Power-Fail

Embedded devices do not have the luxury of sophisticated disk recovery programs, as PC-compatible devices do. If your embedded device’s file system becomes corrupted because an erase or write operation is unexpectedly terminated, what will happen to the system? Lost sectors? Loss of the whole device? How do you repair it? Robust is not enough in many cases: the system should be designed to restore your file system from whatever point it failed. The SafeFLASH file system does this!

The basic method of operation is quite simple: a complete new file system must be available for use before any information is erased. In this way, if the worst happens, the system can be rebuilt either in its pre-write form (as if the write had never started) or with the new modifications included. It’s not possible to guarantee this with a DOS-compatible file system (hence the prevalence of disk recovery software) and with many other file systems.

  

While the concept is relatively simple, an efficient implementation with flash devices that require sectors to be erased before writing is definitely complex. Write and erase times can be relatively long on flash devices and it is extremely important to ensure that the number of these operations is minimized. We believe our write/erase performance per sector written is second to none for a 100% power-failsafe system and indeed for systems that are not power-failsafe.

 

One of the main methods of verification is through PC simulation of the file system, where thousands of test cases can be run relatively easily; in this mode the code runs with simulated NOR and NAND flash devices. The code is stopped at random or at selected points and it is checked to make sure that the system reliably restarts and that no data are lost.

 

Much testing has been done with real NOR and NAND flash arrays by repeatedly breakpointing the code at any point, and then restarting the system and verifying that the operation is correct and no data has been lost to the system.

 

Several of our customers have tried to break the system, but to our pleasure (and we hope theirs as well) they have failed!