Editing Signals intelligence (section)

==Disciplines shared across the branches==

===Targeting===
A collection system has to know to look for a particular signal. "System", in this context, has several nuances. Targeting is the process of developing ''collection requirements'':
:"1. An intelligence need considered in the allocation of intelligence resources. Within the Department of Defense, these collection requirements fulfill the [[essential elements of information]] and other intelligence needs of a commander, or an agency.
:"2. An established intelligence need, validated against the appropriate allocation of intelligence resources (as a requirement) to fulfill the essential elements of information and other intelligence needs of an intelligence consumer."<ref name=JP1-02 />

===Need for multiple, coordinated receivers===
First, atmospheric conditions, [[sunspot]]s, the target's transmission schedule and antenna characteristics, and other factors create uncertainty that a given signal intercept sensor will be able to "hear" the signal of interest, even with a geographically fixed target and an opponent making no attempt to evade interception. Basic countermeasures against interception include frequent changing of [[radio frequency]], [[Polarization (waves)|polarization]], and other transmission characteristics. An intercept aircraft could not get off the ground if it had to carry antennas and receivers for every possible frequency and signal type to deal with such countermeasures.

Second, locating the transmitter's position is usually part of SIGINT. [[Triangulation]] and more sophisticated [[radiolocation|radio location]] techniques, such as [[time of arrival]] methods, require multiple receiving points at different locations. These receivers send location-relevant information to a central point, or perhaps to a distributed system in which all participate, such that the information can be correlated and a location computed.

===Intercept management===
Modern SIGINT systems, therefore, have substantial communications among intercept platforms. Even if some platforms are clandestine, there is still a broadcast of information telling them where and how to look for signals.<ref name=FAS-PSTS>{{cite journal|url=https://fas.org/irp/program/process/psts.htm|title=Precision SIGINT Targeting System (PSTS)|publisher=Federation of American Scientists|journal=Intelligence Research Program|access-date=29 October 2015|archive-date=14 March 2016|archive-url=https://web.archive.org/web/20160314031126/https://fas.org/irp/program/process/psts.htm|url-status=dead}}</ref> A United States targeting system under development in the late 1990s, PSTS, constantly sends out information that helps the interceptors properly aim their antennas and tune their receivers. Larger intercept aircraft, such as the [[Lockheed EP-3|EP-3]] or [[RC-135]], have the on-board capability to do some target analysis and planning, but others, such as the [[Beechcraft RC-12 Guardrail|RC-12 GUARDRAIL]], are completely under ground direction. GUARDRAIL aircraft are fairly small and usually work in units of three to cover a tactical SIGINT requirement, whereas the larger aircraft tend to be assigned strategic/national missions.

Before the detailed process of targeting begins, someone has to decide there is a value in collecting information about something. While it would be possible to direct signals intelligence collection at a major sports event, the systems would capture a great deal of noise, news signals, and perhaps announcements in the stadium. If, however, an anti-terrorist organization believed that a small group would be trying to coordinate their efforts using short-range unlicensed radios at the event, SIGINT targeting of radios of that type would be reasonable. Targeting would not know where in the stadium the radios might be located or the exact frequency they are using; those are the functions of subsequent steps such as signal detection and direction finding.

Once the decision to target is made, the various interception points need to cooperate, since resources are limited.

Knowing what interception equipment to use becomes easier when a target country buys its radars and radios from known manufacturers, or is given them as [[military aid]]. National intelligence services keep libraries of devices manufactured by their own country and others, and then use a variety of techniques to learn what equipment is acquired by a given country.

Knowledge of [[physics]] and [[electronic engineering]] further narrows the problem of what types of equipment might be in use. An intelligence aircraft flying well outside the borders of another country will listen for long-range search radars, not short-range fire control radars that would be used by a mobile air defense. Soldiers scouting the front lines of another army know that the other side will be using radios that must be portable and not have huge antennas.

===Signal detection===
Even if a signal is human communications (e.g., a radio), the intelligence collection specialists have to know it exists. If the targeting function described above learns that a country has a radar that operates in a certain frequency range, the first step is to use a sensitive receiver, with one or more antennas that listen in every direction, to find an area where such a radar is operating. Once the radar is known to be in the area, the next step is to find its location.
[[File:SpectrumAnalyzer-Superhet.png|thumb|Simplified [[spectrum analyzer]] display of [[superheterodyne receiver|superheterodyned]], [[amplitude modulated]] signals.]]
If operators know the probable frequencies of transmissions of interest, they may use a set of receivers, preset to the frequencies of interest. These are the frequency (horizontal axis) versus power (vertical axis) produced at the transmitter, before any filtering of signals that do not add to the information being transmitted. Received energy on a particular frequency may start a recorder, and alert a human to listen to the signals if they are intelligible (i.e., COMINT). If the frequency is not known, the operators may look for power on primary or [[sideband]] frequencies using a [[spectrum analyzer]]. Information from the spectrum analyzer is then used to tune receivers to signals of interest. For example, in this simplified spectrum, the actual information is at 800&nbsp;kHz and 1.2&nbsp;MHz.
[[File:DirectionalSpectra.png|thumb|left|Hypothetical displays from four spectrum analyzers connected to directional antennas. The transmitter is at bearing 090 degrees.]]
Real-world transmitters and receivers usually are directional. In the figure to the left, assume that each display is connected to a spectrum analyzer connected to a directional antenna aimed in the indicated direction.

====Countermeasures to interception====
Spread-spectrum communications is an [[electronic counter-countermeasure]]s (ECCM) technique to defeat looking for particular frequencies. Spectrum analysis can be used in a different ECCM way to identify frequencies not being jammed or not in use.

===Direction-finding===
{{Main|Direction finding}}
The earliest, and still common, means of direction finding is to use directional antennas as [[goniometer]]s, so that a line can be drawn from the receiver through the position of the signal of interest. (See [[HF/DF]].) Knowing the compass bearing, from a single point, to the transmitter does not locate it. Where the bearings from multiple points, using goniometry, are plotted on a map, the transmitter will be located at the point where the bearings intersect. This is the simplest case; a target may try to confuse listeners by having multiple transmitters, giving the same signal from different locations, switching on and off in a pattern known to their user but apparently random to the listener.

Individual directional antennas have to be manually or automatically turned to find the signal direction, which may be too slow when the signal is of short duration. One alternative is the [[Wullenweber]] array technique. In this method, several concentric rings of antenna elements simultaneously receive the signal, so that the best bearing will ideally be clearly on a single antenna or a small set. Wullenweber arrays for high-frequency signals are enormous, referred to as "elephant cages" by their users.

A more advance approach is [[Amplitude-comparison monopulse|Amplitude comparison]]. An alternative to tunable directional antennas or large omnidirectional arrays such as the Wullenweber is to measure the [[time of arrival]] of the signal at multiple points, using [[GPS]] or a similar method to have precise time synchronization. Receivers can be on ground stations, ships, aircraft, or satellites, giving great flexibility. 

A more accurate approach is [[Interferometry|Interferometer.]] 

Modern [[anti-radiation missile]]s can home in on and attack transmitters; military antennas are rarely a safe distance from the user of the transmitter.

===Traffic analysis===
{{Main|Traffic analysis}}
When locations are known, usage patterns may emerge, from which inferences may be drawn. Traffic analysis is the discipline of drawing patterns from information flow among a set of senders and receivers, whether those senders and receivers are designated by location determined through [[direction finding]], by addressee and sender identifications in the message, or even [[MASINT]] techniques for "fingerprinting" transmitters or operators. Message content other than the sender and receiver is not necessary to do traffic analysis, although more information can be helpful.

For example, if a certain type of radio is known to be used only by tank units, even if the position is not precisely determined by direction finding, it may be assumed that a tank unit is in the general area of the signal. The owner of the transmitter can assume someone is listening, so might set up tank radios in an area where he wants the other side to believe he has actual tanks. As part of [[Operation Quicksilver (WWII)|Operation Quicksilver]], part of the [[deception]] plan for the invasion of Europe at the [[Invasion of Normandy|Battle of Normandy]], radio transmissions simulated the headquarters and subordinate units of the fictitious [[First United States Army Group]] (FUSAG), commanded by [[George S. Patton]], to make the German defense think that the main invasion was to come at another location. In like manner, fake radio transmissions from Japanese aircraft carriers, before the [[Battle of Pearl Harbor]], were made from Japanese local waters, while the attacking ships moved under strict radio silence.

Traffic analysis need not focus on human communications.  For example, a sequence of a radar signal, followed by an exchange of targeting data and a confirmation, followed by observation of artillery fire, may identify an automated [[counterbattery fire]] system.  A radio signal that triggers navigational beacons could be a radio landing aid for an airstrip or helicopter pad that is intended to be low-profile.

Patterns do emerge.  A radio signal with certain characteristics, originating from a fixed headquarters, may strongly suggest that a particular unit will soon move out of its regular base.  The contents of the message need not be known to infer the movement.

There is an art as well as science of traffic analysis. Expert analysts develop a sense for what is real and what is deceptive. [[Harry Kidder]],<ref>{{Cite web|url=https://www.nsa.gov/about/cryptologic-heritage/historical-figures-publications/hall-of-honor/Article/2014217/chief-harry-kidder-usn/|title=About|website=nsa.gov}}</ref> for example, was one of the star cryptanalysts of World War II, a star hidden behind the secret curtain of SIGINT.<ref>{{cite journal|last=Whitlock|first=Duane|title=The Silent War against the Japanese Navy|journal=Naval War College Review|volume=48|issue=4 |pages=43–52 |date=Autumn 1995|url=http://www.ibiblio.org/pha/ultra/nwc-01.html|access-date=30 September 2007}}</ref>

===Electronic order of battle===
Generating an '''electronic order of battle''' (EOB) requires identifying SIGINT emitters in an area of interest, determining their geographic location or range of mobility, characterizing their signals, and, where possible, determining their role in the broader organizational [[order of battle]]. EOB covers both COMINT and ELINT.<ref>{{cite web|author=743d Military Intelligence (MI) Battalion|title=Warfighter Guide to Intelligence 2000|publisher=Joint Spectrum Center, (US) Defense Information Services Agency|date=August 1999|url=http://www.gordon.army.mil/AC/Fall/Fall%2001/JSCmtrc.htm|archive-url=https://web.archive.org/web/20070814165342/http://www.gordon.army.mil/AC/Fall/Fall%2001/JSCmtrc.htm|url-status=dead|archive-date=2007-08-14|access-date=26 October 2007}}</ref> The [[Defense Intelligence Agency]] maintains an EOB by location. The Joint Spectrum Center (JSC) of the [[Defense Information Systems Agency]] supplements this location database with five more technical databases:
:# FRRS: Frequency Resource Record System
:# BEI: Background Environment Information
:# SCS: Spectrum Certification System
:# EC/S: Equipment Characteristics/Space
:# TACDB: platform lists, sorted by nomenclature, which contain links to the C-E equipment complement of each platform, with links to the parametric data for each piece of equipment, military unit lists and their subordinate units with equipment used by each unit.

[[File:JSC-Databases-and-Flow.GIF|thumb|EOB and related data flow]]
For example, several voice transmitters might be identified as the command net (i.e., top commander and direct reports) in a tank battalion or tank-heavy task force. Another set of transmitters might identify the logistic net for that same unit. An inventory of ELINT sources might identify the [[Radar MASINT#AN/TPQ-36 and −37 counterartillery radars|medium]]- and [[Radar MASINT#AN/TPQ-37|long-range]] counter-artillery radars in a given area.

Signals intelligence units will identify changes in the EOB, which might indicate enemy unit movement, changes in command relationships, and increases or decreases in capability.

Using the COMINT gathering method enables the intelligence officer to produce an electronic order of battle by traffic analysis and content analysis among several enemy units. For example, if the following messages were intercepted:
:# U1 to U2, requesting permission to proceed to checkpoint X.
:# U2 to U1, approved. please report at arrival.
:# (20 minutes later) U1 to U2, all vehicles have arrived to checkpoint X.

This sequence shows that there are two units in the battlefield, unit 1 is mobile, while unit 2 is in a higher hierarchical level, perhaps a command post. One can also understand that unit 1 moved from one point to another which are distant from each 20 minutes with a vehicle. If these are regular reports over a period of time, they might reveal a patrol pattern. Direction-finding and [[Radiofrequency MASINT|radio frequency MASINT]] could help confirm that the traffic is not deception.

The EOB buildup process is divided as following:
:* Signal separation
:* Measurements optimization
:* Data fusion
:* Networks build-up

Separation of the intercepted spectrum and the signals intercepted from each sensor must take place in an extremely small period of time, in order to separate the different signals to different transmitters in the battlefield. The complexity of the separation process depends on the complexity of the transmission methods (e.g., [[Frequency-hopping spread spectrum|hopping]] or [[time-division multiple access]] (TDMA)).

By gathering and clustering data from each sensor, the measurements of the direction of signals can be optimized and get much more accurate than the basic measurements of a standard [[direction finding]] sensor.<ref name=Kessler>{{cite journal|url=http://www.darpa.mil/DARPATech2000/Presentations/tto_pdf/6KesslerDDBB&WRev1.pdf|first=Otto|last=Kessler|publisher=Defense Advanced Research Projects Agency|title=SIGINT Change Detection Approach|journal=Dynamic Database: Efficiently Convert Massive Quantities of Sensor Data into Actionable Information for Tactical Commanders|url-status=dead|archive-url=https://web.archive.org/web/20080227075206/http://www.darpa.mil/DARPATech2000/Presentations/tto_pdf/6KesslerDDBB%26WRev1.pdf|archive-date=27 February 2008}}</ref> By calculating larger samples of the sensor's output data in near real-time, together with historical information of signals, better results are achieved.

Data fusion correlates data samples from different frequencies from the same sensor, "same" being confirmed by direction finding or radiofrequency MASINT. If an emitter is mobile, direction finding, other than discovering a repetitive pattern of movement, is of limited value in determining if a sensor is unique. MASINT then becomes more informative, as individual transmitters and antennas may have unique side lobes, unintentional radiation, pulse timing, etc.

'''Network build-up''', or analysis of emitters (communication transmitters) in a target region over a sufficient period of time, enables creation of the communications flows of a battlefield.<ref>{{cite journal|author=Terry, I.|title=US Naval Research Laboratory – Networked Specific Emitter Identification in Fleet Battle Experiment Juliet|journal=NRL Review|year=2003|url=http://www.nrl.navy.mil/content.php?P=03REVIEW207|access-date=26 October 2007|url-status=dead|archive-url=https://web.archive.org/web/20071126144234/http://www.nrl.navy.mil/content.php?P=03REVIEW207|archive-date=26 November 2007}}</ref>