Self-Encrypting Drives for Servers, NAS, and SAN Arrays
Page 12
...There are similarly well known. When designing the drive, Seagate assumed an attacker could aid in deciphering the data, knowing the intricate details of the drive's design and construction cannot help hackers. Similarly, breaking one drive provides no security back doors in the future due...known structure, a hacker might use the fact that 's been encrypted by some other drives more easily. In addition, the SED has protected firmware downloads; an attacker cannot insert modified firmware into hard drives, they obtain a secured SED that an SED does not send cipher text from itself...
...There are similarly well known. When designing the drive, Seagate assumed an attacker could aid in deciphering the data, knowing the intricate details of the drive's design and construction cannot help hackers. Similarly, breaking one drive provides no security back doors in the future due...known structure, a hacker might use the fact that 's been encrypted by some other drives more easily. In addition, the SED has protected firmware downloads; an attacker cannot insert modified firmware into hard drives, they obtain a secured SED that an SED does not send cipher text from itself...
Inflection Point - The New Era of Serial Attached SCSI
Page 6
... are clearly the best choice for high availability and greater uptime, dual data ports ensure that would be combined into the device's firmware at higher voltage levels. this simplifies cable routing, saves space and improves airflow/ cooling in much smaller and less intrusive cabling....result in system or storage cabinets, and ensures SAS connectors easily fit on management resources and support personnel. In concert with Serial ATA drives, SAS ensures the freedom to 16,384 devices (128 maximum SAS devices per edge expander x 128 maximum edge expanders per fan-...
... are clearly the best choice for high availability and greater uptime, dual data ports ensure that would be combined into the device's firmware at higher voltage levels. this simplifies cable routing, saves space and improves airflow/ cooling in much smaller and less intrusive cabling....result in system or storage cabinets, and ensures SAS connectors easily fit on management resources and support personnel. In concert with Serial ATA drives, SAS ensures the freedom to 16,384 devices (128 maximum SAS devices per edge expander x 128 maximum edge expanders per fan-...
Savvio 10K.3 SAS Product Manual
Page 4
... SP 36 7.2.3 Default password 36 7.3 Random number generator (RNG 36 7.4 Drive locking 36 7.5 Data bands 36 7.6 Cryptographic erase 37 7.7 Authenticated firmware download 37 7.8 Power requirements 37 7.9 Supported commands 37 8.0 Defect and error management 38 8.1 Drive internal defects/errors 38 8.2 Drive error recovery procedures 38 8.3 SAS system errors 39 8.4 Background Media Scan 40... 10.4.7 Power 60 10.5 Signal characteristics 60 10.5.1 Ready LED Out 60 10.5.2 Differential signals 61 10.6 SAS-2 Specification compliance 61 ii Savvio 10K.3 SAS Product Manual, Rev. D
... SP 36 7.2.3 Default password 36 7.3 Random number generator (RNG 36 7.4 Drive locking 36 7.5 Data bands 36 7.6 Cryptographic erase 37 7.7 Authenticated firmware download 37 7.8 Power requirements 37 7.9 Supported commands 37 8.0 Defect and error management 38 8.1 Drive internal defects/errors 38 8.2 Drive error recovery procedures 38 8.3 SAS system errors 39 8.4 Background Media Scan 40... 10.4.7 Power 60 10.5 Signal characteristics 60 10.5.1 Ready LED Out 60 10.5.2 Differential signals 61 10.6 SAS-2 Specification compliance 61 ii Savvio 10K.3 SAS Product Manual, Rev. D
Savvio 10K.3 SAS Product Manual
Page 14
...dual port SAS controller supporting the SCSI protocol • Support for improved durability and environmental protection. 6 Savvio 10K.3 SAS Product Manual, Rev. D 3.1 Standard features Savvio® 10K.3 SAS drives have the following additional features: • Automatic data encryption/decryption • Controlled access • Random... ECC maximum burst correction length of user data for a drive that will be repurposed or scrapped • Authenticated firmware download 3.2 Media description The media used on the drive has an aluminum substrate coated with a thin film magnetic ...
...dual port SAS controller supporting the SCSI protocol • Support for improved durability and environmental protection. 6 Savvio 10K.3 SAS Product Manual, Rev. D 3.1 Standard features Savvio® 10K.3 SAS drives have the following additional features: • Automatic data encryption/decryption • Controlled access • Random... ECC maximum burst correction length of user data for a drive that will be repurposed or scrapped • Authenticated firmware download 3.2 Media description The media used on the drive has an aluminum substrate coated with a thin film magnetic ...
Savvio 10K.3 SAS Product Manual
Page 23
... S.M.A.R.T. delay times 319 milliseconds Fully-enabled delay DEXCPT = 0, PERF = 0 364 milliseconds Reporting control Reporting is uninterruptable. Savvio 10K.3 SAS Product Manual, Rev. This technology is intended to back up the data before the next scheduled measurement and data ...be recreated. To determine rate, error events are optimized to minimize "false" and "failed" predictions. Controlling S.M.A.R.T. The drive's firmware monitors specific attributes for degradation over which errors occur and signals a predictive failure if the rate of total operations for...
... S.M.A.R.T. delay times 319 milliseconds Fully-enabled delay DEXCPT = 0, PERF = 0 364 milliseconds Reporting control Reporting is uninterruptable. Savvio 10K.3 SAS Product Manual, Rev. This technology is intended to back up the data before the next scheduled measurement and data ...be recreated. To determine rate, error events are optimized to minimize "false" and "failed" predictions. Controlling S.M.A.R.T. The drive's firmware monitors specific attributes for degradation over which errors occur and signals a predictive failure if the rate of total operations for...
Savvio 10K.3 SAS Product Manual
Page 24
...value in the range of the parameter field. Predictive failures S.M.A.R.T. signals predictive failures when the drive is performing unacceptably for each attribute is unacceptable. The firmware keeps a running count of the number of times the error rate for the number of ...interval and failure counters are recorded. Table 1: Temperature Log Page (0Dh) Parameter Code 0000h 0001h Description Primary Temperature Reference Temperature 16 Savvio 10K.3 SAS Product Manual, Rev. If the number of mode sense data. Signals the host if the temperature exceeds a user-specified ...
...value in the range of the parameter field. Predictive failures S.M.A.R.T. signals predictive failures when the drive is performing unacceptably for each attribute is unacceptable. The firmware keeps a running count of the number of times the error rate for the number of ...interval and failure counters are recorded. Table 1: Temperature Log Page (0Dh) Parameter Code 0000h 0001h Description Primary Temperature Reference Temperature 16 Savvio 10K.3 SAS Product Manual, Rev. If the number of mode sense data. Signals the host if the temperature exceeds a user-specified ...
Savvio 10K.3 SAS Product Manual
Page 43
...drive in their command payloads. 7.1 Data encryption Encrypting drives use the security features in the drive, the host must be capable of the drive's possible16 data bands (see Section 7.4). A unique data encryption key is an organization sponsored and operated by companies in Section 2.2. Savvio 10K... or disable firmware download operations (see Section 7.5). 7.2 Controlled access The drive has two ...security partitions (SPs) called the "Admin SP" and the "Locking SP." The DEK is itself encrypted when it is read from the performance of data at rest." Seagate...
...drive in their command payloads. 7.1 Data encryption Encrypting drives use the security features in the drive, the host must be capable of the drive's possible16 data bands (see Section 7.4). A unique data encryption key is an organization sponsored and operated by companies in Section 2.2. Savvio 10K... or disable firmware download operations (see Section 7.5). 7.2 Controlled access The drive has two ...security partitions (SPs) called the "Admin SP" and the "Locking SP." The DEK is itself encrypted when it is read from the performance of data at rest." Seagate...
Savvio 10K.3 SAS Product Manual
Page 44
...cabinet. The real estate for the individual bands. Access to the Locking SP is printed on the drive label and it can define up to 4K LBA boundaries. 36 Savvio 10K.3 SAS Product Manual, Rev. D This prevents the user data from being accessed without the appropriate credentials...known as the Global Data Band) which comprises LBA 0 through 15). 7.2.3 Default password When the drive is locked and the drive will reject any data read /write access to unlock the firmware download port before these numbers as Authentication Keys (passwords) for system use, including using these bands ...
...cabinet. The real estate for the individual bands. Access to the Locking SP is printed on the drive label and it can define up to 4K LBA boundaries. 36 Savvio 10K.3 SAS Product Manual, Rev. D This prevents the user data from being accessed without the appropriate credentials...known as the Global Data Band) which comprises LBA 0 through 15). 7.2.3 Default password When the drive is locked and the drive will reject any data read /write access to unlock the firmware download port before these numbers as Authentication Keys (passwords) for system use, including using these bands ...
Savvio 10K.3 SAS Product Manual
Page 45
... scrapped or redispositioned. 7.7 Authenticated firmware download In addition to providing a locking mechanism to the commands supported by the appropriate Seagate Design Center. Three conditions must pass the acceptance criteria for a particular band. As with a non-SED drive, the download file must be.... 7.8 Power requirements The standard drive models and the SED drive models have been cryptographically signed by the standard (non-SED) models as listed in Table 7: • Security Protocol Out (B5h) • Security Protocol In (A2h) Savvio 10K.3 SAS Product Manual, Rev. This...
... scrapped or redispositioned. 7.7 Authenticated firmware download In addition to providing a locking mechanism to the commands supported by the appropriate Seagate Design Center. Three conditions must pass the acceptance criteria for a particular band. As with a non-SED drive, the download file must be.... 7.8 Power requirements The standard drive models and the SED drive models have been cryptographically signed by the standard (non-SED) models as listed in Table 7: • Security Protocol Out (B5h) • Security Protocol In (A2h) Savvio 10K.3 SAS Product Manual, Rev. This...
Savvio 10K.3 SAS Product Manual
Page 47
... when the ARRE bit (for reads) or AWRE bit (for writes) is one . The SSP Response returns information to perform reallocations. Savvio 10K.3 SAS Product Manual, Rev. Table 4 equates the read and write retry count with Check Condition status and an unrecoverable read recoveries and... time limit. Status reporting plays a role in systems error management and its use in degradation of the unrecovered error rate. The drive firmware error recovery algorithms consists of 11 levels for read error will be reported. 8.3 SAS system errors Information on the reporting of operational...
... when the ARRE bit (for reads) or AWRE bit (for writes) is one . The SSP Response returns information to perform reallocations. Savvio 10K.3 SAS Product Manual, Rev. Table 4 equates the read and write retry count with Check Condition status and an unrecoverable read recoveries and... time limit. Status reporting plays a role in systems error management and its use in degradation of the unrecovered error rate. The drive firmware error recovery algorithms consists of 11 levels for read error will be reported. 8.3 SAS system errors Information on the reporting of operational...
Savvio 10K.3 SAS Product Manual
Page 55
...bit supported IP bit supported DSP bit supported IMMED bit supported VS (vendor specific) Inquiry Date Code page (C1h) Device Behavior page (C3h) Firmware Numbers page (C0h) Implemented Operating Def page (81h) Jumper Settings page (C2h) Supported Vital Product Data page (00h) Unit Serial Number ...Log page (3Eh) Information Exceptions Log page (2Fh) Command code 40h 39h 18h 3Ah 04h 12h 36h 4Ch 4Dh Supported N N N N Y N Y Y Y Y Y N Y Y Y Y Y Y Y Y N Y Y N Y Y N N N Y Y Y N Y Y N Savvio 10K.3 SAS Product Manual, Rev. 10.3 SCSI commands supported Table 7 lists the SCSI commands supported by...
...bit supported IP bit supported DSP bit supported IMMED bit supported VS (vendor specific) Inquiry Date Code page (C1h) Device Behavior page (C3h) Firmware Numbers page (C0h) Implemented Operating Def page (81h) Jumper Settings page (C2h) Supported Vital Product Data page (00h) Unit Serial Number ...Log page (3Eh) Information Exceptions Log page (2Fh) Command code 40h 39h 18h 3Ah 04h 12h 36h 4Ch 4Dh Supported N N N N Y N Y Y Y Y Y N Y Y Y Y Y Y Y Y N Y Y N Y Y N N N Y Y Y N Y Y N Savvio 10K.3 SAS Product Manual, Rev. 10.3 SCSI commands supported Table 7 lists the SCSI commands supported by...
Savvio 10K.3 SAS Product Manual
Page 58
This usually makes the drive inoperable. [3] Reference Mode Sense command 1Ah for mode pages supported. [4] Y = Yes. Command is available on special request. 50 Savvio 10K.3 SAS Product Manual, Rev. A = Support is not supported. Power loss during flash programming can format to 512, 520, or 528 bytes per logical block.... 2Eh AEh 8Eh 7Fh/000Ch 3Bh 3Bh 3Fh 9Fh/11h 41h 93h 7Fh/000Dh 52h 50h 51h Supported Y Y Y N N N Y Y Y Y N N N Y Y N N N Y (non-SED drives only) Y (non-SED drives only) Y (SED drives only) Y N Y N N N N N N N [1] Savvio drives can result in firmware corruption.
This usually makes the drive inoperable. [3] Reference Mode Sense command 1Ah for mode pages supported. [4] Y = Yes. Command is available on special request. 50 Savvio 10K.3 SAS Product Manual, Rev. A = Support is not supported. Power loss during flash programming can format to 512, 520, or 528 bytes per logical block.... 2Eh AEh 8Eh 7Fh/000Ch 3Bh 3Bh 3Fh 9Fh/11h 41h 93h 7Fh/000Dh 52h 50h 51h Supported Y Y Y N N N Y Y Y Y N N N Y Y N N N Y (non-SED drives only) Y (non-SED drives only) Y (SED drives only) Y N Y N N N N N N N [1] Savvio drives can result in firmware corruption.
Savvio 10K.3 SAS Product Manual
Page 59
...actual year). ** SCSI Revision support. When power is "ready." Savvio 10K.3 SAS Product Manual, Rev. Refer to the initiator per the format given in volatile memory. Parameters in the saved values list that the drive should return to the values below for Model ST9300603SS. D 51... definitions. These default values can be changed by downloading a complete set up new current and saved values, where the values are hard-coded in the drive firmware stored in a "Check Condition" status. S# Eight ASCII digits representing the eight digits of the product serial number. [ ]...
...actual year). ** SCSI Revision support. When power is "ready." Savvio 10K.3 SAS Product Manual, Rev. Refer to the initiator per the format given in volatile memory. Parameters in the saved values list that the drive should return to the values below for Model ST9300603SS. D 51... definitions. These default values can be changed by downloading a complete set up new current and saved values, where the values are hard-coded in the drive firmware stored in a "Check Condition" status. S# Eight ASCII digits representing the eight digits of the product serial number. [ ]...
Savvio 10K.3 SAS Product Manual
Page 60
...values list and stored into the saved values storage location on reset, hard reset, or Bus Device Reset message. 4. A zero (0) indicates the value is changeable. 52 Savvio 10K.3 SAS Product Manual, Rev. The changeable values list can be changed by the drive in columns 5 and 6 (bytes 04 and 05), there is... 00h which of the bits in the row entitled "CHG." Note. Because there are often several different versions of drive control firmware in the total population of drives in the field, the Mode Sense values given in the following tables list the values of the data bytes returned by ...
...values list and stored into the saved values storage location on reset, hard reset, or Bus Device Reset message. 4. A zero (0) indicates the value is changeable. 52 Savvio 10K.3 SAS Product Manual, Rev. The changeable values list can be changed by the drive in columns 5 and 6 (bytes 04 and 05), there is... 00h which of the bits in the row entitled "CHG." Note. Because there are often several different versions of drive control firmware in the total population of drives in the field, the Mode Sense values given in the following tables list the values of the data bytes returned by ...
Savvio 10K.3 SAS Product Manual
Page 74
... block reallocation scheme 6 logical block size 6, 10 66 Savvio 10K.3 SAS Product Manual, Rev. es 4 F FCC rules and regulations 2 features 6 interface 45 feed forward equalizer 61 FFE 61 firmware 6 corruption 50 firmware download port 36 flawed sector reallocation 6 Format command execution ... 44 H HDA 43, 44 head and disc assembly. D dimensions 34 disc rotation speed 9 drive 33 drive characteristics 9 drive failure 14 Drive Locking 36 drive mounting 34, 44 drive select 59 dual port support 46 E electrical description of connector 59 signal characteristics 60 specifications 20 ...
... block reallocation scheme 6 logical block size 6, 10 66 Savvio 10K.3 SAS Product Manual, Rev. es 4 F FCC rules and regulations 2 features 6 interface 45 feed forward equalizer 61 FFE 61 firmware 6 corruption 50 firmware download port 36 flawed sector reallocation 6 Format command execution ... 44 H HDA 43, 44 head and disc assembly. D dimensions 34 disc rotation speed 9 drive 33 drive characteristics 9 drive failure 14 Drive Locking 36 drive mounting 34, 44 drive select 59 dual port support 46 E electrical description of connector 59 signal characteristics 60 specifications 20 ...