The Silicon Data Vault High Assurance (SDV-HA) is a portable self-encrypting solid state storage and processing device housed in a compact rugged enclosure. The SDV-HA attaches to a computer by a USB Type-C connection. Hardware implemented, the SDV-HA utilizes CNSA Suite (formerly NSA Suite B) cryptographic algorithms, a distributed key management system and two-factor pre-boot and post-boot authentication (passphrase and USB token) to provide exceptionally strong data protection. The SDV-HA also incorporates highly innovative anti-tamper detection and response mechanisms developed to negate the risk of attempts to subvert the operation of the device. The SDV-HA can detect both physical removal and electrical disconnection of the enclosure as well as internal access and tampering of components, while also monitoring environmental and operational conditions with a tamper event triggered if a condition contravenes predefined values. When a tamper event is triggered, the SDV-HA will cause the encryption keys to be destroyed rendering the device inoperable.
The SDV-HA has undergone and passed an extensive and rigorous Australian Signals Directorate (ASD) High Assurance evaluation. This evaluation is a verification and validation program designed to ensure that security in cryptography, anti-tamper and operation adhere to the strictest of conditions. The subsequent High Assurance certification enables Australian government agencies to rely on the strength and quality of the security they use to protect official classified information and systems. The SDV-HA is certified by ASD to secure highly classified data up to and including TOP SECRET yet enable handling as PROTECTED when powered down. SECRET data can also be handled as PROTECTED when powered down.
System Security:
- SDV Hardware Encryption
- CNSA Suite (formerly NSA Suite B) algorithms
- AES 256
- ECC 384
- Sector level on the fly encryption
- Two-factor pre-boot and post-boot authentication
- Active tamper detection and response
- Distributed key management
- Separate administrator and user roles
- Secure erase
Features:
- Customisable operating environment
- Customisable operating mode
- Multiple partitions
- Audit log
- Large capacity solid state storage (up to 960GB)
Value Proposition:
Cost Effective: The overall costs incurred for on-going data storage and handling of highly classified information may well be significant and somewhat hidden. TOP SECRET (or SECRET) data when stored on the SDV-HA can be handled as PROTECTED, thus removing the need for traditional highly secure courier and transport methods and their associated costs and procedural inefficiencies.
Confidentiality: Lost or misplaced documents or un-encrypted storage products containing highly classified data can put lives and dollars at extreme risk. Highly classified data is afforded total protection when using the SDV-HA. A lost, stolen or captured device thus becomes a hardware replacement administration issue and not a data content confidentiality problem.
User Examples:
- Using USB connectivity with a portable OS that can be booted from a variety of PCs (as and when required) to provide a truly portable processing environment. Note, when using the SDV-HA with USB connectivity in this mode, the installed OS must support booting from a USB device (e.g. Windows To Go versions, Windows 10/11).
SDV-HA Documentation:
Certification Details:
Australian Government ASD High Assurance Evaluation.
For more information on certification, see Certifications.