NIAP: Assurance Continuity
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Product Entry  »»  Assurance Continuity  
Assurance Continuity - Seagate Secure TCG SSC Self-Encrypting Drives

Date of Maintenance Completion:  2019.10.21

Product Type:    Encrypted Storage

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Full Drive Encryption - Encryption Engine Version 2.0

Original Evaluated TOE:  2018.04.11 - Seagate Secure TCG SSC Self-Encrypting Drives

CC Certificate [PDF] Validation Report [PDF] Assurance Activity [PDF]

Administrative Guide [PDF]

Please note:  The above files are for the Original Evaluated TOE.  Consequently, they do not refer to this maintained version, although they apply to the maintained version. 

Assurance Continuity Maintenance Report [PDF]

Please note:  This serves as an addendum to the VR for the Original Evaluated TOE. 

* This is the Security Target (ST) associated with the latest Maintenance Release.  To view previous STs for this TOE, click here.

Readers are reminded that the certification of this product (TOE) is the result of maintenance, rather than an actual re-evaluation of the product.  Maintenance only considers the affect of TOE changes on the assurance baseline (i.e. the original evaluated TOE); maintenance is not intended to provide assurance in regard to the resistance of the TOE to new vulnerabilities or attack methods discovered since the date of the initial certificate.  Such assurance can only be gained through re-evaluation. 

Using a security impact analysis of the changes made to the TOE, which was provided by the developer, the CCEVS has determined that the impact of changes on the TOE are considered minor and that independent evaluator analysis was not necessary.  A summary of the results can be found in the Maintenance Report, which is written in relation to the product's original validation report and Security Target.  Readers are therefore reminded to read the Security Target, Validation Report, and the Assurance Maintenance Report to fully understand the meaning of what a maintained certificate represents. 

Product Description

The TOE has been updated in the following ways.

·         There are a relatively small number of changes to the validated TOE and only one of the changes has an indirect effect on the secure operation of the TOE. The assurance impact of these changes is minor. The issue “Incorrect sense data return after invoke sanitize follow by power-cycle” occurred due to an omitted variable check after the sanitization had completed successfully that treated the completion state the same as ‘sanitization in progress’. (Change #28)

·         The security relevant change submitted in this IAR fix a TCG specification violation due to reporting incorrect sense data, which did not impact the underlying security architecture.

·         Additionally, there is one hardware change associated with a new product being added to this certification. This hardware change is minor, encompassing a PCB physical layout change only, and therefore does not present a risk to the security architecture that would necessitate further testing.

·         The security relevant fixes and the minor hardware change therefore do not require any updates to developer evidence.

Twenty-nine Common Criteria certified Seagate product models have one of the new firmware versions that are based on existing Common Criteria certified versions

·         Firmware version 0003 is based on the certified firmware revision 0002

·         firmware versions EF01 is based on certified firmware revision NF04

·         firmware versions NF01 are based on certified firmware revision NF04

·         firmware versions SF01 is based on certified firmware revision CF04

·         firmware versions TF01 is based on certified firmware revision CF04.

Of the 29 product models with one of the new firmware versions, 14 are new and the other 15 are existing hardware. See table below.

The hardware models use the firmware versions as shown in the following table.

Model

New Firmware

Model Vintage

ST10000NM010G

EF01

New

ST12000NM008G

EF01

New

ST14000NM012G

EF01

New

ST16000NM009G

EF01

New

ST3000NM004A

TF01

New

ST3000NM005A

NF01

New

ST4000NM012A

SF01

New

ST4000NM013A

TF01

New

ST4000NM014A

EF01

New

ST4000NM015A

NF01

New

ST6000NM025A

SF01

New

ST6000NM033A

EF01

New

ST8000NM008A

SF01

New

ST8000NM010A

EF01

New

XS15360TE70024

0003

Existing

XS1600LE70024

0003

Existing

XS1600ME70024

0003

Existing

XS1920SE70024

0003

Existing

XS3200LE70024

0003

Existing

XS3200ME70024

0003

Existing

XS3840SE70024

0003

Existing

XS3840TE70024

0003

Existing

XS400ME70024

0003

Existing

XS6400LE70024

0003

Existing

XS7680SE70024

0003

Existing

XS7680TE70024

0003

Existing

XS800LE70024

0003

Existing

XS800ME70024

0003

Existing

XS960SE70024

0003

Existing

 

IAR 4-2 also specifies 20 existing hardware models that do not use one of the new processors based on certified firmware identified in this IAR. Some use firmware that was the basis of the new firmware.

Model

Firmware

ST500LM035

SDM2, RXE2, RXE3, LXM7, RPE2, 0001

ST1000LM050

SDM2, RXE2, RXE3, LXM7, RPE2, 0001

ST1200MM0149

CS10, CF04

ST1800MM0149

CS10, CF04

ST2400MM0149

CK10, CF04

ST1200MM0069

CSF2, NF04

ST600MP0156

CK10, CF04

ST900MP0166

CK10, CF04

ST600MP0026

SSM1, NF04

ST900MP0126

SSM1, NF04

XS400ME10023

7539, 0004, 0005

XS800ME10023

7539, 0004, 0005

XS1600ME10023

7539, 0004, 0005

XS6400LE70023

7539, 0004, 0005

XS1600LE10023

7539, 0004, 0005

XS1920SE10123

7539, 0004, 0005

XS3840TE10023

7539, 0004, 0005

XS7680TE70023

7539, 0004, 0005

XS15360SE70143

7539, 0004, 0005

XS3200ME70023

7539, 0004, 0005

Vendor Information

Logo
Seagate Technology
Seagate Security Certification Contracts
+1 (952) 402-2356
security.cert.contracts@seagate.com

http://www.seagate.com/
Site Map              Contact Us              Home