy drives; an 8-bit EGA color video adapter with DB-9 connector; a 230 watt autosensing 110/220VAC power supply; a 101-key enhanced keyboard; a half-height 1.2MB floppy disk drive; a half-height 40MB MFM hard disk with 28ms access time; and a 14 inch color EGA monitor with 720 x 3S0 resolution. All systems can accommodate up to 8MB of 32-bit RAM on the motherboard and an additional 8MB on the optional memory expansion card for a system total of 16MB.
CONFIGURED OPTIONS:

BASIC UNIT WITH INCLUDED OPTIONS

MODEL

PC-33-001 Basic Unit

PC-33-002 CV-01 16-bit color VGA adapter with 14 inch 800 x 600 color VGA monitor

PC-33-003 CV-01 16-bit color VGA adapter with 14 inch 800 x 600 color VGA monitor ED-01 16-bit ESDI disk interface with half-7 height 80MB hard disk PC-33004 CV-01 16-bit color VGA adapter with 14 inch 800 x 600 color VGA monitor

SD-01 16-bit SCSI disk interface with half-height 110MB hard disk EN-01 16-bit 10Mbps Ethernet adapter

OPTIONS FOR ALL MODELS:

GA-01 16-bit 1024 x 768 VGA adapter and 19 inch 1280 x 1024 color monitor with tilt/swivel base

MS-01 3 button mouse with 8-bit bus adapter

SP-01 Additional parallel and DB-9 serial port adapter card

DD-01 Half-height 1.44MB floppy disk drive

MM-01 Additional 2MB memory for motherboard (up to three may be ordered)

MM-02 32-bit memory expansion board with 2MB memory (motherboard memory must be completed filled before ordering this option)

MM-03 Additional 2MB memory for memory expansion board (up to three may be ordered)

NC-01 33MHz 80387 math co-processor

EN-02 8-bit 2Mbps Ethernet adapter

OPTIONS FOR PC-33-002 ONLY

HD-01 Full-height 71MB 28ms MFM hard disk

OPTIONS FOR PC-33-003 ONLY

ED-02 Half-height 160MB 16ms ESDI hard disk

ED-03 Full-height 330MB 14ms ESDI hard disk 8

OPTIONS FOR PC-33-004 ONLY

SD-02 Full-height 330MB 14ms SCSI hard disk

SD-03 Full-height 660MB 16ms SCSI hard disk

5. All original Product Description sheets shall identify part numbers for basic units as well as individual options, whether configured or additional. Product description sheets for additional options and/or addendums to the original product shall provide all previously provided product description sheets for the product as well as the new product profile to include the product addendums or options. The Company shall distinguish between options available on all models and those available with only some models. The Agency will only list configurations which have been tested and are accompanied by supporting test data, unless the Company provides and the Agency approves technical rationale as to why testing is not necessary to ensure compliance of the product, as listed, to NSTISSAM TEMPEST/1-92.


[End ETPP package.]

Transcription and HTML by Cryptome.