SATA SECURE ERASE command

STB Suite | The Industry Standard in Peripheral Testing.

Introduction

The SATA SECURE ERASE command functionality was proposed/designed to be an answer to the problem of “how can we completely erase all data on a SATA disk drive in a known and approved fashion”. Another goal that this command was supposed to meet was to execute this erase process in the shortest amount of time possible.

Background

Early SATA drives had a FEATURE set know as Host Protected Area (HPA) that allowed the drive to be securely partitioned into multiple volumes. Access to these volumes could be limited to “protect” data or programs on the various partitions.

Because these HPA partitions were protected they could not be erased unless you knew the password to unlock them. This meant that generic erase or purge programs could not access and erase these HPA partitions.

Also, SATA drives manage defective and spare blocks (LBAs) on their own, apart from any user intervention. This makes purging or erasing defect LBAs a problem.

The SECURE ERASE command was designed to erase ALL the drive, including any HPA partitions and including any bad remapped LBAs.

What exactly does it do? It does one complete overwrite pass of the entire drive, writing either all zeros or all ones on every LBA in all HPAs and including any defective blocks.

Remember this “one complete write pass” when you read below about just how long this process can take! For now we will just say that the process is thorough, but it’s not any faster than writing a full pass to the drive…

Who (in our marketplace) wants to do Secure Erase?

Your customers read news articles about how wonderful Secure Erase is. They read how it is consistent and recommend if not endorsed by government agencies. So they ask you “do you use Secure Erase? It’s the best you know…”

That’s the clincher – you can run a government/end-user approved method of drive erasure and not have to worry about how many passes, what data pattern, etc.

If you run Secure Erase you are good to go!

Tell your customers “yes, we use the SECURE ERASE command to wipe your disk drives” and everything is good.

If only it were as simple as that…

a SATA drive connected to a SATA mobo port

This all sounds wonderful! A consistent, easy, proven method to completely erase an entire SATA disk drive!

But for a moment let’s consider this from the dark side…

If you were someone with evil intent, this command could give you a easy and quick was to destroy data on disk drives. Send a few commands (there are three commands needed to start the SECURE ERASE process) and POW – you’ve nuked the disk.

Enter BIOS “protection”

To prevent this from happening most all motherboard manufacturers created a system whereby as soon as a SATA drive was powered up and recognized by the BIOS it would be SECURITY FROZEN.

Security Freeze and Un-Freeze

This SATA feature does as its name implies – it “freezes” any SECURITY ERASE commands from working.

So, you go to erase your old disk drive before you donate it to your favorite charity and BOOM – your brand new Security Erase enabled purge utility won’t erase your drive  because it’s frozen from doing so.

How do you “unfreeze” a drive? Simple (sort of) – you just power-cycle the drive once the BIOS has frozen it.

Simple – not!

To do this you must boot your system, then quickly pull only the power connector off the back of your SATA drive, then quickly plug the power back in.

You should think “that sounds like a dangerous thing to do – couldn’t I damage something doing this?” and you’d be absolutely correct!

It can be done, but that doesn’t mean it should be done.

We at SCSI Toolbox do NOT recommend doing this!

Yes, you can purchase specialized dedicated hardware that will take care of this for you. More hardware that can only do one thing, at a premium price. It’s up to you…

It would certainly be better if you could do Secure Erase and all the other testing functionality of the STB Suite.

And so we go on a journey to provide this functionality to you.

A SATA drive connected to a SAS HBA

While looking for a solution to build  SECURE ERASE functionality into the STB Suite we thought about the preferred method of testing SATA drives – attaching them to a SAS Host Bus Adapter (HBA). This lets you test lots and lots of drives simultaneously.

We did some experimenting and were pleased to find that this configuration does NOT bring the drives online in the frozen condition!

So our development team moves forward to implement the Secure Erase function into the STB Suite…

They research exactly what commands need to be sent, in the proper order, with the proper data patterns. They test the methodology (using tools built into the STB Suite!), look at data before and after running the secure erase.

All looks good – except…

Can you spare a minute…or six hours?

They find that when SATA drives accept the final command to start the Secure Erase function, they “grab” the SAS bus and prevent any other commands to be issued.

Until the secure erase finishes…

How long does a Secure Erase take to finish?

A SSD drive may finish in as little as 20 seconds. So far so good.

But what about a rotating magnetic disk?

How does several hours sound? 1 hour? Pretty bad.

How about 6 hours for a 4TB drive? Not so good.

Here’s what happens –

  1. you issue the Secure Erase command to one SATA drive attached to your SAS HBA,
  2. the drive starts to erase itself and grabs or claims or captures of otherwise locks up the SAS bus for 6 hours
  3. meaning that only that one drive can be Secure Erasing itself at a time.

A Footnote or two

Why do the drive manufacturers implement Secure Erase in a way that locks up the bus until the erase is finished?

Why don’t they let the drive disconnect and finish its business, leaving the bus free to do other things?

We don’t know.

Yes, we are implementing the Secure Erase functionality into the STB Suite. With the next release you will be able to run Secure Erase…On a drive…On one drive at a time.

Maybe someone will find that useful…

BTW – interrupting a drive that has begun the Secure Erase process is a Very Bad Thing! It will leave the drive in a locked state, not able to write or read data until it is unlocked. The STB Suite can be used to fix a drive in this state – if you have drives like this send us an email and we will provide instructions to fix them.

News Flash!

We do know that there’s a new “standard” coming along for erasing disks. This one is called “Sanitize Device Feature Set” and has both a cryptographic erase function for SED drives and an Overwrite function for non-SED (normal/regular) drives. You can read about it at the T10 and T13.org specification sites.

Great, just what we needed, a new standard. Standard de Jour!

 

Summary

The Secure Erase concept is a good one.

Standards are good.

We at SCSI Toolbox always want to provide our customers with quality tools which implement the latest technology in a versatile easy-to-use way.

We are trying to give you a good, easy-to-use Secure Erase function! The next release will have what we’ve describe above.

Will we continue our quest? Definitely!

Will we implement the Sanitize features and Cypto Erase for SED and non-SED drives? Absolutely! It’s already in the works.

Will they be perfect and wonderful? Yep, to the greatest extent we can manage!

The STB development and support staff has been working to provide up-to-the minute leading edge test technology for over 20 years. We’re here to help you test, exercise, screen, erase, and qualify any and all storage devices! We will be here for you!