SSDs Harder to Erase Than HDDs
Paper from students from University of California, San Diego
By Jean Jacques Maleval | February 21, 2011 at 3:18 pmReliably Erasing Data from Flash-Based Solid State Drives
by Michael Wei, Laura M. Grupp, Frederick E. Spada, Steven Swanson Department of Computer Science and Engineering, University of California, San Diego, and Center for Magnetic Recording and Research, University of California, San Diego
Abstract
Reliably erasing data from storage media (sanitizing the media) is a critical component of secure data management. While sanitizing entire disks and individual files is well-understood for hard drives, flash-based solid state disks have a very different internal architecture, so it is unclear whether hard drive techniques will work for SSDs as well. We empirically evaluate the effectiveness of hard drive-oriented techniques and of the SSDs’ built-in sanitization commands by extracting raw data from the SSD’s flash chips after applying these techniques and commands. Our results lead to three conclusions: 
- First, built-in commands are effective, but manufacturers sometimes implement them incorrectly.
- Second, overwriting the entire visible address space of an SSD twice is usually, but not always, sufficient to sanitize the drive.
- Third, none of the existing hard drive-oriented techniques for individual file sanitization are effective on SSDs.
This third conclusion leads us to develop flash translation layer extensions that exploit the details of flash memory’s behavior to efficiently support file sanitization. Overall, we find that reliable SSD sanitization requires built-in, verifiable sanitize operations.










