Trusted Radiation Identification System

The Trusted Radiation Identification System (TRIS) was developed at Sandia National Laboratories to provide a means for confirming the identities of Treaty Accountable Items (TAIs) by comparing gamma-ray spectral measurements, which is a technique that is often referred to as template matching. TRIS incorporates design features that accommodate the conflicting requirements of ensuring that host-country classified information is protected while assuring the inspector that the measurement results are valid. TRIS uses a divided hardware and firmware architecture that isolates classified information from the unclassified output to facilitate certification for use with classified components. Data are collected and analyzed by a trusted processor that contains two separate processing units mounted within a tamper-indicating enclosure. The red side of the trusted processor acquires classified data from a sodium iodide gamma-ray spectrometer connected to a commercial multichannel analyzer. The black side of the trusted processor interfaces with the operator via a serial port connected to a simple hand-held input/output device that has a small keypad and a four-line liquid-crystal display. Communication lines between the two processors are optically isolated and a central steel plate provides radio-frequency isolation between the two processing units. The steel plate also provides a conductive heat path from the processing units to the steel enclosure. A 12-volt battery supplies power to both the trusted processor and the spectrometer. The trusted processor employs hardware and software features to facilitate inspection of the equipment. An eddy-current scanner is used to inspect the trusted processor: the material properties associated with the random crystallization patterns in the welds uniquely identify the stainless-steel enclosure; the eddy-current scans would also reveal penetrations into the enclosure that may not be visually observable. The trusted processor also uses an algorithm that employs cryptographic functions to authenticate both the firmware and the radiation templates.