Seagate Exos X20 SATA Product Manual, Rev. B
26
www.seagate.com
About self-encrypting drives
4.8
Power requirements
The standard drive models and the SED drive models have identical hardware, however the security and encryption
portion of the drive controller ASIC is enabled and functional in the SED models. This represents a small additional
drain on the 5V supply of about 30mA and a commensurate increase of about 150mW in power consumption. There is
no additional drain on the 12V supply. See the tables in
for power requirements on the standard (non-
SED) drive models.
4.9
Supported commands
The SED models support the following two commands in addition to the commands supported by the standard (non-
SED) models as listed in
Trusted Send (5Eh) or Trusted Send DMA (5Fh)
Trusted Receive (5Ch) or Trusted Receive DMA (5D)
4.10
RevertSP
SED models will support the RevertSP feature which erases all data in all bands on the device and returns the contents
of all SPs (Security Providers) on the device to their original factory state. In order to execute the RevertSP method the
unique PSID (Physical Secure ID) printed on the drive label must be provided. PSID is not electronically accessible and
can only be manually read from the drive label or scanned in via the 2D barcode.
4.11
ATA Security Erase Unit Command on SED SATA drives
The ATA SECURITY ERASE UNIT command shall support both the Normal and Enhanced erase modes with the
following modifications/additions:
Normal Erase: Normal erase shall be accomplished by changing the media encryption key for the drive followed
by an overwrite operation that repeatedly writes a single sector containing random data to the entire drive. The
write operation shall bypass the media encryption. On reading back the overwritten sectors, the host will receive
a decrypted version, using the new encryption key, of the random data sector (the returned data will not match
what was written).
Enhanced Erase: Enhanced erase shall be accomplished by changing the media encryption key for the drive.
4.12
Sanitize Device - CRYPTO SCRAMBLE EXT
This command cryptographically erases all user data on the drive by destroying the current data encryption key and
replacing it with a new data encryption key randomly generated by the drive. Sanitize Device is a command field B4h
and Feature field 0011h (CRYPTO SCRAMBLE EXT).
The drive shall support the Sanitize Feature Set as defined in ANSI/INCITS ACS-2 with the exceptions and/or
modifications described in this section.
Support of the SANITIZE FREEZE LOCK EXT command shall be determined on a customer-specific basis. OEM drives
shall support the command.