National Information Assurance Partnership
Common Criteria Evaluation and Validation Scheme
Validation Report
for
Seagate Secure®
TCG SSC Self-Encrypting Drives
Report Number: CCEVS-VR-10857-2018
Dated: April 11, 2018
Version: 1.0
National Institute of Standards and Technology National Security Agency
Information Technology Laboratory Information Assurance Directorate
100 Bureau Drive 9800 Savage Road STE 6940
Gaithersburg, MD 20899 Fort George G. Meade, MD 20755-6940
®
TM
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
ii
ACKNOWLEDGEMENTS
Validation Team
Marybeth Panock, Aerospace Corporation
Jerome Myers, Aerospace Corporation
Common Criteria Testing Laboratory
Leidos
Columbia, MD
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
iii
Table of Contents
1 Executive Summary...................................................................................................................1
2 Identification..............................................................................................................................5
2.1 Threats...............................................................................................................................5
2.2 Organizational Security Policies.......................................................................................6
3 Architectural Information ..........................................................................................................7
4 Assumptions...............................................................................................................................8
4.1 Clarification of Scope .......................................................................................................9
5 Security Policy.........................................................................................................................10
5.1 Cryptographic Support....................................................................................................10
5.2 User Data Protection.......................................................................................................10
5.3 Security Management .....................................................................................................10
5.4 Protection of the TSF......................................................................................................10
6 Documentation.........................................................................................................................11
7 Independent Testing.................................................................................................................12
7.1 Evaluation team independent testing ..............................................................................12
7.2 Vulnerability Survey.......................................................................................................12
8 Evaluated Configuration ..........................................................................................................13
9 Results of the Evaluation .........................................................................................................14
10 Validator Comments/Recommendations .................................................................................15
11 Annexes....................................................................................................................................16
12 Security Target.........................................................................................................................17
13 Abbreviations and Acronyms ..................................................................................................18
14 Bibliography ............................................................................................................................20
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
iv
List of Tables
Table 1 Seagate Secure TCG SSC Self-Encrypting Drives TOE Models...................................... 2
Table 2 Evaluation Details.............................................................................................................. 3
Table 3: TOE Security Assurance Requirements ......................................................................... 14
Table 4 Security Target Identification .......................................................................................... 17
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
1
1 Executive Summary
This report is intended to assist the end-user of this product and any security certification agent for
that end-user to determine the suitability of this Information Technology (IT) product in their
environment. End-users should review the Security Target (ST) [6]1
, (which is where specific
security claims are made) as well as this Validation Report (VR) (which describes how those
security claims were evaluated, tested, and any restrictions that may be imposed upon the evaluated
configuration) to help in that determination. Prospective users should carefully read the
Assumptions and Clarification of Scope in section 4 and the Validator Comments in section 10,
where any restrictions on the evaluated configuration are highlighted.
This report documents the National Information Assurance Partnership (NIAP) assessment of the
evaluation of the Seagate Secure®
TCG2
SSC3
Self-Encrypting Drives. It presents the evaluation
results, their justifications, and the conformance results. This VR is not an endorsement of the
Target of Evaluation (TOE) by any agency of the U.S. Government and no warranty of the TOE
is either expressed or implied. This VR applies only to the specific version and configuration of
the product as evaluated and as documented in the ST.
The evaluation of the Seagate Secure TCG SSC Self-Encrypting Drives was performed by Leidos
Common Criteria Testing Laboratory (CCTL) in Columbia, Maryland, in the United States and
was completed in April 2018. The evaluation was conducted in accordance with the requirements
of the Common Criteria and Common Methodology for IT Security Evaluation (CEM), version
3.1, revision 4 [4] and the assurance activities specified in the Collaborative Protection Profile for
Full Drive Encryption - Encryption Engine, Version 2.0 [10] and [11]. Leidos performed an
analysis of the NIAP Technical Decisions (https://www.niap-
ccevs.org/Documents_and_Guidance/view_tds.cfm). Leidos determined Technical Decision
TD0233 applied to this evaluation. The evaluation was consistent with NIAP Common Criteria
Evaluation and Validation Scheme (CCEVS) policies and practices as described on their web site
(www.niap-ccevs.org).
The Leidos evaluation team determined that the Seagate Secure TCG SSC Self-Encrypting drives
are conformant to the claimed Protection Profile (PP) and, when installed, configured and operated
as specified in the evaluated guidance documentation, satisfied all of the security functional
requirements stated in the ST. The information in this VR is largely derived from the publicly
available Assurance Activities Report (AAR) [7] and the associated proprietary test report [8]
produced by the Leidos evaluation team.
The TOE comprises the Seagate Secure TCG Enterprise SSC and TCG Opal SSC Self-Encrypting
Drives by Seagate Technology, LLC. TOE model numbers and firmware versions are identified in
1
See section 14 Bibliography.
2
Trusted Computing Group
3
Security Subsystem Class
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
2
the table below. Some Enterprise and Opal drives also support ATA Security as indicated in the
table.
The TOE provides Encryption Engine functionality for Full-Drive Encryption as defined by
Collaborative Protection Profile for Full Drive Encryption - Encryption Engine [10] and [11]. In
particular, the TOE provides data encryption, policy enforcement, and key management functions.
The TOE provides for the generation, update, protection, and destruction of the data encryption
key and other intermediate keys under its control.
Table 1 Seagate Secure TCG SSC Self-Encrypting Drives TOE Models
Product Name Model # Capacity TCG Standard Firmware
Nytro 3000 SSD, 7mm,
SAS Interface
XS1600ME10023 1600 Enterprise SSC 7539
XS800ME10023 800
XS400ME10023 400
XS6400LE70023 6400
XS1600LE10023 1600
XS1920SE10123 1920
XS3840TE10023 3840
Nytro 3000 SSD 15mm,
SAS Interface
XS3200ME70023 3200 Enterprise SSC 7539
XS15360SE70123 15360
XS15360TE70023 15360
XS7680TE70023 7680
Exos 15E900, 2.5-Inch,
15K-RPM, SAS Interface
ST900MP0166 900 Enterprise SSC CK10
ST600MP0156 600
Exos 15E900, 2.5-Inch,
15K-RPM, SAS Interface
ST900MP0126 900 Enterprise SSC CKF1
ST600MP0026 600
FireCuda 2.5", SATA
Interface (Hybrid)
ST2000LX003 2000 Opal SSC
ATA Security
SSM1
ST1000LX017 1000
BarraCuda 2.5", SATA
Interface
ST2000LM010 2000 Opal SSC
ATA Security
SDM2
RSE3 (1D)
RDE3 (2D)
ST1000LM038 1000
ST500LM033 500
BarraCuda Pro 2.5",
SATA Interface
ST1000LM050 1000 Opal SSC
ATA Security
SDM2
RXE2
ST500LM035 500
Exos 10E2400, 2.5-Inch,
10K-RPM
ST1200MM0069 1200 Enterprise SSC CSF2
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
3
Product Name Model # Capacity TCG Standard Firmware
Exos 10E2400, 2.5-Inch,
10K-RPM
ST2400MM0149 2400 Enterprise SSC CS10
ST1800MM0149 1800
ST1200MM0149 1200
Exos X10, 3.5-inch, 7K-
RPM, SAS Interface
ST10000NM0246 10000 Enterprise SSC CT10
Exos X10, 3.5-inch, 7K-
RPM, SAS Interface
ST10000NM0236 10000 Enterprise SSC CT12
Exos X10, 3.5-inch, 7K-
RPM, SATA Interface
ST10000NM0186 10000 Enterprise SSC
ATA Security
CT14
Exos X10, 3.5-inch, 7K-
RPM, SATA Interface
ST10000NM0176 10000 Enterprise SSC
ATA Security
CTF1
BarraCuda 3.5", SATA
Interface
ST2000DM011 2000 Opal SSC
ATA Security
0001
The validation team monitored the activities of the evaluation team, examined evaluation evidence,
provided guidance on technical issues and evaluation processes, and reviewed the evaluation
results produced by the evaluation team. The validation team found that the evaluation results
showed that all assurance activities specified in the claimed PP had been completed successfully
and that the product satisfied all of the security functional and assurance requirements as stated in
the ST.
Therefore, the validation team concludes that the testing laboratory’s findings are accurate, the
conclusions justified, and the conformance results are correct. The conclusions of the testing
laboratory in the evaluation technical report are consistent with the evidence produced.
The products, when configured as specified in the guidance documentation, satisfy all of the
security functional requirements stated in the Seagate Secure TCG SSC Self-Encrypting Drives
Security Target.
Table 2 Evaluation Details
Item Identifier
Evaluated Product Seagate Secure TCG SSC Self-Encrypting Drives identified in
Table 1
Sponsor & Developer Seagate Technology, LLC
389 Disc Drive
Longmont, Colorado 80503
CCTL Leidos
Common Criteria Testing Laboratory
6841 Benjamin Franklin Drive
Columbia, MD 21046
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
4
Item Identifier
Completion Date April 2018
CC Common Criteria for Information Technology Security
Evaluation, Version 3.1, Revision 4, September 2012
Interpretations There were no applicable interpretations used for this evaluation.
CEM Common Methodology for Information Technology Security
Evaluation: Version 3.1, Revision 4, September 2012
PP Collaborative Protection Profile for Full Drive Encryption -
Encryption Engine, Version 2.0
Supporting Document, Mandatory Technical Document – Full
Drive Encryption: Encryption Engine, CCDB-2016, Version 2.0
Disclaimer The information contained in this Validation Report is not an
endorsement of the Seagate Secure TCG SSC Self-Encrypting
Drives by any agency of the U.S. Government and no warranty of
the Seagate Secure TCG SSC Self-Encrypting Drives is either
expressed or implied.
Evaluation Personnel Gary Grainger
Kevin Steiner
Validation Personnel Marybeth Panock, Lead Validator
Jerome Myers, Senior Validator
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
5
2 Identification
The CCEVS is a joint National Security Agency (NSA) and National Institute of Standards and
Technology (NIST) effort to establish commercial facilities to perform trusted product evaluations.
Under this program, security evaluations are conducted by commercial testing laboratories called
Common Criteria Testing Laboratories (CCTLs) in accordance with National Voluntary
Laboratory Assessment Program (NVLAP) accreditation.
The NIAP Validation Body assigns validators to monitor the CCTLs to ensure quality and
consistency across evaluations. Developers of information technology products desiring a security
evaluation contract with a CCTL and pay a fee for their product’s evaluation. Upon successful
completion of the evaluation, the product is added to NIAP’s Product Compliant List (PCL)
(https://www.niap-ccevs.org/Product/).
The following table identifies the evaluated Security Target and TOE.
Name Description
ST Title Seagate Secure TCG SSC Self-Encrypting Drives Security Target
ST Version 1.0
Publication Date April 4, 2018
Vendor and ST Author Seagate Technology, LLC
TOE Reference Seagate Secure TCG SSC Self-Encrypting Drives identified in Table 1
TOE Software Version Firmware versions identified in Table 1
Keywords Self-Encrypting Drive, SED, TCG Enterprise Security Subsystem Class
(SSC), TCG Opal
2.1 Threats
The ST identifies the following threats that the TOE and its operational environment are intended
to counter.
 The cPP4
addresses the primary threat of unauthorized disclosure of protected data stored
on a storage device. If an adversary obtains a lost or stolen storage device (e.g., a storage
device contained in a laptop or a portable external storage device), they may attempt to
connect a targeted storage device to a host of which they have complete control and have
raw access to the storage device (e.g., to specified disk sectors, to specified blocks).
 Possession of any of the keys, authorization factors, submasks, and random numbers or
any other values that contribute to the creation of keys or authorization factors could allow
an unauthorized user to defeat the encryption. The cPP considers possession of keying
4
Collaborative Protection Profile
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
6
material of equal importance to the data itself. Threat agents may look for keying material
in unencrypted sectors of the storage device and on other peripherals in the operating
environment (OE), e.g. BIOS configuration, SPI flash, or TPMs.
 Threat agents may exercise host software to repeatedly guess authorization factors, such as
passwords and PINs. Successful guessing of the authorization factors may cause the TOE
to release DEKs or otherwise put it in a state in which it discloses protected data to
unauthorized users.
 Threat agents may perform a cryptographic exhaust against the key space. Poorly chosen
encryption algorithms and/or parameters allow attackers to exhaust the key space through
brute force and give them unauthorized access to the data.
 Threat agents know plaintext in regions of storage devices, especially in uninitialized
regions (all zeroes) as well as regions that contain well known software such as operating
systems. A poor choice of encryption algorithms, encryption modes, and initialization
vectors along with known plaintext could allow an attacker to recover the effective DEK,
thus providing unauthorized access to the previously unknown plaintext on the storage
device.
 Threat agents may trick authorized users into storing chosen plaintext on the encrypted
storage device in the form of an image, document, or some other file. A poor choice of
encryption algorithms, encryption modes, and initialization vectors along with the chosen
plaintext could allow attackers to recover the effective DEK, thus providing unauthorized
access to the previously unknown plaintext on the storage device.
 Threat agents may attempt to perform an update of the product which compromises the
security features of the TOE. Poorly chosen update protocols, signature generation and
verification algorithms, and parameters may allow attackers to install software that
bypasses the intended security features and provides them unauthorized access to data.
 An attacker attempts to replace the firmware on the SED via a command from the AA or
from the host platform with a malicious firmware update that may compromise the security
features of the TOE.
 An attacker attempts to modify the firmware in the SED via a command from the AA or
from the host platform that may compromise the security features of the TOE.
2.2 Organizational Security Policies
There are no Organizational Security Policies for the Collaborative Protection Profile for Full
Drive Encryption - Encryption Engine [10].
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
7
3 Architectural Information
The TOE model series includes SSC Opal and SSC Enterprise drives. The Opal SSC series
supports Serial AT Attached (SATA) interfaces. The Enterprise SSC series supports both SATA
and Serial Attached SCSI (SAS) interfaces. Seagate Secure SEDs include hard-disk drives (HDD)
and solid-state drives (SSD). All models are HDD except the Nytro 3000 models (SSD) and the
FireCuda SATA models which are hybrid models (see Table 1). A hybrid model provides both
HDD and SSD storage but with performance like an SSD. All SEDs meet the requirements set
forth in the security target [6]. The devices behave the same except regarding the following
functions:
 Destruction of cryptographic keys (See security target [6] section 6.2.2)
 Random number generation (See security target [6] section 6.2.6)
 Validation of BEV (See security target [6] section 6.2.8)
The TOE models and firmware all provide the same basic set of security functionality, differing
mainly in capacity and hardware as identified in Table 1.
A host system using the standard protocol defined by the Trusted Computing Group (TCG) is
required in the operational environment.
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
8
4 Assumptions
The ST identifies the following assumptions about the use of the product:
 Communication among and between product components (e.g., AA and EE) is sufficiently
protected to prevent information disclosure. In cases in which a single product fulfils both
cPPs, then the communication between the components does not extend beyond the
boundary of the TOE (e.g., communication path is within the TOE boundary). In cases in
which independent products satisfy the requirements of the AA and EE, the physically
close proximity of the two products during their operation means that the threat agent has
very little opportunity to interpose itself in the channel between the two without the user
noticing and taking appropriate actions.
 Users enable Full Drive Encryption on a newly provisioned storage device free of protected
data in areas not targeted for encryption. It is also assumed that data intended for protection
should not be on the targeted storage media until after provisioning. The cPP does not
intend to include requirements to find all the areas on storage devices that potentially
contain protected data. In some cases, it may not be possible - for example, data contained
in “bad” sectors. While inadvertent exposure to data contained in bad sectors or un-
partitioned space is unlikely, one may use forensics tools to recover data from such areas
of the storage device. Consequently, the cPP assumes bad sectors, un-partitioned space,
and areas that must contain unencrypted code (e.g., MBR and AA/EE pre-authentication
software) contain no protected data.
 Users follow the provided guidance for securing the TOE and authorization factors. This
includes conformance with authorization factor strength, using external token
authentication factors for no other purpose and ensuring external token authorization
factors are securely stored separately from the storage device and/or platform. The user
should also be trained on how to power off their system.
 The platform in which the storage device resides (or an external storage device is
connected) is free of malware that could interfere with the correct operation of the product.
 The user does not leave the platform and/or storage device unattended until the device is
in a Compliant power saving state or has fully powered off. This properly clears memories
and locks down the device. Authorized users do not leave the platform and/or storage
device in a mode where sensitive information persists in non-volatile storage (e.g., lock
screen or sleep state). Users power the platform and/or storage device down or place it into
a power managed state, such as a “hibernation mode”.
 The platform is assumed to be physically protected in its Operational Environment and not
subject to physical attacks that compromise the security and/or interfere with the platform’s
correct operation.
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
9
4.1 Clarification of Scope
All evaluations (and all products) have limitations, as well as potential misconceptions that need
clarification. This text covers some of the more important limitations and clarifications of this
evaluation. Note that:
1. As with any evaluation, this evaluation only shows that the evaluated configuration meets
the security claims made, with a certain level of assurance (the assurance activities
specified in the claimed PPs and performed by the evaluation team).
2. This evaluation covers only the specific hardware products, and firmware versions
identified in this document, and not any earlier or later versions released or in process.
3. The evaluation of security functionality of the product was limited to the functionality
specified in the claimed PPs. Any additional security related functional capabilities of the
product were not covered by this evaluation. Any additional non-security related functional
capabilities of the product, even those described in the ST, were not covered by this
evaluation.
4. This evaluation did not specifically search for, nor attempt to exploit, vulnerabilities that
were not “obvious” or vulnerabilities to objectives not claimed in the ST. The CEM [4]
defines an “obvious” vulnerability as one that is easily exploited with a minimum of
understanding of the TOE, technical sophistication and resources.
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
10
5 Security Policy
Seagate Secure TCG SSC Self-Encrypting Drives enforce the following TOE security functional
policies as specified in the ST.
5.1 Cryptographic Support
The TOE includes NIST-validated cryptographic algorithms supporting cryptographic functions.
The TOE provides Key Wrapping, Key Derivation, and Border Encryption Value Validation.
5.2 User Data Protection
The TOE performs full drive encryption such that the drive contains no plaintext user data. The
TOE performs user data encryption by default in the out-of-the-box configuration using XTS-
AES-256 mode.
5.3 Security Management
The TOE supports management functions for changing and erasing data encryption keys, for
initiating the TOE firmware updates, and for configuring the number of failed validation attempts
required to trigger corrective action.
5.4 Protection of the TSF
The TOE:
 Provides trusted firmware update and access control functions,
 Protects keys and key material, and
 Supports power saving states.
The TOE runs a suite of self-tests during initial start-up (on power on), before the function is first
invoked.
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
11
6 Documentation
The guidance documentation examined during the course of the evaluation and delivered with the
TOE is as follows:
 Seagate Secure TCG Enterprise and TCG Opal SSC Self-Encrypting Drive Common
Criteria Configuration Guide, Version 1.0, February 14, 2018
The above document is considered to be part of the evaluated TOE. The document is available by
download from the NIAP web site. It is also available by download from www.seagate.com but
the configuration management of that site was not included within the scope of the
evaluation
Any additional customer documentation delivered with the TOE or made available through
electronic downloads should not be relied upon for using the TOE in its evaluated configuration.
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
12
7 Independent Testing
7.1 Evaluation team independent testing
This section describes the testing efforts of the evaluation team. It is derived from information
contained in the following proprietary document:
 Seagate Secure TCG SSC Self-Encrypting Drives Common Criteria Test Report and
Procedures, Version 1.2, April 4, 2018 [8]
A non-proprietary summary of the test configuration, test tools, and tests performed may be
found in:
 Seagate Secure TCG SSC Self-Encrypting Drives Common Criteria Assurance Activities
Report, Version 1.2, April 4, 2018 [7]
The purpose of the testing activity was to confirm the TOE behaves in accordance with the TOE
security functional requirements as specified in the ST for a product claiming conformance to
Collaborative Protection Profile for Full Drive Encryption - Encryption Engine [10] and [11].
The evaluation team devised a Test Plan based on the Testing Assurance Activities specified in
Collaborative Protection Profile for Full Drive Encryption - Encryption Engine [10] and [11]. The
Test Plan described how each test activity was to be instantiated within the TOE test environment.
The evaluation team executed the tests specified in the Test Plan and documented the results in the
team test report listed above.
Independent testing took place at the Seagate facility in Longmont, Colorado from January 29,
2018 to February 2, 2018.
The evaluators received the TOE in the form that normal customers would receive it, installed and
configured the TOE in accordance with the provided guidance, and exercised the Team Test Plan
on equipment configured in the testing laboratory.
Given the complete set of test results from the test procedures exercised by the evaluators, the
testing requirements for Collaborative Protection Profile for Full Drive Encryption - Encryption
Engine [10] and [11] were fulfilled.
7.2 Vulnerability Survey
A search of public domain sources for potential vulnerabilities in the TOE did not reveal any
known vulnerabilities.
The evaluator conducted penetration testing, based on the potential vulnerabilities identified in the
general full-drive encryption technologies. The testing did not exploit any vulnerability. The
details of the vulnerability survey can be found in the Seagate Secure TCG SSC Self-Encrypting
Drives Common Criteria Assurance Activities Report, Version 1.2, April 4, 2018 [7], Section 3.6.2
Supporting Document Assurance Activities.
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
13
8 Evaluated Configuration
The evaluated version of the TOE consists of the Seagate Secure TCG SSC Self-Encrypting drives
identified in Table 1.
The TOE must be deployed as described in section 4 Assumptions of this document and be
configured in accordance with the documentation identified in Section 6.
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
14
9 Results of the Evaluation
The evaluation was conducted based upon the assurance activities specified in Collaborative
Protection Profile for Full Drive Encryption - Encryption Engine [10] and [11] in conjunction
with version 3.1 revision 4 of the CC and the CEM ([1], [2], [3], and [4]). A verdict for an assurance
component is determined by the resulting verdicts assigned to the corresponding evaluator action
elements.
The validation team’s assessment of the evidence provided by the evaluation team is that the
evidence demonstrates the evaluation team performed the assurance activities in the claimed PPs,
and correctly verified that the product meets the claims in the ST.
The details of the evaluation are recorded in the Evaluation Technical Report (ETR) [9], which is
controlled by the Leidos CCTL. The security assurance requirements are listed in the following
table.
Table 3: TOE Security Assurance Requirements
Assurance Component ID Assurance Component Name
ADV_FSP.1 Basic function specification
AGD_OPE.1 Operational user guidance
AGD_PRE.1 Preparative procedures
ALC_CMC.1 Labeling of the TOE
ALC_CMS.1 TOE CM coverage
ATE_IND.1 Independent testing – conformance
AVA_VAN.1 Vulnerability survey
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
15
10 Validator Comments/Recommendations
The validators suggest that the consumer pay particular attention to the evaluated configuration of
the device(s). The functionality evaluated is scoped exclusively to the security functional
requirements specified in the Security Target, and only the functionality implemented by the SFR’s
within the Security Target was evaluated. All other functionality provided by the devices, to
include software, firmware, or hardware that was not part of the evaluated configuration, needs to
be assessed separately and no further conclusions can be drawn about their effectiveness.
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
16
11 Annexes
Not applicable.
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
17
12 Security Target
Table 4 Security Target Identification
Name Description
ST Title Seagate Secure TCG SSC Self-Encrypting Drives Security Target Security Target
ST Version 1.0
Publication Date April 4, 2018
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
18
13 Abbreviations and Acronyms
AA Authorization Acquisition
AAR Assurance Activity Report
ATA AT Attachment
BIOS Basic Input/Output System
CC Common Criteria
CCEVS Common Criteria Evaluation and Validation Scheme
CCTL Common Criteria Test Lab
CEM Common Evaluation Methodology
cPP Collaborative Protection Profile
DEK Data encryption key
EE Encryption Engine
ETR Evaluation Technical Report
FDE Full-drive encryption or full-disk encryption
HDD Hard-disk drive
IT Information Technology
NIAP National Information Assurance Partnership
NIST National Institute of Standards and Technology
NSA National Security Agency
NVLAP National Voluntary Laboratory Assessment Program
PC Personal Computer
PCL Product Compliant List
PIN Personal identification number
PP Protection Profile
SAS Serial Attached SCSI
SATA Serial ATA
SCSI Small Computer System Interface
SED Self-encrypting drive
SSC Security Subsystem Class
SSD Solid-state drive
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
19
ST Security Target
TCG Trusted Computing Group
TOE Target of Evaluation
TPM Trusted Platform Module
TSF TOE Security Functions
VR Validation Report
VALIDATION REPORT
Seagate Secure TCG SSC Self-Encrypting Drives
20
14 Bibliography
The Validation Team used the following documents to produce this Validation Report:
[1] Common Criteria for Information Technology Security Evaluation Part 1:
Introduction, Version 3.1, Revision 4, September 2012.
[2] Common Criteria for Information Technology Security Evaluation Part 2: Security
Functional Requirements, Version 3.1 Revision 4, September 2012.
[3] Common Criteria for Information Technology Security Evaluation Part 3: Security
Assurance Components, Version 3.1 Revision 4, September 2012.
[4] Common Methodology for Information Technology Security Evaluation, Evaluation
Methodology, Version 3.1, Revision 4, September 2012.
[5] Common Criteria Evaluation and Validation Scheme - Guidance to CCEVS
Approved Common Criteria Testing Laboratories, Version 2.0, 8 Sep 2008.
[6] Seagate Secure TCG SSC Self-Encrypting Drives Security Target, version 1.0, April
4, 2018
[7] Seagate Secure TCG SSC Self-Encrypting Drives Common Criteria Assurance
Activities Report, Version 1.2, April 4, 2018
[8] Seagate Secure TCG SSC Self-Encrypting Drives Common Criteria Test Report and
Procedures, Version 1.2, April 4, 2018
[9] Evaluation Technical Report for Seagate Secure® TCG SSC Self-Encrypting Drives,
Version 1.0, February 15, 2018
[10] Collaborative Protection Profile for Full Drive Encryption - Encryption Engine,
Version 2.0, September 9, 2016
[11] Supporting Document, Mandatory Technical Document – Full Drive Encryption:
Encryption Engine, CCDB-2016, Version 2.0, September 2016