SCIF and Radio Frequency Secured Facility Design

In recent years, we’ve noticed a growing confusion in the industry over sensitive compartmented information facilities (SCIF) design and performance requirements. Part 1 of this article is intended to bring some clarity to various documents and performance requirements from a radiofrequency (RF) shielding perspective to aid in the design and construction of these facilities. 

Introduction to SCIF Specifications

The two most referenced documents for SCIF design are ICD/ICS‑705 Technical Specification for Construction and Management of Sensitive Compartmented Information Facilities.[1] and NSA 94‑106 [2]. It has been our experience that these documents are often referenced interchangeably or in conjunction with each other. 

In some cases, project documents will indicate that a facility has been designed to meet NSA 94‑106 as identified in ICD/ICS‑705. This is problematic as ICD/ICS‑705 does not reference NSA 94‑106, nor is ICD/ICS‑705 intended to meet the requirements set forth in NSA 94‑106. This article will analyze the purpose of ICD/ICS‑705 and NSA 94‑106 as it pertains to RF shielding and highlight some of the differences between the two standards.

SCIF Overview

It is important to understand that a SCIF can come in many different forms. In some applications, a SCIF may be a physical barrier or a physically secured room and other applications may require acoustic and RF shielding enhancements. An Accrediting Officer (AO) and Site Security Manager (SSM) will evaluate the risk and vulnerability of a SCIF to determine the physical and technical measures that must be deployed for each SCIF application. Further, the Certified TEMPEST[3] Technical Authority (CTTA) will evaluate for TEMPEST requirements and provide direction on RF shielding requirements based upon risk of RF interference to the SCIF.

SCIF Construction Methods and RF Shielding Performance Requirements

While it is not uncommon for NSA 94‑106 to be referenced as part of a SCIF project, the ICD/ICS‑705 construction recommendations will not achieve the RF performance required under NSA 94‑106, which include attenuation levels as high as 100 dB at 10 GHz.

In order to achieve the performance requirements under NSA 94‑106, a six-sided shielding system with higher performance RF doors, filters, and appropriately treated RF penetrations is required. The details in ICD/ICS‑705 show a more limited RF shielded partition using RF foil between layers of drywall with 6” to 8” returns at the floor and ceiling per Figures 1 and 2). This can become confusing if both standards are referenced as part of a project.

Figure 1: Example of ICD/ICS-705 RF shielding barrier installation

 

Figure 2: One of three wall sections presented in ICD/ICS-705 depicting a RF barrier

Beyond the limited shielded barrier presented in ICD/ICS‑705, the technical specification identifies the use of 1800 Ultra Radiant Barrier for SCIFs manufactured by rFOIL® [4]. A review of the product data provided by the manufacturer demonstrates that the product can be used for ICD/ICS‑705 but is not intended for use in NSA 94‑106 applications. 

The product data as depicted in Figure 3 indicate the shielding material is not capable of providing 100 dB at frequencies greater than 1.5 GHz. Additionally, it is unclear whether the material would meet the NSA 94‑106 requirements below 100 MHz. Based on the trend in performance provided in the product data, it is unlikely that the material would meet the NSA RF performance requirements. 

Figure 3: rFOIL RF shielding effectiveness product data[4]

Lastly, the product data sheet appears to indicate that a smaller sample of material was tested on a steel RF shielded enclosure. This test would provide an indication of the material’s performance under ideal circumstances but would not provide a clear indication of how performance would be impacted by various installation methods.

Beyond the product data, the construction methodology under ICD/ICS‑705 should also be considered. ICD/ICS‑705 identifies that the barrier be installed between two layers of drywall for the walls with the shielding material being turned at the floor and ceiling and extending several inches away from the wall. When the ceiling is comprised of a metal pan deck, it is often recommended that the shielding barrier be tied into the metal pan deck. 

But the installation of the shielding barrier between two layers of drywall results in the shielding being perforated by the drywall screws utilized to install the second layer of drywall. Each perforation further degrades the overall shielding performance. This results in a less effective shielding system or Faraday cage and will not achieve the performance requirements of NSA 94‑106.

Importance of RF Shielded Components

ICD/ICS‑705 only identifies an RF barrier when required and does not identify requirements for other RF shielded components including doors, filters, and penetrations such as waveguide air vents. The structure of ICD/ICS‑705 renders these components unnecessary as they provide limited value from a RF shielding effectiveness perspective without a six-sided shielding system. Despite this, many projects identify requirements for these RF components when utilizing ICD/ICS‑705 construction methods while referencing the NSA 94‑106 shielding effectiveness or some other (often arbitrary) level of RF shielding effectiveness. These components may provide some value but, in terms of improving the RF shielding effectiveness, that value is often limited. For example, RF filters could attenuate unwanted conducted emissions, but will provide little improvement in overall shielding attenuation.

Security Considerations

ICD/ICS‑705 is intended to provide a level of security and often takes advantage of distances from the SCIF to the perimeter of a facility. But, by itself, the facility is not RF secure. A facility or space designated to meet NSA 94‑106 is RF secure as it requires a six-sided shielding system, RF doors, penetrations, and filters to achieve the performance objectives set forth in NSA 94‑106. 

As shown in Figure 4, these shielding systems are often comprised of modular construction capable of providing 100 dB of attenuation up to 10 GHz and meeting the low frequency electric and magnetic shielding performance at frequencies as low as 1 kHz.

Figure 4: Example of a NSA 94-106 compliant RF shielding system integrated into a building

In addition to a six-sided RF shielded enclosure, other RF components will be required to achieve the RF shielding performance requirements as specified in NSA 94‑106. These include RF shielded doors, RF shielded penetrations for HVAC, plumbing and fiber, and RF filters for electrical, lighting, and building management systems. Examples of electrically filtered penetrations and RF treated sprinkler or plumbing penetrations are presented in Figures 5 and 6 on page 38, respectively. Without proper product selection and treatment of all these components, the secure space will be at risk of not complying with the NSA 94‑106 performance requirements. 

Figure 5: Example of a filter detail for electrical, lighting, and building management systems per NSA 94-106

 

Figure 6: Example of a plumbing penetration for a sprinkler system per NSA 94-106

For a shielding system to comply with NSA 94‑106, all aspects of the shielding must be identified and coordinated with the design team, the general contractor, and mechanical, electrical, and plumbing (MEP) subcontractors to ensure that all building systems and penetrations are properly addressed. 

ICD/ICS‑705 does not specifically identify requirements for treating penetrations through the shielding with most utilities passing through the shielding system untreated.

Key Differences Between ICD/ICS‑705 and NSA 94‑106

Many projects reference both ICD/ICS‑705 and NSA 94‑106. As previously discussed, the requirements for each specification are quite different and should not be used interchangeably or in conjunction with each other. ICD/ICS‑705 does not identify specific performance requirements while NSA 94‑106 specifies performance requirements from 1 kHz to 10 GHz. 

ICD/ICS‑705 primarily provides direction on the construction of a SCIF with instructions on how to incorporate a RF barrier, but not a shielding system intended to meet NSA 94‑106 RF performance requirements. This is evident by the construction methodology and materials identified in ICD/ICS‑705. 

A six-sided shielding system (Faraday cage) is required to meet the performance requirements under NSA 94‑106, but
ICD/ICS‑705 simply calls for a RF shielding barrier on the wall. Further, the material specified in ICD/ICS‑705 is not capable of achieving the NSA 94‑106 performance objectives as noted by the rFOIL product performance data. Additionally, ICD/ICS‑705
does not require the same level of RF treatment of doors, electrical systems, and mechanical penetrations as would be required under NSA 94‑106. 

Table 1 summarizes these key differences between ICD/ICS‑705 and NSA 94‑106. 

ICD/ICS-705 NSA 94-106
Requires RF Shielding Maybe* Yes
Limited RF Shielding Barrier Yes No
Six-Sided Shielding Required No Yes
Requires RF Doors No Yes
Requires RF Filters No Yes
Requires RF Treated Penetrations No Yes
Includes Magnetic Field Performance Requirements No Yes
Includes Electric Field Performance Requirements No Yes
Includes Plane Wave Performance Requirements No Yes

*The project CTTA will determine the SCIF requirement, which may or may not include a RF barrier.

Table 1: ICD/ICS-705 and NSA 94-106 Summary of Requirements

Conclusion

As discussed above, referencing both
ICD/ICS‑705 and NSA 94‑106 as part of a project can create much confusion in terms of project requirements. This can have significant performance and cost implications. Most general contractors lack expertise in RF shielding. These discrepancies can go unidentified, placing a project at risk of not meeting project requirements and potentially incurring large cost overruns unless an experienced RF shielding company or consultant is involved. Therefore, it is critical to clearly identify the project requirements and ensure that the differences between ICD/ICS‑705 and NSA 94‑106 are well understood. 

References

  1. ICD/ICS‑705 – Technical Specification for Construction and Management of Sensitive Compartmented Information Facilities
  2. NSA 94‑106 – not available for public reference
  3. TEMPEST is a U.S. National Security Agency specification and a NATO certification used in reference to secure facilities.
  4. rFOIL product data

Leave a Comment

Scroll to Top
Malcare WordPress Security