Seagate ST32000646SS Constellation ES.2 SAS Product Manual - Page 44

36

Constellation ES.2 SAS Product Manual, Rev. C

9.2.3

Default password

When the drive is shipped from the factory, all passwords are set to the value of MSID. This 32-byte random

value is printed on the drive label and it can be read by the host electronically over the I/O. After receipt of the

drive, it is the responsibility of the owner to use the default MSID password as the authority to change all other

passwords to unique owner-specified values.

9.3

Random number generator (RNG)

The drive has a 32-byte hardware RNG that it is uses to derive encryption keys or, if requested to do so, to

provide random numbers to the host for system use, including using these numbers as Authentication Keys

(passwords) for the drive’s Admin and Locking SPs.

9.4

Drive locking

In addition to changing the passwords, as described in Section 9.2.3, the owner should also set the data

access controls for the individual bands.

The variable "LockOnReset" should be set to "PowerCycle" to ensure that the data bands will be locked if

power is lost. This scenario occurs if the drive is removed from its cabinet. The drive will not honor any data

read or write requests until the bands have been unlocked. This prevents the user data from being accessed

without the appropriate credentials when the drive has been removed from its cabinet and installed in another

system.

When the drive is shipped from the factory, the firmware download port is unlocked.

9.5

Data bands

When shipped from the factory, the drive is configured with a single data band called Band 0 (also known as

the Global Data Band) which comprises LBA 0 through LBA max. The host may allocate Band1 by specifying a

start LBA and an LBA range. The real estate for this band is taken from the Global Band. An additional 14 Data

Bands may be defined in a similar way (Band2 through Band15) but before these bands can be allocated LBA

space, they must first be individually enabled using the EraseMaster password.

Data bands cannot overlap but they can be sequential with one band ending at LBA (x) and the next beginning

at LBA (x+1).

Each data band has its own drive-generated encryption key and its own user-supplied password. The host may

change the Encryption Key (see Section 9.6) or the password when required. The bands should be aligned to

4K LBA boundaries.

9.6

Cryptographic erase

A significant feature of SEDs is the ability to perform a cryptographic erase. This involves the host telling the

drive to change the data encryption key for a particular band. Once changed, the data is no longer recoverable

since it was written with one key and will be read using a different key. Since the drive overwrites the old key

with the new one, and keeps no history of key changes, the user data can never be recovered. This is

tantamount to an instantaneous data erase and is very useful if the drive is to be scrapped or redispositioned.

Section	Page
1.0 Seagate Technology support services	9
2.0 Scope	10
3.0 Applicable standards and reference documentation	11
3.1 Standards	11
3.1.1 Electromagnetic compatibility	11
3.1.1.1 Electromagnetic susceptibility	11
3.1.2 Electromagnetic compliance	12
3.1.3 European Union Restriction of Hazardous Substances (RoHS)	13
3.1.4 China Restriction of Hazardous Substances (RoHS) Directive	13
3.2 Reference documents	14
4.0 General description	15
4.1 Standard features	16
4.2 Media description	16
4.3 Performance	16
4.4 Reliability	17
4.5 Formatted capacities	17
4.6 Programmable drive capacity	17
4.7 Factory-installed options	17
5.0 Performance characteristics	18
5.1 Internal drive characteristics	18
5.2 Seek performance characteristics	18
5.2.1 Access time	18
5.2.2 Format command execution time for 512-byte sectors (minutes)	19
5.2.3 General performance characteristics	19
5.3 Start/stop time	19
5.4 Prefetch/multi-segmented cache control	20
5.5 Cache operation	20
5.5.1 Caching write data	21
5.5.2 Prefetch operation	21
6.0 Reliability specifications	22
6.1 Error rates	22
6.1.1 Recoverable Errors	22
6.1.2 Unrecoverable Errors	22
6.1.3 Seek errors	23
6.1.4 Interface errors	23
6.2 Reliability and service	23
6.2.1 Annualized Failure Rate (AFR) and Mean Time Between Failure (MTBF)	23
6.2.2 Preventive maintenance	23
6.2.3 Hot plugging the drive	23
6.2.4 S.M.A.R.T.	24
6.2.5 Thermal monitor	25
6.2.6 Drive Self Test (DST)	26
6.2.6.1 DST failure definition	26
6.2.6.2 Implementation	26
6.2.7 Product warranty	28
7.0 Physical/electrical specifications	29
7.1 PowerChoiceTM power management	29
7.1.1 PowerChoice reporting methods	30
7.2 AC power requirements	30
7.3 DC power requirements	30
7.3.1 Conducted noise immunity	32
7.3.2 Power sequencing	32
7.3.3 Current profiles	33
7.4 Power dissipation	34
7.5 Environmental limits	36
7.5.1 Temperature	36
7.5.2 Relative humidity	36
7.5.3 Effective altitude (sea level)	37
7.5.4 Shock and vibration	37
7.5.4.1 Shock	37
7.5.4.2 Vibration	39
7.5.5 Acoustics	39
7.5.6 Air cleanliness	39
7.5.7 Corrosive environment	39
7.5.8 Electromagnetic susceptibility	40
7.6 Mechanical specifications	41
8.0 About FIPS	42
9.0 About self-encrypting drives	43
9.1 Data encryption	43
9.2 Controlled access	43
9.2.1 Admin SP	43
9.2.2 Locking SP	43
9.2.3 Default password	44
9.3 Random number generator (RNG)	44
9.4 Drive locking	44
9.5 Data bands	44
9.6 Cryptographic erase	44
9.7 Authenticated firmware download	45
9.8 Power requirements	45
9.9 Supported commands	45
9.10 RevertSP	45
10.0 Defect and error management	46
10.1 Drive internal defects/errors	46
10.2 Drive error recovery procedures	46
10.3 SAS system errors	47
10.4 Background Media Scan	47
10.5 Media Pre-Scan	48
10.6 Deferred Auto-Reallocation	48
10.7 Idle Read After Write	48
10.8 Protection Information (PI)	49
10.8.1 Levels of PI	49
10.8.2 Setting and determining the current Type Level	49
10.8.3 Identifying a Protection Information drive	49
11.0 Installation	50
11.1 Drive orientation	50
11.2 Cooling	51
11.3 Drive mounting	52
11.4 Grounding	52
12.0 Interface requirements	53
12.1 SAS features	53
12.1.1 task management functions	53
12.1.2 task management responses	53
12.2 Dual port support	54
12.3 SCSI commands supported	55
12.3.1 Inquiry data	59
12.3.2 Mode Sense data	59
12.4 Miscellaneous operating features and conditions	62
12.4.1 SAS physical interface	63
12.4.2 Physical characteristics	66
12.4.3 Connector requirements	66
12.4.4 Electrical description	66
12.4.5 Pin descriptions	66
12.4.6 SAS transmitters and receivers	67
12.4.7 Power	67
12.5 Signal characteristics	67
12.5.1 Ready LED Out	67
12.5.2 Differential signals	68
12.6 SAS-2 Specification Compliance	68
12.7 Additional information	68
Numerics	69
A	69
B	69
C	69
D	69
E	70
F	70
G	70
H	70
I	70
J	70
K	70
L	71
M	71
N	71
O	71
P	71
Q	72
R	72
S	72
T	72
U	73
V	73
W	73

Seagate ST32000646SS Constellation ES.2 SAS Product Manual - Page 44

Random number generator RNG, Drive locking, Data bands, Cryptographic erase

Page 44 highlights