SIGNALS INTELLIGENCE (SIGINT) is intelligence-gathering by
interception of signals, whether communications between people
(COMMUNICATIONS INTELLIGENCE—abbreviated to COMINT) or from
electronic signals not directly used in communication (ELECTRONIC
INTELLIGENCE—abbreviated to ELINT).
As sensitive information is often encrypted , signals intelligence in turn involves the use of cryptanalysis to decipher the messages. Traffic analysis —the study of who is signaling whom and in what quantity—is also used to derive information.
* 1 History
* 1.1 Origins
* 1.2 Development in World War I
* 1.3 Postwar consolidation
World War II
* 2 Technical definitions
* 3 Disciplines shared across the branches
* 3.1 Targeting * 3.2 Need for multiple, coordinated receivers * 3.3 Intercept management
* 3.4 Signal detection
* 3.4.1 Countermeasures to interception
* 3.5 Direction-finding * 3.6 Traffic analysis * 3.7 Electronic order of battle
* 4 COMINT
* 4.1 Voice interception * 4.2 Text interception * 4.3 Signaling channel interception * 4.4 Monitoring friendly communications
* 5 Electronic signals intelligence
* 5.1 Complementary relationship to COMINT * 5.2 Role in air warfare * 5.3 ELINT and ESM * 5.4 ELINT for meaconing * 5.5 Foreign instrumentation signals intelligence * 5.6 Counter-ELINT
* 6 SIGINT versus
Electronic interception appeared as early as 1900, during the Boer
War of 1899-1902. The British
The birth of signals intelligence in a modern sense dates from the
DEVELOPMENT IN WORLD WAR I
Over the course of the
First World War
The British in particular built up great expertise in the newly
emerging field of signals intelligence and codebreaking. On the
declaration of war, Britain cut all German undersea cables. This
forced the Germans to use either a telegraph line that connected
through the British network and could be tapped, or through radio
which the British could then intercept. Rear-Admiral Henry Oliver
appointed Sir Alfred Ewing to establish an interception and decryption
service at the
The German fleet was in the habit each day of wirelessing the exact
position of each ship and giving regular position reports when at sea.
It was possible to build up a precise picture of the normal operation
High Seas Fleet
The use of radio receiving equipment to pinpoint the location of the
transmitter was also developed during the war. Captain H.J. Round
With the importance of interception and decryption firmly established
by the wartime experience, countries established permanent agencies
dedicated to this task in the interwar period. In 1919, the British
Cabinet's Secret Service Committee, chaired by
The use of SIGINT had even greater implications during
World War II
Bletchley's work was essential to defeating the U-boats in the Battle
of the Atlantic , and to the British naval victories in the Battle of
Cape Matapan and the
Battle of North Cape . In 1941,
Unit 8200 (the SIGINT unit of the Israeli Intelligence Corps )
Mount Avital ,
United States Department of Defense
* A category of intelligence comprising either individually or in combination all communications intelligence (COMINT), electronic intelligence (ELINT), and foreign instrumentation signals intelligence , however transmitted. * Intelligence derived from communications, electronic, and foreign instrumentation signals.
Being a broad field, SIGINT has many sub-disciplines. The two main ones are communications intelligence (COMINT) and electronic intelligence (ELINT).
DISCIPLINES SHARED ACROSS THE BRANCHES
A collection system has to know to look for a particular signal. "System", in this context, has several nuances. Targeting is an output of the process of developing collection requirements: "1. An intelligence need considered in the allocation of intelligence resources. Within the Department of Defense, these collection requirements fulfill the essential elements of information and other intelligence needs of a commander, or an agency. "2. An established intelligence need, validated against the appropriate allocation of intelligence resources (as a requirement) to fulfill the essential elements of information and other intelligence needs of an intelligence consumer."
NEED FOR MULTIPLE, COORDINATED RECEIVERS
First, atmospheric conditions, sunspots , the target's transmission schedule and antenna characteristics, and other factors create uncertainty that a given signal intercept sensor will be able to "hear" the signal of interest, even with a geographically fixed target and an opponent making no attempt to evade interception. Basic countermeasures against interception include frequent changing of radio frequency , polarization , and other transmission characteristics. An intercept aircraft could not get off the ground if it had to carry antennas and receivers for every possible frequency and signal type to deal with such countermeasures.
Second, locating the transmitter's position is usually part of SIGINT. Triangulation and more sophisticated radio location techniques, such as time of arrival methods, require multiple receiving points at different locations. These receivers send location-relevant information to a central point, or perhaps to a distributed system in which all participate, such that the information can be correlated and a location computed.
Modern SIGINT systems, therefore, have substantial communications among intercept platforms. Even if some platforms are clandestine, there is a broadcast of information telling them where and how to look for signals. A United States targeting system under development in the late 1990s, PSTS, constantly sends out information that helps the interceptors properly aim their antennas and tune their receivers. Larger intercept aircraft, such as the EP-3 or RC-135 , have the on-board capability to do some target analysis and planning, but others, such as the RC-12 GUARDRAIL , are completely under ground direction. GUARDRAIL aircraft are fairly small, and usually work in units of three to cover a tactical SIGINT requirement, where the larger aircraft tend to be assigned strategic/national missions.
Before the detailed process of targeting begins, someone has to decide there is a value in collecting information about something. While it would be possible to direct signals intelligence collection at a major sports event, the systems would capture a great deal of noise, news signals, and perhaps announcements in the stadium. If, however, an anti-terrorist organization believed that a small group would be trying to coordinate their efforts, using short-range unlicensed radios, at the event, SIGINT targeting of radios of that type would be reasonable. Targeting would not know where in the stadium the radios might be, or the exact frequency they are using; those are the functions of subsequent steps such as signal detection and direction finding.
Once the decision to target is made, the various interception points need to cooperate, since resources are limited. Knowing what interception equipment to use becomes easier when a target country buys its radars and radios from known manufacturers, or is given them as military aid . National intelligence services keep libraries of devices manufactured by their own country and others, and then use a variety of techniques to learn what equipment is acquired by a given country.
Knowledge of physics and electronic engineering further narrows the problem of what types of equipment might be in use. An intelligence aircraft flying well outside the borders of another country will listen for long-range search radars, not short-range fire control radars that would be used by a mobile air defense. Soldiers scouting the front lines of another army know that the other side will be using radios that must be portable and not have huge antennas.
Even if a signal is human communications (e.g., a radio), the intelligence collection specialists have to know it exists. If the targeting function described above learns that a country has a radar that operates in a certain frequency range, the first step is to use a sensitive receiver, with one or more antennas that listen in every direction, to find an area where such a radar is operating. Once the radar is known to be in the area, the next step is to find its location. Simplified spectrum analyzer display of superheterodyned , amplitude modulated signals.
If operators know the probable frequencies of transmissions of interest, they may use a set of receivers, preset to the frequencies of interest. These are the frequency (horizontal axis) versus power (vertical axis) produced at the transmitter, before any filtering of signals that do not add to the information being transmitted. Received energy on a particular frequency may start a recorder, and alert a human to listen to the signals if they are intelligible (i.e., COMINT). If the frequency is not known, the operators may look for power on primary or sideband frequencies using a spectrum analyzer . Information from the spectrum analyzer is then used to tune receivers to signals of interest. For example, in this simplified spectrum, the actual information is at 800 kHz and 1.2 MHz. Hypothetical displays from four spectrum analyzers connected to directional antennas. The transmitter is at bearing 090 degrees.
Real-world transmitters and receivers usually are directional. In the figure to the left, assume that each display is connected to a spectrum analyzer connected to a directional antenna aimed in the indicated direction.
Countermeasures To Interception
Spread-spectrum communications is an electronic counter-countermeasures (ECCM) technique to defeat looking for particular frequencies. Spectrum analysis can be used in a different ECCM way to identify frequencies not being jammed or not in use.
The earliest, and still common, means of direction finding is to use
directional antennas as goniometers , so that a line can be drawn from
the receiver through the position of the signal of interest. (See
Individual directional antennas have to be manually or automatically
turned to find the signal direction, which may be too slow when the
signal is of short duration. One alternative is the
An alternative to tunable directional antennas, or large
omnidirectional arrays such as the Wullenweber, is to measure the time
of arrival of the signal at multiple points, using
Modern anti-radiation missiles can home in on and attack transmitters; military antennas are rarely a safe distance from the user of the transmitter.
Main article: Traffic analysis
When locations are known, usage patterns may emerge, from which
inferences may be drawn.
Traffic analysis is the discipline of drawing
patterns from information flow among a set of senders and receivers,
whether those senders and receivers are designated by location
determined through direction finding , by addressee and sender
identifications in the message, or even
For example, if a certain type of radio is known to be used only by
tank units, even if the position is not precisely determined by
direction finding, it may be assumed that a tank unit is in the
general area of the signal. Of course, the owner of the transmitter
can assume someone is listening, so might set up tank radios in an
area where he wants the other side to believe he has actual tanks. As
part of Operation Quicksilver , part of the deception plan for the
invasion of Europe at the Battle of Normandy , radio transmissions
simulated the headquarters and subordinate units of the fictitious
First United States Army Group
Traffic analysis need not focus on human communications. For example, if the sequence of a radar signal, followed by an exchange of targeting data and a confirmation, followed by observation of artillery fire, this may identify an automated counterbattery system. A radio signal that triggers navigational beacons could be a landing aid system for an airstrip or helicopter pad that is intended to be low-profile.
Patterns do emerge. Knowing a radio signal, with certain characteristics, originating from a fixed headquarters may be strongly suggestive that a particular unit will soon move out of its regular base. The contents of the message need not be known to infer the movement.
There is an art as well as science of traffic analysis. Expert analysts develop a sense for what is real and what is deceptive. Harry Kidder , for example, was one of the star cryptanalysts of World War II, a star hidden behind the secret curtain of SIGINT.
ELECTRONIC ORDER OF BATTLE
Generating an ELECTRONIC ORDER OF BATTLE (EOB) requires identifying
SIGINT emitters in an area of interest, determining their geographic
location or range of mobility, characterizing their signals, and,
where possible, determining their role in the broader organizational
order of battle . EOB covers both COMINT and ELINT. The Defense
Intelligence Agency maintains an EOB by location. The Joint Spectrum
Center (JSC) of the
Defense Information Systems Agency
* FRRS: Frequency Resource Record System * BEI: Background Environment Information * SCS: Spectrum Certification System * EC/S: Equipment Characteristics/Space * TACDB: platform lists, sorted by nomenclature, which contain links to the C-E equipment complement of each platform, with links to the parametric data for each piece of equipment, military unit lists and their subordinate units with equipment used by each unit.
EOB and related data flow
For example, several voice transmitters might be identified as the command net (i.e., top commander and direct reports) in a tank battalion or tank-heavy task force. Another set of transmitters might identify the logistic net for that same unit. An inventory of ELINT sources might identify the medium - and long-range counter-artillery radars in a given area.
Using the COMINT gathering method enables the intelligence officer to produce an electronic order of battle by traffic analysis and content analysis among several enemy units. For example, if the following messages were intercepted:
* U1 to U2, requesting permission to proceed to checkpoint X. * U2 to U1, approved. please report at arrival. * (20 minutes later) U1 to U2, all vehicles have arrived to checkpoint X.
This sequence shows that there are two units in the battlefield, unit
1 is mobile, while unit 2 is in a higher hierarchical level, perhaps a
command post. One can also understand that unit 1 moved from one point
to another which are distant from each 20 minutes with a vehicle. If
these are regular reports over a period of time, they might reveal a
patrol pattern. Direction-finding and radiofrequency
The EOB buildup process is divided as following:
* Signal separation * Measurements optimization * Data Fusion * Networks build-up
Separation of the intercepted spectrum and the signals intercepted from each sensors must take place in an extremely small period of time, in order to separate the deferent signals to different transmitters in the battlefield. The complexity of the separation process depends on the complexity of the transmission methods (e.g., hopping or time division multiple access (TDMA)).
By gathering and clustering data from each sensor, the measurements of the direction of signals can be optimized and get much more accurate than the basic measurements of a standard direction finding sensor. By calculating larger samples of the sensor's output data in near real-time, together with historical information of signals, better results are achieved.
Data fusion correlates data samples from different frequencies from
the same sensor, "same" being confirmed by direction finding or
NETWORK BUILD-UP, or analysis of emitters (communication transmitters) in a target region over a sufficient period of time, enables creation of the communications flows of a battlefield.
"COMINT" redirects here. For other uses, see COMINT (other) .
COMINT (Communications Intelligence) is a sub-category of signals intelligence that engages in dealing with messages or voice information derived from the interception of foreign communications. It should be noted that COMINT is commonly referred to as SIGINT, which can cause confusion when talking about the broader intelligence disciplines. The US Joint Chiefs of Staff defines it as "Technical information and intelligence derived from foreign communications by other than the intended recipients".
COMINT, which is defined to be communications among people, will reveal some or all of the following:
* Who is transmitting * Where they are located, and, if the transmitter is moving, the report may give a plot of the signal against location * If known, the organizational function of the transmitter * The time and duration of transmission, and the schedule if it is a periodic transmission * The frequencies and other technical characteristics of their transmission * If the transmission is encrypted or not, and if it can be decrypted. If it is possible to intercept either an originally transmitted cleartext or obtain it through cryptanalysis, the language of the communication and a translation (when needed). * The addresses, if the signal is not a general broadcast and if addresses are retrievable from the message. These stations may also be COMINT (e.g., a confirmation of the message or a response message), ELINT (e.g., a navigation beacon being activated) or both. Rather than, or in addition to, an address or other identifier, there may be information on the location and signal characteristics of the responder.
A basic COMINT technique is to listen for voice communications, usually over radio but possibly "leaking" from telephones or from wiretaps. If the voice communications are encrypted, traffic analysis may still give information.
In the Second World War, for security the United States used Native
American volunteer communicators known as code talkers , who used
languages such as Navajo ,
While modern electronic encryption does away with the need for armies to use obscure languages, it is likely that some groups might use rare dialects that few outside their ethnic group would understand.
Specialists scan radio frequencies for character sequences (e.g., electronic mail) and fax.
SIGNALING CHANNEL INTERCEPTION
A given digital communications link can carry thousands or millions of voice communications, especially in developed countries. Without addressing the legality of such actions, the problem of identifying which channel contains which conversation becomes much simpler when the first thing intercepted is the signaling channel that carries information to set up telephone calls. In civilian and many military use, this channel will carry messages in Signaling System 7 protocols.
Retrospective analysis of telephone calls can be made from Call detail record (CDR) used for billing the calls.
MONITORING FRIENDLY COMMUNICATIONS
More a part of communications security than true intelligence collection, SIGINT units still may have the responsibility of monitoring one's own communications or other electronic emissions, to avoid providing intelligence to the enemy. For example, a security monitor may hear an individual transmitting inappropriate information over an unencrypted radio network, or simply one that is not authorized for the type of information being given. If immediately calling attention to the violation would not create an even greater security risk, the monitor will call out one of the BEADWINDOW codes used by Australia, Canada, New Zealand, the United Kingdom, the United States, and other nations working under their procedures. Standard BEADWINDOW codes (e.g., "BEADWINDOW 2") include:
* POSITION: (e.g., disclosing, in an insecure or inappropriate way, "Friendly or enemy position, movement or intended movement, position, course, speed, altitude or destination or any air, sea or ground element, unit or force." * CAPABILITIES: "Friendly or enemy capabilities or limitations. Force compositions or significant casualties to special equipment, weapons systems, sensors, units or personnel. Percentages of fuel or ammunition remaining." * OPERATIONS: "Friendly or enemy operation – intentions progress, or results. Operational or logistic intentions; mission participants flying programmes; mission situation reports; results of friendly or enemy operations; assault objectives." * ELECTRONIC WARFARE (EW): "Friendly or enemy electronic warfare (EW) or emanations control (EMCON) intentions, progress, or results. Intention to employ electronic countermeasures (ECM); results of friendly or enemy ECM; ECM objectives; results of friendly or enemy electronic counter-countermeasures (ECCM); results of electronic support measures/tactical SIGINT (ESM); present or intended EMCON policy; equipment affected by EMCON policy." * FRIENDLY OR ENEMY KEY PERSONNEL: "Movement or identity of friendly or enemy officers, visitors, commanders; movement of key maintenance personnel indicating equipment limitations." * COMMUNICATIONS SECURITY (COMSEC): "Friendly or enemy COMSEC breaches. Linkage of codes or codewords with plain language; compromise of changing frequencies or linkage with line number/circuit designators; linkage of changing call signs with previous call signs or units; compromise of encrypted/classified call signs; incorrect authentication procedure." * WRONG CIRCUIT: "Inappropriate transmission. Information requested, transmitted or about to be transmitted which should not be passed on the subject circuit because it either requires greater security protection or it is not appropriate to the purpose for which the circuit is provided." * Other codes as appropriate for the situation may be defined by the commander.
In WWII, for example, the Japanese Navy, by poor practice, identified
a key person's movement over a low-security cryptosystem. This made
ELECTRONIC SIGNALS INTELLIGENCE
Electronic signals intelligence (ELINT) refers to intelligence-gathering by use of electronic sensors. Its primary focus lies on non-communications signals intelligence. The Joint Chiefs of Staff define it as "Technical and geolocation intelligence derived from foreign noncommunications electromagnetic radiations emanating from other than nuclear detonations or radioactive sources."
Signal identification is performed by analyzing the collected parameters of a specific signal, and either matching it to known criteria, or recording it as a possible new emitter. ELINT data are usually highly classified, and are protected as such.
The data gathered are typically pertinent to the electronics of an opponent's defense network, especially the electronic parts such as radars , surface-to-air missile systems, aircraft, etc. ELINT can be used to detect ships and aircraft by their radar and other electromagnetic radiation; commanders have to make choices between not using radar ( EMCON ), intermittently using it, or using it and expecting to avoid defenses. ELINT can be collected from ground stations near the opponent's territory, ships off their coast, aircraft near or in their airspace, or by satellite.
COMPLEMENTARY RELATIONSHIP TO COMINT
Combining other sources of information and ELINT allows traffic
analysis to be performed on electronic emissions which contain human
encoded messages. The method of analysis differs from SIGINT in that
any human encoded message which is in the electronic transmission is
not analyzed during ELINT. What is of interest is the type of
electronic transmission and its location. For example, during the
Battle of the Atlantic
Yet other ELINT disciplines include intercepting and analyzing enemy weapons control signals, or the Identification, friend or foe responses from transponders in aircraft used to distinguish enemy craft from friendly ones.
ROLE IN AIR WARFARE
A very common area of ELINT is intercepting radars and learning their locations and operating procedures. Attacking forces may be able to avoid the coverage of certain radars, or, knowing their characteristics, electronic warfare units may jam radars or send them deceptive signals. Confusing a radar electronically is called a "soft kill", but military units will also send specialized missiles at radars, or bomb them, to get a "hard kill". Some modern air-to-air missiles also have radar homing guidance systems, particularly for use against large airborne radars.
Knowing where each surface-to-air missile and anti-aircraft artillery system is and its type means that air raids can be plotted to avoid the most heavily defended areas and to fly on a flight profile which will give the aircraft the best chance of evading ground fire and fighter patrols. It also allows for the jamming or spoofing of the enemy's defense network (see electronic warfare ). Good electronic intelligence can be very important to stealth operations; stealth aircraft are not totally undetectable and need to know which areas to avoid. Similarly, conventional aircraft need to know where fixed or semi-mobile air defense systems are so that they can shut them down or fly around them.
ELINT AND ESM
ELECTRONIC SUPPORT MEASURES (ESM) or ELECTRONIC SURVEILLANCE MEASURES are really ELINT techniques using various Electronic Surveillance Systems, but the term is used in the specific context of tactical warfare. ESM give the information needed for ELECTRONIC ATTACK (EA) such as jamming, or directional bearings (compass angle) to a target in signals intercept such as in the HUFF-DUFF Radio Direction Finding (RDF) systems so critically important during the WW-II Battle of the Atlantic . After WW-II, the RDF originally applied in only communications was broadened into systems to also take in ELINT from radar bandwidths and lower frequency communications systems, giving birth to a family of NATO ESM systems, such as the shipboard US AN/WLR-1 —AN/WLR-6 systems and comparable airborne units. EA is also called ELECTRONIC COUNTER-MEASURES (ECM). ESM provides information needed for ELECTRONIC COUNTER-COUNTER MEASURES (ECCM), such as understanding a spoofing or jamming mode so one can change one's radar characteristics to avoid them.
ELINT FOR MEACONING
Meaconing is the combined intelligence and electronic warfare of learning the characteristics of enemy navigation aids, such as radio beacons, and retransmitting them with incorrect information.
FOREIGN INSTRUMENTATION SIGNALS INTELLIGENCE
Main article: FISINT
FISINT (Foreign instrumentation signals intelligence) is a sub-category of SIGINT, monitoring primarily non-human communication. Foreign instrumentation signals include (but not limited to) telemetry (TELINT), tracking systems, and video data links. TELINT is an important part of national means of technical verification for arms control.
Still at the research level are techniques that can only be described as counter-ELINT , which would be part of a SEAD campaign. It may be informative to compare and contrast counter-ELINT with ECCM .
SIGINT VERSUS MASINT
Measurement and signature intelligence
Where COMINT and ELINT focus on the intentionally transmitted part of
Since the invention of the radio, the international consensus has been that the radio-waves are no one's property, and thus the interception itself is not illegal. There can however be national laws on who is allowed to collect, store and process radio traffic, and for what purposes. Monitoring traffic in cables (i.e. telephone and Internet) is far more controversial, since it most of the time requires physical access to the cable and thereby violating ownership and expected privacy.
Central Intelligence Agency
* ^ Compare: Lee, Bartholomew. "Radio Spies – Episodes in the
Ether Wars" (PDF). Retrieved 8 October 2007. As early as 1900 in the
Boer War, the