TRANSMISSION SECURITY (TRANSEC)
“We’ve just been assuming that the RF [radio frequency] spectrum is a benign environment and nobody’s going to threaten us,” But as the US military has made ever more spectacular use of satellites and networks, “The rest of the world’s been watching that too — China and Russia in particular.”
General John Hyten, Commander US Air Force Space Command [From Breaking Defense 12/02/2015]
COMSEC ≠ TRANSEC
Communication Security (COMSEC) is commonly used to secure the confidentiality of data at rest (stored) or in motion (transmission). Transmission Security (TRANSEC) is used to ensure the availability of transmissions and limit intelligence collection from the transmissions.
The roles of TRANSEC in protected communications are:
- Prevent Interception – TRANSEC measures are used in transmission of a signal to make the signal less likely to be detected or intercepted. Detection implies an adversary could determine that a signal is being transmitted. Interception implies that an adversary could capture the signal in some useful form.
- Prevent Disruption of Reception – TRANSEC measures are added to a signal to increase the likelihood of successful reception in the presence of adversarial efforts such as jamming and/or naturally occurring noise/disruptions.
- Prevent Communications Deception – TRANSEC measures are added to a signal to provide authentication that the signal originated from the intended source.
- Prevent Derivation of Intelligence by Analysis of Transmission Characteristics such as Signal Parameters or Message Externals – TRANSEC measures are added to obfuscate the RF signal itself or the data transmitted by the signal to prevent an adversary from obtaining intelligence data from the transmission itself.
While COMSEC methods are commonly used, the use of TRANSEC has declined over the past 20 years. Emergence of cyber and other new threats had reduced the priority of Electronic Warfare threats which TRANSEC is designed to counter. As a result, many essential communications do not have TRANSEC protections. The Defense Science Board's 2015 Report highlighted this deficiency as a siginificant operational threat. Jamming and SIGINT are asymmetric threats that many different actors can used effectively to disrupt communications. As a result, the threat landscape is changing driving users and developers to implement TRANSEC both existing and new systems.
TRANSEC Policy and requirements
Compliance to evolving TRANSEC Policy in Defense Systems can be complex. For example, policy guidance for SATCOM systems can be found in the following documents:
- Committee on National Security Systems (CNSS) Policy CNSSP 12 – National Information Assurance Policy for Space Systems Used to Support National Security Missions
- CNSS Instruction CNSSI 1200 - National Information Assurance Instruction for Space Systems Used to Support National Security Missions
- CNSSI 1253 – Security Categorization and Control Selection for National Security Systems
- CNSSI 1253 Appendix F, Attachment 2 – Space Platform Overlay
- DoD Instruction DoDI 8500.01 – Cybersecurity
- DoDI 8581.01 – Information Assurance (IA) Policy for Space Systems Used by the DoD
- NIST Special Publication SP 800-53 – Security and Privacy Controls for Federal Information Systems and Organizations
While these documents convey high level policy, they do not translate it into actionable requirements needed by system developers. This translation must take into account policy, mission needs, threats, and system capabilities.
How Secmation Can Help
Secmation is a leader in TRANSEC systems engineering. We have developed detailed requirements for TRANSEC systems to guide procurement, development, and compliance. We are current in evolving threat types and can design countermeasures for emerging communications threats. Our engineers have provided TRANSEC training to the Department of Defense and other US Government agencies.