TEMPEST Certification

TEMPEST refers to investigations and studies on compromising emanations related to classified information which is being sent, received, managed or somehow processed by either electronic equipment or systems. Once detected and analysed, such unintentionally emanations can lead to the obtaining of information. TEMPEST also refers to the measures implemented regarding the protection against such compromising emanations.

The CCN, as security certification authority for Information Technologies in EMSEC scope, has actively participated in the development of the Spanish TEMPEST regulation.

The TEMPEST directive (CCN-STIC-210) is applicable to national classified information, either confidential or even more secret. Therefore, it covers equipment, systems and installations, fix and mobile alike, in which information is being generated and processed.