Does the RCU 10110 Sanitization Procedure Erase the System Image?

Issue Details

I reviewed the RCU-10110 Letter of Volatility to understand how to remove sensitive data from the module. Procedure 2 states that the system contents will not be recoverable after running the procedure. I want to know whether this also removes the system image and whether the RCU can still be used afterward.

Solution

Yes. The sanitization procedure described in the Letter of Volatility, Procedure 2, completely erases the system image on the RCU‑10110. After this procedure is executed, the RCU becomes non‑operational. There is currently no customer‑accessible recovery method, as this procedure was designed to be a final step for device disposal.

An updated Letter of Volatility is currently in development that will introduce an alternative sanitization method. This new approach is intended to remove user‑accessible and sensitive data while preserving the operational state of the RCU.

As an interim option, you can use the following alternative method to remove user‑accessible data without erasing the system image.

Alternative Sanitization Method (Preserves RCU Operation)

Requirement: FTP access to the rack

1. Connect to the system using FTP at ftp://<hostname or IP address>.
2. Navigate to the available directory. By default, this is the /upload folder.
3. Delete all contents of the /upload directory. This folder contains user‑accessible log files.
4. Reboot the rack.

From a sanitization standpoint, this method is sufficient because the /upload directory contains the only user‑accessible data on the system.

Additional Information

If the original sanitization procedure is used and the system image is removed, the RCU-10110 becomes non operational. An RMA process is required to restore functionality.