SPOR resilient firmware for microSD card

Language

File Format

PDF

Version

v1.0

Date

2021/10

Download

Resilient Sudden Power-Off Recovery Firmware for Micro SD Cards

Sudden power failure and unstable power may cause data loss on SD and microSD cards, so the Sudden Power-Off Recovery (SPOR) mechanism is critically important and quite frankly necessary for industrial applications.

THE BASICS OF NAND FLASH ARCHITECTURE

A NAND Flash memory array consists of multiple Blocks. A single Block consists of multiple Pages and a single Page consists of multiple Columns. The program unit in the NAND Flash memory is a Page. The data content in a Page of the NAND Flash memory must be trusted. The erase unit in the NAND Flash memory is a Block. It is necessary to ensure that the Blocks in the NAND Flash memory are valid to use.

Data streams from the host device to the SD card (Fig. 1). A typical write procedure will require two individual Blocks to store user data and system information. The user data will be stored in the User Data Block, and the System Table Block will keep track of the physical Flash Pages with respect to the host-side LBA (Logical Block Addresses). The Flash Controller needs to ensure both the User Data Block and System Table Block are correct during normal operations. Usually, the Flash Controller will keep dual copies of the system table to ensure redundancy of firmware during initialization and boot-up.

Figure 1: Architecture of an SD Controller

ALL_news_support_25C04_xBjPYpctBi

THE SUDDEN POWER-OFF RECOVERY (SPOR) FIRMWARE MECHANISM

SP industrial SD and microSD cards are equipped with Sudden Power-Off Recovery (SPOR) firmware (Fig. 2). This mechanism can maintain data integrity and increase reliability of the data stored in the NAND Flash memory. All SP Industrial SD and microSD cards have passed a sudden power-off test of 3,000 cycles that simulate scenarios of sudden power-off during data programming.

Figure 2 SUDDEN POWER-OFF RECOVERY (SPOR) FIRMWARE

ALL_news_support_25C04_T8ZUneNZmE

There are three different scenarios during which sudden power failure can occur:

- Sudden power failure while programming data
- Sudden power failure while updating the system table
- Sudden power failure while erasing blocks

Sudden power failure while programming data

The Flash Controller needs to ensure that the data will be stored reliably in the Flash Page during the data programming operation. If sudden power failure or unstable power occurs while programming data, it may cause the data in a Page to become uncorrectable. Afterward, the Flash Controller will detect and discard the uncorrectable data Pages and rebuild the user data. Then, it will update the system table.

The following is an operation scenario (Fig. 3):

HOST behavior:

Write1:

- - - Writes 16KB data
    - Writes 16KB data

Write2: Writes 24KB data

Write3: Abnormal power-off while writing 8KB data

SD controller behavior:

- Write1: Writes 16KB data (4 Pages)
- Write2: Writes 24KB data (6 Pages)
- Write3: Sudden Power-Off while writing 8KB data (2 Pages)

Power recovery → Execute Sudden Power-Off Recovery mechanism to rebuild the system table and user data (Fig. 2)

Make sure the latest data, including the Write1 and Write2 data, are correct

Figure 3: Scenario for sudden power-off during data programming

ALL_news_support_25C04_Yz12ui2fyq

SUDDEN POWER FAILURE WHILE UPDATING THE SYSTEM TABLE

If sudden power-off occurs while the system table is updating, it will cause the Page data to become uncorrectable and the new user data may be lost (Fig. 4). Afterward, the Flash Controller will execute the Sudden Power-Off Recovery mechanism to rebuild the user data and update the system table (Fig. 2). Normally, SP Industrial SD & microSD cards will maintain the system table and backup system table while updating the system table (Fig. 5).

Figure 4: Failure to update the system table may result in loss of new user data

ALL_news_support_25C04_5rVAPt1r0e

Figure 5: Regular mechanism of updating the system table with main and backup system tables

ALL_news_support_25C04_Z5qjlhZCZF

Some serious cases may result in write protect mode when failing to update the system table, such as too frequent power-off or abnormal ESD during the initiate stage. This is especially susceptible for the in-vehicle environment.

SP Industrial products offer an advanced mechanism for updating the main system table and backup system table with a read verify mechanism to make it more resilient to sudden power-off situations (Fig. 6).

Figure 6: Advanced mechanism for updating the main system table and backup system table with read verify mechanism

ALL_news_support_25C04_aIF60HRloB

SUDDEN POWER FAILURE WHILE ERASING BLOCKS

Sometimes the Flash controller needs to erase dirty Blocks for reuse. If sudden power-off occurs during the Block erase procedure, it may erase the wrong Block and the dirty Blocks can no longer be reused. Afterward, the Flash Controller will scan out the dirty Blocks and erase the dirty Blocks again (Fig. 7).

Figure 7: Sudden power failure while erasing blocks

ALL_news_support_25C04_XUMU6wa8vI

If you are interested in this content, feel free to click the download button on the left.