Skip to content

Page074

Solid State Drives (SSDs)

A Solid State Drive (SSD) is a combination of flash memory (EEPROM) and DRAM. Degaussing has no effect on SSDs. Also, while physical disks have physical blocks (“block 1” is on a specific physical location on a magnetic disk), blocks on SSDs are logical, and are mapped to physical blocks. Also, SSDs do not overwrite blocks that contain data: the device will instead write data to an unused block and mark the previous block unallocated.

A process called garbage collection later takes care of these old blocks: “Unused and unerased blocks are moved out of the way and erased in the background. This is called the ‘garbage collection’ process. Working in the background, garbage collection systematically identifies which memory cells contain unneeded data and clears the blocks of unneeded data during off-peak times to maintain optimal write speeds during normal operations” [6].

The TRIM command improves garbage collection. “TRIM is an attribute of the ATA Data Set Management Command. The TRIM function improves compatibility, endurance, and performance by allowing the drive to do garbage collection in the background. This collection eliminates blocks of data, such as deleted files” [7]. While the TRIM command improves performance, it does not reliably destroy data.

A “sector by sector overwrite” behaves very differently on an SSD vs. a magnetic drive, and does not reliably destroy all data. Also, electronically shredding a file (overwriting the file’s data before deleting it, which we will discuss shortly) is not effective.

Tests performed by the Department of Computer Science and Engineering, University of California, San Diego, found: “Overall, the results for overwriting are poor: while overwriting appears to be effective in some cases across a wide range of drives, it is clearly not universally reliable. It seems unlikely that an individual or organization expending the effort to sanitize a device would be satisfied with this level of performance” [8].

Data on SSD drives that are not physically damaged may be securely removed via ATA Secure Erase. SanDisk provides the following details: “When the relevant secure erase command is executed on the SanDisk SSD, all blocks in the physical address space, regardless of whether they are currently or were previously allocated to the logical space, are completely erased (the ‘logical to physical mapping table’ is also erased). Additionally, a new encryption key is generated and the old key is discarded.

This erase operation does not overwrite the blocks like an HDD write or format command would. Data is written to flash on a page-level and a page must be completely erased before it can be written to again. Unlike HDDs, which may leave remnants of data in regions between tracks, an erased flash cell is restored to the same content it contained at the time it was manufactured. As in the case with an HDD, physical blocks that have been marked ‘bad’ may still contain remnant user data. There is no way to access these blocks to overwrite them, and secure erase makes no attempt to do so. Because the secure erase operation also regenerates the internal encryption key, it is not possible to decrypt the data, even if it were accessible” [9].

The two valid options for destroying data on SSD drives are ATA secure erase and destruction. Destruction is the best method for SSD drives that are physically damaged.