TWI373713B - Secure and scalable solid state disk system - Google Patents

Description

1373713······. Chinese Patent Specification and Drawing Replacement No. 097丨丨6226 (|〇|August) IX. Invention Description: [Technical Field] The present invention relates to a memory More specifically, the present invention relates to a secure and scalable solid state disk system. [Prior Art] Flash-based s〇iid state disk (SSD) has slowly picked up and has gradually been used by general users in industrial, defense, and enterprise applications. Widely accepted. The main driving force behind this trend is the development of advanced flash technology and the advantages of the flash components themselves. Compared with the conventional hard disk drive (HDD), the flash type solid state disk has the following advantages: 1_ low power consumption. 2 - Lighter weight. 3. The heat dissipation is low. 4. No noise ^ 5. No mechanical components. However, while gradually replacing the hard disk drive, the solid state disk also has some problems to be solved, such as: 1. Higher cost. 2. The density is low. 3. System performance is poor. In addition, '---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Manage the output pins (pin__) of many flash device interfaces. 5 No. 097丨丨6226 ^利'_ Case Chinese Manual and Graphical Replacement (January 1st, August) 2. Wear leveiing throughout many flash components. 3. The manufacturability and testability of the solid state disk system. 4. Support the new flash technology and the time gap that can benefit from it. 5. Time to market. 6. The cost savings from the new flash technology. There is no built-in security protection for people who know the hard disk drive. If the host system with the hard disk drive is known to be removed, the contents of the hard disk drive will be lightly (4) accessed and stolen. Even if the entire disk can be encrypted by software, the conventional hard disk drive still has the following problems in practical applications: h The system performance sacrifice due to encryption and decryption of the software. 2. The driver must be installed separately for the encryption action. α 3. If the password authentication Wei is only the hard one, it is still in danger of attacking. If solid-state disks are mainstreamed by the conversion of niche pr〇ducts to more general user products, solid-state disks must be improved for these shortcomings, and additional additions such as safety, expandability, etc. advantage. 1 is a block diagram of a conventional secure digital (SD) flash card including a physical interface 11, a secure digital card controller 12, and a flash memory 13. The body is connected to the host system through an interface bus 14 . A simple-type solid-state disk can be constructed using a secure digital card, an eQmpaet flash (CF) card, and a universal squad bus (imiversa丨seriai bus; USB) driver. In a conventional storage system, for example, U.S. Patent Application Serial No. 10/707,871 (the disclosure of which is No. 2 GG5 GG (4) 44), iG/7 (9, 718 (the publication number is 5_5〇63), 1373713 _ 097 丨丨6226 Patent Application Chinese Manual and Graphic Replacement (August 1st) US Bulletin Patent Nos. 6,098,119, 6,883,083, 6,877,044, 6,421,760, 6,138,176 The storage system disclosed in No. 6,134,630, No. 6,549,981, and U.S. Patent No. 20030120865, a storage controller will automatically install and configure the disk drive during system startup or runtime. The storage controller described above can perform basic storage identification and aggregation functionality. The main advantage of the prior art is the ability to detect the insertion and removal of the disk drive during operation. However, conventional techniques are unable to identify the non-synchronous characteristics that exist between the host system and the storage system during system startup. Since the function of the storage controller is equivalent to a virtual controller, during the startup of the host system, the storage controller needs time to identify, serve, and match the Wei (4) crane. If there is no mechanism to re-synchronize the city line and the storage system, the host system will only stop and there is no way to identify and install the virtual logic storage. The conventional system can only be regarded as a secondary storage system. Not the main storage system. Another shortcoming of U.S. Patent No. 6,098,119 is (10). It is required that each entity drive the installation system to have a pre-loaded "parameter setting (be (7) shout (four) out). This shortcoming will limit the automatic installation. Most of the familiar lines do not provide a solution to the extensibility of the reservoir or the scalability. Despite the US Patent Application No. 10/707, 871 5 Tiger (which publicly discloses the secrets (9) (4) (4) and 黯 (10), the claw number (which is a 5 tiger is 20050005063) proposes a scalable storage virtual computer system, which focuses on Yu Xin picked up to the main body host (may be - host computer or a word machine) type / turn virtual success. · Patent silk for the above-mentioned virtual_crowding startup problem. Suitable for the virtual storage architecture of patents It can still only be used as a secondary storage device. 7 1373713 No. 097丨丨6226 ^ Chinese case description and schema replacement (丨〇1 August). In addition, the conventional system can not solve the password authentication and hardware. Encryption drives security issues. Among them, hardware encryption has become an indispensable main driver application in notebook computers. As shown in Figure 2, U.S. Patent No. 7,003,623 is a relatively simple solid state disk system. The solid state disk system includes a serial advanced technology attachment '· SATA to the flash memory controller 25 and a set of flash 5 memory. The SATA to flash memory The controller 25 includes a satA host interface 251 and a plurality of flash device interfaces 252. The SATA host interface is used to interfacing the SATA host controller 21 of the host system 20, and the flash device interface 252 is used to connect to the flash. Memory 13. Each flash memory 13 has approximately 15 to 23 signal pins for connection to the controller 25. SATA host interface 251, j requires 4 signal pins to connect to the sata host controller 2 SATA Recording me (4) 25 requires a total of at least 124 signal pins to control 8 flash memory 13; or a total of 244 signal pins to control 16 flash memory 13. Also as shown in Figure 2 It is shown that the controller 25 must control the error correction code (discussion rc cough her code; ECC), even erase, bad block remapping (5) this generation side 卯i (8), allocation of idle storage space, and numerous internal to flash memory The book keeping tasks of solid-state disks. It can be seen that with the increase in the number of flash memory components, the controller's _ degree is also rising. So, it will not only cause the county of the control (four) Influence 'in the customary state On the magnetic system, the problems of manufacturability and testability are increased. In essence, the technology does not have the expandable characteristics, that is, the same 1373713 ... Patent Application No. 097 U6226 The control and the replacement of the schema (August 1st) can not be relied on by the different _ density materials of the second Wei. If the same controller needs to be used in two or more different types of density design (4) The number of pins must be / page to v to accept I24 pins to connect four flash memory; or Μ 4 pins, 乂 connect eight flashing Alt body 'or even 484 pins to connect ten Six flash memory chips. Therefore, the conventional system can only be used for low-density applications without having a complete extendable and expandable feature. Accordingly, systems and methods that solve the above problems are necessary. The present invention satisfies such needs. SUMMARY OF THE INVENTION The present invention is directed to a solid state disk system. The system includes a user token and a layer-layer secure virtual storage controller that interfaces to the _host system. The system also includes a plurality of "two-layer secure virtual storage controllers and a plurality of third-tier virtual storage, transiting layer-layer secure virtual storage control m--compatible with the first-tier=store=, and The third layer of virtual storage devices are connected to the first layer of the secure virtual storage controller. The system and method in accordance with the present invention provide the following advantages. L. The system and method employs a secure virtual storage controller architecture. 2. The shai system and method employs an expandable solid state magnetic enthalpy system based on the secure virtual storage controller architecture. . /, u go to the current and prevailing (four) card, the county, density and 4... the system and the virtual storage processing secret density and (4) performance. 9 1373713 Chinese manual temperature 5. The system and method can use more layers of virtual storage controllers to expand density and system performance. 6. The system and method may use an encoding engine in the virtual storage controller to directly process an add/release operation of data exchange between the upload stream and the downlink stream, where the data exchange is performed. It is carried out between the host and the device. 7. The system and method use the USB beacon as a separate password for the solid state disk. 8. The system and method allows the secure-and-scalable solid state disk (SNS-SSD) to replace the hard disk drive with user experience from boot-up to sleep-to-usual use. The system and method in accordance with the present invention is applicable to a flash memory, a disk storage system, a portable storage device, an enterprise storage system, a personal computer, a server, a wireless storage, and a multimedia storage system. [Embodiment] The present invention relates to a memory system. More particularly, the present invention relates to a secure and expandable solid state disk system. The following description is made to enable those skilled in the art to utilize the present invention while providing the application and conditions of the present invention. The following examples are merely illustrative of the embodiments of the invention and the technical features of the invention are not intended to limit the scope of the invention. Any arrangement or modification that can be easily accomplished by those skilled in the art is within the scope of the invention.

Figure 3 is a block diagram of a host system with a -usB beacon coupled to a SATA-type secure and expandable solid state disk system. The host system 30 includes a processor (not shown), a memory (not shown), an input/output (input/〇utput; /I/〇), and a USB patent application No. 097丨16226. The manual and the schema replacement (August of the following year) interface (not shown) and a SATA host controller 34. The SATA host controller is connected to a USB beacon 35 via a USB interface and works with the secure and expandable solid state disk system 31 via the SATA host interface 321 . : After the host system 30 is powered on and accessing the secure and expandable solid state disk system 31, the USB beacon 35 acts as an independent agent to provide password authentication functionality. This function can be a software function belonging to the USB beacon 35. Or preferably, the function can be a browser link connected to the web service in the USB beacon 35. The reason for using the browser link is that it is more common and only takes up a small portion of the system resources to operate. On different platform devices. The female fully expandable solid edge disk system 31 includes a first layer of secure virtual storage control state 32, a second layer of secure virtual storage controller 33, and eight third layer storage devices secure digital card 10. The first layer of secure virtual storage controller 32 includes a SATA host interface 321, a coding engine 323, and a plurality of SATA device interfaces 322 connected in parallel. In this embodiment, the storage interface on the host side can be a serial port or SATA. The storage host interface can be a live-type input/output interface, such as SATA, serial attached small computer system interface (SAS), high-speed peripheral controller interface (peripheral contr〇iier interface; pciexpress ), parallel high-speed hardware interface (PATA), USB, Bluetooth, Ultra-wideband (UWB) or wireless interface. The virtual storage controller 32 will be described in more detail in the secure virtual storage controller 4A depicted in FIG. The second layer virtual storage controller 33 includes a SATA host interface 331, a coded engine 333, and a plurality of secure digital device interfaces in parallel. Virtual Storage Controller Magic and No. 097116226 ^ Li ^_ Case Chinese Manual and Graphic Replacement (|〇1年八月) Not straight to the flash memory _ to the third layer storage device, ie - security digital (Se thief out of the SD) card 1 〇. As long as the number of pins and cost system are reasonable, the SD card 10 can be replaced by any flash card or driver, for example: compact flash card (CFcard) ^ + (multimedia compact card; read ^ ♦ crane 11 Wei Yi stick Ue bribe ystidO. In this embodiment, each secure digital card 1G has six (four) pins. The four health-care components require a total of four seven-segment pins, where each full-digit card has two flashes. The memory component, rather than the white technical towel, has a total number of (four) signal pins required for flashing the memory component. Therefore, the present invention can be self-controlled (4) the structure of the wafer is reduced - large cost, and has Good manufacturability and testability. Even though the first layer of secure virtual storage controller 32 and the second layer of secure virtual storage controller 33 may have different types of device interfaces, the structures of the two are substantially the same. The device interface is compatible with the storage host interface, and the first layer of the secure virtual storage controller 32 can be cascaded (easeaded) while expanding more of the second layer of the secure virtual memory controller 33. Accordingly, by this expansion The density and performance of the system will increase exponentially. In the structure of the most simple and secure solid state disk system, the host system 3 is directly connected to the "33" of the second layer of virtual storage control (4) 33. The smallest secure and expandable E] state disk line includes only two layers of the second layer storage controller 33 and the third layer storage device 10. The first layer encoding engine 323 and the second layer encoding engine 333 All can be independently enabled (enable), disabled (disable) and configured (c〇nfigured)... 3 'only need the upper level coding engine' other lower coding engines will be disabled. It will be explained in more detail in Figure 13. 12 1373713·..·.,. * The manual is on the host health interface, which can be controlled by the SATA host interface 33丨 and the first layer virtual storage. In the present embodiment, the storage interface can be a series of ata or sata virtual storage controllers 33. The secure virtual storage controller 4 shown in FIG. 4 will be described in more detail. 4 Figure does not 'secure virtual storage controller 4〇 contains one The storage host medium-interrupt processor 42, the host command and the data processor 43, the central processing unit, the Cessing unit; (10) 44, the program clock 45, a random access memory (random access memory; RAM) and buffer牝, - data write processor _, - data read processor 402, - passthr〇ugh, command processing ^ 4 〇 3, - state and attribute capture processor, a region command processor 4 〇5, ^ 擎, a virtual storage processor 407 α and a plurality of storage device interfaces. As long as the storage interface is compatible, the virtual storage controller of the present invention can be serially connected and expanded. If you need to increase the density, you can increase the density by adding a second layer of virtual storage control (4). According to this, more third-layer storage devices can be added to expand the density. The secure and scalable solid state disk system of the present invention provides for a number of levels of storage density expansion as compared to conventional techniques. ''The safe and scalable solid-state magnetic system of the present invention is based on a standard flash card (such as a security digital card) as a flash memory basis. A building block will bring a number of benefits: 1. The average erase of the flash memory is specified to be completed on a local secure digital card. The flash element of the body does not require a large average erase. 2. Manufacturability and testability are performed on the storage device layer of the secure digital card. The device is easier to manage than the solid state disk system layer. ¥ 13 丄川713第〇97丨丨6226蝝利's application for Chinese manual and graphic replacement (丨〇1丨〇August) 3.·Designed and developed to be completed within 1〇 of the security digital card The standard secure digital controller 12 thus supports and takes advantage of the new flash technology without any time delay. Shorter full digital card between listed companies (1) The secure and expandable solid state disk system 31 is ready for sale under cost density and system performance. 5. Due to the basic block structure of the secure digital card 1G, many costs can be saved from the difficult flash technology. 6. System performance is improved due to virtual storage processors 32,33. Virtual storage device *Tk for the virtual storage concentration set (aggregati〇n) and the required system performance set call operation, the theoretical system performance will be the same as the number of secure digital cards and each security digital card The product of both system performance. An Wang f is produced by the hardware coding engine 323 or 333. The password authentication function is independently owned by the -USB beacon 35. Therefore, the secure and scalable solid state disk system provides better system performance and security. The storage host interface 41 is for optical connection with the upload streaming host system 30 or another upper-layer secure virtual storage controller. The storage device interface 4 is configured to be coupled to the downstream streaming storage device 10 or another secure virtual storage controller. Figure 5 is a block diagram of another embodiment in accordance with the present invention, which is a secure and scalable solid state disk system 39 having a facet. The host system 5〇 includes the processor (not shown in the figure). The memory (not shown), the input and output (not shown), the USB " surface (not shown), and the PATA host control it 54 〇PATA Host Controller 54 The USB interface is connected to the _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 1373713., Japanese Patent Application No. 097116226, and a replacement of the drawings (August/August/The secure and expandable solid state disk system 39 with PATA interface includes a first layer of secure virtual storage controller 38. - The second layer of secure virtual storage control 32, two third layer of secure virtual storage (4) m 33 to form a fourth layer storage device secure digital card 1 〇. As described above, the structure of the present invention is in density and system performance. The same can be expanded and concatenated as shown in Figure 4, program memory 45 can be used for financial firewall and virtual storage controller information, random access memory and slow _46 wealth storage packet rib cache ((10) (four) operation The data writing processor 401 is consumed by the encoding engine to the virtual storage processor, and the programming engine is used for real-time hardware encryption. The data can be converted, encrypted and transmitted from the buffer to the virtual storage processor. 407. The data reading processor 402 is consumed by the encoding engine to the virtual storage processor, and the programming engine is used for real-time hardware decryption operations. The data can be self-virtual storage processor 4〇7 Convert, encrypt and transfer to the buffer. The pass instruction processor is used to process instructions that do not require any area processing. The pass command is unencrypted or transmitted directly to the downstream stream. Status and Attributes Processing Processor Side returns a specific status and/or attribute to the uploading stream host system' or a higher level virtual storage control (4). If the status or miscellaneous (four) controller has too much time to return 'state and attribute retrieval processor marriage will be the request Upload the streaming host system or the upper layer of the virtual storage control (four) display - busy Wei [when the specific shape or miscellaneous shirt «' Jing processor 42 and electricity · money to start work: ^ handle S42 production - soft weight The central processing unit is configured to warm the booting of the secure virtual storage controller 40. Accordingly, the interrupt processor seems to interrupt the system 15 1373713 No. 097丨! 6226 No. 1 patent Chinese manual and schema replacement ( (August 101) uploads the stream and asks the virtual storage controller (9) (4) to report the status or attributes again. This mechanism will synchronize and synchronize when the host and device operate at different speeds. Requiring the domain, it takes more time to arrange. With the program memory 45 pre-planned - specific as y), each security virtual = controller 40 will be identifiable. Figure 6 is Initialize the safe virtual storage controller to the king. After the boot, the secure virtual storage controller 4. The first time is initialized, in step 61, the touch virtual storage (four) device has been lining ^ if yes, then In step, the host instruction processor is started. Otherwise, in step 63, the controller will send a directory of the storage device to the downstream stream. Once the streamed storage device 1 is After identification, the physical storage devices 1G will be relied upon in step 64. Next, they are initialized via step 5. The virtual storage (four) is slaved to ready in step (4).

After Ik, step 67 is executed and the interrupt handler is started. Broken New Zealand _. First, whether the stream is transmitted via the frequency = (four) k is interrupted. If so, the secure virtual controller 40 is configured again via the virtual storage controller of step 74: 73. Step The software resets 47 to the central processing unit 44 so that the secure virtual system will: warm into the boot. When the host and the device operate at different speeds, the machine ~, ', sync, and its towel' need to spend more time after the device is initialized. ^ The above description is the process of initializing the secure virtual storage controller 40. A flowchart of the execution of the host command. The host command and data processing are not (eight) this ue叩) and buffer between the storage host interface 41 and the encoding engine 4〇6 16 1373713 '../. 097116226 patent application Chinese manual and schema replacement (丨01 8 After the step, the instruction sequence that has been taken out is handed over to the host computer for the routine of the 7 processor to be processed in step 8. In step 83, if the file is taken out, The command queue is judged as a data write command, and a data write command processor '401 is awakened in step 8〇2. If the command is retrieved in the step, it is judged as a data. Read command, a data read command processor 402 is woken up in step 8 。 3. In step 82, if the fetched instruction queue is determined to be a pass instruction, the pass command processor 403 It is awakened in step 801. In step 85, if the command sequence fetched by φ β is judged to be a state/attribute fetch instruction, a state/attribute fetch processor 404 is stepped in step 8〇4. Wake up. Otherwise, an area command processor 4〇5 will be in step 805 The area command processor 4〇5 processes the region functions of the encoding engine 406, the virtual storage processor 407, and the regional virtual storage controller 40. As shown in Fig. 9, the regional instruction set 90 includes:

A. User provides instruction 91 1 Password function command 94 1. Set password 941 2. Change password 942 3. Password authentication 943 4. Set password prompt 944 5. Get password prompt 945 6. Get an attempt (946) times 946 7 Initialization and splitting requirements 947 a. Set the encrypted gold record 9471 17 1373713 b• Obtain the new encryption key 9472 ii. Store the split instruction 95 8. Get the virtual storage attribute 951 9. Initialize the split size 10. Format 953 B. Area status Capture 92 C. Vendor-supplied instructions 93 i. Virtual Storage Processor Configuration 96 η. Obtain virtual storage controller identification (identity; iD) 96i 12. Set virtual storage mode (clustered disk 'independent magnetic 4 redundant array or Others) 962 ii. Coding Engine New State 97 13. Set Encoding Mode 971 14. To this Coding Engine 972 15. Obtain Encrypted Gold Record 973. iii. Password Attribute Configuration 98 16. Set Main Mima 981 17·Setting The maximum number of attempts is 982 18. Set the management mode flag (flag) 983 19. Set the default password 984 iv. Test mode command 99 The user provides the command 91 professional domain application (4), which contains the USB signal 35 The weight authentication function. The user provides the command 9 and includes the password function command 94 1373713 Chinese manual and the storage split command 95. The manufacturer uses the manufacturer's instructions 93 to configure the solid state disk system. The vendor-provided instructions 93 include a virtual storage processor configuration 96, an encoding engine configuration index 97 属性 property configuration 98, and a test mode command 99. The zone status fetch instruction % ‘ is used to return the corresponding state of the virtual storage controller. The virtual storage controller ID command 961 is used to return the specific ID stored in the program memory 45. Set the virtual currency mode command %2 visual system performance requirements or power consumption, set a bunch of disks (JB〇D) 'redundant arrays 〇findePendent disks (RAID) or it The mode of operation. Setting the encoding mode refers to the 971 system used to set the encryption mode of the encoding engine. The Enable Code Engine Instruction 972 is used to enable the code engine. Set the management mode flag to allow or disable the provision of a solid state disk system using 2 (in the field). If the flag is set to unmanaged mode, then the USB beacon must be pasted to provide and initialize the solid state disk system again. If the flag is managed as a management system, it must be connected to the pipe paste to provide the original pure magnetic radiation. The refractory is set by the tester. The test can be maintained by the manufacturer to test the solid state disk system. Before the ready-to-use, the solid-state magnetic system must pass the manufacturer's quasi-pounds as shown in Figure 3 during the production process. The preparation is based on the safety and expandable solid-state disk system. The controller 34 or a coffee message is linked to a host system to achieve. The 1G chart is a flow chart for configuring the simplification. First, at the step, wait for the secure virtual storage control (4) to be ready. When the controller is ready, the manufacturer presets the set value; v is loaded in step 102. The virtual storage processor begins to be configured in step 1-3. After that, the encoding engine starts to be configured in step 1. In step ι〇5, it is required to enable the encoding engine. 19 1373713 No. 097丨16226 'Patent Application' Case Chinese Manual and Drawing Replacement (August 1st) Figure 1 is a flow chart for configuring a virtual storage processor. As shown in FIG. 11, in the step, the virtual storage mode is set, that is, using one of the regional instructions to set the virtual storage mode 962. The virtual_operation mode can be set to brain D, RAID or others. The physical storage device directory 64 (see Figure 6), a virtual storage π & is completed in step 112. Create a virtual storage identification directory. In step 113, a virtual storage device directory is created. Via step 114, the virtual storage processor 7 (see Figure 4) is used to establish a physical-to-logical address translation directory. Subsequently, in step ιΐ5, the virtual storage processor is set to the ready state. Figure 12 is a flow chart of configuring the encoding engine. In step 121, the comma engine is configured via these areas, and an encoding mode setting command 971 is sent. Next, in step 122, 'A command 982 to attempt a set maximum number of times is sent. In step (2), a get encryption key command 973 is sent. Therefore, in the coding engine 4〇6, the use-green generator 134 generates a random number key (not shown). The random number of gold wheels is encrypted and returned in step mo to obtain the encrypted gold input command milk. If the request in the step coffee - master password, do not 222 towel initialization - get the master password command program and send - set the master password command % in step (2), determine whether the flag is in the management mode: If the shell in step j In I24, the encrypted gold record is stored in the management feeding service as required. From no, the encrypted record is stored in the USB beacon 35 via step 125'. The master password is sent to the encoding engine via the password setting command 981 in step u. Then, the encrypted 6 master password will be stored in the solid magnetic meal, the towel (not shown). In the step coffee, = is set by the command 984 - the default password. The encrypted default password will then be saved in the internal disk system (® not shown). The encoding engine can be disabled or enabled. If the port is enabled 'encoding engine' in step 127, the visual requirements are set to execute - specific ^ 20 1373713 'patent application No. 97丨丨6226 Chinese application and schema replacement (August 101) mode . Subsequent 'Code Engine Readiness Flag' Figure 13 is the block of the code engine. It is set to Ready in step 128. Figure. The encoding engine 406 includes a random number generator RNG 134, a hash function HASH 131, a second data encryption engine ENG3 133, a first universal encryption engine ENG2 132, a storage upload stream interface 135, and a storage downstream stream. Interface 136.编瑞塾塾塾% Λ — 勒% 擎 砰 砰 请 请 请 请 请 请 请 请 请 请 请 请 请 请 请 请 请 请 请 请 请 请 美国 美国 美国 美国The host system 30 will perform password authentication depending on the inserted USB symbol %. Referring to Figure 14A, in step 14, the host system 3 is turned on after cold booting. In step (4), the USB Su 35 is also cold booting. And via step 142, the USB beacon operation is initiated. Please refer to S 14B. In step 143, the host system 3 is turned off. The solid state disk system is also turned off in step 144. And because the power is interrupted in step 145, the encrypted Jinlin in the solid state disk system is lost. In step 146, the flip disk system will maintain encryption as long as the encrypted gold record has not been replied by the password authentication function of the manned USB·35. Please refer to page 14D_, after step 14〇3, after the host system 3〇 sleeps. In step 1404, the solid state disk system also sleeps. And because the power is interrupted in the steps, the encrypted money of the solid-state disk system will be lost. In the step just towel /. 'To encrypt the gold record yet,' and the second solid disk system will maintain the encryption state by the password authentication function of the USB signal 35. Referring to Figure 14C, in step 1400, host system 30 wakes up from sleep. In step 1401, the usb beacon 35 is also cold-booted, i.e., as depicted in Figure 14A. Finally, in step 1402, the USB beacon operation is initiated. Figure 15 is a flow chart of USB signal activation. As shown in Figure 5, in the ι 51 2! 1373713 No. 097丨丨6226 'patent application Chinese manual and graphic replacement (1〇|August), once the USB beacon network server is turned on . In step 152, the USB beacon waits for the storage and encoding engine to be ready. Next in step 153, the password authentication function is activated. For detailed implementation steps of the password authentication function, see U.S. Patent Application Serial No. 11/643,101. In step 154, if the initial and split requests are generated via the user command 947, the encoding engine will obtain a new random number record (not shown) from the random number generation is 134. Then, in step 1541, the flag will be judged whether it is in the management mode. If not, in the step, the encrypted gold is drawn from the USB beacon 35. Otherwise, the encryption key is retrieved from the management server in step I%. Then, in step 1544, the encryption key is sent to the encoding engine via the set cryptographic input command 9471. The code (4) decryption surface takes the gold record (the code engine (not shown) is not shown to capture and decrypt the encrypted master password. Subsequently, the random number generator 134 (not shown) generates - Wei The master password can be encrypted by the encoding engine (not shown) using the new key. In step (10), the function will be initialized to obtain a new encrypted record command 9472. In steps 1546, (10) , visual requirements (4) encryption gold _ vehicle management ship material concealed standard% towel. In step (10), the user requests and configures a new user password. The master password and user password are regenerated by the hash function (3) and stored in solid magnetic The disc system (not shown and configured in step 1549, the solid state disc system partitioning. If the request is not initialization and splitting, then in step 155 'will determine whether a 1 code authentication request is generated. If yes, then step In step (10), password authentication is initiated. If not, it is determined in step 156 whether a request to generate a change weight is generated. If so, in step Μ?, the weight change function is activated. Otherwise, Go back to step 155 The succession judgment is the shirt new (four) code. Τ 22 1373713 = No. 097丨丨6226 patent application Chinese manual and schema replacement (August 1st) Figure 16 is the flow chart of password authentication First, in step 161+, it is determined whether the password has been authenticated. If yes, then in step 164, the code is captured and the encoding engine is recorded in the encoding engine to open the access. Then, in step 165, Unloading (fine t t) USB beacon. Step 166 +, the solid state disk system is installed. In step 167, control is transferred to the ID state disk system. If the password is not authenticated, it is determined in step 162 whether it is exceeded. Taste the maximum number of people (maximum number 咖f coffee; if the result is affirmative, then in step 163, start a counterattack measurement (Caf_Brain_) to resist malicious attacks. Otherwise, in step 168 The count of the number of f trials (η·- attempts; NOA) is increased. Finally, in step 169, the process returns to step 154 of the password loop shown in Figure i5. Despite the safe and scalable solid state magnetic field according to the present invention. The disc system can operate on a secure digital card, and more Body card, micro flash card 'Cong device, memory stick, high speed card, logic block address-reverse (logical block addressing-NAND; LBA-NAND), open anti-flash memory interface (open NAND flash Interface; 〇Νπ), any interface of an embedded multimedia card (eMMC) and an embedded secure digital card (eSD). The person skilled in the art can easily apply the magnetic The replacement of the disc button into a face-like memory device does not violate the spirit and protection of the present invention. The above-described embodiments are merely illustrative of the embodiments of the present invention, and the technical features of the present invention are widely disclosed to the present invention. Any changes or duplications that can be easily accomplished by those skilled in the art are intended to be within the scope of the present invention. The scope of the present invention should be determined by the scope of the patent application. [Simplified description of the drawings] 23 1373713 Patent application No. 097116226 Chinese specification and schema replacement (August, 101) Figure 1 is a block diagram of a secure digital card of the prior art; A schematic diagram of coupling of a host system and a conventional solid state disk system; FIG. 3 is a host system coupled with a USB signal to a SATA-based secure and expandable solid state magnetic based on a three-layer structure Figure 4 is a block diagram of a secure virtual storage controller; Figure 5 is a host system coupled to a USB beacon to a four-layer PATA-based secure and expandable solid state Block diagram of the disk system; Figure 6 is a flow chart for initializing the secure virtual storage controller; Figure 7 is a flow chart for executing the interrupt processor; Figure 8 is a flow chart for executing the host command processor; Figure 9 is a regional command processor of the secure virtual storage controller, its internal regional command table; Figure 10 is a flow chart for executing the manufacturer; Figure 11 is a flow chart for configuring the virtual storage processor; Figure 12 A flowchart for configuring the encoding engine; Figure 13 is a block diagram of the encoding engine; and Figures 14A-14D are flowcharts of cold booting, shutdown, hibernation, and wake-up by sleep of the host system; A flowchart for booting a USB beacon; and Figure 16 is a flow chart for password authentication. [Main component symbol description] 10: Secure digital card 1373713 · Patent application No. 097116226 Chinese version and schema replacement (August, 2011) 11: Physical interface 12: Secure digital card controller 13: Flash memory 14 : interface bus 131: hash function HASH 132: first universal encryption engine ENG2 133: second data encryption engine ENG3

134: Random Number Generator RNG 135: Store Upload Streaming Interface 136: Store Downstream Streaming Interface 20: Host System 21: SATA Host Controller 25: SATA to Flash Memory Controller 251: SATA Host Interface 252: Fast Flash device interface 30: host system 31: secure and expandable solid state disk system 32: first layer secure virtual storage controller 33: second layer secure virtual storage controller 34: SATA host controller 35: USB beacon 38 : The first layer of secure virtual storage controller 39: Secure and expandable solid state disk system 25 1373713 Patent application No. 097-6226 Chinese specification and schema replacement (August 101) 321 : SATA host interface 322 : SATA Device Interface 323: Encoding Engine 331: SATA Host Interface 332: Secure Digital Interface 333: Encoding Engine 381: PATA Host Interface 383: Encoding Engine 40: Secure Virtual Storage Controller 41: Storage Host Interface 42: Interrupt Processor 43: Host command/data processor 44: central processing unit 45: program memory 46: random access memory/buffer 47: reset 401: data write processor 402: data read processor 403: Line Instruction Processor 404: State and Attribute Acquisition Processor 405: Area Instruction Processor 406: Encoding Engine 407: Virtual Storage Processor 1373713 Patent Application No. 097116226 Chinese Specification and Graphical Replacement (August 101) 408 : Storage Device Interface 50: Host System 54: PATA Host Controller 90: Zone Command Set 91: User Provides Command 92: Zone Status Capture 93: Vendor Provides Instructions

94: Password function instruction 95: Store split instruction 96: Virtual storage processor configuration 97: Encoding engine configuration 98: Password attribute configuration 99: Test mode command 941: Set password 942: Change password

943: Password authentication 944: Set password prompt 945: Get password prompt 946: Get a number of attempts 947: Initialization and split request 9471: Set encryption key 9472: Get new encryption key 951: Get virtual storage attribute 27 1373713 No. 097116226 Patent Application Chinese Manual and Graphical Replacement (August 101) 952: Initialization Split Size 953: Format 961: Get Virtual Storage Controller Identification 962: Set Virtual Storage Mode 971: Set Encoding Mode 972: Enable Encoding Engine 973: Acquire encryption key 981: Set master password 982: Set the maximum number of attempts 983: Set management mode flag 984: Set preset password

Claims (1)

1373713 Patent Application No. 097116226 Chinese Specification and Drawing Replacement (August 101) X. Patent Application Range: 1. A secure and scalable solid state disk system (SSSD) The method of resynchronizing with a host includes the following steps: - displaying a busy state to the host or an upper layer virtual storage controller requesting to upload the stream; sending an identification command to the directory of the next stream stream storage device; Testing the identified downstream streaming storage device; initializing an encoding engine; and initiating an interrupt handler to synchronize the secure and expandable solid state disk system with the host. 2. The method of claim 1, wherein the step of initiating the interrupt handler comprises: generating an interrupt to the host; and generating a software reset to a regional central processing unit. 3. The method of claim 1, wherein a host instruction processor is started when the solid state disk system is synchronized and initialized. 4. The method of claim 3, wherein the step of initiating the host instruction comprises: • analyzing the queue of the instruction; determining that the instruction is a data read instruction, a data write instruction, a state and attribute capture One of an instruction, a pass instruction, and an area instruction; when the instruction is a data read instruction, the instruction is sent to a data read processor; 29 Chinese Patent Specification and Graphical Replacement of Patent Application No. 097116226 (August of the following year) When the instruction is a data write instruction, the instruction is sent to a data write processor; When Xuanzang 9 is a pass instruction, the instruction is sent to a pass instruction to process the descendant, and when the instruction is a state and attribute fetch instruction, the instruction is sent to the state and attribute capture processor. Otherwise, the instruction is sent to a regional processor. A computer-readable recording medium, comprising program instructions for resynchronizing a secure and scalable solid disk system with a host, the program instructions comprising: a host or an upper layer for explicitly uploading a stream The virtual storage controller displays - a busy state; sends an identification command to the directory of the downstream streaming storage device; tests the identified downstream streaming storage device; initializes an encoding engine; and initiates an interrupt handler to synchronize the A secure and expandable solid state disk system and the host. The computer-readable recording medium of claim 5, wherein the program instruction to start the interrupt handler comprises: generating an interrupt to the host; and generating a software reset to a regional central processing unit. The computer readable recording medium of claim 5, wherein a host instruction processor is started when the solid state disk system is re-synchronized and initialized. The computer-readable recording medium as described in claim 6 wherein the host instruction is activated by 1373713 Patent No. 097116226, the Chinese manual and the schema replacement (August, 101) program instructions include: analyzing the instruction Determining that the instruction is one of a data read instruction, a data write instruction, a state and attribute capture instruction, a pass instruction, and an area instruction; when the instruction is a data read instruction, sending the instruction The instruction is to a data reading processor; when the instruction is a data writing instruction, the instruction is sent to a data writing processor; when the instruction is a pass instruction, the instruction is sent to a pass instruction processing And when the instruction is a state and attribute retrieval instruction, the instruction is sent to a state and attribute retrieval processor, otherwise the instruction is sent to a regional processor.