Dell Secured Component Verification Version 1.5,1.5.1,1.6,1.7,1.8, 1.9 and 1.91.0 Reference Guide for Servers and Chassis

Secured Component Verification (SCV) is a supply chain assurance offering that enables you to verify that the PowerEdge server you have received matches what was manufactured in the factory. In order to validate components, a certificate containing the unique system component IDs is generated during factory assembly process. This certificate is signed in the Dell factory and is stored in the system, later used by the SCV application. The SCV application validates the system inventory against the SCV certificate.

The application generates a validation report detailing the inventory matches and mismatches against the SCV certificate. It also verifies the certificate and Chain of Trust along with the Proof of Possession of the SCV Private key. Current implementation supports direct ship customers and does not include VAR or Part Replacement scenarios.

SCV Application performs the following functions:

• Downloads the SCV Certificate that is stored in the system through Dell Technology APIs and verifies the SCV certificate and issuer.
• Validates the SCV private key that is paired to the SCV public key in SCV certificate.
• Collects the current inventory of the system.
  NOTE:For the list of system components supported, see the section Components Supported.
• Compares current system inventory against the inventory in the SCV certificate.
• Any modification of the components that are captured in the certificate will be identified as a "Mismatch".

Notes:

• SCV validates the virtual network ports as well. In systems with NPAR/NPAReP cards, run the SCV Application before enabling them.
• Ensure that the TPM is enabled before running the SCV application. SCV supports TPM version 2.0.
• Ensure that you run the SCV application before mapping any storage devices to the system.
• In modular systems, ensure that the FlexAddress is disabled before running the SCV application.
• If internal and iDRAC USB ports are disabled, the SCV validation fails.
• Ensure that any drive which is removed from the system registers in iDRAC or any other iDRAC interface before running the SCV validation or it will report incorrect data in the SCV output.
• SCV requires USB NIC communication for in-band validation. Do not disable the USB NIC while running the SCV operation.
• In SCV 1.5 with 1.0 certificate, one of the TPM component(ECC) entry reports as 'Match' with expected details as 'Unknown', while the detected details display all the information. This is an expected behavior because 1.0 certificate does not include ECC information.