White Paper

w w w. m r c y. c o m WHITE PAPER Defense Application Requirement COTS SSD Defense Grade SSDs Mercury Defense Grade SSDs Primary design goal • Low cost • High initial performance • Performance • Sanitize • Ruggedization • Reliability • Long life • Performance • Sanitize • Ruggedization • Reliability • Long life EOL mitigation • None • Typical lifespan of 1-2 years At least 5+ years • FPGA based • Common components • 10+ product life cycle • NAND banking Application support Very little to none Excellent Excellent Vibration/shock endurance • Weak • Vibration: 3 Grms (2-800 Hz) • Shock: 1500 G @ 0.5ms • Very Strong • Vibration: 15-40 Grms (10-2000 Hz) • Shock: Up to 3000 G @ 0.5 ms. • Very Strong • Vibration: 33 Grms (10-2000 Hz) • Shock: 3000 G @ 0.5 ms Operating temperature Typically 0-70 ˚C -40 to +85 ˚C for SLC models -40 to +100 ˚C for SLC models Performance throttling Yes, to match warranty period Unknown but unlikely None Temperature throttling • Yes • Performance reduces when tempera- ture reaches 50-70 C • Yes • SLC cutoff at 100-110C • MLC/TLC cutoff at 85C • Yes • SLC cutoff at 100-110C • MLC/TLC cutoff at 85C Performance in non-ideal usage scenarios. Not guaranteed Better than COTS SSDs Better than COTS SSDs NAND media • MLC • TLC • SLC mode of MLC • True SLC • MLC • 3D MLC • True SLC • 3D TLC • SLC mode of TLC ECC 1E-14 or better UBER 1E-17 or better UBER 1E-18 or better UBER Encryption • AES 128 • AES 256 • AES-256 XTS • AES 256 • AES 256 XTS AES 256 XTS (other algorithm support) Isolated key fill No No Yes DS-101 key fill support No No Yes Replay attack mitigation No No Yes Refill of key after key purge No Some models Yes No power destruct No No Yes Powered destruct Rare Yes by boot code elimination Yes by boot code elimination Authentication penalty Yes, power cycle Yes, zeroization of NAND media and DEK Yes, zeroization of NAND media and DEK Authentication type • Password, OPAL and TPM • 8-32 character password Typically OPAL/TPM with some support for ATA password 32 byte password Password, key, challenge response, isolated key fill 64 byte password Field firmware upgrade • Allowed • Authentication not always required • Allowed. • Required Authentication unknown • Allowed. Strong Authentication • Digital Signature. ECDSA P521 curve Security certifications Some have FIPS 140-2 Typically FIPS 197 for AES validation • FIPS 197 • FIPS 140-2, CC, CSfC Fast clear secure erase Yes, typically very slow Yes, less than 10-30 seconds Less than 8 seconds Defense sanitize protocol support None • NSA 9-12 • NISPOM DoD 5220.22-M • Air Force AFSSI-5020 • Army AR380-19 • Navy NAVSO P-5239-26 • Others • NSA 9-12 • NISPOM DoD 5220.22-M • Air Force AFSSI-5020 • Army AR380-19 • Navy NAVSO P-5239-26 • Others, custom Key Remnant mitigation (prevents key burn-in) 1 No Unknown Yes Hot plug de-authentication (Swapping SATA cable) Feature is anticipated in future Unknown Available as a custom option w/penalty Anti-Tamper features No No Available, custom option Challenge/Response authentication No No Available, custom option Ruggedized connector None Amphenol or Smiths Connectors Yes. (Amphenol and Smiths Connectors) Form-factor 2.5", BGA, mSATA, M.2, 15mm 2.5" 2.5", BGA, mSATA, 15mm 2.5", NVMe 2.5", BGA, mSATA, NVMe Master password backdoor Common Unknown but unlikely No Production mode backdoor Likely Unknown No Host data storage area No No Yes, 1 sector Key FOB support No No Custom option Custom features support No Yes Yes KATs (Known Answer Tests) FIPS models only Unknown Yes all crypto algorithms Crypto Algorithms certified Only on FIPS models Only on FIPS models Yes, Asurre-Stor series Full technical information available online Yes • No • NDA required • No • With end use and NDA Classified lab debug support No No Yes Direct support from SSD design engineers No No Yes Table 2: COTS SSDs Vs Defense Grade SSDs 6

• Cover