End-to-End Data Protection for SSDs

By | Oct 31, 2022 | All, Security

In 2013, Apple launched the first MacBook Pro with a PCIe SSD, officially expanding PCIe-based SSD’s realm into consumer applications. However, PCIe-based SSDs were already found in servers and data centers way before then because of their high bandwidth and scalability.


With the latest 3D NAND flash technology, PCIe SSDs have become cheaper, leading to more adoption in retail and consumer applications. But price and performance aren’t the only reason consumers and enterprises switch to SSDs; data protection is also an essential factor.


SSD end-to-end data protection 

With advanced flash process technologies like 3D TLC or QLC, drives can easily store terabytes of data at a very attractive retail price. But how a PCIe SSD controller protects data should be equally important to drive performance since the amount of data stored is doubled or even tripled.

For Phison PCIe SSDs, data protection consists of three levels:

      1. Front-end: End-to-end data protection (ETEDP) protects data in both read and write operations.
      2. Core: A SmartECCTM engine recovers incorrect data using a RAID mechanism.
      3. Back-end: NAND flash ECC protection performs error-detect-and-correct during read operations.


End-to-end data protection, also known as ETEDP, is designed to detect any soft error when data is transferred. When data is read from or written to NAND flash, there are multiple steps where data is temporarily stored during data transfer. Therefore, flash storage can have bit flips or noises that may cause a single event error. Controllers need to know when these errors occur and take action if possible.


Write operation protection 

When data is written to NAND, it moves from Host IPs (PCIe and NVMe IP), then to the Data Buffer (DRAM & SRAM), Flash IP, and finally, NAND flash.

When a host issues a write command, data is first moved to Host IP. The data is checked against its CRC and, if they match, an E2E-parity (generated based on logical block address (LBA) of the data) is appended to the data itself. When data moves to Data Buffer, that data is protected by SECDED ( Single Error Correction, Double Error Detection ), the ECC engine inside can recover incorrect data. For Flash IP, the data is checked and additionally appended with CRC and LDPC code. Finally, all data with parities are written at once to NAND flash.

Read operation protection

When data is read by the host, data moves from NAND, then to Flash IP, then the Data Buffer, and finally the Host IP.

The design of the correction engine determines how many errors can be recovered. During the read operation, the data is first checked its LDPC and CRC in the Flash IP. If the data is correct, the ECC-parity is detached, and the data moves to the other IPs accordingly. Similar to a write operation, data is checked for its correctness at Data Buffer and Host IPs. If the data is correct, the E2E-parity is detached, and the data is sent to the host.



Phison keeps your data safe

With 3D NAND process technology, customers look for high performance and capacity from an SSD and better endurance and data reliability. In terms of data protection, there are different ways to achieve the purpose, but end-to-end data protection is commonly practiced within a PCIe controller. The purpose of end-to-end data protection is to generate parities and have them appended to data for soft error detection during data transfer of read and write operations.


The Foundation that Accelerates Innovation™