Browse Prior Art Database

A method to do security erase against failed drive in storage system

IP.com Disclosure Number: IPCOM000248225D
Publication Date: 2016-Nov-10
Document File: 5 page(s) / 72K

Publishing Venue

The IP.com Prior Art Database

Abstract

This disclosure proposes a method to do security erase against the failed drive on a storage system which fills the one gap in the current storage system. In the current system, if one drive is marked as failed, there is NO way to do security erase against it using automatic system method. In this disclosure, we propose a method to be able to do security erase against all drives including failed drives.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 01 of 5

A method to do security erase against failed drive in storage system

Background

•Now it is a legal requirement for the data service provider to security erase the data on the drive (physical or flash) before they provider retire or withdraw some drive from their storage system to guarantee the security of the information on the drive


•The typical erase method to do some write and read operation against the drive to make sure that the previous customer data on the drive can NOT be recovered with any kind of method

    -Eg. Write all 1 to the drive first, then write 0 to the drive, and then write random data onto the drive •The problem with the existing erase method is:
-The erase method can ONLY cover the drive with good state •What happens to the failed drive on the storage system
-The user has to swap this failed drive out from the system
-And then do some physical damage to the failed drive (eg. Doing demagnetization against the failed drive
•The original method needs manual effort and low efficient and can NOT achieve the same security level as other good drives

Summary of Invention

•One hidden factor behind the "failed" drive is

    -Though from the storage system's perspective, the drive is "failed", from the drive's physical perspective, the drive may be still good to handle IO (eg. Read/Write operation)
-Normally the storage system marks one drive to be "failed" just because its health state does NOT guarantee the performance of the whole storage system •The typical reason to mark one drive to be "failed" by the storage system is
-Saw some slow IO against the drive and the drive is slowing the whole storage system, so mark it as failed and isolates it fromthe system to mitigate the impact
-Some physical sectors on the drive are broken which indicate its health state is NOT good enough and then mark it failed and do the pro-active replacement to avoid the sudden failure
•So for most cases, when the drive is marked as failed by the storage system, the drive can still handle IO which means it can still perform the security data erase action
•Based on the facts above, we can implement a method to automatically security erase the "failed drive"

1


Page 02 of 5

       -The erase process will try the best to do erasure unless we can NOT do any operation due to...