Home » Seagate Manuals » Hard Drives » Seagate ST91000642SS » Manual Viewer

Seagate ST91000642SS Constellation SAS Product Manual - Page 45

Cryptographic erase, Authenticated firmware download, Power requirements, Supported commands

View all Seagate ST91000642SS manuals

Add to My Manuals
Save this manual to your list of manuals

Page 45 highlights

9.6 Cryptographic erase A significant feature of SEDs is the ability to perform a cryptographic erase. This involves the host telling the drive to change the data encryption key for a particular band. Once changed, the data is no longer recoverable since it was written with one key and will be read using a different key. Since the drive overwrites the old key with the new one, and keeps no history of key changes, the user data can never be recovered. This is tantamount to an instantaneous data erase and is very useful if the drive is to be scrapped or redispositioned. 9.7 Authenticated firmware download In addition to providing a locking mechanism to prevent unwanted firmware download attempts, the drive also only accepts download files which have been cryptographically signed by the appropriate Seagate Design Center. Three conditions must be met before the drive will allow the download operation: 1. The download must be an SED file. A standard (base) drive (non-SED) file will be rejected. 2. The download file must be signed and authenticated. 3. As with a non-SED drive, the download file must pass the acceptance criteria for the drive. For example it must be applicable to the correct drive model, and have compatible revision and customer status. 9.8 Power requirements The standard drive models and the SED drive models have identical hardware, however the security and encryption portion of the drive controller ASIC is enabled and functional in the SED models. This represents a small additional drain on the 5V supply of about 30mA and a commensurate increase of about 150mW in power consumption. There is no additional drain on the 12V supply. See the tables in Section 7.3 for power requirements on the standard (non-SED) drive models. 9.9 Supported commands The SED models support the following two commands in addition to the commands supported by the standard (non-SED) models as listed in Table 6: • Security Protocol Out (B5h) • Security Protocol In (A2h) Constellation SAS Product Manual, Rev. F 37

Section	Page
1.0 Seagate Technology support services	9
2.0 Scope	10
3.0 Applicable standards and reference documentation	11
3.1 Standards	11
3.1.1 Electromagnetic compatibility	11
3.1.1.1 Electromagnetic susceptibility	11
3.1.2 Electromagnetic compliance	12
3.1.3 European Union Restriction of Hazardous Substances (RoHS)	13
3.2 Reference documents	13
4.0 General description	14
4.1 Standard features	15
4.2 Media description	15
4.3 Performance	16
4.4 Reliability	16
4.5 Formatted capacities	16
4.6 Programmable drive capacity	16
4.7 Factory-installed options	17
5.0 Performance characteristics	18
5.1 Internal drive characteristics	18
5.2 Seek performance characteristics	18
5.2.1 Access time	18
5.2.2 Format command execution time for 512-byte sectors (minutes)	19
5.2.3 General performance characteristics	19
5.3 Start/stop time	19
5.4 Prefetch/multi-segmented cache control	20
5.5 Cache operation	20
5.5.1 Caching write data	21
5.5.2 Prefetch operation	21
6.0 Reliability specifications	22
6.1 Error rates	22
6.1.1 Recoverable Errors	22
6.1.2 Unrecoverable Errors	22
6.1.3 Seek errors	23
6.1.4 Interface errors	23
6.2 Reliability and service	23
6.2.1 Annualized Failure Rate (AFR) and Mean Time Between Failure (MTBF)	23
6.2.2 Preventive maintenance	23
6.2.3 Hot plugging the drive	23
6.2.4 S.M.A.R.T.	24
6.2.5 Thermal monitor	25
6.2.6 Drive Self Test (DST)	26
6.2.6.1 DST failure definition	26
6.2.6.2 Implementation	26
6.2.7 Product warranty	28
7.0 Physical/electrical specifications	29
7.1 PowerChoiceTM power management	29
7.1.1 PowerChoice reporting methods	30
7.2 AC power requirements	30
7.3 DC power requirements	30
7.3.1 Conducted noise immunity	32
7.3.2 Power sequencing	32
7.3.3 Current profiles	33
7.4 Power dissipation	34
7.5 Environmental limits	36
7.5.1 Temperature	36
7.5.2 Relative humidity	36
7.5.3 Effective altitude (sea level)	37
7.5.4 Shock and vibration	37
7.5.4.1 Shock	37
7.5.4.2 Vibration	39
7.5.5 Air cleanliness	39
7.5.6 Corrosive environment	39
7.5.7 Acoustics	40
7.5.8 Electromagnetic susceptibility	40
7.6 Mechanical specifications	41
8.0 About FIPS	42
9.0 About self-encrypting drives	43
9.1 Data encryption	43
9.2 Controlled access	43
9.2.1 Admin SP	43
9.2.2 Locking SP	44
9.2.3 Default password	44
9.3 Random number generator (RNG)	44
9.4 Drive locking	44
9.5 Data bands	44
9.6 Cryptographic erase	45
9.7 Authenticated firmware download	45
9.8 Power requirements	45
9.9 Supported commands	45
10.0 Defect and error management	46
10.1 Drive internal defects/errors	46
10.2 Drive error recovery procedures	46
10.3 SAS system errors	47
10.4 Background Media Scan	48
10.5 Media Pre-Scan	48
10.6 Deferred Auto-Reallocation	48
10.7 Idle Read After Write	49
11.0 Installation	50
11.1 Drive orientation	50
11.2 Cooling	51
11.3 Drive mounting	52
11.4 Grounding	52
12.0 Interface requirements	53
12.1 SAS features	53
12.1.1 task management functions	53
12.1.2 task management responses	53
12.2 Dual port support	54
12.3 SCSI commands supported	55
12.3.1 Inquiry data	59
12.3.2 Mode Sense data	59
12.4 Miscellaneous operating features and conditions	62
12.4.1 SAS physical interface	63
12.4.2 Physical characteristics	66
12.4.3 Connector requirements	66
12.4.4 Electrical description	66
12.4.5 Pin descriptions	66
12.4.6 SAS transmitters and receivers	67
12.4.7 Power	67
12.5 Signal characteristics	67
12.5.1 Ready LED Out	67
12.5.2 Differential signals	68
12.6 SAS-2 Specification Compliance	68
12.7 Additional information	68
Numerics	69
A	69
B	69
C	69
D	69
E	70
F	70
G	70
H	70
I	70
J	70
K	70
L	71
M	71
N	71
O	71
P	71
Q	71
R	72
S	72
T	72
U	73
V	73
W	73

Match case Limit results 1 per page

Constellation SAS Product Manual, Rev. F

9.6

Cryptographic erase

A significant feature of SEDs is the ability to perform a cryptographic erase. This involves the host telling the

drive to change the data encryption key for a particular band. Once changed, the data is no longer recoverable

since it was written with one key and will be read using a different key. Since the drive overwrites the old key

with the new one, and keeps no history of key changes, the user data can never be recovered. This is tanta-

mount to an instantaneous data erase and is very useful if the drive is to be scrapped or redispositioned.

9.7

Authenticated firmware download

In addition to providing a locking mechanism to prevent unwanted firmware download attempts, the drive also

only accepts download files which have been cryptographically signed by the appropriate Seagate Design

Center.

Three conditions must be met before the drive will allow the download operation:

The download must be an SED file. A standard (base) drive (non-SED) file will be rejected.

The download file must be signed and authenticated.

As with a non-SED drive, the download file must pass the acceptance criteria for the drive. For example it

must be applicable to the correct drive model, and have compatible revision and customer status.

9.8

Power requirements

The standard drive models and the SED drive models have identical hardware, however the security and

encryption portion of the drive controller ASIC is enabled and functional in the SED models. This represents a

small additional drain on the 5V supply of about 30mA and a commensurate increase of about 150mW in

power consumption. There is no additional drain on the 12V supply. See the tables in Section 7.3 for power

requirements on the standard (non-SED) drive models.

9.9

Supported commands

The SED models support the following two commands in addition to the commands supported by the standard

(non-SED) models as listed in Table 6:

•

Security Protocol Out (B5h)

•

Security Protocol In (A2h)