Curtiss-Wright Announces Industry’s First NAS Device with 2 Layers of Common Criteria Certified and CSfC Approved Encryption
Rugged DTS1 NAS subsystem protects Data-at-Rest with hardware and software full disk encryption (FDE) in a single device
ASHBURN, Va. – January 28, 2019 – Curtiss-Wright’s Defense Solutions division, a trusted leading supplier of rugged data storage and protection solutions, announced today that it has received Common Criteria (CC) certification for both the hardware and software disk encryption layers integrated with its Data Transport System (DTS1) Network Attached Storage (NAS) device. The DTS1 is the embedded industry’s first commercial off-the-shelf (COTS) data-at-rest (DAR) storage solution designed to support two layers of full disk encryption (FDE) in a single device. In the United States, the National Information Assurance Partnership (NIAP) validates COTS information technology (IT) products to ensure they conform to the international Common Criteria Evaluation and Validation Scheme (CCEVS), which is recognized around the world by 17 Certificate Producing countries and by 11 Certificate Consuming countries. Having received certification, the hardware and software FDE layers used in the DTS1 are now currently listed on the United States NIAP Product Compliant List.
Curtiss-Wright has also obtained National Security Agency (NSA) approval for use of the two CC-certified FDE layers as Commercial Solutions for Classified (CSfC) components. As a result, the two DTS1 encryption layers are now listed on the NSA’s CSfC Components List and can be proposed as a DAR solution. Selecting a pre-approved device from the CSfC Components List enables system architects to greatly reduce the time and cost needed to design a COTS encryption solution, enabling them to begin system development immediately, while also greatly reducing their program risk.
“We are very proud to announce that our DTS1 Data Transport System Network Attached Storage solution, the industry’s first rugged network-attached storage device to support two layers of encryption as described in NSA's Data-at-Rest Capability Package, has successfully received NIAP Common Criteria certification and NSA CSfC approval,” said Lynn Bamford, Senior Vice President and General Manager, Defense Solutions division. “Use of the DTS1, with its certified software and hardware encryption layers, eases and speeds the ability of system designers to protect Top Secret data with an NSA-approved cost-effective alternative to Type 1 encryption.”
The DTS1 uses CSfC two-layer encryption, an NSA-approved approach for protecting classified National Security Systems (NSS) information in aerospace and defense applications. By incorporating a two-layer encrypted CSfC solution, which uses cost-effective commercial encryption technologies in a layered solution, system integrators can significantly reduce the cost and time to develop and deploy secure DAR solutions. The NSA established the CSfC program as an alternative approach to Type 1 encryption in order to accelerate the protection of Top Secret data. The rugged small form-factor DTS1 is designed to store and protect large amounts of data on helicopters, unmanned aerial vehicles (UAV), unmanned underwater vehicles (UUV), unmanned ground vehicles (UGV), and Intelligence Surveillance Reconnaissance (ISR) aircraft that require the protection of sensitive DAR.
The NIAP evaluation process is structured to meet CCEVS and is conducted by a Common Criteria Testing Laboratory (CCTL) accredited under the National Voluntary Laboratory Accreditation Program (NVLAP). The DTS1 NAS system was evaluated by Gossamer Security Solutions, one of the nation’s leading evaluation and testing laboratories approved to conduct testing and evaluation for both CC and FIPS 140-2 encryption.
About the DTS1 2-Layer Encryption Approach
The DTS1 uniquely incorporates two distinct layers of Commercial National Security Algorithm (CNSA) Suite cryptographic encryption into one device, making protection of Top Secret data more cost-effective and low risk. The DTS1’s two-layer data encryption process followed the NSA’s Data At Rest Capability Package as a design template and is based on the hardware and software FDE solution approach. Both the hardware and software FDE layers have been individually evaluated and certified against two CC protection profiles: (1) collaborative Protection Profile for Full Disk Encryption – Encryption Engine; (2) collaborative Protection Profile for Full Disk Encryption – Authorization Acquisition.
About Common Criteria
Common Criteria is a technically demanding international set of guidelines for security certification that is required by the U.S. and 27 national governments worldwide for departments and agencies seeking to procure commercial products. Common Criteria certification provides assurance that the process of specification, implementation, and evaluation of technology products has been conducted in a rigorous, standard, and repeatable manner.
About the DTS1
The very small DTS1 NAS device, which weighs only 3.77 lb. (1.71 kg) and measures only 1.5 x 5.0 x 6.5” (38.1 x 127 x 165.1 mm), delivers up to 4 TB of solid state storage (SSD) with two layers of certified encryption. It supports PXE protocol so that network clients on a vehicle or aircraft can quickly boot from the encrypted files on the DTS1’s removable memory cartridge (RMC). This approach both facilitates software updates for network clients and significantly reduces SWaP by eliminating the need for individual hard disks in each network client. Curtiss-Wright offers 2-Layers of encryption in two mounting options of the DTS1, the VS-DTS1SL-FD, which is designed for cockpit use with DZUS mounting panel, and the VSDTS1SL-F, which uses L-brackets to support very flexible mounting within space-constrained platforms.
The DTS1 enables any network-enabled device to retrieve stored data or save newly captured data. Networked devices using heterogeneous operating systems (Linux®, VxWorks®, Windows®, etc.) that support industry-standard NAS protocols (i.e, NFS, CIFS, FTP, or HTTP) can store data on the DTS1. The DTS1 also supports iSCSI protocol for block data storage and PCAP protocol for packet capture.
The DTS1 is ideal for rugged applications that require the storage, removal, and transport of critical data such as cockpit data (mission, map, maintenance), ISR (camera, I&Q, sensors), mobile applications (ground radar, ground mobile, airborne ISR pods), heavy industrial (steel, refinery), and video/audio data collection (flight test instrumentation).
About Curtiss-Wright Corporation
Curtiss-Wright Corporation is a global innovative company that delivers highly engineered, critical function products and services to the commercial, industrial, defense and energy markets. Building on the heritage of Glenn Curtiss and the Wright brothers, Curtiss-Wright has a long tradition of providing reliable solutions through trusted customer relationships. The company employs approximately 8,600 people worldwide. For more information, visit www.curtisswright.com.
Note: Trademarks are the property of their respective owners.
Director of Public Relations
John Wranovics has over thirty years of experience in managing media relations and the promotion of high technology products. He has been with Curtiss-Wright since 2003. He has a degree in English Literature from the University of California, Berkeley.