Q. Dear Dr. SCSI – My customer requires that as part of our test procedure we “execute a DoD-5220/NIST disk purge”.
My understanding is that that type of purge requires 3 full write passes of the entire drive. I just tried a 4TB drive and can see that it is going to take over 6 hours per pass – 18 hours total!
Is there anything I can do to meet the customer requirement but in a faster way?
A. Yes, you can cut your old purge time down to one-third of the previous because of a change made to the DoD5220/ NIST specification in 2012!
Previously the DoD 522-.22-m specification defined an acceptable purge method as this (3-pass method):
2006 – Overwrite all addressable locations with 1)a character, 2)its complement, 3)then a random character and verify..
Clearly three passes was specified at that time. Actually the argument could be made for four passes, since there is the vague requirement to “verify”. Does that mean verify every block on the drive? One block? The official specification doesn’t make this very clear.
But that lack of clarity doesn’t matter now because in 2012 the specification was changed to this –
2012 – If neither of the first two options is supported, use the native read and write interface to write least a single pass with a fixed data value, such as all zeros. Multiple passes or more complex values may alternatively be used.
You can download the newest specification here – www.stbsuite.com/downloads/nist-sp-800-88-rev1.pdf
Appendix A of this document has all the details – here is a repeat from that appendix –
SCSI Hard Drives This includes SCSI, SAS, Fibre Channel, etc. Clear: Overwrite media by using organizationally approved and validated overwriting technologies/methods/tools. The Clear pattern should be at least a single pass with a fixed data value, such as all zeros. Multiple passes or more complex values may alternatively be used.
The new specification document describes the newer purge methods such as the SANITIZE and CRYPTO ERASE commands, but this article is mainly about the question of “how many passes does the DoD 5220 spec require” – and the answer to that is “one pass”. You can do more passes if you like, but one pass will meet the DoD requirement.
Note: all current purge commands such as the SANITIZE and CRTYPTO commands are supported by the STB Suite. In the next STB Suite release an option to specify either a “1-pass DoD” or a “3-Pass DoD” purge will be supported.