NSF Award
2403540
Non-volatile flash memories, the basic building blocks of solid-state storage devices, offer small form factors, high-capacity, high-speed, and low-power permanent storage solutions in a wide range of computing systems found in consumer electronics, automotive, military, industrial, healthcare, and enterprise segments. Unfortunately, deleting data instantly from physical flash memories is not always straightforward as it incurs hefty overheads and increases wear level, especially in solid-state drives (SSDs). According to a recent report, 42% of used SSDs sold on eBay held sensitive recoverable data, even though data deletion or sanitization methods were in place. Whereas standard data deletion methods make the data inaccessible to the user through standard interfaces, our recent research efforts demonstrate that the deleted data is partially or fully recoverable by means of physical characterization of flash memory cells. This underscores the need for finding new ways to ensure that deleted data is promptly, permanently, and irreversibly re-moved from flash memories. <br/><br/>This project is investigating new cost-effective instant data sanitization techniques for flash memories. The proposed techniques take advantage of (a) timeline of recent flash operations; (b) physical properties of flash memory cells cap-tured by state decay models and (c) partial flash program and erase operations. These techniques will be tailored to uti-lize the unique properties and architectures of flash-memory chips found in commercial storage applications. The proposed techniques will be applicable to different types of flash memories, will require no or minimal changes in hardware, and will not increase the wear level of flash memories nor significantly increase the latency of common flash operations. Techniques for cost-effective data sanitization of flash memories in run-time will benefit consumers, industry, and government alike by ensuring that deleted data is not recoverable at any time during the product’s life cycle. These techniques will be deployed in the firmware of flash memory controllers. A direct outcome of this proposal will be the training of three graduate students in the important area of hardware-oriented security and memory systems. The investigators are developing teaching materials to introduce hardware-oriented security topics in embedded systems, computer systems architecture, and hardware reliability courses.<br/><br/>This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
