Jump to content

Draft:Intentional electromagnetic interference

From Wikipedia, the free encyclopedia
Not to be confused with Electromagnetic interference.
Not to be confused with International Mobile Equipment Identity.

Intentional electromagnetic interference (IEMI) is the malicious generation and directed use of electromagnetic (EM) energy to disrupt, degrade, or damage electronic equipment, information systems, or electrically controlled processes. IEMI is a subset of Electromagnetic interference (EMI) that is deliberate rather than accidental, and is often discussed within the broader field of high‑power electromagnetics (HPEM).[1][2]

Although IEMI is frequently analyzed alongside Cyber-kinetic attacks because it can produce real‑world physical effects on cyber‑physical systems, it does not require software or network access. By definition, a cyber attack is executed via cyberspace against information systems,[3] whereas IEMI involves analog EM coupling into equipment and cables.[2]

Definition and scope

[edit]

URSI characterized IEMI as the "intentional malicious generation of electromagnetic energy introducing noise or signals into electric and electronic systems, thus disrupting, confusing or damaging these systems for terrorist or criminal purposes."[2] International standards subsequently placed IEMI within the HPEM domain: IEC 61000‑2‑13 defines representative radiated and conducted HPEM environments for civil facilities (including narrowband high‑power microwave and ultrawideband transients) and provides canonical waveforms for analysis and testing.[4]

IEMI is distinct from naturally occurring disturbances such as Geomagnetic storms and from non‑malicious electromagnetic compatibility (EMC) issues; it is also distinct from nuclear HEMP environments by its localized nature and diverse sources and waveforms.[5]

Threat actors, sources, and coupling mechanisms

[edit]

Known or hypothesized malicious actors include criminals, terrorists, and state or state‑aligned groups.[2] Practical IEMI sources range from portable UWB or mesoband pulse devices and narrowband high‑power microwave (HPM) systems to lower‑power but disruptive radio‑frequency jammers targeting communications (e.g., GNSS).[6][7]

Coupling paths include (i) radiated coupling through apertures and seams, (ii) conducted coupling via attached cables and power or signal lines, and (iii) near‑field coupling from devices in close proximity.[4] Depending on waveform, exposure level, and target susceptibility, effects range from temporary upset and data corruption to latch‑up, component failure, or permanent damage.[8]

Documented incidents

[edit]

Open‑source literature shows criminal misuse of EM tools, including interference with security systems, financial equipment, and communications; many incidents are covert and difficult to attribute forensically.[9] Intentional jamming of GPS/GNSS signals has affected civil aviation and maritime operations. For example, the International Civil Aviation Organization (ICAO) reported repeated GNSS interference originating from the DPRK that affected international civil aviation and prompted actions by the ICAO Assembly in 2024–2025.[10]

European authorities likewise note antagonistic EM threats to critical services, including the availability of low‑cost jammers and the feasibility of vehicle‑portable HPM sources.[11]

Relevance to critical infrastructure

[edit]

Electric power systems, telecommunications facilities, transportation, finance, healthcare, and other sectors rely on sensitive electronics and networked control. Analyses for the U.S. Federal Energy Regulatory Commission concluded that HPEM/IEMI environments could upset or damage protection relays, substation controls, and SCADA communications if appropriate hardening is not in place.[6] The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued guidance to help owners and operators plan graded protections for mission‑essential equipment, addressing IEMI alongside HEMP and GMD.[12][13]

Standards and testing

[edit]

International standards address characterization of threat environments, immunity testing, and facility‑level protection:

  • IEC 61000‑2‑13 – defines radiated and conducted HPEM environments and representative waveforms for civil applications (including applicability to IEMI).[4]
  • IEC 61000‑4‑36:2020 – IEMI immunity test methods for equipment and systems, with guidance on deriving test levels from source parameters (Ed. 2.0).[14]
  • IEC 61000‑4‑23 (radiated) and IEC 61000‑4‑24 (conducted) – test methods for protective elements and devices used against HEMP/IEMI disturbances.[15][16]
  • IEC TS 61000‑5‑10:2017 – installation and mitigation guidance for protecting facilities against HEMP and IEMI (basic EMC publication).[17]
  • IEC 61000‑4‑39:2017 – close‑proximity immunity tests for equipment exposed to radiated fields (9 kHz–6 GHz).[18]

Coupling topologies and protection mapping

[edit]

The topology of EM coupling informs both testing and hardening. The table summarizes common IEMI coupling paths and links each to representative standards and controls.

Topologies of EM coupling and indicative protection/testing references
Coupling topology Primary paths Representative IEMI sources Representative test references Example mitigation controls
Radiated (far‑field) External apertures, seams, ventilation; unshielded windows; poorly bonded panels Narrowband HPM; wide/ultra‑wideband pulse devices; high‑power communications jammers IEC 61000‑2‑13 (environments); IEC 61000‑4‑36 (IEMI immunity); IEC 61000‑4‑23 (shielding verification)[4][14][15] Building‑level shielding and bonding; electromagnetic zoning; verified enclosure/room shielding effectiveness; filtered penetrations; standoff and siting[17]
Conducted Power feeders; signal/control cables; telecomm and GNSS feeders; long cable runs acting as antennas Conducted injection of HPEM pulses; coupling from nearby HPM/UWB sources into cables IEC 61000‑2‑13 (conducted environments); IEC 61000‑4‑36 (IEMI immunity); IEC 61000‑4‑24 (protective devices/filters)[4][14][16] Surge protective devices and HEMP/IEMI combination filters; properly bonded entry plates; cable shielding, segmentation and routing; ferrites and feedthroughs[17]
Near‑field / close‑proximity Hand‑held EM probes/loops near seams, sensors, or PCB areas; small apertures; poorly shielded devices Localized RF/magnetic injection; EM fault injection (EMFI) against microcontrollers/SoCs IEC 61000‑4‑39 (close‑proximity immunity); IEC 61000‑4‑36 (IEMI immunity); CWE‑1319 (EMFI weakness classification)[18][14][19] Device‑level shielding; sensor and cable hardening; physical access control; microarchitectural countermeasures (timing jitter, redundancy); localized detection/logging[20]

Mitigation and protection

[edit]

Protection strategies combine architectural, electromagnetic, and operational measures tailored to risk and consequence. Typical controls include:

  • site design and standoff (to reduce field strengths at targets);
  • building‑level shielding and bonding;
  • shielded rooms/racks and electromagnetic zoning;
  • surge protection and HEMP/IEMI filters on penetrations;
  • cable routing, ferrites, and feedthroughs;
  • configuration management to minimize apertures; and
  • monitoring and incident‑response playbooks for suspected EM attacks.[21][17]
[edit]

International radio regulation prohibits "harmful interference" to safety services and legitimate radiocommunications.[22] Many jurisdictions explicitly ban the sale and use of RF jamming devices; for example, U.S. federal law prohibits operating, marketing, or importing signal jammers, with civil and criminal penalties enforced by the Federal Communications Commission (FCC).[23]

Comparison with software‑based cyber tactics

[edit]

While IEMI is not a cyber attack, it can create effects analogous to those produced by software‑centric tactics. The table below provides a non‑exhaustive crosswalk for readers of both security and engineering backgrounds.

Analytic crosswalk of software‑centric vs electromagnetic tactics and their consequences
Goal (system effect) Software‑centric method Electromagnetic tactic (IEMI) Typical physical consequences in cyber‑physical systems
Loss of availability Distributed denial of service (DDoS) RF jamming of wireless links (e.g., Wi‑Fi, cellular, GNSS); deliberate interference causing physical‑layer DoS[24][10] Loss of remote control/telemetry, navigation outages and go‑arounds in aviation; degraded timing and situational awareness in ICS and transport.
Integrity violation (false data / unauthorized actuation) False‑data injection; command injection Conducted or radiated EM injection coupling into cables/equipment causing sensor/logic upset or protective relay mis‑operation; HPM/UWB transients per IEC 61000‑2‑13[4]; documented susceptibility of substation controls and relays[6] Erroneous set‑points or trips; spurious alarms; process disruption (e.g., unintended breaker open/close).
Timed/triggered disruption Logic bomb or time‑triggered malware Timed or opportunistic application of HPM/UWB pulses to induce resets, latch‑up, or damage in targeted electronics[25][14] Unplanned shutdowns of controllers; potential component damage depending on exposure.
Bypass controls / escalate privileges Memory corruption (e.g., bit flips), fault attacks Electromagnetic fault injection (EMFI) to induce instruction skips, register/memory bit flips, or timing faults in microcontrollers/SoCs[26][27] Authentication bypass, corrupted control logic, extraction of secrets from embedded devices, safety interlocks defeated.
Note: This crosswalk illustrates parallels in effects. IEMI remains a physical‑EM vector and, unlike software‑borne Cyber-kinetic attacks, does not require access to or exploitation of networked systems.[3]

Relation to other topics

[edit]
  • IEMI is a deliberate subset of EMI and part of the broader discipline of HPEM.
  • In cyber‑physical contexts, IEMI is often analyzed alongside Cyber-kinetic attacks because of similar real‑world consequences, but it is not a cyber‑sourced attack.[2][3]

See also

[edit]

References

[edit]
  1. ^ Ivezic, Marin (30 April 2018). "IEMI – Threat of Intentional Electromagnetic Interference". PostQuantum.com. Retrieved 24 October 2025.
  2. ^ a b c d e "URSI Resolution on Criminal Activities using Electromagnetic Tools" (PDF). International Union of Radio Science (URSI). 21 August 1999. Retrieved 24 October 2025.
  3. ^ a b c "Cyber attack – NIST Glossary". National Institute of Standards and Technology (NIST). Retrieved 24 October 2025.
  4. ^ a b c d e f "IEC 61000‑2‑13:2005 – Electromagnetic compatibility (EMC) – Part 2‑13: Environment – High‑power electromagnetic (HPEM) environments – Radiated and conducted" (PDF). International Electrotechnical Commission (IEC). March 2005. Retrieved 24 October 2025.
  5. ^ "IEC TR 61000‑1‑5:2004 – High power electromagnetic (HPEM) effects on civil systems" (PDF). International Electrotechnical Commission (IEC). November 2004. Retrieved 24 October 2025.
  6. ^ a b c Radasky, William A.; Savage, Edward; Kiefer, John (January 2010). "Intentional Electromagnetic Interference (IEMI) and Its Impact on the U.S. Power Grid" (PDF). Federal Energy Regulatory Commission (FERC) / Metatech. Retrieved 24 October 2025.
  7. ^ Sabath, Frank; Garbe, Heyno (2009). "Risk Potential of Radiated HPEM Environments". IEEE International Symposium on Electromagnetic Compatibility. pp. 226–231. doi:10.1109/ISEMC.2009.5284566. Retrieved 24 October 2025.
  8. ^ Radasky, W. A.; Baum, C. E.; Wik, M. W. (2004). "Introduction to the Special Issue on High‑Power Electromagnetics (HPEM) and Intentional Electromagnetic Interference (IEMI)". IEEE Transactions on Electromagnetic Compatibility. 46 (3): 314–321. Bibcode:2004ITElC..46..314R. doi:10.1109/TEMC.2004.832961 (inactive 26 October 2025). Retrieved 24 October 2025.{{cite journal}}: CS1 maint: DOI inactive as of October 2025 (link)
  9. ^ Sabath, Frank (2011). "What can be learned from documented Intentional Electromagnetic Interference (IEMI) attacks?" (PDF). URSI General Assembly and Scientific Symposium. Retrieved 24 October 2025.
  10. ^ a b "GNSS Radio Frequency Interference originating from the DPRK – A42‑WP/44" (PDF). International Civil Aviation Organization. 7 April 2025. Retrieved 24 October 2025.
  11. ^ "Recent activities in Sweden to counter antagonistic electromagnetic threats" (PDF). Swedish Civil Contingencies Agency (MSB). June 2020. Retrieved 24 October 2025.
  12. ^ "EMP Protection and Resilience Guidelines for Critical Infrastructure and Equipment" (PDF). CISA. 5 February 2019. Retrieved 24 October 2025.
  13. ^ "Resilient Power: Best Practices for Critical Facilities and Sites" (PDF). CISA. January 2023. Retrieved 24 October 2025.
  14. ^ a b c d e "IEC 61000‑4‑36:2020 – IEMI immunity test methods for equipment and systems". International Electrotechnical Commission. 23 March 2020. Retrieved 24 October 2025.
  15. ^ a b "IEC 61000‑4‑23:2016 – Test methods for measuring shielding effectiveness of HEMP protection" (PDF). IEC. 20 October 2016. Retrieved 24 October 2025.
  16. ^ a b "IEC 61000‑4‑24:2015+AMD1:2023 – Test methods for protective devices for HEMP conducted disturbance" (PDF). IEC. Retrieved 24 October 2025.
  17. ^ a b c d "IEC TS 61000‑5‑10:2017 – Guidance on the protection of facilities against HEMP and IEMI" (PDF). IEC. 2017. Retrieved 24 October 2025.
  18. ^ a b "IEC 61000‑4‑39:2017 – Radiated fields in close proximity" (PDF). IEC. 2017. Retrieved 24 October 2025.
  19. ^ "CWE‑1319: Improper Protection against Electromagnetic Fault Injection (EM‑FI)". MITRE. Retrieved 24 October 2025.
  20. ^ "NIST IR 8517 – Hardware Security Failure Scenarios" (PDF). NIST. 2024. Retrieved 24 October 2025.
  21. ^ "Resilient Power: Best Practices for Critical Facilities and Sites" (PDF). CISA. January 2023. Retrieved 24 October 2025.
  22. ^ "Radio interference and harmful interference – definitions". International Telecommunication Union. Retrieved 24 October 2025.
  23. ^ "Jammer Enforcement". Federal Communications Commission. Retrieved 24 October 2025.
  24. ^ Pirayesh, Hossein; Zeng, Huacheng (2022). "Jamming Attacks and Anti‑Jamming Strategies in Wireless Networks: A Comprehensive Survey". IEEE Communications Surveys & Tutorials. 24 (2): 767–809. arXiv:2101.00292. doi:10.1109/COMST.2022.3159185.
  25. ^ Radasky, W. A.; Baum, C. E.; Wik, M. W. (2004). "Introduction to HPEM and IEMI". IEEE Transactions on Electromagnetic Compatibility. 46 (3): 314–321. Bibcode:2004ITElC..46..314R. doi:10.1109/TEMC.2004.831899. Retrieved 24 October 2025.
  26. ^ "CWE‑1319: Improper Protection against Electromagnetic Fault Injection". MITRE. Retrieved 24 October 2025.
  27. ^ "NIST IR 8517 – Hardware Security Failure Scenarios" (PDF). NIST. 2024. Retrieved 24 October 2025.

Further reading

[edit]
  • Radasky, W. A.; Baum, C. E.; Wik, M. W. (2004). "Introduction to High‑Power Electromagnetics (HPEM) and Intentional Electromagnetic Interference (IEMI)". IEEE Transactions on Electromagnetic Compatibility. 46 (3): 314–321. doi:10.1109/TEMC.2004.832961.
  • Sabath, F. (2011). "What can be learned from documented Intentional Electromagnetic Interference (IEMI) attacks?". URSI General Assembly and Scientific Symposium.
  • IEC TR 61000‑1‑5:2004. High power electromagnetic (HPEM) effects on civil systems.

References

[edit]
Retrieved from "https://en.wikipedia.org/w/index.php?title=Draft:Intentional_electromagnetic_interference&oldid=1318850391"