{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,29]],"date-time":"2026-05-29T11:21:03Z","timestamp":1780053663696,"version":"3.54.0"},"reference-count":29,"publisher":"MDPI AG","issue":"18","license":[{"start":{"date-parts":[[2022,9,18]],"date-time":"2022-09-18T00:00:00Z","timestamp":1663459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Information technology equipment (ITE) processing sensitive information can have its security compromised by unintentional electromagnetic radiation. Appropriately assessing likelihood of a potential compromise relies on radio frequency (RF) engineering expertise\u2014specifically, requiring knowledge of the associated causal factors and their interrelationships. Several factors that can cause unintentional electromagnetic emanations that can lead to the compromise of ITE have been found in the literature. This paper confirms the list of causal factors reported in previous work, categorizes the factors as belonging to threat, vulnerability, or impact, and develops an interpretive structural model of the vulnerability factors. A participatory modelling approach was used consisting of focus groups of RF engineers. The resulting hierarchical structural model shows the relationships between factors and illustrates their relative significance. The paper concludes that the resulting model can motivate a deeper understanding of the structural relationship of the factors that can be incorporated in the RF engineers\u2019 assessment process. Areas of future work are suggested.<\/jats:p>","DOI":"10.3390\/s22187064","type":"journal-article","created":{"date-parts":[[2022,9,19]],"date-time":"2022-09-19T04:49:22Z","timestamp":1663562962000},"page":"7064","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Modelling Causal Factors of Unintentional Electromagnetic Emanations Compromising Information Technology Equipment Security"],"prefix":"10.3390","volume":"22","author":[{"given":"Maxwell","family":"Martin","sequence":"first","affiliation":[{"name":"School of Physics, Engineering and Computer Science, University of Hertfordshire, Hatfield AL10 9AB, UK"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Funlade","family":"Sunmola","sequence":"additional","affiliation":[{"name":"School of Physics, Engineering and Computer Science, University of Hertfordshire, Hatfield AL10 9AB, UK"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"David","family":"Lauder","sequence":"additional","affiliation":[{"name":"School of Physics, Engineering and Computer Science, University of Hertfordshire, Hatfield AL10 9AB, UK"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2022,9,18]]},"reference":[{"key":"ref_1","unstructured":"(2022, September 02). Electromagnetic Compatibility. Available online: http:\/\/www.bsigroup.com\/en-GB\/industries-and-sectors\/electrical-and-electronic\/electromagnetic-compatibility\/."},{"key":"ref_2","unstructured":"(2021, February 10). Wayback Machine, Available online: https:\/\/web.archive.org\/web\/20130918021523\/http:\/\/www.nsa.gov\/public_info\/_files\/cryptologic_spectrum\/tempest.pdf."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"269","DOI":"10.1016\/0167-4048(85)90046-X","article-title":"Electromagnetic Radiation from Video Display Units: An Eavesdropping Risk?","volume":"4","year":"1985","journal-title":"Comput. Secur."},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Martin, D., and Serjantov, A. (2005). Electromagnetic Eavesdropping Risks of Flat-Panel Displays. Privacy Enhancing Technologies, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/b136164"},{"key":"ref_5","unstructured":"Vuagnoux, M., and Pasini, S. (2009, January 10\u201314). Compromising Electromagnetic Emanations of Wired and Wireless Keyboards. Proceedings of the 18th USENIX Security Symposium, Montreal, QC, Canada."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Ghani, K.A., Dimyati, K., Ismail, K., and Supian, L.S. (2013, January 12\u201314). Radiated Emission from Handheld Devices with Touch-Screen Lcds. Proceedings of the 2013 European Intelligence and Security Informatics Conference, Uppsala, Sweden.","DOI":"10.1109\/EISIC.2013.51"},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"305","DOI":"10.1080\/10580530701586011","article-title":"Electronic Emissions Security: Danger in the Air","volume":"24","author":"Gehling","year":"2007","journal-title":"Inf. Syst. Manag."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"1213","DOI":"10.1002\/2016RS006034","article-title":"State-of-the-Art Research on Electromagnetic Information Security","volume":"51","author":"Hayashi","year":"2015","journal-title":"AGU Radio Sci."},{"key":"ref_9","unstructured":"ApiTech (2021, January 09). TEMPEST Introduction. Available online: https:\/\/www.apitech.com\/brands\/secure-systems-information-assurance\/sst\/what-is-tempest\/."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Martin, M., Sunmola, F., and Lauder, D. (2021, January 11\u201315). Likelihood of Unintentional Electromagnetic Emanations Compromising IT Equipment Security: Perspectives of Practitioners on Causal Factors. Proceedings of the 2021 International Carnahan Conference on Security Technology (ICCST), Hatfield, UK.","DOI":"10.1109\/ICCST49569.2021.9717369"},{"key":"ref_11","unstructured":"Cisco (2021, January 06). Cisco Annual Internet Report-Cisco Annual Internet Report (2018\u20132023) White Paper. Available online: https:\/\/www.cisco.com\/c\/en\/us\/solutions\/collateral\/executive-perspectives\/annual-internet-report\/white-paper-c11-741490.html."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"e12226","DOI":"10.1002\/eng2.12226","article-title":"Internet of Things Device Authentication via Electromagnetic Fingerprints","volume":"2","author":"Souza","year":"2020","journal-title":"Eng. Rep."},{"key":"ref_13","unstructured":"(2005). Information Technology\u2014Security Techniques\u2014Code of Practice for Information Security Management (Standard No. ISO\/IEC 27002:2005)."},{"key":"ref_14","unstructured":"ITU-T (2011). K.87: Guide for the Application of Electromagnetic Security Requirements-Overview, International Telecommunications Union (ITU). Available online: https:\/\/www.itu.int\/rec\/T-REC-K.87-201606-I\/en."},{"key":"ref_15","unstructured":"Sutton, D. (2014). Review of Information Security Fundamentals. Information Risk Management: A Practitioner\u2019s Guide, BCS."},{"key":"ref_16","unstructured":"NCSC (2021, April 26). TEMPEST and Electromagnetic Security, Available online: https:\/\/www.ncsc.gov.uk\/information\/tempest-and-electromagnetic-security."},{"key":"ref_17","first-page":"34","article-title":"Supply Chain Risk Management Framework: A Fishbone Analysis Approach","volume":"80","author":"Desai","year":"2015","journal-title":"SAM Adv. Manag. J."},{"key":"ref_18","unstructured":"Zhu, M. (2011). Using Fishbone Diagrams in Inquiry-Based Teaching and Learning for Engineering Education. Information and Management Engineering, Springer. Communications in Computer and Information Science."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"163","DOI":"10.1016\/j.rser.2013.07.002","article-title":"Analysis of Barriers to Implement Solar Power Installations in India Using Interpretive Structural Modeling Technique","volume":"27","author":"Ansari","year":"2013","journal-title":"Renew. Sustain. Energy Rev."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"629","DOI":"10.1016\/j.tele.2018.01.010","article-title":"Analyzing Consumer Online Group Buying Motivations: An Interpretive Structural Modeling Approach","volume":"35","author":"Xiao","year":"2018","journal-title":"Telemat. Inform."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"839","DOI":"10.1108\/09600031111175816","article-title":"Interpretive Structural Modeling of Supply Chain Risks","volume":"41","author":"Pfohl","year":"2011","journal-title":"Int. J. Phys. Distrib. Logist. Manag."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"145","DOI":"10.1177\/014233128801000306","article-title":"Interpretive Structural Modelling: A Methodology for Structuring Complex Issues","volume":"10","author":"Janes","year":"1988","journal-title":"Trans. Inst. Meas. Control"},{"key":"ref_23","unstructured":"Auddy, A., and Sahu, S. (2008, January 26\u201327). Tempest: Magnitude of Threat and Mitigation Techniques. Proceedings of the 2008 10th International Conference on Electromagnetic Interference Compatibility, Bangalore, India."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"1432","DOI":"10.1016\/j.procs.2022.01.344","article-title":"Unintentional Compromising Electromagnetic Emanations from IT Equipment: A Concept Map of Domain Knowledge","volume":"200","author":"Martin","year":"2022","journal-title":"Procedia Comput. Sci."},{"key":"ref_25","unstructured":"Fratu, O., Militaru, N., and Halunga, S. (2018). Security Risk: Detection of Compromising Emanations Radiated or Conducted by Display Units. Future Access Enablers for Ubiquitous and Intelligent Infrastructures, Springer International Publishing. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering."},{"key":"ref_26","unstructured":"Lee, H.S., Yook, J.G., and Sim, K. (2016, January 17\u201321). An Information Recovery Technique from Radiated Electromagnetic Fields from Display Devices. Proceedings of the 2016 Asia-Pacific International Symposium on Electromagnetic Compatibility (APEMC), Shenzhen, China."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"547","DOI":"10.1109\/TEMC.2012.2232297","article-title":"Study on Maximum Receivable Distance for Radiated Emission of Information Technology Equipment Causing Information Leakage","volume":"55","author":"Sekiguchi","year":"2013","journal-title":"IEEE Trans. Electromagn. Compat."},{"key":"ref_28","unstructured":"(2011). Information Technology\u2014Security Techniques\u2014Information Security Risk Management (Standard No. ISO\/IEC 27005:2011)."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"379","DOI":"10.1016\/j.ijinfomgt.2010.02.009","article-title":"Web-Based Interaction: A Review of Three Important Human Factors","volume":"30","author":"Chen","year":"2010","journal-title":"Int. J. Inf. Manag."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/18\/7064\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T00:34:01Z","timestamp":1760142841000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/18\/7064"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,9,18]]},"references-count":29,"journal-issue":{"issue":"18","published-online":{"date-parts":[[2022,9]]}},"alternative-id":["s22187064"],"URL":"https:\/\/doi.org\/10.3390\/s22187064","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,9,18]]}}}