Year
2002
Abstract
Authentication is the process by which the Monitoring Party gains appropriate confidence that the information reported by a monitoring system accurately reflects the true state of the monitored item. Several general authentication tools (e.g., random selection, private examination, documentation examination) have been previously discussed [1]. This paper presents some of the more specific authentication tools that have been found or developed to aid the authentication process. One of the main problems that authentication must address is finding all potential hidden switches, which by definition are covert additions to the system that could be used to covertly pass out-of-specification items while still passing on-site functional testing. Especially problematic are those hidden switches that can be selectively triggered by remote control signals or unique conditions. A hidden switch could be implemented in either hardware or software. Automated measurement systems use embedded computers and custom programmed logic chips that all have internal programming that could in principle be modified to achieve some advantage. Since authentication is much more than functional testing, tools have been developed to assure that the operating software matches that supplied in the documentation package and to aid the examination of the supplied source code. Tools and techniques to readout all internal programming and search for covert modifications have been developed at PNNL to facilitate software examination and authentication. Some commercial and custom software debugging and coverage tools are useful in understanding details of the software operations and in finding potential hidden switch modifications. The comparison of installed software to a golden copy relies on a hash function comparison, and that hash function must be shown to be acceptable. Another aspect of software authentication is testing the robustness of analysis programs to a degree not possible with on-site functional testing. A “data-distorting” program has been developed to quantitatively distort energy calibration and resolution of a single measured HPGe spectrum through re-binning and averaging the spectral data as a means of measuring the robustness of analysis software. It is more efficient to computationally distort one measurement than to collect several test spectra. A hidden switch could also be implemented with a modification to the hardware. Thus specific tools like change detection software that can be applied to photographs and X-rays of actual and baseline equipment can aid in discovering covert modifications.