An InnoDisk Technical Document August 2012
InnoDisk’s InnoRobust SSD Series Data Security QEraser/Destroy SEraser Write Protect
InnoDisk’s InnoRobust SSD Series Data Security
0
Revision History Date
Version
Information
2012.08.13
1.0
First Release
InnoRobust II SATA SSD Data Security Functions InnoRobust II SATA SSD Data Security Default Pin Setting
InnoRobust II SATA SSD has several security functions which can be triggered by shorting different pin configurations. Please ensure jumper is inserted on default setting (pin1 and pin3) when security function is not required.
1. Quick Erase 1.1 QEraser/Destroy QEraser is designed for emergency data erase in a few seconds. QEraser can be triggered by shorting QEraser Pins (pin5 and pin6) with an external jumper or by sending an ATA Command. All Data Blocks on the Flash chip will be erased by sending the Flash Erase Command.
InnoDisk’s Destroy function implements an ultimate data erase of the SSD. Once Destroy is triggered. All user data and SSD information, including SSD firmware, will be erased and UNRECOVERABLE. InnoRobust II SATA SSD pin 5 and pin 6 will be set for QEraser. Destroy is optional. Attention: Once QEraser/Destroy is triggered, the jumper must be removed from QEraser pins (pin 5 and pin 6) immediately, otherwise erase command will execute continually.
InnoRobust II SATA SSD Data Security QEraser/Destroy Pin Setting
InnoDisk’s InnoRobust SSD Series Data Security
1
2. Security Erase 2.1 SEraser The Security Erase function is designed for emergency data erasure to comply with military standards. The erase function can be triggered by shorting the Security Erase Pin (SE) or by sending an ATA Command. All Data Blocks on the Flash chip will be erased by sending the Flash Erase Command. The SE Pin can be one of the following military Security Erase standards: AFFSI 5020, DoD 5220.22-M, USA Navy NAVSO P-5239-26, NSA Manual 130-2, USA-Army 380-19, NISPOMSUP Chap 8, Sect. 8-501, NSA Manual 9-12 and IRIG106. Word 159 of the Identify Table shows the SE pin’s functions. The Identify Table can be read by sending the ECh ATA command.
Attention: Once SEraser is triggered, the jumper must be removed from SEraser pins (pin 3 and pin 4) immediately, otherwise the erase command will execute continually.
InnoRobust II SATA SSD Data Security SEraser Pin Setting
2.1.1 AFFSI 5020 This function is compiled with the AFFSI 5020 specification. Step: 1
The whole disk is erased using Flash Erase Command.
2
The whole disk is filled with random data.
2.1.2 DoD 5220.22-M This function is compiled with the DoD 5220.22-M specification. Step: 1
The whole disk is filled with fixed character pattern 0x55.
2
The whole disk is erased using Flash Erase Command.
2.1.3 USA Navy NAVSO P-5239-26 This function is compiled with the USA Navy NAVSO P-5239-26 specification. Step: 1
The whole disk is erased using Flash Erase Command.
2
The whole disk is filled with random data. InnoDisk’s InnoRobust SSD Series Data Security
2
3
The whole disk is erased using Flash Erase Command.
2.1.4 NSA Manual 130-2 This function is compiled with the NSA Manual 130-2 specification. Step: 1
The whole disk is erased using Flash Erase Command.
2
The whole disk is filled with random data.
3
The whole disk is filled with random data again.
4
The whole disk is erased using Flash Erase Command.
5
The whole disk is filled with fixed character pattern 0x55.
2.1.5 USA-Army 380-19 This function is compiled with the USA-Army 380-19 specification. Step: 1
The whole disk is erased using Flash Erase Command.
2
The whole disk is filled with random data.
3
The whole disk is filled with fixed character pattern 0x55.
4
The whole disk is filled with fixed character pattern 0xAA.
2.1.6 NISPOMSUP Chap 8, Sect. 8-501 This function is compiled with the NISPOMSUP Chap 8, Sect. 8-501 specification. Step: 1. The whole disk is filled with fixed character pattern 0x55. 2. The whole disk is filled with fixed character pattern 0xAA. 3. The whole disk is filled with random data.
2.1.7 NSA Manual 9-12 This function is compiled with the NSA Manual 9-12 specification. Step: 1. The whole disk is erased using Flash Erase Command. 2. The whole disk is filled with unclassified pattern. 3. Verify the overwrite procedure by randomly rereading the overwritten information.
2.1.8 IRIG106 This function is compiled with the IRIG106 specification. InnoDisk’s InnoRobust SSD Series Data Security
3
Step: 1. The whole disk is erased using Flash Erase Command. 2. The whole disk is filled with pattern 0x55, and read back to verify. 3. The whole disk is erased using Flash Erase Command. 4. The whole disk is filled with pattern 0xAA, and read back to verify. 5. The whole disk is erased using Flash Erase Command. 6. Write 0x00 to all bad blocks. If there is any bit still 1, the page is re-written 0 again. This procedure is repeated up to 16 times. 7. Erase all bad blocks and check to determine if any zero are found. If any zeros are found, erase this block again. This procedure is repeated up to 16 times. 8. Write “Secure Erase” string to all blocks.
3. Write Protect InnoRobust II SATA SSD Data Security Write Protect Pin Setting
3.1.1
When Write Protect pins (pin1 and pin2) are shorted, the Write Protect function is enabled, and an ATA write command is aborted. This prevents the disk from modification and deletion. Write-protected data in the disk is read only; data cannot be written, edited, appended or deleted.
3.1.2
InnoRobust II SATA SSD has a real-time detect function. It detects Write Protect pins (pin1 and pin2) every 1ms. Once Write Protect pins (pin1 and pin2) are shorted, an ATA write command is aborted and Write Protect function is enabled. The Write Protect function is disabled when the jumper is removed from Write Protect pins (pin1 and pin2).
3.1.3
The Write Protect function can coexist with SEraser and QEraser functions.
InnoDisk’s InnoRobust SSD Series Data Security
4
4. Erase Time 4.1 InnoRobust II SATA SSD Erase Times InnoRobust II 2.5” SATA SLC SSD Erase Times Command
Item
8GB
16GB
32GB
64GB
128GB
256GB
512GB
20h
Destroy
2
2
3
6
7
8
8
21h
Quick Erase
1
1
2
3
7
11
18
22h
AFFSI 5020
469
496
568
1138
1429
2008
3164
23h
DoD 5220.22-M
103
118
150
302
595
1178
2336
24h
USA Navy NAVSO P-5239-26
474
499
572
1149
1442
2025
3184
25h
NSA Manual 130-2
1043
1110
1286
2580
3450
5187
8650
26h
USA-Army 380-19
673
730
864
1733
2602
4339
7802
27h
NISPOMSUP Chap 8, Sect. 8-501
673
730
864
1733
2602
4339
7802
28h
NSA Manual 9-12
101
115
147
295
586
1166
2323
29h
IRIG106
427
497
739
1216
2416
4814
9563 Unit: Sec.
InnoRobust II 2.5” SATA MLC (32GB ~512GB) / 1.8” (32GB~256GB) Erase Times Command
Item
32GB
64GB
128GB
256GB
512GB
20h
Destroy
8
9
9
10
16
21h
Quick Erase
9
9
10
11
19
22h
AFI 5020
1742
1830
2027
2025
4828
23h
DOD 5220.22-M
588
766
761
960
1858
24h
USA Navy NAVO P-5239-26
1751
1840
2036
2436
4846
25h
NSA Manual 130-2
4062
4414
4797
5798
11492
26h
USA-Army 380-19
2896
3336
3511
4324
77926
27h
NIPOMUP Chap 8, sect. 8-501
2895
3334
3508
4324
8505
28h
NSA Manual 9-12
575
752
740
950
1836
29h
IRIG106
2000
2797
3139
4703
9182 Unit: Sec.
InnoDisk’s InnoRobust SSD Series Data Security
5
InnoRobust II 2.5” PATA SLC SSD Erase Times Command
Item
8GB
16GB
32GB
64GB
128GB
20h
Destroy
2
2
3
6
21h
Quick Erase
1
1
2
3
7
11
22h
AFFSI 5020
469
496
568
1138
1429
2008
23h
DoD 5220.22-M
103
118
150
302
595
1178
24h
USA Navy NAVSO P-5239-26
474
499
572
1149
1442
2025
25h
NSA Manual 130-2
1043
1110
1286
2580
3450
5187
26h
USA-Army 380-19
673
730
864
1733
2602
4339
27h
NISPOMSUP Chap 8, Sect. 8-501
673
730
864
1733
2602
4339
28h
NSA Manual 9-12
101
115
147
295
586
1166
29h
IRIG106
427
497
739
1216
2416
4814
7
256GB 8
Unit: Sec.
5. Power Failure Issue The InnoRobust series is integrated with real- time power detection and auto recovery function. When power failure occurs during data erasing, once power is resupplied, SEraser will automatically resume the SEraser function until all the data is erased.
About us InnoDisk is a worldwide leading provider of data storage and memory module solutions for industrial and mission-critical applications. Leveraging in-house engineering and R&D expertise with a keen insight on industry trends, InnoDisk’s solid-state drive (SSD) technologies provide enhanced, vertically-integrated data storage solutions. Our advanced Flash-based data storage and DRAM memory solutions meet stringent aerospace and defense application requirements, and are also widely used in industrial applications and embedded systems. InnoDisk offers customized solutions, from unique form factors to special firmware designs, and our support team of hardware, software and firmware engineers is always ready to tailor the right solution to each customer’s needs. InnoDisk continually strives to innovate and provide system integrators and end customers with the best service in the industry. For more information on InnoDisk’s product line, technologies and applications, please visit www.innodisk.com
InnoDisk’s InnoRobust SSD Series Data Security
6