Menu

Standards Alignment

Yonas Abeselom

Standards Alignment

AAD-50 is designed to meet or exceed the requirements of the following standards and specifications. This page documents how each standard maps to the AAD-50 protocol architecture.


NIST SP 800-88 Rev.2 — Guidelines for Media Sanitization

Published by the National Institute of Standards and Technology. The current authoritative US government standard for media sanitization.

NIST SP 800-88 Rev.2 defines three sanitization categories:

Category Definition AAD-50 Alignment
Clear Logical techniques to sanitize data in user-addressable storage locations Not applicable — AAD-50 operates at firmware level
Purge Physical or logical techniques that render Target Data recovery infeasible Yes — AAD-50 Phase B+C achieve Purge classification
Destroy Physical destruction of the storage device Not applicable — AAD-50 is a software/firmware protocol

AAD-50 targets NIST SP 800-88 Rev.2 Purge classification through:

  • NVMe Sanitize commands that reach all physical locations including over-provisioned zones, bad-block retirement pools, and wear-levelling reserves invisible to the host OS
  • Per-cycle Log Page 0x81 hardware confirmation ensuring each cycle actually completed
  • SHA-256 tamper-evident audit chain providing the documentation NIST requires for verified sanitization
  • PDF Certificate of Destruction with operator name, drive serial number, and completion confirmation

Note: Formal NIST evaluation has not yet been conducted. Alignment is based on protocol design analysis against the Rev.2 specification published September 2025.


NVMe Base Specification 2.0 / 2.1 — Sanitize Command Set

Published by NVM Express, Inc. The authoritative technical specification for NVMe Sanitize command behaviour.

AAD-50 implements the NVMe Sanitize command set as follows:

NVMe Feature AAD-50 Implementation
Opcode 0x84 Used for all sanitize cycles across all three phases
NSID = 0xFFFFFFFF Broadcast to entire drive subsystem — no partition exclusions
CDW10 = 0x02 (Overwrite) Phase B — 40 cycles of physical NAND cell overwrite
CDW10 = 0x01 (Block Erase) Phase C — 5 cycles of FTL index teardown
CDW10 = 0x04 (Crypto Erase) Phase A — 5 cycles of cryptographic key destruction
Log Page 0x81 SSTAT polling Mandatory after every cycle — SSTAT = 0x1 required before advancing
SANICAP pre-flight check Verifies drive capability before dispatching any cycle

NVM Express initiated internal review of the AAD-50 specification in June 2026.


ISO/IEC 27040:2015 — Storage Security

Published by the International Organization for Standardization. Provides guidance on storage security including data sanitization requirements.

ISO/IEC 27040 requires chain-of-custody documentation for sanitization operations. AAD-50 addresses this through:

  • Per-cycle telemetry records capturing timestamp, action code, duration, completion status, and active passthrough tier
  • SHA-256 hash computed over all 50 cycle records — tamper-evident proof of complete execution
  • PDF Certificate of Destruction embedding the audit hash, operator identity, drive serial number, and cycle-by-cycle confirmation
  • JSON audit log preserving the full structured record for downstream security auditors

IEEE 2883-2022 — Standard for Sanitizing Storage

Published by the Institute of Electrical and Electronics Engineers. The current international standard specifically for storage device sanitization, superseding earlier guidance.

IEEE 2883-2022 defines sanitization requirements for solid-state storage including NVMe devices. AAD-50 is designed to meet or exceed its requirements through firmware-level command execution and per-cycle hardware verification.

Formal evaluation against IEEE 2883-2022 has not yet been conducted and represents a necessary step toward regulatory recognition. This is tracked as a roadmap item.


NVM Express Sanitize Command — ATA/SCSI Predecessors

The Wei et al. (USENIX FAST 2011) empirical study evaluated ATA SECURITY ERASE UNIT and ACS-2 SANITIZE BLOCK ERASE commands — the ATA/SCSI predecessors to NVMe Opcode 0x84. Their findings documented 3 of 12 drives failing to correctly execute the sanitize command they reported supporting.

NVMe Sanitize (Opcode 0x84) improves on its ATA predecessors in two key ways:

  • NSID=0xFFFFFFFF broadcasts to all physical blocks including over-provisioned regions — directly addressing the FTL coverage problem Wei et al. documented on ATA drives
  • The Log Page 0x81 status reporting mechanism provides a standardised polling interface for completion verification

AAD-50 implements both improvements and adds the per-cycle polling enforcement that neither the ATA predecessors nor the standard nvme-cli tooling provided before PR [#3438].


nvme-cli v3.0-b.1 — Official Linux NVMe Toolchain

On June 16, 2026, PR [#3438] — implementing --wait and --repeat N based on the verification architecture proposed in RFC [#3415] — was merged into linux-nvme/nvme-cli master by Daniel Wagner, the primary maintainer.

nvme-cli v3.0-b.1 explicitly lists PR [#3438] in its official release changelog:

nvme: add support for sanitize wait option by @ikegami-t in #3438

The verification architecture proposed by AAD-50 is now part of the official Linux NVMe toolchain and ships with virtually every Linux distribution on earth.


Summary Table

Standard AAD-50 Alignment Formal Evaluation
NIST SP 800-88 Rev.2 Purge Yes — by design Not yet conducted
NVMe Base Specification 2.0 Full implementation Confirmed via nvme-cli merge
ISO/IEC 27040:2015 Yes — audit chain and chain of custody Not yet conducted
IEEE 2883-2022 Yes — by design Not yet conducted
nvme-cli v3.0-b.1 Core verification architecture merged Confirmed — commit 84078fa

Further Reading

  • How It Works — the verification architecture explained
  • FAQ — common questions including compliance questions
  • Whitepaper (Zenodo DOI) — full technical specification with standards mapping
  • Roadmap — planned formal evaluation steps

AAD-50 v1.1 - github.com/yonasabeselom/aad50
Maintained by: Yonas Abeselom - yonas_abeselom@protonmail.com


Related

Wiki: FAQ
Wiki: Roadmap

Auth0 Logo