background image

Seagate Exos 7E8 SATA Product Manual, Rev. B

  32

  

5.0

About FIPS

The Federal Information Processing Standard (FIPS) Publication 140-2 is a U.S. Government Computer Security Standard used to

 

accredit cryptographic modules. It is titled 'Security Requirements for Cryptographic Modules (FIPS PUB 140-2)' and is issued by the

 

National Institute of Standards and Technology (NIST).

Purpose

This standard specifies the security requirements that will be satisfied by a cryptographic module utilized within a security system

 

protecting sensitive but unclassified information. The standard provides four increasing, qualitative levels of security: Level 1, Level 2, 
Level 3 and Level 4. These levels are intended to cover the wide range of potential applications and environments in which

 

cryptographic modules may be employed.

Seagate Enterprise SEDs

The SEDs referenced in this Product Manual have been validated by CMVP and have been thoroughly tested by a NVLAP accredited

 

lab to satisfy FIPS 140-2 Level 2 requirements. In order to operate in FIPS Approved Mode of Operation, these SEDs require security

 

initialization. For more information, refer to 'Security Rules' section in the 'Security Policy' document uploaded on the NIST website. 
To reference the product certification visit -

 http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401vend.htm

 and search for 

"Seagate".

Level 2 security

Security Level 2 enhances the physical security mechanisms of a Security Level 1 cryptographic module by adding the requirement 
for tamper-evidence, which includes the use of tamper-evident coatings or seals on removable covers of the module. Tamper-
evident coatings or seals are placed on a cryptographic module so that the coating or seal must be broken to attain physical access 
to the critical security parameters (CSP) within the module. Tamper-evident seals are placed on covers to protect against 
unauthorized physical access. In addition Security Level  2  requires, at a minimum, role-based authentication in which a

 

cryptographic module authenticates the authorization of an operator to assume a specific role and perform a corresponding  set  of 
services

.

Figure 8. 

Example of FIPS tamper evidence labels.

Note

Image is for reference only, may not represent actual drive

Summary of Contents for Exos ST2000NM0075

Page 1: ...lf Encryption 5xxE models ST6000NM0175 ST4000NM0245 SED FIPS 140 2 5xxE models ST6000NM0275 ST4000NM0225 Standard 4KN models ST6000NM0125 ST4000NM0085 ST2000NM0105 Self Encryption 4KN models ST6000NM0185 ST4000NM0055 ST2000NM0075 SED FIPS 140 2 4KN models ST6000NM0265 7E8 SATA Product Manual ...

Page 2: ...ls one billion bytes and one terabyte or TB equals one trillion bytes Your computer s operating system may use a different standard of measurement and report a lower capacity In addition some of the listed capacity is used for formatting and other functions and thus will not be available for data storage Actual quantities will vary based on various factors including file size file format features ...

Page 3: ... 2 6 5 Vibration 18 2 7 Acoustics 19 2 8 Test for Prominent Discrete Tones PDTs 19 2 9 Electromagnetic immunity 19 2 10 Reliability 20 2 10 1 Annualized Failure Rate AFR and Mean Time Between Failures MTBF 20 2 11 Agency and Safety Certifications 21 2 11 1 Safety certification 21 2 11 2 European Union EU CE Marking Requirements 21 2 11 3 Australian RCM Compliance Mark 21 2 11 4 Canada ICES 003 21 ...

Page 4: ...4 2 3 Default password 29 4 3 Random number generator RNG 30 4 4 Drive locking 30 4 5 Data bands 30 4 6 Cryptographic erase 30 4 7 Authenticated firmware download 30 4 8 Power requirements 31 4 9 Supported commands 31 4 10 RevertSP 31 4 11 ATA Security Erase Unit Command on SED SATA drives 31 4 12 Sanitize Device CRYPTO SCRAMBLE EXT 31 5 0 About FIPS 32 6 0 Serial ATA SATA interface 33 6 1 Hot Plu...

Page 5: ... For information regarding Warranty Support visit http www seagate com support warranty and replacements For information regarding data recovery services visit http www seagate com services software recover For Seagate OEM Distribution partner and reseller portals visit http www seagate com partners Seagate Technology Support Services ...

Page 6: ...ve self test that eliminates unnecessary drive returns State of the art cache and on the fly error correction algorithms Support for S M A R T drive monitoring and reporting Supports latching SATA cables and connectors Tarnish resistant components to help protect drive from environmental elements increasing field reliability Top Cover Attached motor for excellent vibration tolerance Worldwide Name...

Page 7: ...erating system views the two devices as if they were both masters on two separate ports This essentially means both drives behave as if they are Device 0 master devices The Serial ATA host adapter and drive share the function of emulating parallel ATA device behavior to provide backward compatibility with existing host systems and software The Command and Control Block registers PIO and DMA data t...

Page 8: ...T6000NM0265 ST6000NM0275 ST4000NM0055 ST4000NM0085 ST4000NM0115 ST4000NM0225 ST4000NM0245 ST2000NM0075 ST2000NM0105 ST2000NM0125 Formatted 512 bytes sector 6TB 4TB 2TB Guaranteed sectors see Section 2 2 Heads 10 7 4 Discs 5 4 2 Bytes per logical sector 512 Bytes per physical sector 4096 Recording density KBPI Kb in max 2018 Track density KTPI ktracks in avg 369 Areal density Gb in2 avg 732 Spindle...

Page 9: ...cs sound power bels Idle 2 8 typical 3 0 max Performance seek 3 2 typical 3 4 max Nonrecoverable read errors 1 sector per 1015 bits read Annualized Failure Rate AFR 0 44 based on 8760 POH Maximum Rated Workload Maximum rate of 550TB year Workloads exceeding the annualized rate may degrade the drive MTBF and impact product reliability The Annual ized Workload Rate is in units of TB per year or TB p...

Page 10: ...op times ST models Formatted capacity Guaranteed sectors Bytes per logical sector ST6000NM0115 ST6000NM0175 ST6000NM0275 6TB 11 721 045 168 512 ST4000NM0115 ST4000NM0225 ST4000NM0245 4TB 7 814 037 168 ST2000NM0125 2TB 3 907 029 168 ST6000NM0125 ST6000NM0185 ST6000NM0265 6TB 1 465 130 646 4096 ST4000NM0055 ST4000NM0085 4TB 976 754 646 ST2000NM0075 ST2000NM0105 2TB 488 378 646 Interface Serial ATA S...

Page 11: ...nd power to operational levels Table 2 DC power requirements 6TB 6 0Gb mode Voltage 5V 12V Watts Regulation 5 Total Avg Idle Current 0 190 0 443 6 26 Advanced Idle Current Idle_A 0 191 0 438 6 21 Idle_B 0 126 0 384 5 23 Idle_C 0 135 0 228 3 41 Standby 0 117 0 003 0 55 Maximum Start Current DC peak DC 0 480 1 992 AC Peak DC 0 848 2 660 Delayed Motor Start DC max 0 220 0 740 9 98 Peak operating curr...

Page 12: ...0 Idle_B 0 133 0 330 4 63 Idle_C 0 141 0 202 3 13 Standby 0 125 0 001 0 63 Maximum Start Current DC peak DC 0 491 2 095 26 64 AC Peak DC 0 680 2 680 37 99 Delayed Motor Start DC max 0 176 0 068 1 70 Peak operating current random read Typical DC 0 234 0 724 9 86 Maximum DC 0 238 0 734 10 00 Peak operating current random write Typical DC 0 245 0 692 9 52 Maximum DC 0 248 0 701 9 65 Peak operating cu...

Page 13: ... 0 270 4 22 Idle_B 0 128 0 244 3 57 Idle_C 0 137 0 156 2 56 Standby 0 122 0 011 0 74 Maximum Start Current DC peak DC 0 466 2 046 AC Peak DC 0 608 2 2 Delayed Motor Start DC max 0 144 0 020 0 96 Peak operating current random read Typical DC 0 220 0 628 8 64 Maximum DC 0 228 0 644 8 86 Peak operating current random write Typical DC 0 231 0 599 8 34 Maximum DC 0 239 0 623 8 67 Peak operating current...

Page 14: ...ct Manual Rev B 13 2 5 1 1 Typical current profiles TBD Figure 1 6TB Typical 5V and 12V startup and operation current profile 2 5 1 2 Typical current profiles Figure 2 4TB Typical 5V ans 12V startup and operation current profile ...

Page 15: ...e or an equivalent 15 ohm resistive load on the 5V line Using 12V power the drive is expected to operate with a maximum of 120mV peak to peak square wave injected noise at up to 10MHz Using 5V power the drive is expected to operate with a maximum of 100mV peak to peak square wave injected noise at up to 10MHz 2 5 3 Voltage tolerance Voltage tolerance including noise 5V 10 5 12V 10 Note Equivalent ...

Page 16: ... Power Conditions EPC feature set using the standardized Set Features command interface Immediate host commanded power transitions may be initiated using an EPC Set Features Go to Power Condition subcommand to enter any supported power condition Legacy power commands Standby Immediate and Idle Immediate also provide a method to directly transition the drive into supported power conditions PowerCho...

Page 17: ...ecified defaults or issuing the EPC Go to Power Condition subcommand at a rate exceeding the default timers may limit this products reliability and data integrity PowerChoice Supported Extended Power Condition Feature Subcommands PowerChoice Supported Extended Power Condition Identifiers Power Condition Name Manufacturer Default Timer Values Idle_a 100 msec Idle_b 2 min Idle_c 4 min Standby_z 15 m...

Page 18: ... case temperature of the drive See Figure 4 for HDA temperature checkpoint b Non operating 40 to 158 F 40 to 70 C package ambient with a maximum gradient of 36 F 20 C per hour This specification assumes that the drive is packaged in the shipping container designed by Seagate for use with drive Figure 4 Location of the HDA temperature check point 2 6 2 Humidity The values below assume that no conde...

Page 19: ...s The non operating shock level that the drive can experience without incurring physical damage or degradation in performance when subsequently put into operation is 250 Gs based on a nonrepetitive half sine shock pulse of 2ms duration 2 6 5 Vibration All vibration specifications assume that the drive is mounted securely with the input vibration applied at the drive mounting screws Vibration may b...

Page 20: ...n properly installed in a representative host system the drive operates without errors or degradation in performance when subjected to the radio frequency RF environments defined in the following table Note For seek mode tests the drive is placed in seek mode only The number of seeks per second is defined by the following equation Number of seeks per second 0 4 average latency average access time ...

Page 21: ... conditions and the maximum drive operating conditions may occur without significant impact to the rated MTBF However continual or sustained operation beyond the rated MTBF conditions will degrade the drive MTBF and reduce product reliability Nonrecoverable read errors 1 per 1015 bits read max Load unload cycles 600 000 cycles Maximum Rated Workload Maximum rate of 550TB year Workloads exceeding t...

Page 22: ...the system level products The drive is designed for operation inside a properly designed system e g enclosure designed for the drive with properly shielded I O cable if necessary and terminators on all unused I O ports Computer manufacturers and system integrators should confirm EMC compliance and provide CE marking for the system level products For compliance with the RoHS Recast Directive 2011 6...

Page 23: ...or certification of the device is required Seagate has tested this device in enclosures as described above to ensure that the total assembly enclosure disk drive motherboard power supply etc does comply with the limits for a Class B computing device pursuant to Subpart J Part 15 of the FCC rules Operation with noncertified assemblies is likely to result in interference to radio and television rece...

Page 24: ...ical substance restrictions and our suppliers document their compliance with our requirements by providing full disclosure material content declarations that disclose inclusion of any REACH regulated substance in such articles or materials Product specific REACH declarations are available upon request through your Seagate Sales Representative 2 12 2 China Requirements China RoHS 2 China RoHS 2 ref...

Page 25: ...es are especially sensitive to the presence of sulfide chloride and nitrate contaminants Sulfur is found to be the most damaging Materials used in cabinet fabrication such as vulcanized rubber that can outgas corrosive compounds should be minimized or eliminated The useful life of any electronic equipment may be extended by replacing materials near circuitry with sulfide free alternatives Seagate ...

Page 26: ...tocol Layer 4 SPL 4 Rev 08 INCITS 534 Serial Attached SCSI SAS 4 INCITS 506 SCSI Block Commands 4 SBC 4 Rev 10 INCITS 502 SCSI Primary Commands 5 SPC 5 Rev 10 ANSI Small Computer System Interface SCSI Documents INCITS 515 SCSI Architecture Model SAM 5 Rev 11 Trusted Computing Group TCG Documents apply to Self Encrypting Drive models only TCG Storage Architecture Core Specification Rev 1 0 TCG Stor...

Page 27: ...sporting or shipping a drive use only a Seagate approved container Keep the original box Seagate approved containers are easily identified by the Seagate Approved Package label Shipping a drive in a non approved container voids the drive warranty Seagate repair centers may refuse receipt of components improperly packaged or obviously damaged in transit Contact the authorized Seagate distributor to...

Page 28: ...les users can connect the drive as illustrated in Figure 5 Figure 5 Attaching SATA cabling Each cable is keyed to ensure correct orientation Exos 7E8 SATA drives support latching SATA connectors 3 4 Drive mounting Users can mount the drive in any orientation using four screws in the side mounting holes or four screws in the bottom mounting holes See Figure 7 for drive mounting dimensions Follow th...

Page 29: ...SFF 8323 found at www sffcommittee org Note The image is for mechanical dimension reference only and may not represent the actual drive 2X 1 750 010 2X 1 625 010 4 000 010 3 750 010 1 432 019 2 128 010 814 020 2 C L OF DRIVE C L OF CONN 4X 6 32 UNC 2B 3 MIN THREAD DEPTH 14 MAX FASTENER PENETRATION MOUNTING HOLES BOTH SIDES MAX TORQUE 6 IN LBS Y 5 787 MAX 146 99 MM 2X 4 000 010 2X 1 638 010 2X 1 12...

Page 30: ...crypted when it is stored on the media and when it is in volatile temporary storage DRAM external to the encryption engine A unique data encryption key is used for each of the drive s possible16 data bands see Section 7 5 4 2 Controlled access The drive has two security providers SPs called the Admin SP and the Locking SP These act as gatekeepers to the drive security services Security related com...

Page 31: ...ands may be defined in a similar way Band2 through Band31 but before these bands can be allocated LBA space they must first be individually enabled using the EraseMaster password Data bands cannot overlap but they can be sequential with one band ending at LBA x and the next beginning at LBA x 1 Each data band has its own drive generated encryption key and its own user supplied password The host ma...

Page 32: ...rcode 4 11 ATA Security Erase Unit Command on SED SATA drives The ATA SECURITY ERASE UNIT command shall support both the Normal and Enhanced erase modes with the following modifications additions Normal Erase Normal erase shall be accomplished by changing the media encryption key for the drive followed by an overwrite operation that repeatedly writes a single sector containing random data to the e...

Page 33: ...rate in FIPS Approved Mode of Operation these SEDs require security initialization For more information refer to Security Rules section in the Security Policy document uploaded on the NIST website To reference the product certification visit http csrc nist gov groups STM cmvp documents 140 1 1401vend htm and search for Seagate Level 2 security Security Level 2 enhances the physical security mechan...

Page 34: ...d pins P4 and P12 the pre charge power pins and the other ground pins the signal pins and the rest of the power pins 3 There are three power pins for each voltage One pin from each voltage is used for pre charge when installed in a blind mate backplane config uration 4 All used voltage pins Vx must be terminated Caution The drive motor must come to a complete stop Ready to spindle stop time indica...

Page 35: ...wer Mode E5H Download Microcode 92H Execute Device Diagnostics 90H Flush Cache E7H Flush Cache Extended EAH Identify Device ECH Idle E3H Idle Immediate E1H NoP 00H Read Buffer E4H Read Buffer DMA E9H Read DMA C8H Read DMA Extended 25H Read FPDMA Queued 60H Read Log DMA Ext 47H Read Log Ext 2FH Read Multiple C4H Read Multiple Extended 29H Read Sectors 20H Read Sectors Extended 24H Read Sectors With...

Page 36: ...ve Attribute Values B0H D3H S M A R T Write Log Sector B0H D6H Standby E2H Standby Immediate E0H Trusted Send 5EH SED drives only Trusted Send DMA 5FH SED drives only Trusted Receive 5CH SED drives only Trusted Receive DMA 5DH SED drives only Write Buffer E8H Write Buffer DMA EBH Write DMA CAH Write DMA Extended 35H Write DMA FUA Extended 3DH Write FPDMA Queued 61H Write Log DMA Ext 57H Write Log ...

Page 37: ...ion 8 ASCII character string padded with blanks to end of string x xx 27 46 Drive model number 40 ASCII characters padded with blanks to end of string 47 Bits 7 0 Maximum sectors per interrupt on Read multiple and Write multiple 16 8010H 48 Trusted computing feature set options 4001H 49 Standard Standby timer IORDY supported and may be disabled 2F00H 50 ATA reserved 0000H 51 PIO data transfer cycl...

Page 38: ...88 Ultra DMA support and current mode see note following this table 007FH 89 Security erase time xxxxH 90 Enhanced security erase time xxxxH 92 Master password revision code FFFEH 93 Hardware reset value xxxxH 95 99 ATA reserved 0000H 100 103 Total number of user addressable LBA sectors available see Section 2 2 for related infor mation These words are required for drives that support the 48 bit a...

Page 39: ...umber is supported 3 Media Card Pass Through Command feature set is supported 4 Streaming feature set is supported 5 GPL feature set is supported 6 WRITE DMA FUA EXT and WRITE MULTIPLE FUA EXT commands are supported 7 WRITE DMA QUEUED FUA EXT command is supported 8 64 bit World Wide Name is supported 9 10 Obsolete 11 12 Reserved for TLC 13 IDLE IMMEDIATE command with IUNLOAD feature is supported 1...

Page 40: ...ransfer mode based on value in Sector Count register Sector Count register values 00H Set PIO mode to default PIO mode 2 01H Set PIO mode to default and disable IORDY PIO mode 2 08H PIO mode 0 09H PIO mode 1 0AH PIO mode 2 0BH PIO mode 3 0CH PIO mode 4 default 20H Multiword DMA mode 0 21H Multiword DMA mode 1 22H Multiword DMA mode 2 40H Ultra DMA mode 0 41H Ultra DMA mode 1 42H Ultra DMA mode 2 4...

Page 41: ...sary drive returns The diagnostic software ships with all new drives and is also available at http www seagate com support downloads seatools This drive is shipped with S M A R T features disabled Users must have a recent BIOS or software package that supports S M A R T to enable this feature The table below shows the S M A R T command codes that the drive uses Table 12 S M A R T commands Code in ...

Page 42: ...nited States 408 658 1000 ASIA PACIFIC Seagate Singapore International Headquarters Pte Ltd 7000 Ang Mo Kio Avenue 5 Singapore 569877 65 6485 3888 EUROPE MIDDLE EAST AND AFRICA Seagate Technology SAS 16 18 rue du Dôme 92100 Boulogne Billancourt France 33 1 4186 10 00 Publication Number 100827323 Rev B October 2017 ...

Reviews: