Protected Distribution System

A protective distribution system (PDS), also called ''protected distribution system'', is a US government term for wireline or fiber-optic telecommunication system that includes terminals and adequate acoustical, electrical, electromagnetic, and physical safeguards to permit its use for the unencrypted transmission of classified information. At one time these systems were called "approved circuits".

A complete protected distribution system includes the subscriber and terminal equipment and the interconnecting lines.

Description

The purpose of a PDS is to deter, detect and/or make difficult physical access to the communication lines carrying national security information.
A specification called the National Security Telecommunications and Information Systems Security Instruction (NSTISSI) 7003 was issued in December 1996 by the Committee on National Security Systems.
Approval authority, standards, and guidance for the design, installation, and maintenance for PDS are provided by NSTISSI 7003 to U.S. government departments and agencies and their contractors and vendors. This instruction describes the requirements for all PDS installations within the U.S. and for low and medium threat locations outside the U.S.
PDS is commonly used to protect SIPRNet and JWICS networks.
The document superseded one numbered NASCI 4009 on Protected Distribution Systems, dated December 30, 1981, and part of a document called NACSEM 5203, that covered guidelines for facility design, using the designations "red" and "black".

There are two types of PDS: hardened distribution systems and simple distribution systems.

Hardened distribution

Hardened distribution PDSs provide significant physical protection and can be implemented in three forms: hardened carrier PDSs, alarmed carrier PDSs and continuously viewed carrier PDSs.

Hardened carrier

In a hardened carrier PDS, the data cables are installed in a carrier constructed of electrical metallic tubing ( EMT), ferrous conduit or pipe, or rigid sheet steel ducting. All of the connections in a Hardened Carrier System are permanently sealed completely around all surfaces with welds, epoxy or other such sealants. If the hardened carrier is buried under ground, to secure cables running between buildings for example, the carrier containing the cables is encased in concrete.

With a hardened carrier system, detection is accomplished via human inspections that are required to be performed periodically. Therefore, hardened carriers are installed below ceilings or above flooring so they can be visually inspected to ensure that no intrusions have occurred. These periodic visual inspections (PVIs) occur at a frequency dependent upon the level of threat to the environment, the security classification of the data, and the access control to the area.

Alarmed carrier

As an alternative to conducting human visual inspections, an alarmed carrier PDS may be constructed to automate the inspection process through electronic monitoring with an alarm system. In an Alarmed Carrier PDS, the carrier system is “alarmed” with specialized optical fibers deployed within the conduit for the purpose of sensing acoustic vibrations that usually occur when an intrusion is being attempted on the conduit in order to gain access to the cables.

Alarmed carrier PDS offers several advantages over hardened carrier PDS:

#Provides continuous monitoring 24/7/365
#Eliminates the requirement for periodic visual inspections
#Allows the carrier to be hidden above the ceiling or below the floor, since periodic visual inspections are not required
#Eliminates the need for the welding and epoxying of the connections
#Eliminates the requirement for concrete encasement outdoors
#Eliminates the need to lock down manhole covers
#Enables rapid redeployment for evolving network arrangements

Legacy alarmed carrier systems monitor the carrier containing the cables being protected. More advanced systems monitor the fibers within, or intrinsic to, the cables being protected to turn those cables into sensors, which detect intrusion attempts.

Depending on the government organization, utilizing an alarmed carrier PDS in conjunction with interlocking armored cable may, in some cases, allow for the elimination of the carrier systems altogether. In these instances, the cables being protected can be installed in existing conveyance (wire basket, ladder rack) or suspended cabling (on D-rings, J-Hooks, etc.).

Continuously viewed carrier

A Continuously Viewed Carrier PDS is one that is under continuous observation, 24 hours per day (including when operational). Such circuits may be grouped together, but should be separated from all non-continuously viewed circuits ensuring an open field of view. Standing orders should include the requirement to investigate any attempt to disturb the PDS. Appropriate security personnel should investigate the area of attempted penetration within 15 minutes of discovery. This type of hardened carrier is not used for Top Secret or special category information for non-U.S. UAA.
UAA is an Uncontrolled Access Area (UAA). Like definitions include Controlled Access Area (CAA) and Restricted Access Area (RAA). A Secure Room (SR) offers the highest degree of protection.

Therefore, from the least protected (least secure) to the most protected is as follows:

UAA
RAA
CAA
SR

Simple distribution

Simple distribution PDSs are afforded a reduced level of physical security protection as compared to a hardened distribution PDS. They use a simple carrier system and the following means are acceptable under NSTISSI 7003:
#The data cables should be installed in a carrier
#The carrier can be constructed of any material (e.g., wood, PVT, EMT, ferrous conduit)
#The joints and access points should be secured and be controlled by personnel cleared to the highest level of data handled by the PDS
#The carrier is to be inspected in accordance with the requirements of NSTISSI 7003

See also

*National Information Systems Security Glossary

References

*{{FS1037C

Classified information
Telecommunications systems