HDD SM cover.

qxp 1/26/2007 12:45 PM Page 1

HDD Data
Encryption
Kit-B2

SERVICE
MANUAL

DU7-1221-000
FEBRUARY 2007
REV. 0
COPYRIGHT 2006 CANON INC. CANON HDD Data Encryption Kit-B2 REV. 0 PRINTED IN U.S.A.
 Application
This manual has been issued by Canon Inc. for qualified persons to learn technical theory, installation,
maintenance, and repair of products. This manual covers all localities where the products are sold. For this reason,
there may be information in this manual that does not apply to your locality.

Corrections
This manual may contain technical inaccuracies or typographical errors due to improvements or changes in
products. When changes occur in applicable products or in the contents of this manual, Canon will release technical
information as the need arises. In the event of major changes in the contents of this manual over a long or short
period, Canon will issue a new edition of this manual.

The following paragraph does not apply to any countries where such provisions are inconsistent with local law.

Trademarks
The product names and company names used in this manual are the registered trademarks of the individual
companies.

Copyright
This manual is copyrighted with all rights reserved. Under the copyright laws, this manual may not be copied,
reproduced or translated into another language, in whole or in part, without the written consent of Canon Inc.

COPYRIGHT © 2001 CANON INC.

Printed in Japan

Caution
Use of this manual should be strictly supervised to avoid disclosure of confidential information.
 Introduction

Symbols Used
This documentation uses the following symbols to indicate special information:

Symbol Description

Indicates an item of a non-specific nature, possibly classified as Note, Caution, or

Warning.

Indicates an item requiring care to avoid electric shocks.

Indicates an item requiring care to avoid combustion (fire).

Indicates an item prohibiting disassembly to avoid electric shocks or problems.

Indicates an item requiring disconnection of the power plug from the electric outlet.

Indicates an item intended to provide notes assisting the understanding of the topic in
question.
Memo

Indicates an item of reference assisting the understanding of the topic in question.

REF.

Provides a description of a service mode.

Provides a description of the nature of an error indication.

 Introduction

The following rules apply throughout this Service Manual:

1. Each chapter contains sections explaining the purpose of specific functions and the relationship between elec-
trical and mechanical systems with reference to the timing of operation.
In the diagrams, represents the path of mechanical drive; where a signal name accompanies the
symbol, the arrow indicates the direction of the electric signal.
The expression "turn on the power" means flipping on the power switch, closing the front door, and closing
the delivery unit door, which results in supplying the machine with power.
2. In the digital circuits, '1'is used to indicate that the voltage level of a given signal is "High", while '0' is used
to indicate "Low".(The voltage value, however, differs from circuit to circuit.) In addition, the asterisk (*) as
in "DRMD*" indicates that the DRMD signal goes on when '0'.
In practically all cases, the internal mechanisms of a microprocessor cannot be checked in the field.
Therefore, the operations of the microprocessors used in the machines are not discussed: they are explained
in terms of from sensors to the input of the DC controller PCB and from the output of the DC controller PCB
to the loads.

The descriptions in this Service Manual are subject to change without notice for product improvement or other
purposes, and major changes will be communicated in the form of Service Information bulletins.
All service persons are expected to have a good understanding of the contents of this Service Manual and all
relevant Service Information bulletins and be able to identify and isolate faults in the machine."
 Contents

Contents

Chapter 1 Specifications
1.1 Specifications..................................................................................................... 1-1
1.1.1 Parts Compatibility ..................................................................................................... 1-1
1.1.2 System Installation Restrictions............................................................................... 1-2

Chapter 2 Functions
2.1 Basic Function ................................................................................................... 2-1
2.1.1 HDD Encryption.......................................................................................................... 2-1
2.1.2 Common Criteria ........................................................................................................ 2-1

Chapter 3 Installation
3.1 Points to Note About Installation .................................................................... 3-1
3.1.1 Points to Note About Installation ............................................................................. 3-1
3.2 Checking components...................................................................................... 3-3
3.2.1 Checking components............................................................................................... 3-3
3.3 Installation procedure ....................................................................................... 3-4
3.3.1 Making a Backup of the Data (reference only)...................................................... 3-4
3.3.2 Guidelines for the Installation of the Encryption Board........................................ 3-7
3.3.3 Installing the Kit (TYPE-B)........................................................................................ 3-8
3.3.4 Installing the System Software Using the SST.................................................... 3-10
3.3.5 Checking the Security Version............................................................................... 3-10
3.3.6 Checking the Security Mark ................................................................................... 3-11
3.3.7 Reporting to the System Administrator at the End of the Work........................ 3-11

Chapter 4 Maintenance
4.1 Notes when service........................................................................................... 4-1
4.1.1 Suspending the security operation.......................................................................... 4-1
4.2 Reference matter in market service ............................................................... 4-1
4.2.1 Relation with Controller Board ................................................................................. 4-1
4.2.2 User data that cannot be backed up ....................................................................... 4-2
4.3 Related Error code............................................................................................ 4-3
4.3.1 E602 Description........................................................................................................ 4-3
 Chapter 1

SPECIFICATIONS
 Contents

Contents
1.1 Specifications........................................................................................................ 1-1
1.1.1 Parts Compatibility ........................................................................................................1-1
1.1.2 System Installation Restrictions ....................................................................................1-2
 Chapter 1

1.1 Specifications
1.1.1 Parts Compatibility
0015-3525

The encryption board has a function to identify and authenticate the machine, and it is enabled only with the iR
machine at the installation.
The encryption board retains the encryption key.
Each encryption board has its own encryption key.
Only the combination of the main controller, encryption board, and HDD at the installation enables writing/
reading data.

Encryption

Correct Correct Correct HDD

controller encryption (Protection property)
board
two-way authentication

Correct Correct HDD

controller (Protection property)
It is not possible to decode.
Encryption
Controller Correct
Correct HDD
not authorized encryption
board (Protection property)
It is not possible two-way authentication

Encryption board Correct HDD

not authorized (Protection property)
It is not possible to decode.
F-1-1

The Deletion of User Data at the Time of Service Operation

T-1-1

Service operation User data Recovery Detail

operation
HDD replacement Deleted HDD replacement 1) HDD format
2) System installation
Encryption board Deleted Installation of the 1) Encryption board replacement
replacement HDD Data 2) Key clear using SST
Encryption Kit 3) HDD format
4) System installation
Main controller Deleted Key clear and 1) Key clear using SST
replacement (with installation of the 2) HDD format
SRAM board HDD Data 3) System installation
replacement) Encryption Kit

1-1
 Chapter 1

Service operation User data Recovery Detail

operation
Main controller Not deleted None None
replacement (without
SRAM board
replacement)
Main controller clear Deleted After the normal Because the authentication
COIPER>Function> operation of MN- information is not cleared by MN-
MN-CON CON clear CON clear, no operation specific to
the HDD Encryption Kit is
necessary.
In case of returning to Deleted Key clear and Every time replacing the main
the original main installation of the controller, the following operation
controller after E code HDD Data is necessary.
is indicated as a result Encryption Kit 1) Key clear using SST
of replacing the main 2) HDD format
controller and 3) System installation
activating iR (with
SRAM board
replacement)
In case of returning to Not deleted None None
the original main
controller after E code
is indicated as a result
of replacing the main
controller and
activating iR (without
SRAM board
replacement)

1.1.2 System Installation Restrictions

0015-3526

In case the encryption board is newly mounted, HDD format and System software install are necessary.
1) When you use SST
Key clear using SST > HDD format > System installation

2) When you use the USB memory that downloads System software by SST
Download System software to USB memory > Set USB memory to the host machine > Key clear using SST
> HDD format > System installation

1-2
 Chapter 2

FUNCTIONS
 Contents

Contents
2.1 Basic Function ...................................................................................................... 2-1
2.1.1 HDD Encryption............................................................................................................2-1
2.1.2 Common Criteria ...........................................................................................................2-1
 Chapter 2

2.1 Basic Function

2.1.1 HDD Encryption
0015-3527

Device's HDD records temporally image data like scanned images and PDL data, etc. at any time. After the
printing operation is completed, the normal operation is that only management information is deleted, so the
image data information remains on HDD. Therefore, it is concerned that HDD is taken by the third party, the
data is analyzed by accessing directly using Disk Editor, and the original data is recovered. As the
countermeasure, information is always encrypted in the areas where the data like images and PDL data are saved
temporarily. By doing so, recovering the original image data in the HDD will be too difficult.
As for the existing iR Security Kit, the function is enabled with the registration of the license key, and only the
area users use are encrypted.
As for the HDD Encryption Kit, instead of the license option form, the encryption board encrypts all data
recorded in HDD.

Mechanism of data encryption

The encryption board encrypts the received signal sent from the controller board, and then records in HDD.
The encryption board receives and recovers the encrypted data stored in HDD, and then sends to the controller.
By pairing up an encryption board and an HDD, the encryption board becomes workable. Therefore, if there are
some HDD, the same number of the encryption board is needed.

Data encryption key to be regenerated

For making the encryption board behaves correctly, a signal cable to receive and encrypt the signal data from
the controller board and a signal cable (or a connector) to send the encrypted data to HDD are necessary.
In case of using 2.5 inch HDD for the host machine, a signal connector, instead of a signal cable, is sometimes
used for directly connecting to HDD.
Beside the cables mentioned above, connecting the power supply cable for driving the encryption board is
necessary.
2.1.2 Common Criteria
0015-3528

Products evaluated based on ISO/IEC15408 (a.k.a. Common Criteria) and of which safety is certified by
certification body of the country are recognized as certified products in that country.
Encryption chip used for HDD data encryption kit is to be certified as a product of which safety as an IT product
is authorized internationally by CCRA (Common Criteria Recognition Arrangement)
Outline of CC Certification
Manufacturer is to apply for a product in concern to CC certified body.
The product is reviewed by the certified body.
If the product passes the review, manufacturer can obtain a certificate.
Certified product is recognized as such in countries which employ CCRA.

Reference:
Certified products can be seen in the URL below (as of 4th Aug 2006)
Inside Japan
http://www.ipa.go.jp/security/jisec/link.html
Outside Japan
http://www.commoncriteriaportal.org/public/consumer/index.php
Canon MFP Security Chip 1.00

2-1
 Chapter 3

INSTALLATION
 Contents

Contents
3.1 Points to Note About Installation .................................................................... 3-1
3.1.1 Points to Note About Installation ............................................................................. 3-1
3.2 Checking components...................................................................................... 3-3
3.2.1 Checking components............................................................................................... 3-3
3.3 Installation procedure ....................................................................................... 3-4
3.3.1 Making a Backup of the Data (reference only)...................................................... 3-4
3.3.2 Guidelines for the Installation of the Encryption Board........................................ 3-7
3.3.3 Installing the Kit (TYPE-B)........................................................................................ 3-8
3.3.4 Installing the System Software Using the SST.................................................... 3-10
3.3.5 Checking the Security Version............................................................................... 3-10
3.3.6 Checking the Security Mark ................................................................................... 3-11
3.3.7 Reporting to the System Administrator at the End of the Work........................ 3-11
 Chapter 3

3.1 Points to Note About Installation

3.1.1 Points to Note About Installation
0015-3529

A security sticker is attached to the kit package to indicate that the package has not been opened.
Check to see that the package has not been opened in any way and the sticker is not torn.
If the package appears to have been opened or the sticker is torn, check to be sure that the user has done so
intentionally.

The following will result in the loss of user data stored on the hard disk.
-Regenerating the Data Encryption Key
Before performing work that will result in the loss of data, inform the system administrator of the inevitable
loss, asking him to make a backup of important data items.

Unless otherwise instructed, backup work must not be performed by the service person because of security
considerations.

In this Installation Procedure, the work is described for reference.

T-3-1

Data to be Deleted Availability

of Backup
Information registered in the Address Book Yes
Settings made from the Additional Functions screen Yes*1
Forwarding Settings Yes
License files for MEAP applications Yes
Registered SDL (Simple Device Login) user authentication information Yes
Data saved using MEAP applications Yes *2
Mode Memory settings registered in the Copy and Mail Box No
Data stored in inboxes Yes *3
Scan modes registered in the Send Function No
Unsent documents (documents waiting to be sent with the No
Delayed Send mode)
Image forms stored in the Form Composition mode No
MEAP applications No
MEAP SMS (Service Management Service) password (the password will No
return to its default password if it was changed)

3-1
 Chapter 3

Data to be Deleted Availability

of Backup
Job logs No
User authentication information registered in the Local Device Yes
Authentication user authentication system of SSO (Single Sign-On)
Key Pair and Server Certificate in Certificate Settings in TCP/IP Settings No
in Network Settings in System Settings (from the Additional Functions
screen)

*1 Can only be backed up using the Remote UI or Device Information Delivery Settings mode.
*2 Depending on the MEAP application.
*3 The following data are backed up.
-User Inboxes specification settings(Register Inbox Name, Password, Time until Document Auto Erase, Print
upon storing from the printer driver)
-Image data of User Inboxes documents
-Setting information of User Inboxes documents
-Confidential Fax Inbox specification settings(Register Inbox Name, Password)
-Image data of Confidential Fax Inbox, Memory RX Inbox and Register Form for Form Composition Image
Data
- Data that the user can back up are shown in the table below.

T-3-2

Data to be backed up Reference

Address Book Settings User Inbox Document Data. For information
Additional Functions settings on exporting data, see the Remote UI Guide
Forwarding Settings
License files for MEAP applications. For information on downloading license
files, see the MEAP SMS Administrator
Guide
User authentication information registered by SDL For information on exporting user
(Simple Device Login)Registered SDL (Simple authentication information, see the MEAP
Device Login) user authentication information. SMS Administrator Guide.
Information which can be delivered using the The information can only be backed up if you
Device Information Delivery Settings mode have another imageRUNNER machine that is
equipped with the Device Information
Delivery Setting mode. If is not necessary to
back up the information in your machine.
For more information on the Device
Information Delivery Settings mode, see the
Reference Guide.
Data saved by MEAP applications may be able to For more information, see the documentation
be backed up, depending on the MEAP application. included with the MEAP application.
User Inbox Document Data. For information on exporting data, see the
Remote UI Guide
SSO (Single Sign-On) local device user For information on exporting authentication
authentication information. information, see the MEAP SMS
Administartor Guide

3-2
 Chapter 3

Work to Perform After Installing the Kit

-When the Host machine is started up after mounting the encryption board, the ID number registered in the User
box, Fax box, and System box will all be lost. Be sure to register it newly or restore from back up data.

-If user authentication has been performed using SDL (simple device login) or SSO (single sign-on) before
installing the encryption board, it is important to select the appropriate login service after restarting the machine.

3.2 Checking components

3.2.1 Checking components
0015-7160

This kit is composed of the following items.

When installing the encryption board to the host machine, follow "Installing the Kit (TYPE-B)".

[1] [2]

[3] [4] [5]

[1] Encryption Board(IGS TYPE-B) 1 pc

[2] Signal cable(HDD - Encryption Board) 1 pc
[3] User Document 1 pc
[4] Advisory statement 1 pc
[5] Installation Procedure (this document) 1 pc

3-3
 Chapter 3

3.3 Installation procedure

3.3.1 Making a Backup of the Data (reference only)
0015-3530

The following is an outline of the backup work:

The data items that have been backed up may be restored when the HDD Data Encryption Kit-B Series has been
installed.

These data items are property of the user, and the restoration work must be performed by the system
administrator.

The method of installation is described in the User Guide. See Table T-1-2 (for data items that may be backed
up) of the Installation Procedure.
Backup using the import/ export function of Remote UI.

Note:
Exporting the transfer settings will export all contents of the address book. In other words, there is no need
for a backup unless it needs to be done individually.

1. Procedure to make a backup of Address Book

1) Access the URL given below, and then access Remote UI.
http:// [IP address of the device]/
2) Click the Add.Func., and the menu appears. Select import/ export from the menu. If the system administrator
ID and password are set, a dialog box to enter the user name and password appears. Enter the system
administrator ID in User Name, and the password in Password, and then click OK.
3) Click Address Book
4) Select the save format for Address Book, and click Start Export.
5) Following the instructions on the window, specify the location to save the file. Set a distinctive name to an
export file so that you can recognize it when importing it.
2. Forwarding Setting Export Procedure
1) Access the URL given below, and then access Remote UI.
http:// [IP address of the device]/
2) Click the Add.Func., and the menu appears. Select import/ export from the menu. If the system administrator
ID and password are set, a dialog box to enter the user name and password appears. Enter the system
administrator ID in User Name, and the password in Password, and then click OK.
3) Click Forwarding Settings
4) Click Export, and then click Start Export.
5) Following the instructions on the window, specify the location to save the file.
3. Add.Func. Export Procedure
1) Access the URL given below, and then access Remote UI.
http:// [IP address of the device]/
2) Click the Add.Func., and the menu appears. Select import/ export from the menu. If the system administrator
ID and password are set, a dialog box to enter the user name and password appears. Enter the system
administrator ID in User Name, and the password in Password, and then click OK.
3) Click Additional Function.
4) Click Export, and then click Start Export.
5) Following the instructions on the window, specify the location to save the file.
4. Backup using the Device Information Delivery function
In the case that several units of the same type Host machine are installed on the network, and if they have the
Device Information Delivery function, the settings can be synchronized by registering one machine as a
parent unit and distributing the same information to sub units. For more information, see Device Information
Delivery in the Reference Guide.

1) Make the settings of the parent unit (transmission side). Register the destinations to distribute the device
information to the parent unit. Select Additional Function > System Setting > Device Information Delivery
Setting> Register Destination.
2) Register a destination by manual input or automatic search. Select the destination you want to register from
the search results in the case of automatic search, and then press OK.
3) Verify the setting status of the device information distribution end. Check the setting status of a sub unit from
the parent unit to see if distribution can be done.

3-4
 Chapter 3

4) Make the settings of manual distribution. Conduct this operation after confirming that the sub unit is not used
by network or local UI.
5) Select Additional Function > System Setting > Device Information Delivery Setting > Manual Delivery.
Set ON to the settings you want to distribute among Add Function Settings Value, Dept ID, and Address
Book, and then press Next. When you select Address Book, the settings of Forwarding Setting and Favorites
Button are also distributed.
6) Select the destination and press Start manual distribution, and the device information is distributed to the
specified destination. When distribution is completed, check the distribution result.

When a system administrator ID is registered, the device cannot receive information using the device
information distribution function. When receiving the device information, delete a system administrator ID
temporarily and re-register it immediately after the information is received.

5. Backup of MEAP Application

When a MEAP application has been installed, the data and license that the MEAP application retains will be
deleted. If no MEAP application is installed, there is no need to make a backup. If a MEAP application has
a backup function, make a backup of the data peculiar to the MEAP application using this function. With
regard to the license, there is a need to stop all applications from SMS (Service Management Service),
invalidate the license, and download the invalid license file.

MEAP Backup Function Using the SST

Data that has been backed up using MEAP back of the SST must not be written back to the Host machine.
Failure to observe this will disable MEAP functions.
It is necessary to be sure that the implementation conditions for the HDD Data Encryption Kit-B Series be
compatible before and after making a backup of data, and the MEAP backup function does not permit making
a backup of data in the course of installing the Kit.
The SMS password will be initialized when the use of the HDD Data Encryption Kit-B Series is started.

The overview of stop of MEAP applications, invalidation of the license, and procedures to download an invalid
license file is described below. For more information, see MEAP SMS Administrator Guide.
6. Stop of MEAP Applications, Invalidation, Download of an Invalid License File, Uninstallation
1) Select the URL given below and access SMS.
http:// [IP address of the device]:8000/sms/
The default password is MeapSmsLogin. If the user has changed the password, ask him/her to change the
password again after the security operation is started.

Ask the user to change the default password as necessary.

2) Select the radio button of the application you want to stop in the application list, and click Stop.
3) Click the application of which license has been installed to access the application/ license information
page.
4) Click license control, and then click invalidate. Click OK in a confirmation window for license
invalidation.
5) Click download in download/ delete of an invalid license file. Following the instructions on the window,
specify the location to save the file. Set a distinctive name to the invalid license file so that you can recognize
it is for which application. When you download the invalid license file to your PC, click Delete. Click OK in
a confirmation window for license deletion.
6) Return to the application list page, select the radio button of the application you want to uninstall, and then
click uninstall. Click OK in a confirmation window for uninstallation. If there are several applications, repeat
the procedures 1) to 6).
7) After the security operation is started, re-install the application using an application file (jar file) of each
application from SMS and the backup invalid license file (lic file).

3-5
 Chapter 3

7. User Authentication Information Registered by SDL (Simple Device Login)/ SSO (Single Sign-ON)
In the case that the MEAP login application has been changed to SDL/SSO, there is a need to make a backup of
the user authentication information.
1) Access the URL given below.
http:// [IP address of the device] :8000/sdl/
http:// [IP address of the device] :8000/sso
2) Login with the user name and password registered as an administrator in SDL/SSO.
The default administrator user ID and password are as follows:
User ID: Administrator
Password: password
3) Click User Control.
4) Put a check to Select All, and then click Export.
5) Leave the file format and character code as defaults and click Start.
6) Following the instructions on the window, specify the location to save the file.

Data which cannot be backed up

Since unsent documents and image composite data cannot be backed up, they are deleted. Verify with the user
about handling of the data which cannot be backed up, and take appropriate measure such as printing out the
data in advance if necessary. For more information on the data that cannot be backed up, see Points to Note for
Installation.

8. Setting the backup destination of a box document

Specify an address, a user name, a password, and a path to the folder of the SMB server where a backup of a
box document is made.

If the language setting in the common specification settings (Additional Function ) is set to ON, 'host address'
and 'path to folder' might not be displayed correctly or cannot be referred.

- Regarding the method of inputting characters, see 'Chapter 2 Major Functions and Basic Operations' in the
Users Guide.
- A host address can be up to 128 character in 1 byte or 64 characters in 2 bytes using the 'Kana-Kanji,'
'Katakana,' 'alphabetic character,' 'mark,' and 'code input' modes.
- A path to the folder can be up to 255 characters in 1 byte (127 characters in 2 bytes).
- A user name can be up to 128 character in 1 byte or 64 characters in 2 bytes using the 'Kana-Kanji,' 'Katakana,'
'alphabetic character,' 'mark,' and 'code input' modes.
- A password can be up to 14 characters using the 'alphabetic character' and 'mark (1 byte)' modes.
- The voice sound symbol and the semi-voice sound symbol entered in the 'katakana (1 byte)' mode are counted
up as one 1-byte character.

[Executing backup of a box document]

1) Click [Add.Func.], and the menu appears. Select [Custom Settings] in the menu.
2) Click [Backup Destination Setting].
3) Make the necessary settings, and then click OK.

- If any of the host IP address, user name, password, or path to the folder is not correctly entered, a backup cannot
be made.
- Set the number of users accessible to the folder to '2' or higher, or 'no restriction.' If the maximum number of
users is set to [1], restoration cannot be done properly.
- If the [BOX] folder or the [BOX.temp] folder created from the past backup remains in the location specified
in [Path to Folder], the backup operation is not conducted properly. Delete these folders or change their
names in advance.

3-6
 Chapter 3

[Restoring the backup data]

1) Click [Add.Func.], and the menu appears. Select [Custom Settings] in the menu.
2) Click [Restore].
3) Press [Execute].

- When restoration is executed, all documents and form images of image composite in the Memory RX Inbox
and Confidential Fax Inboxes are deleted.
- When restoration is executed, the following items are initialized.
- The name and password of a fax box
- The reception number of a box document

3.3.2 Guidelines for the Installation of the Encryption Board

0015-3531

Guidelines for Installation

Functions of the Encryption Board
The encryption board receives signals from the controller board, encodes them, and then stores the result on
the HDD.
The encryption board receives coded data stored on the HDD, decodes it, and then sends the result to the
controller board.
The mechanisms of the encryption board are executed by a single HDD and a single board operating as a pair.
In other words, multiple HDDs call for as many encryption boards.
-----------
Operating Conditions of the Encryption Board
The correct operation of the encryption board requires a signal cable used to receive signal data from the
controller board and a signal cable (or connector) for sending encryption data to the HDD.
If the Host machine is equipped with a 2.5-inch HDD, it is at times necessary to directly connect the HDD to
the signal connector.
In addition, there must also be a cable for the power used to drive the encryption board.

The HDD in an Host machine may be either a 2.5-inch or 3.5-inch type, each calling for a different method
of connecting signal and power cables. Details are as follows:
1. 2.5-Inch HDD Type
The 2.5-inch HDD provides a single connector for both signals and power. Connect the connector or cable
so that the signals will flow as follows: 2.5-inch HDD>encryption board>controller board.
If the space inside the Host machine does not allow direct connection to the connector on the encryption
board, a signal cable must be used.
2. 3.5-Inch HDD Type
The 3.5-inch HDD provides a signal connector and a power connector.
For signals, connect the encryption board signal cable to the HDD so that the signals will flow as follows:
3.5-inch HDD>encryption board>controller board.
Connect the signal cable to the encryption board and the controller.

For power, connect a relay connector to the connector used to supply the 3.5-inch HDD with power, making
sure that the power will flow as follows: controller board>3.5-inch HDD>encryption board.
----------
Location of the Encryption Board
If a connector for connection of a 2.5-inch HDD is found on the encryption board, connect the cable to the HDD
and secure it in place on the encryption board.
If the encryption board and the 3.5-inch HDD need to be connected by means of a cable, be sure to route it as
follows: HDD>encryption board>connector on the controller (to which the HDD is connected); then, secure the
HDD in place on the HDD support plate.
For both cases, be sure the connections are as follows: HDD>encryption board>controller board.
If the HDD of the Host machine is secured in place using mounting screws, place the encryption board so both
signal and power lines may be arranged appropriately.

3-7
 Chapter 3

3.3.3 Installing the Kit (TYPE-B)

0015-7162
[1]
The encryption board comes with the Kit mounted
on the encryption board mounting plate.
1. Turning Off the Main Power

Whenever turning off the main power, be sure to

observe the following sequence to avoid damage to
the hard disk:
1) Hold down the control panel power switch for 3
sec or more.
2) Go through the shut-down sequence indicated on
the display so that the main power switch may be
turned off.
3) Turn off the main power switch. [2]
4) Disconnect the power cable (from the power
outlet).

2. Installing the Kit

1) Detach the covers so that the HDD may be
removed from the main controller. [1]
[1] [2] F-3-2

2) Remove the 2 screws [2]. Remove the cable[1].

Slide the HDD [3] in the direction of the arrow to
detach it together with the mounting plate.

The HDD must be moved in a specific direction,

depending on its type. Be sure to slide it in the
direction opposite the HDD connector of the main
controller.

[1] [3] [2]

F-3-1

F-3-3

3-8
 Chapter 3

3) Remove the 4 screws [1]. Detach the HDD [2] 5) Connect the connector of the encryption board to
from the mounting plate. that of the main controller board.
At this time, fit the hook [1] of the encryption board
[1] [2] on the mounting plate hook [2] of the main controller
board.

[2] [1]

[1]

F-3-4

4)-a Connect the signal cable[1] to the connector[2].

[1]
F-3-7

6) Secure the HDD [1] in place using 2 screws [2].

[3]

[2]

F-3-5

4)-b Connect the signal cable[2] to the HDD[1].

HDD[1] is fixed with the 4 screws[3]. [1] [2]

F-3-8
[1]
7) Put the parts you have removed back in place.

[3]

[3]
[2]

F-3-6

3-9
 Chapter 3

18) Wait for 10 sec. Thereafter, turn the main power

3.3.4 Installing the System Software switch back on.
19) Start service mode, and check the various
Using the SST versions (e.g., MN-CONT, LANG).

The system data stored on the HDD and used to

0015-3532

3.3.5 Checking the Security Version

control the Host machine will be lost when the 0015-3533

machine is first started up after installing the Checking the Version

encryption board. 1) Press the Counter key (Counter key) [1] on the
It is important to install the system software used to control panel.
control the Host machine so that the machine may 2) Press the [check device configuration] appearing
start up properly after installation of the encryption on the control panel.
board. 3) To be sure that the version of the security chip is
Here, the work is identical to the service work correct, see that 'Canon MFP Security Chip' is
performed when replacing the HDD, regardless of identified as '1.00'.
the presence/absence of an encryption board. Details In the case of RAID, there will be 2 pieces of version
follow. information, as it uses 2 encryption boards.
1. Requirements
1) PC
-The SST (version 3.21 or later) must be installed. The user will be able to be sure that the encryption
-Windows 200 Professional/XP must be installed. board fitted with a security chip of the correct
-A CD-ROM drive must be available. version (i.e., with CC authentication) is functioning
2) Category 5 Cross Ethernet Cable normally by referring to the version information (i.e.,
2. Preparing for the Installation of the System '1.00') indicated for 'Canon MFP Security Chip'.
Software of Host machine 4) Press the Counter key (Counter key) [1] on the
1) If both PC and the machine are on, turn them off. control panel to return to the initial screen.
2) Connect the PC and the machine using an Ethernet
cable.
3) Turn on the PC.
4) Start up the machine in download mode (safe
mode).
3. Selecting the System Software
1) Set the CD containing the latest system software 1 2 3
in the PC on which the SST is used.
2) Start up the SST. 4 5 6
123 [1]
3) Click [copy] to copy the system software.
4) Select the drive in which the System Software CD 7 8 9

has been set, and click [search]. 0

5) Click [copy].
4. Downloading the System Software
1) Click [connect].
2) From the list of machine series, select the
appropriate model.
3) Select 'single', and click [start].
4) Click [format HDD]. F-3-9
5) Select 'all', and click [start].
6) Click [start format]. When formatting has ended,
click [OK].
7) Click [to main menu].
8) From the list of machine series, select the
appropriate model and then 'all-hdf'.
9) Click [start batch download].
Follow the message to turn off and then back on
the power switch.
10) When the batch download session has ended,
select the appropriate model.
11) Select 'signal', and click [start].
12) Click [shut-down].
13) Click [start shut-down].
14) Click [OK].
15) End the SST.
16) Follow the down sequence instructions to turn
off the machine main power switch.
17) Disconnect the cross cable.

3-10
 Chapter 3

3.3.6 Checking the Security Mark

0015-3534

The user may check the security mark appearing on the control panel when using the Host machine to be sure
that an appropriate level of security is being maintained. The mark appears when the machine is equipped with
an encryption board and the board is operating correctly.
If multiple encryption boards have been installed, the mark indicates that all boards are operating correctly.
The Refarence Guide provides the following in connection with the security mark:

Confirming the Security Mark

If the HDD Data Encryption Kit is operating normaly, the security mark( )is displayed in the following
position of the screen.

Security Mark

F-3-10

3.3.7 Reporting to the System Administrator at the End of the Work

0015-3535

When you have completed all installation work, report to the system administrator for the following:
-inform him that you have added the appropriate security functions, and have enabled them.
-make sure that he knows what to do in the event that these functions fail, i.e., make a service call.
Successful Completion of the Installation Work
Ask the system administrator to make sure that '1.00' is indicated for 'Canon MFP Security Chip' as the version
of the security chip. (Refer to the description on how to check the version, and check the device composition
displayed in the control panel.)
Maintenance of the Security Functions
Be sure that the system administrator is aware of the importance of making sure that the security functions
are maintained each time the Host machine is started by referring to the security mark discussed previously.

3-11
 Chapter 4

MAINTENANCE
 Contents

Contents
4.1 Notes when service........................................................................................... 4-1
4.1.1 Suspending the security operation.......................................................................... 4-1
4.2 Reference matter in market service ............................................................... 4-1
4.2.1 Relation with Controller Board ................................................................................. 4-1
4.2.2 User data that cannot be backed up ....................................................................... 4-2
4.3 Related Error code............................................................................................ 4-3
4.3.1 E602 Description........................................................................................................ 4-3
 Chapter 4

4.1 Notes when service

4.1.1 Suspending the security operation
0015-3537

When stopping the security operation, go through the followings to return to the default status at shipment.
-Dismount the encryption board
-Format the HDD and install the system

Points to note for suspending the security operation are shown below.

-Since all the data within the HDD are initialized, data back-up is required prior to the operation. Refer to the
Installation Procedure to back-up the data.
-For returning to the security operation, mount the encryption board by following the Installation Procedure.

4.2 Reference matter in market service

4.2.1 Relation with Controller Board
0015-3538

Performance
Encryption and decryption are performed by encryption board. Main controller is not engaged in the HDD
encryption function.
Owing to the hardware configuration, the system is free of a drop in performance, common with previous iR
Security Kits.
The key used for coding and decoding can be generated in user mode screen with previous iR Security Kits.
With HDD Encryption Kits, there are keys in encryption board and HDD with mechanism to auto generate upon
installation.
There is no need to aware of the existence of the key upon implementation because the key cannot be taken out
from the iR machine.

In the case that users request regenerate of the key that is used in encryption board, execute the following service
mode.

At service mode level 2, make the following selections: COPIER>FUNCTION>CLEAR>KEY-CLR; and then
push down [OK] to clear the encryption key.
As well as the installation of encryption board, make sure to back up necessary user data before execution
because all of the HDD data will not be read once cleaning the encryption key.

Encryption Key
Generally when executing data encryption, encryption key is used as electronic information.
This electronic key is generated in encryption board, and there is no way of storing externally.

Encryption board has a mechanism to check automatically whether the combination of the encryption board and
the HDD encryption key is correct upon installation of iR system.
If the encryption key is a mismatch, iR machine fails to start up because of reading failure of the HDD data.

4-1
 Chapter 4

4.2.2 User data that cannot be backed up

0015-3539

The following table shows examples of measures for the user data that cannot be backed up, which was
explained in the points to note for the user mode setting.
It is desirable to explain the measures to a user and ask him/her to implement them.

T-4-1

Data deleted Backed

up? Advice to a user
Mode memory registered by the Make it displayed in the control panel and write
copy or box function No it down.
Reading mode registered by the Make it displayed in the control panel and write
send function No it down.
Document that is not sent yet
(document for which timer Transmit all the documents so that no data is
transmission is set, or document stored. Or, take notes and make a setting again
waiting for being transmitted) No after installation is completed.
Registration form for image After installation is completed, perform
compositing registration again, selecting "initial setting/
registration > specification setting > image
No compositing" from RUI.
MEAP application Refer to the section of "installation procedure >
data backup (reference)".Before installation,
stop and void the MEAP application, download
the void license, and uninstall the application.
No Install the application after the kit is installed.
Password for the MEAP Service
Management Service (SMS)(When Refer to the section of "installation procedure >
the password is changed, it is set data backup (reference)".Ask the user to change
back to the factory default setting.) No the ID and password after installation.
Job history Save the information in CSV format, selecting
No "job > print job / copy job" from RUI.
Key pair (used by SSL) and server When using the key installed in the iR main unit
certification registered in the after installation, create a key, selecting "initial
system management setting setting/registration > specification setting >
network setting > key and certification setting"
from RUI. When using a user's key, perform
registration of a key and certification for
No installation.
Exceution of Auto Gradation Correction No After work of the installation, Auto Gradation
Correction is executed.
Post Script Fonts No Before installation, follow the Installation Procedure
of the font maker to extract a font from HDD. Install
appropriate fonts after installation of the machine.

4-2
 Chapter 4

Reference:
There is no relationship between "key pair (used by SSL) and server certification registered in the system
management setting" and a key used for HDD encryption. Without a key pair, HDD encryption is normally
performed.

4.3 Related Error code

4.3.1 E602 Description
0015-3542

E602 is an error code used to indicate the presence of an error on the hard disc. In the case of HDD data
encryption, the encryption board is connected to IDE target. It is rather difficult to identify as an HDD error.
Detailed code is assigned as 200x.

T-4-2

E code Name Cause Detection Recovery method

Timing
E602- Authentication Authentication On start- Check the connection between the encryption board
2000 error error of the up and HDD, and between the encryption board and the
copier and the main controller.
encryption In case the connection is correct, try to clear the
board encryption key in the service mode.
At the service mode level 2;
COPIER>FUNCTION>CLEAR>KEY-CLR

E602- Mismatch of Mismatch in On start- Mismatch of the encryption board. The encryption
2001 the encryption which the up board is not recognized correctly. Although the
board encryption hardware is connected correctly, the encryption key is
board is not not saved.
recognized Try to clear the encryption key in the service mode.
correctly At the service mode level 2;
COPIER>FUNCTION>CLEAR>KEY-CLR

E602- Device error Encryption On start- Check the connection between the encryption board
2002 board failure up and HDD, and between the encryption board and the
main controller.
Try to clear the encryption key in the service mode.
At the service mode level 2;
COPIER>FUNCTION>CLEAR>KEY-CLR
By replacing the encryption board or HDD, check if
it behaves normally.

4-3