Skip to main content

Commercial Solutions for Classified (CSfC) Programs

Harnessing the Power of Commercial Industry for Secure Data at Rest Solutions


What is CSfC?

The Commercial Solutions for Classified (CSfC) program was launched by the National Security Administration (NSA) and the Central Security Service (CSS) to protect classified, secret and top secret data by simultaneously implementing two compliant commercial security components in a layered solution. By adopting these agile commercial innovations, the CSfC program will save time and money for classified programs in all branches of government -- from benign data centers to forward-deployed systems in harsh, insecure environments.   


Saving Time & Money

Historically, classified, secret and top-secret data storage could only be accomplished through the implementation of a government-off-the-shelf (GOTS) Type 1 security solution. Type 1 security solutions are broadly associated with lengthy implementation times and significant development costs. 

A key aspect of the CSfC program is the ability to deploy a security solution in months instead of years with significantly lower cost.


Capability Packages (CP)

CSfC implementation requirements are defined by Capability Packages (CP) published by the NSA. CP deliver data security solutions using approved components from participating technology leaders. In the Data at Rest (DAR) CP, data protection can be accomplished by integrating an inner and outer layer of hardware and software encryption. Below is an example of  two-layer DAR Solution with Mercury's ASURRE-Stor and software file encryption.

 

Two-Layer DAR Solution Example with ASURRE-Stor and Software File Encryption


Mercury’s CSfC Military Data Storage

A self-encrypting solid state drive, Mercury's ASURRE-Stor SSD, is the inner layer while a file encryption or software full disk encryption solution is selected as the outer layer. These two independent components using advanced encryption standard (AES) with 256-bit keys incorporate different encryption algorithms. This approach eliminates the likelihood that a single vulnerability can be exploited in both security layers simultaneously. Classified, secret and top secret data can be safely stored if all of the CSfC program requirements are successfully validated per the CP criteria defined by the NSA.  It is absolutely imperative to use only hardware and software solutions approved by the NSA and included on the NSA's CSfC component list.


ASURRE-Stor SSD

  • FIPS 140-2 certification Cert #2884
  • Common Criteria (CC) CCEVS-VR-VID10783-2017
  • NIAP Full Disk Encryption EE & AA protection profiles
  • Listed CSfC HWFDE component

Join the Experts - CSfC Technology Day

Mercury hosted the first annual DAR CSfC Technology Day in October 2018, bringing together the CSfC ecosystem of component suppliers, trusted integrators and companies implementing CSfC solutions.   Our event included speakers from the NSA, Tribalco, Star Lab, KeyPair Consulting and Cigent Technology as well as interactive panel discussions and a two-layer solution demo.  Topics included:

  • Introduction to the CSfC program
  • Data at Rest (DAR) capability package
  • Two layer solution process
  • Mitigations and deployments in the quantum era
  • Keynote on emerging cyber threats and mitigation techniques

 

    


Featured CSfC Products

ASURRE-Stor
Form FactorNAND TechnologyCapacityInterfaceCertificationsBrochureRequest Datasheet
2.5" SLC 256GB SATA FIPS-197
FIPS-140-2
Optional - CSfC Eligible
Download Email
2.5" SLC 512GB SATA FIPS-197
FIPS-140-2
Optional - CSfC Eligible
Download Email

Downloads 

Self-encrypting hardware, such as Mercury’s portfolio of secure solid-state drives (SSD), provide the ultimate data security. This tech brief explores our “five S’s” of secure data storage for military embedded systems: SWaP (size, weight and power), Speed, Security, Sanitize and Self-Destruct.

Download Now

Learn about encryption & key management modes for military data storage applications. This white paper continues the discussion of holistically integrating security into the design of secure SSD devices.

Download Now