this is the home page of  StorageSearch.com
leading the way to the new storage frontier .....
DRAM latency
DRAM's latency secret ....
memory channel storage
memory channel SSDs ...
DIMM wars - expect more
can memory do more? ....
hybrid DIMMs
hybrid DIMMs
..

is data remanence in persistent memory a new risk factor?

maybe the risk was there all the time

by Zsolt Kerekes, editor - StorageSearch.com - August 3, 2016

In 1981 I noticed that the contents of the RAM on a couple of preproduction processor boards which I was playing around with retained substantially most of the test data patterns which I'd initialized them with - even after switching the power off.

(These cards were part of an intelligent IO system I'd co-designed and for which I was writing the firmware. I remember it well because I was using 2 separate in circuit emulators. One controlled by typing wth my left hand, the other with the right.)

storage test equipment and analyzersMy focus was checking the repeatability of the analog IO side of these systems (from digital to analog and back again) at room temperature before we put them in the temperature characterization ovens and ran interference tests but I was surprised that the memory remembered - because that really wasn't what I was expecting.

I noticed that whenever I repeated the power off and power back on again cycling (into what we'd now call a "cold boot" condition) most of the contents of the memory looked similar to what they had been before, instead of scrambled which is what I expected.

Sure there was some corruption - but most of the old data was clearly visible.

It was interesting - but so what? In my earlier work at a previous company similar things must have happened. But I had never noticed - due to using more primitive tools and working under much greater time pressure.

Hm - so RAM can remember data after losing power...

I tucked this away as an interesting thing to remember and didn't think about it for another 10 years. (That old memory was SRAM BTW.)

So - about 10 years later - in 1991 - I had a customer with ultra sensitive applications who absolutely, under no circumstances whatsoever would return an expensive processor - offsite for a planned logic upgrade.

This was one of those sites where they point a gun at you as they check your ID and look in under your car and bags.

Disk Sanitizers
disk sanitizers
.
Their rigid process was - if it's got memory on it (and this card had a lot of DRAM and a lot of processors) then it had to stay forever under their control once it had been used.

If it couldn't be fixed on site it would be destroyed (probably with a special mechanical shredder).

Remembering back to my earlier experience (in 1981) I concluded that my customer almost certainly had the ability to read cold memory contents themselves and they were not going to be amenable to any textbook waving engineer telling them something which they knew and I knew was patently false:- that RAM loses its data after being unpowered.

So the options we had at that time were:- to test things better before shipping them and - if repairs were needed - to figure out how they could be done on-site.

In those days I wasn't really into storage jargon.

And in the 25 years which followed that - during my cut and paste career as a publisher and editor of this publication and its predecessor - the term "remanence" (which is the jargon term for this) occurred rarely if ever - and when it did - was always in the context of ensuring the security of data in non volatile storage products such a hard disk sanitizers and autonomous data destruct SSDs.

Looking back from the solid state storage everywhere context of today it may be easy to conclude that I've had a very narrowly focused career.

I would counter that saying my horizons have been occasionally broadened with other storage media (which are sadly no longer with us) and other data related aspects such as stories about data recovery and software.

Having thought about these things in recent days - obviously while reading and writing about the shape of future memory systems architectures we might yet see - I thought - isn't it a bit strange that I haven't come across this angle (of recovering data from cold DRAM) in any of the stories here on the mouse site?

Maybe you imagined it? Or maybe you just missed it? I thought.

recovering data from cold DRAM

So I did a quick Google search this morning and was reassured to find that there some published literature on this topic.

The first example I found was a paper - Lest we remember: cold boot attacks on encryption keys (pdf) (2008) in which the authors did experiments on cooling memory with freezer spray to see how much data would stay intact for how long:-
  • 99.9% of bits after 60 seconds unpowered
  • 0.2% decay after 60 minutes
From which article I quote - "This suggests that, even in modern memory modules, data may be recoverable for hours or days with sufficient cooling." ...read the article (pdf)

To which I would add - you can skip the cooling requirement and get a recoverability time of days if you use DSP techniques and play around with the RAM voltages.

So... what's the point of mentioning this now?

Having gone down this tour of memory lane and observing that if you're recycling servers then there's a security vulnerability in the DRAM on those processor boards - not just in the much better known HDDs and SSDs.

And BTW don't rely on encryption to protect the DRAM contents - because your processor and its memory contents are on good speaking terms.

My point is that - now we're seeing new types of persistent memory creeping into DIMM sockets. And not just the flash backed hybrids but flash as RAM too.

So now you've got terabytes of data in these sockets. (And depending on your workloads some of this data stays in place for days or even weeks without being swapped out.)

And when the power is switched off - even without recourse to freezer spray - the contents will be there - clearly visible to someone with the right forensic skills - for months or years - same as if it were on a hard drive.

This creates new doors of opportunity for those in the business of making sure that doors which are thought to be shut stay firmly closed.

encrypting memory controllers?

After posting the above I did some more looking around for related articles and found this - Defending Against Attacks on Main Memory Persistence (pdf) - which was written in 2008 by clever people at the Department of Computer Science and Engineering, Penn State University - which just goes to show that when it comes to SSDs you have to go back many years in time to find articles which discuss the hot topics of today.

Among other things in that paper the authors say:- "The introduction of NVDIMM memory invalidates a basic assumption upon which OS and application security is based."

They go on in that paper to discuss an encryption based memory controller "to ensure plaintext data is never written to the persistent medium." ...read the article

Their context at the time was low capacity alt nvms but the ideas discussed will give you a foretaste of what to anticipate in new SCM DIMM wars products.
....
SSD ad - click for more info

Take a look at these guides:-
....

StorageSearch.com is published by ACSL founded in 1991.

..
storage search banner
....
new "goodness" numbers needed
for DIMM wars memories
is it realistic to talk about memory IOPS?
.
security in hybrid DIMMs still waiting for JEDEC
Editor:- August 18, 2016 - SMART Modular recently announced imminent sampling of its 32GB DDR4 NVDIMM-N (hybrid DIMMs).

Editor's comments:- Having written my blog - is data remanence in persistent memory a new risk factor? - I asked SMART - "Does your IP offer the option to encrypt data backed up to the flash in the NVDIMM?"

Arthur Sainio who is Director Product Marketing at SMART told me - "Yes, it does have the capability to do encryption, but it has not been enabled. We are in discussions at the JEDEC meetings as to how this is implemented with the NVDIMM specifications."
....
SSD ad - click for more info
....
Marketers have as much to do with the DWPD ratings you see on SSDs as engineers.
what's the state of DWPD?

..
where are we heading with memory intensive systems and software?
there's more to future change in SSD than DIMM wars

..
Are you whiteboarding alternative server based SSD / SCM / SDS architectures? It's messy keeping track of those different options isn't it? Take a look at an easy to remember hex based shorthand which can aptly describe any SSD accelerated server blade.
what's in a number? - SSDserver rank

..
In my first conversation with NVMdurance's CEO earlier this year (April 2016) I asked an important question which had been on my mind ever since I read about the company's endurance stretching IP....
the evolutionary aspect of NVMdurance's revolutionary IP

..
pcie  SSDs - click to read articleI think it's not too strong to say that the enterprise PCIe SSD market (as we once knew it) has exploded and fragmented into many different directions. (And some big bang PCIe SSD dreams have shrunk too.)
what's changed in enterprise PCIe SSD?

....
The enterprise SSD story...

why's the plot so complicated?

and was there ever a missed opportunity in the past to simplify it?
the elusive golden age of enterprise SSDs

....
DRAM latencySetting the scene for DIMM wars

The DRAM market's new clothes had long been invisible.

But the SSD market was too preoccupied with lower hanging storage fruit.
latency loving reasons for fading out DRAM

....
the SSD heresies
Why can't SSD's true believers agree on a single shared vision for the future of solid state storage?
the SSD Heresies

..
SSD ad - click for more info

..
Why do SSD revenue forecasts by enterprise vendors so often fail to anticipate crashes in demand from their existing customers?
meet Ken and the enterprise SSD software event horizon

....
Who's got all the answers to help understand how all the changes in the SSD market are coming together?

The answer is - no one and everyone and you too.
the SSD Bookmarks

..
These fast evolving critters haven't read what it says on your jungle bug spray.
the survivor's guide to enterprise SSDs

....
boom bust article
Why do semiconductor memory makers get into oversupply and lossy pricing?
an SSD view of memory boom-bust cycles

....
custom SSDsIf it cost more - no one would do it.

Custom is an important business differentiator in the way that SSD companies do business.
some thoughts about SSD customization


..
90% of the enterprise SSD companies which you know have no good reasons to survive.
market consolidation - why? how? when?


..
"...Application-unaware design of memory controllers, and in particular memory scheduling algorithms, leads to uncontrolled interference of applications in the memory system"
Are you ready to rethink RAM?


..
"The winners in SSD software could be as important for data infrastructure as Microsoft was for PCs, or Oracle was for databases, or Google was for search."
all enterprise data will touch an SSD