Summary - ITU-T K.87 (08/2024) - Guide for the application of electromagnetic security requirements

Summary - K.87 (08/2024) - Guide for the application of electromagnetic security requirements - Overview

Recommendation ITU-T K.87 provides general guidelines of information security management for telecommunications organizations are presented in Recommendation ITU-T X.1051, which is based on ISO/IEC�27002. In an information security management system (ISMS) based on Recommendation ITU-T X.1051, physical security is one of key issues, as shown for example in the following text presented in Recommendation ITU-T X.1051:
"a site whose environment is least susceptible to damage from the environment should be selected for communication centres�� where a site is chosen that is vulnerable to environmental damage, appropriate measures should be taken against known hazards including: natural disasters [see e)] and temperature extremes;"
"a site whose environment is least susceptible to damage from strong electromagnetic field shall be selected for communication centres - where a site is chosen that is exposed to strong electromagnetic fields, appropriate measures should be taken to protect telecommunications equipment rooms with electromagnetic shields;"
When security is managed, the threat to equipment or site should be evaluated and mitigated. The threat is related to "vulnerability" and "confidentiality" in ISMS.
This Recommendation, ITU-T K.87, outlines electromagnetic security risks of telecommunication equipment and illustrates how to assess and prevent those risks in order to manage ISMS in accordance with Recommendation ITU-T X.1051. Major electromagnetic security risks addressed in this Recommendation are as follows:
�natural electromagnetic (EM) threats (e.g., lightning);
�unintentional interference (i.e., electromagnetic interference, EMI);
�intentional interference (i.e., intentional electromagnetic interference, IEMI);
�deliberate EM attacks via high-altitude electromagnetic pulse (HEMP);
�deliberate high-power electromagnetic (HPEM) attacks;
�information leakage from EM emanation (i.e., electromagnetic security, EMSEC).
Mitigation methods against electromagnetic security threats are also described in this Recommendation.