DCT
1:18-cv-01398
SecureWave Storage Solutions Inc v. Micron Technology Inc
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: SecureWave Storage Solutions, Inc. (Delaware)
- Defendant: Micron Technology, Inc. and Micron Consumer Product Group, Inc. (Delaware)
- Plaintiff’s Counsel: Farnan LLP
- Case Identification: 1:18-cv-01398, D. Del., 09/10/2018
- Venue Allegations: Venue is alleged to be proper as Defendants are Delaware corporations.
- Core Dispute: Plaintiff alleges that Defendant’s self-encrypting solid-state drives (SSDs), which comply with the Trusted Computing Group (TCG) Opal standard, infringe a patent related to operating-system-independent security partitions on storage devices.
- Technical Context: The technology concerns methods for securing data on storage devices like SSDs by creating a protected area on the drive itself, managed by the drive's own firmware, making it resistant to threats that compromise the host computer's main operating system.
- Key Procedural History: The complaint was filed on September 10, 2018. Subsequent to the filing, the asserted patent was subject to multiple Inter Partes Review (IPR) proceedings before the Patent Trial and Appeal Board (PTAB). An IPR Certificate issued on July 18, 2022, indicates that all claims of the asserted patent, including the one asserted in this litigation, have been cancelled. This post-filing development raises a threshold question about the viability of the lawsuit.
Case Timeline
| Date | Event |
|---|---|
| 2001-07-25 | '020 Patent Priority Date |
| 2006-04-25 | '020 Patent Issue Date |
| 2018-09-10 | Complaint Filing Date |
| 2018-12-28 | IPR2019-00501 Filed |
| 2019-04-09 | IPR2019-00932 Filed |
| 2019-11-06 | IPR2020-00139 Filed |
| 2022-07-18 | IPR Certificate Issued Cancelling All Claims of '020 Patent |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 7,036,020 - "Methods and Systems for Promoting Security in a Computer System Employing Attached Storage Devices"
Issued April 25, 2006.
The Invention Explained
- Problem Addressed: The patent describes conventional computer security systems as deficient because their reliance on the host operating system makes them vulnerable to attacks, such as viruses, that infiltrate that same environment ('020 Patent, col. 1:16-32). Prior art solutions like the ATA Host Protected Area protocol are also noted as having limitations, such as being discoverable by other systems and lacking robust authentication ('020 Patent, col. 2:54-68).
- The Patented Solution: The invention proposes a security system localized within the storage device itself, independent of the host operating system ('020 Patent, col. 4:34-36). It achieves this by using the device's own firmware to create and manage a "secure data partition" that is "invisible to the operating system" ('020 Patent, col. 13:7-9). Access to this partition is governed by "authority records" also stored within the secure area, with a "master authority record" controlling the creation and deletion of other records ('020 Patent, col. 6:39-45; Fig. 3).
- Technical Importance: This architecture aimed to create a trusted space on a storage device that could conceal information and manage access rights without being compromised by vulnerabilities in the main computer system. (Compl. ¶10).
Key Claims at a Glance
- The complaint asserts independent Claim 1. (Compl. ¶17).
- The essential elements of Claim 1 are:
- A storage device for promoting security in a computer system, comprising: a storage medium, firmware for reading/writing data, and a partition.
- The partition divides the storage medium into a data partition and a "secure data partition."
- The secure data partition stores secure data and one or more "authority records" that define access permissions.
- The secure data partition contains a "master authority record," which governs the creation and deletion of other authority records by a user.
- "only the firmware is permitted to access the secure data and the one or more authority records."
- The complaint reserves the right to assert additional claims. (Compl. ¶24).
III. The Accused Instrumentality
Product Identification
The complaint accuses "All Micron products and devices that support or are compliant with the TCG Opal 1.0 or 2.0 standard," specifically identifying the "Crucial-branded MX300 SSD and MX500 SSD" as examples (collectively, the "Accused Product") (Compl. ¶17-18).
Functionality and Market Context
- The accused functionality is the implementation of the TCG Opal Storage standard, a set of specifications for self-encrypting drives (SEDs) (Compl. ¶20). According to the complaint, this standard provides a "comprehensive architecture for putting Storage Devices under policy control" and enables "data-at-rest protection of user data via data encryption and access controls" (Compl. ¶20).
- The complaint alleges that any device compliant with the TCG Opal 1.0 or 2.0 standard "is necessarily a device that meets each and every one of the asserted limitations" (Compl. ¶21).
- The complaint alleges Micron is a significant market participant, with substantial SSD revenue and at least 9% of the worldwide market (Compl. ¶4).
IV. Analysis of Infringement Allegations
The complaint alleges that because the Accused Products are compliant with the TCG Opal 1.0 or 2.0 standard, they necessarily practice the claimed invention. (Compl. ¶21). The complaint does not contain a formal claim chart exhibit but presents its theory by quoting the claim language. (Compl. ¶18).
'020 Patent Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| A storage device for promoting security in a computer system, the storage device comprising: a storage medium for storing data; firmware for reading data from and writing data to the storage medium | The Accused Product is a storage device (SSD) with a storage medium and firmware. The complaint's theory rests on the product's compliance with the TCG Opal standard. | ¶18 | col. 12:51-56 |
| and a partition defined on the storage medium for dividing the storage medium into a data partition and a secure data partition, the secure data partition for storing secure data and one or more authority records, wherein the one or more authority records define access permissions relating to the secure data partition and the secure data | The TCG Opal standard allegedly defines an architecture that creates a secure area on the drive, which the complaint equates to the claimed "secure data partition" containing "authority records." | ¶18 | col. 12:57-65 |
| wherein the secure data partition contains a master authority record, wherein the one or more authority records can be created and deleted as required by a user having access permissions according to the master authority record | The complaint alleges that the TCG Opal standard's architecture for policy control and access management includes functionality equivalent to the claimed "master authority record." | ¶18 | col. 12:66 - col. 13:4 |
| and wherein only the firmware is permitted to access the secure data and the one or more authority records. | The complaint alleges that the TCG Opal standard-compliant devices meet this limitation, creating an access-controlled environment managed at the firmware level. | ¶18 | col. 13:5-7 |
No probative visual evidence provided in complaint.
Identified Points of Contention
- Scope Questions: A central dispute may arise over whether the structures defined by the TCG Opal standard are coextensive with the claimed "secure data partition" and "authority records." A defendant could argue that the patent's specific embodiments require a particular architecture that differs from the industry standard's implementation.
- Technical Questions: The infringement theory hinges on the assertion that TCG Opal compliance necessarily meets every claim limitation. A key technical question will be whether the Accused Products satisfy the negative limitation that "only the firmware is permitted to access the secure data." The court may need to determine if any other entity, such as an authorized host application communicating with the drive, can access this data under the TCG Opal protocol, which could potentially take the products outside the claim's scope.
V. Key Claim Terms for Construction
The Term: "secure data partition"
- Context and Importance: The definition of this term is fundamental to the infringement case. The dispute will likely center on whether any secure area on a drive meets this definition, or if it is limited to the specific structure described in the patent, which is invisible to the host OS and managed by a hierarchy of authority records. Practitioners may focus on this term to determine if the TCG Opal architecture is equivalent to the patented partition.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The claim language itself is general, defining it as "a partition ... for storing secure data and one or more authority records." ('020 Patent, col. 12:59-62).
- Evidence for a Narrower Interpretation: The specification describes the secure partition as being "invisible to the operating system" and containing a "master authority record" that governs other records ('020 Patent, col. 13:7-9, Fig. 3). A defendant may argue these features are required limitations.
The Term: "only the firmware is permitted to access"
- Context and Importance: This absolute, negative limitation is a likely point of failure for the infringement allegation. The strength of "only" suggests exclusivity. If the defendant can show that any entity other than the storage device's firmware (e.g., an authorized host application) can access the secure data, infringement may be avoided.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The plaintiff may argue "firmware" should be interpreted broadly to encompass the entire trusted execution environment on the drive that enforces security policies, even when responding to external commands.
- Evidence for a Narrower Interpretation: The specification distinguishes between non-writeable firmware ("NWF") and writeable firmware ("WF"), suggesting "firmware" might be construed more narrowly to mean the core, unmodifiable code on the drive ('020 Patent, col. 4:54-58). A defendant may argue that access mediated by authorized host software is not access by "only the firmware."
VI. Other Allegations
- Indirect Infringement: The complaint does not plead a separate count for indirect infringement or allege specific facts to support the knowledge and intent elements required for such a claim.
- Willful Infringement: The complaint makes no factual allegations regarding pre-suit knowledge of the '020 Patent. It includes a request for enhanced damages only in the prayer for relief, without a supporting factual basis in the body of the complaint. (Compl., Prayer for Relief ¶6).
VII. Analyst’s Conclusion: Key Questions for the Case
- Mootness: The most significant issue is procedural: what is the legal effect of the PTAB's post-filing cancellation of all claims of the '020 Patent? As the sole asserted patent is now cancelled, a threshold question is whether the plaintiff's case is moot, precluding any recovery of damages.
- Standards-Based Infringement: Assuming the case proceeds, a core issue is one of necessary infringement: does compliance with the TCG Opal standard, as a matter of technical fact, inherently satisfy every limitation of Claim 1? The analysis will likely focus on whether the Opal architecture meets the strict negative limitation that "only the firmware" can access the secure data.
- Definitional Scope: The case may also turn on claim construction: can the patent's term "secure data partition," which the specification describes as being managed by a specific hierarchy of "authority records," be construed broadly enough to read on the security architecture implemented by the TCG Opal standard?