Classified UAS operations generate electromagnetic emanations that can reveal sensitive information to external observers. TEMPEST shielding is the engineering response. This article explains what TEMPEST protects against, how shielding works, and when UAS operators need to specify compliant facilities.
Every electronic device emits electromagnetic radiation as a byproduct of operation. Most of this radiation is harmless background noise. But some of it carries information — the actual data being processed, in recoverable form, radiating through walls and into the surrounding environment where anyone with the right equipment can intercept it. TEMPEST — a codename turned standard — is the engineering discipline that prevents this.
For UAS operators handling classified intelligence, surveillance, and reconnaissance data, TEMPEST is not optional. Without appropriate shielding, the downlinked imagery from a reconnaissance mission, the commander's decisions based on intercepted signals intelligence, and the raw operational picture on the common operational display could all be recoverable by adversaries positioned within hundreds of metres of the ground control station.
This article covers what TEMPEST protects, how shielding engineering works, the zoning system that determines shielding requirements, and the practical considerations for UAS operators specifying TEMPEST-compliant modular ground stations.
TEMPEST addresses three categories of unintended electromagnetic emanation that can carry sensitive data:
Classified data processed by electronic equipment generates electrical signals that travel along power cables, network cables, and signal cables. These conducted emanations can be intercepted at points outside the secure zone — typically on the power or network lines exiting the facility. Without filtering, signals from classified equipment can travel hundreds of metres along conductors before attenuating to intercept threshold.
Electronic equipment also radiates electromagnetic waves through space. A CRT monitor radiates the image it displays; LCD monitors radiate less but still measurably. Keyboards radiate keystroke signals. Disk drives radiate during read/write. Video cables radiate video signals. Each source has a characteristic emanation profile that can be measured and, with appropriate equipment, reconstructed into intelligible data.
Historical demonstrations of TEMPEST vulnerability include reconstruction of monitor displays from over 100 metres away using commercial receivers, and recovery of keyboard input from adjacent offices through wall materials. Modern equipment with internal shielding reduces these distances but does not eliminate them.
Some equipment generates audible sound carrying classified information — keyboard clicks that vary by key, cooling fans that modulate with processing load, hard disks audible through walls. Acoustic TEMPEST threats are typically lower priority than electromagnetic but have been demonstrated in controlled research. Sound attenuation is included in most TEMPEST facility specifications as a supplementary measure.
TEMPEST is not a single specification. National and international standards define zoning systems that match protection level to threat. Three zoning systems are commonly referenced:
NATO's TEMPEST standard defines three zones based on expected threat proximity:
U.S. standards use similar zoning but with different specifications. Equipment is rated for use in various zones based on tested emanation characteristics. U.S. SCIF (Sensitive Compartmented Information Facility) standards under ICD 705 specify the physical construction requirements that complement TEMPEST emanation specifications.
UK standards (managed by the National Cyber Security Centre, successor to CESG) follow similar principles but with distinct technical specifications. UK operations typically specify CESG-compliant shielded facilities for classified UAS ground stations.
Coalition operations frequently combine equipment and facilities certified under different national TEMPEST standards. In practice, most national standards align sufficiently that Zone B NATO AMSG 720B compliance translates to acceptable protection under equivalent U.S. and UK zoning, though formal accreditation may require specific testing against each applicable standard.
TEMPEST shielding combines multiple engineering measures. No single measure provides adequate protection; compliant facilities stack several together.
Wall, floor, and ceiling construction incorporates conductive material — typically copper or aluminium sheet, or steel mesh embedded in the wall build-up. This conductive layer creates a Faraday cage around the shielded zone, attenuating electromagnetic radiation crossing it. Attenuation performance is specified in decibels across a specified frequency range, typically 80–100 dB attenuation from 10 kHz to 10 GHz for Zone B compliance.
Wall thickness increases modestly — typical 150–200 mm TEMPEST wall vs 100–150 mm standard wall — but mass increases significantly due to the conductive material. Structural design accounts for the additional mass in foundation loading and seismic response.
Apertures are the weakest points in a shielded facility. TEMPEST-compliant doors incorporate conductive gasket seals that maintain electrical continuity across the door frame when the door is closed. Typical attenuation through closed TEMPEST doors matches wall attenuation. Windows, if present, use metallised glazing with specific transmittance characteristics — though most TEMPEST facilities avoid windows in the shielded zone entirely.
HVAC ductwork, water lines, waste lines, and cable penetrations all cross the shielded envelope. Each penetration is engineered with specific TEMPEST treatments: waveguide-below-cutoff penetrations for metallic services, honeycomb vents for ventilation openings, filtered cable penetrations for electrical services. Each penetration is a potential leakage path if not engineered correctly.
Power cables entering the shielded zone include TEMPEST-rated filters that block conducted emanations while passing 50/60 Hz power. Red/black separation keeps classified ("red") power circuits physically separated from unclassified ("black") circuits; crossing points include isolation transformers and filter banks.
Classified networks entering or leaving the shielded zone use fibre optic links (which do not radiate electromagnetic emanations) rather than copper cabling. Where copper is required, TEMPEST filters attenuate the data-band frequencies that would carry classified information while passing the control signals the network requires.
UAS ground stations have several characteristics that make TEMPEST engineering particularly important and particularly challenging.
UAS operations are visual. Operators watch real-time video downlinks, imagery analysts examine still imagery, commanders view the common operational picture. Every display is a potential emanation source. Classified ground stations include all displays in the shielded zone, use low-emanation display types where available, and keep displays away from external walls.
UAS command and control uses RF links — UHF, C-band, Ku-band, satellite. The antennas that support these links are necessarily outside the shielded zone, connected through filtered cable penetrations to the radios inside. Cable run engineering is critical: cable paths, filter specifications, and grounding all affect both intended RF performance and unintended emanations.
Modern UAS operations generate substantial data — full-motion video, signals intelligence, multispectral imagery. Processing this data creates significant electromagnetic activity that TEMPEST shielding must contain. Server rooms within classified UAS ground stations typically require the most intensive shielding due to the density of emanation sources.
Allied UAS operations share data across national boundaries at specific classification levels. Cross-domain solutions at the perimeter of each national classified zone allow controlled data flow while maintaining separation. TEMPEST engineering of cross-domain solution hardware is a specialist area typically procured separately from the facility itself.
Many UAS operators initially specify the minimum TEMPEST level required by their standing orders, then discover during operations that operational scope has expanded beyond the shielded zone's design capacity. Specifying one zone level above the initial requirement provides growth margin at roughly 10–15% additional capital cost, compared to retrofitting shielding upgrades at 3–5x the original cost.
Procurement specifications for TEMPEST-compliant modular facilities should explicitly address:
TEMPEST engineering is a specialist discipline protecting classified UAS operations from electromagnetic emanation interception. Modular UAS ground stations can be specified with TEMPEST-compliant shielding at factory build stage, delivering Zone B or Zone C protection under NATO, U.S., or UK standards as the operational context requires. Final accreditation remains the operating service's responsibility; the facility manufacturer delivers the engineered baseline.
For comprehensive coverage of modular UAS ground station architecture including TEMPEST-compliant configurations, see the main Modular Drone Station technical guide.