Compliant Product - Seagate® BarraCuda™ 515 SSD, Firmware version ECPM13.1
Certificate Date:
2023.03.14
CC Certificate Validation Report Number: CCEVS-VR-VID11322-2023 Product Type: Encrypted Storage Conformance Claim: Protection Profile Compliant PP Identifier: collaborative Protection Profile for Full Drive Encryption - Encryption Engine Version 2.0 + Errata 20190201 CC Testing Lab: Lightship Security USA, Inc. ![[PDF]](/assets/images/icon_pdf.gif){kind=icon}
Security Target
Validation Report
Assurance Activity
Administrative Guide
Product Description
The Target of Evaluation (TOE) is a solid state self-encrypting drive that provides encryption and decryption of stored user data. The TOE provides full drive encryption to protect data at rest on a lost or stolen device. The Encryption Engine (EE) ensures that the data is encrypted using FIPS-validated algorithms. It manages the encryption and decryption of the stored data, policy enforcement, and key management.
Evaluated Configuration
The evaluated configuration consists of the following models and version:
Security Evaluation Summary
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the product meets the security requirements contained in the Security Target. The criteria against which the Seagate® BarraCuda™ 515 SSD, Firmware Version ECPM13.1 was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 5, April 2017. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1, Revision 5, April 2017. The product, when delivered and configured as identified in the Seagate® BarraCuda™ 515 SSD, Firmware Version ECPM13.1 Common Criteria Guide, Version 1.1, March 2023, satisfies all the security functional requirements stated in the Seagate® BarraCuda™ 515 SSD, Firmware Version ECPM13.1 Security Target, Version 1.1, March 2023. The project underwent CCEVS Validator review. The evaluation was completed in March 2023. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID11322-2023) prepared by CCEVS.
Environmental Strengths
The TOE is comprised of the following security features which are described in more detail in the subsections below. Cryptographic Support The TOE ensures key material used for storage encryption is properly generated and protected from disclosure. It also implements cryptographic key and key material destruction during transitioning to a Compliant power saving state, or when all keys and key material are no longer needed. The TOE performs cryptographic operations as shown in relevant Cryptographic Algorithm Validation Program (CAVP) certificates. User Data Protection The TOE enables encryption and decryption of user data on a SED to protect it from unauthorized disclosure. Security Management The TOE enables management of its security functions, including: i) Changing and erasing the DEK ii) Updating the TOE firmware Protection of the TSF The TOE ensures the authenticity and integrity of firmware updates through digital signatures using RSA 2048 with SHA-256. The TOE supports the D3 compliant power saving state dependent on the OS parameters or user-initiated request. The TOE ensures its integrity and operation by performing self-tests. Vendor InformationDIGISTOR Murray Ellis II +1 (408) 796-5143 mellis@digistor.com https://digistor.com/ |