What are OP and Opal technologies on SSDs?

You can also be interested in these:

If you’ve ever tried to buy a PC or laptop, a workstation or a branded server, you’ll know that the manufacturer’s website offers a range of storage configuration options. Among the SSD units, you may have noticed that some are marked as OP and others as Opal. The same applies if you’re trying to purchase an SSD storage unit on your own. But what is the difference between OP and Opal? We’ll explain it to you here.

What is Opal?

If you’ve come across SSD units marked as Opal, you should know that it indicates that the unit meets a set of specifications designed to improve security. For instance, it enables hardware-based encryption of the SSD unit’s content, without affecting system performance since the encryption engine is included in the SSD controller itself.

As a result, someone who gains physical access to the SSD unit will be unable to retrieve information from the stored data because it will all be encrypted. This is known as SED (self-encrypting drives) or auto-encrypting drives. Furthermore, Opal must meet a series of requirements to be certified, as specified by the Trusted Computing Group Storage Workgroup (TCG).

Opal is a SSC (Subsystem Security Class), an implementation profile for storage devices that protects user data confidentiality stored against unauthorized access.

However, Opal is not 100% secure, as researchers from Radboud University discovered in November 2018 that some Opal implementations had security vulnerabilities. Nonetheless, these vulnerabilities have been resolved through updates.

Due to its features, Opal has been implemented in many SSD storage units designed for enterprise or professional use, including those from Hitachi, Intel, Kingston, Lenovo, Micron Technology, Sandisk, Samsung, Seagate, among others. As for Opal storage controller manufacturers, they include Marvell, Avago/LSI SandForce, among others.

Advantages and disadvantages of Opal

Of course, Opal has its advantages and disadvantages, as not everything is positive in this technology:

Advantages

The unit will be protected by a secure hardware-based encryption, which is more secure than other software-based solutions, as software-based solutions can be corrupted, whereas hardware-based solutions cannot.
Hardware-based encryption is less vulnerable to malware than software-based encryption.
Performance is better since it does not consume CPU resources for encryption, as it will be handled by a dedicated chip. Additionally, hardware-based encryption will be faster than software-based encryption.

Disadvantages

Managing hardware purchases may be more difficult due to compatibility issues with Opal.
These units may also be more expensive than conventional SSDs.
SED focuses on stored data, not data in transit. Therefore, if you need to protect transferred data, you’ll need to look for additional solutions such as encrypting communications with TLS/SSL, among others.

What is OP?

As you know, solid-state drives or SSDs have similar characteristics to HDDs, although they also have certain differences. Well, one of the things you’ll find in SSDs is the OP label, which should not be confused with Opal since they are different things. However, it should be noted that you’ll also find them in enterprise-grade or professional storage units, as in the case of Opal. But they are completely different things.

In an OP unit, after manufacturing and assembling the SSD, the manufacturer can reserve an additional percentage of the total capacity of the unit for over-provisioning (OP) during programming of its firmware. This has the disadvantage of reducing the space available for the user to use, but it adds two major advantages: it improves performance and increases the SSD’s resilience or reliability. For this reason, these units are perfect for those who need a solid system for work.

Applications can be read-intensive, such as typical client workloads where a user will typically make 20% writes and 80% reads, as in some enterprise applications like databases when they are already created and only need to be queried, among others.

On the other hand, it should be noted that the established capacity for OP may vary depending on the manufacturer and the size of the storage unit. For this reason, the above table is only a reference, and you should be aware of which brand and model you’re purchasing to check its specifications.

It should also be clarified that the capacity reserved for OP is not accessible by the user, and it is invisible to the operating system. It is only reserved for the use of the SSD controller itself. Therefore, if you buy an OP NAND flash unit and check the capacity and it is less than indicated (256 GB, 512 GB, 1 TB, etc.), don’t be alarmed, you haven’t been deceived; that percentage has been reserved for OP.

Types of OP

You should also know that there are different types of OP, such as:

Inherent: every SSD has at least a certain amount of over-provisioning capacity for use by the controller firmware, replacement of failed blocks, and other features. This type usually uses the decimal system to indicate capacity, instead of binary.
Provider-configured: when the SSD manufacturer reserves additional capacity to accommodate write-intensive workloads. This capacity can range from 7% to 28% or more.
User-configured: in some cases, users can configure the reserved capacity when partitioning. In this case, it would be visible and not remain hidden like in the previous two cases.

Advantages and disadvantages of OP

Like any other technology, OP also has its advantages and disadvantages that we must analyze before purchasing a unit, as we did with Opal. This will help you choose better if your company needs OP vs Opal.