Hardware Encrypted SSD

Data security is very important for enterprise and industrial customer other than system performance and stability. To improve data security, Kogen can provide SSD with hardware protection function. We have two methods to ensure data security, first, our SSD has hardware encryption function follow Trusted Computing Group (TCG) Opal SSC standard. Encrypted data could not be easily accessed when SSD is lost. Second, when facing emergency situation that all data need to be wiped out immediately, our hardware purge or quick erase function is able to delete all data even the hidden area.

Currently most common method for data security are using software encryption. However, software encryption will occupy the resources of processor and RAM, and affect the system performance also data transfer speed will be slower. On the other hand, by using hardware encryption method, no RAM and processor will be occupied. Therefore, system performance and transfer speed can maintain high performance during encryption process.

TCG Opal SSC

Trusted Computing Group association establish the Opal Security Subsystem Class standard for SSD to follow the full structure and security specifications. Here are some of the features for TCG Opal SSC, firstly, before boot up into BIOS system, SSD will perform a pre-boot action and let shadow MBR to verify user access authority. After authority is been verified, then it will start loading BIOS, it is to avoid BOIS system from being altered.

Secondly, all SSD that follow TCG Opal standard have Self Encrypting Drive mechanism, controller will perform self-encryption for whole SSD. Thirdly, encryption key is stored in the controller, it can avoid security flaw of software encryption. Therefore, DMA attack or Cold Boot attack are not working.

Hardware Purge

For industrial info-secure and data protection other than TCG Opal SSC, there is another method call Hardware Purge or Quick Erase. There is a hardware push button to erase all data in the flash memory, and the SSD will return to default factory setting. Once hardware purge is activated, it will erase all data until it is done, if power has been removed during erase, after re-plug-in, it will continue to erase data and all data that has been deleted could not be rescue back.

Below is one example of mSATA memory module with quick erase function, data erase will start once Quick-Erase button has been pressed. mSATA is only quarter of the size of common 2.5” SSD, it is popular for industrial PC, portable storage, set-top box, etc. To know more about hardware encrypted SSD or other customised function, please contact us.

Hardware Encrypted SSD

      mSATA with quick erase button

Leave a Reply