CN118260126A - Data protection method and device for NAND FLASH abnormal power failure - Google Patents

Abstract

The invention relates to a data protection method and a device for NAND FLASH abnormal power failure, wherein the method comprises the following steps: the power management unit detects the real-time voltage of NAND FLASH chips in real time, and if the power management unit confirms that the NAND FALSH chips are in an abnormal power-down state, the power management unit immediately sends an interrupt signal to the central processing unit; the central processing unit executes an interrupt service function to control the NAND flash memory controller to interrupt the writing operation of NAND FLASH chips; based on the ECC module of the main control terminal, the main control terminal scans data in the whole disk after the next power-on, if the ECC decoding fails, the upper layer driver is informed, the upper layer driver receives the information of the ECC decoding failure from the bottom layer driver, and the data which fails in decoding is considered to be abnormal data. The invention can protect the data disorder caused by abnormal power failure.

Description

Data protection method and device for NAND FLASH abnormal power failure

Technical Field

The invention belongs to the field of memory chips, and particularly relates to a data protection method and device based on NAND FLASH abnormal power failure.

Background

Along with the development of the times, NAND FLASH is favored by the market by virtue of the characteristics of excellent read-write performance, power saving, higher stability, reliability and the like, and the traditional mechanical hard disk has faced the obsolete situation. In recent years, the development of the storage industry is rapid, the price of NAND FLASH is lower than that of the prior art, the application of NAND FLASH is greatly promoted by a mass of domestic storage manufacturers, and the market popularity is continuously high. Therefore, NAND FLASH data security and integrity problems are becoming more and more important.

Currently, data integrity protection measures for NAND FLASH power down scenarios are different among the commercial storage vendors. It is worth noting that the effective protection measures not only require the solution provided by the storage manufacturer, but also require close coordination of the master. At present, the cooperation between a storage manufacturer and a main control is not tight enough, so that so-called protection measures are generally low in software and hardware coordination degree, and effective protection is difficult to generate.

The existing NAND FLASH abnormal power-down data protection scheme has the defect that the response time is too long, and the power-down behavior is known to occur at a moment, if the response time is too long, the time left for actually implementing the protection measures is too short, and the power-down data protection is not implemented in place. The protection measures of some manufacturers lack independent power management modules and voltage jitter resistant devices, so that the power-down scene cannot be accurately judged, even misjudgment can be carried out in extreme scenes, and the use experience of users is seriously affected.

Of course, part of industries cannot meet the self-protection of a storage device against a power failure scene due to higher requirements of safety, and an additional standby power supply or a large-capacity capacitor is also provided for data protection. For example, in order to avoid damage to data caused by electric field failure, some electronic devices on automobiles are additionally provided with a spare battery type high-capacity capacitor, so that the electronic devices can completely perform read-write operation under the condition that an external power supply is unstable, and power failure is performed after all operations are completed. The scheme is feasible, but has high cost, large occupied space and no universality.

Disclosure of Invention

The invention provides a data protection method and device for NAND FLASH abnormal power failure, which aim to at least solve one of the technical problems in the prior art.

The technical scheme of the invention relates to a data protection method and a device for NAND FLASH abnormal power failure, wherein the data protection method for NAND FLASH abnormal power failure is applied to a data protection device for NAND FLASH abnormal power failure, the data protection device for NAND FLASH abnormal power failure comprises a main control end and a NAND FLASH chip which are sequentially connected, the main control end comprises a power management unit, a central processing unit and a NAND flash memory controller which are sequentially connected, the output of the NAND flash memory controller is connected with the NAND FLASH chip, and the method comprises the following steps:

S100, the power management unit detects the real-time voltage of NAND FLASH chips in real time, and if the power management unit confirms that the NAND FALSH chips are in an abnormal power-down state, the power management unit immediately sends an interrupt signal to the central processing unit;

s200, executing an interrupt service function by a central processing unit, and controlling the NAND flash memory controller to interrupt the writing operation of the NAND FLASH chip;

and S300, after the next power-on, the master control end scans the data in the whole disk, if the ECC decoding fails, the upper layer driver is informed, the upper layer driver receives the information of the decoding failure of the ECC from the bottom layer driver, and the data with the decoding failure is considered to be abnormal data.

Further, step S100 includes:

S110, under normal conditions, the real-time voltage of the NAND FLASH chip is kept in a voltage range of normal operation;

s120, if the power management unit detects that the real-time voltage of the NAND FLASH chip is rapidly reduced, the power management unit processes abnormal voltage data, and when the real-time voltage is lower than a voltage threshold and the duration exceeds a preset time threshold, the power management unit confirms that the NAND FLASH chip is in an abnormal power-down state;

And S130, after the power management unit confirms that the NAND FLASH chip is in an abnormal power-down state, the power management unit immediately sends an interrupt signal to the central processing unit.

Further, in step S110, the voltage range of the normal operation of the NAND FLASH chips is between the lowest operation voltage and the highest operation voltage.

Further, the minimum operating voltage is 2.7 volts and the maximum operating voltage is 3.6 volts.

Further, in step S120, the voltage threshold is 1.08-1.1 times of the lowest working voltage of the NAND FLASH chips.

Further, step S200 includes:

S210, the central processing unit controls the NAND flash memory controller to execute reset operation;

s220, after the NAND flash memory controller is reset, the master control end controls the NAND flash memory controller to downwards adjust clock frequency, and the NAND flash memory controller sends a reset signal to a NAND FLASH chip;

And S230, the main control end closes the function of the related GPIO and actively cuts off the communication link with the NAND FLASH chip.

Further, the step S300 includes,

S310, the main control end decodes, judges and identifies abnormal data through an ECC module, and the abnormal data cannot pass verification when ECC decoding is carried out;

s320, if ECC decoding fails, notifying an upper layer driver;

s330, the upper layer driver receives the information of decoding failure of the ECC of the bottom layer driver, and determines that the data of decoding failure is abnormal data.

Further, in the step S330,

If the data in the stage of writing user data and the data in the stage of loading ECC codes are in an abnormal power-down state, the data is located in a cache of NAND FLASH chips and is not really written into NAND FLASH chips, and the power-down has no influence on original data in NAND FLASH chips.

The invention further provides NAND FLASH data protection devices for abnormal power failure, which are used for realizing the NAND FLASH data protection method for abnormal power failure, and the device comprises the following steps:

The main control end comprises a power management unit, a central processing unit and a NAND flash memory controller which are sequentially connected;

NAND FLASH chips, wherein the output of the NAND flash memory controller is connected with the NAND FLASH chips.

Further, the invention relates to a computer readable storage medium having stored thereon program instructions which when executed by a processor implement a method as described above.

Compared with the prior art, the invention has the following characteristics.

The PMU is used for effectively identifying the power failure scene, reducing interference factors such as voltage jitter and the like, and reducing the probability of false triggering; the interrupt mode is adopted, so that the response can be performed at microsecond time, and the protection measures can be implemented immediately after the power is turned off; the protection scheme combining the main control and NAND FLASH is adopted, so that the software and hardware coordination degree is high, and the method is theoretically applicable to data protection of all NAND FLASH types; the universality is high, the backup battery and the capacitor with large capacity are not relied on, and the cost can be greatly reduced; NAND FLASH are generally used in small embedded devices, if a standby battery and a large-capacity capacitor are used, space conditions of products are also considered, which adds a plurality of restrictions to application scenes; the system stability is improved, the main control end is used for encoding and decoding ECC, so that abnormal data generated by abnormal power failure can be accurately distinguished, and the damage caused by the use of the abnormal data by the system is avoided.

Drawings

FIG. 1 is a flow chart of a data protection method for NAND FLASH abnormal power down.

Fig. 2 is a flowchart of a power management unit detecting NAND FLASH chips and sending interrupt signals in real time in a data protection method of NAND FLASH abnormal power failure.

FIG. 3 is a flow chart of an interrupt service function performed by a NAND flash memory controller in a data protection method for NAND FLASH abnormal power down.

Fig. 4 is a flowchart for distinguishing and screening original data and abnormal data based on ECC encoding of a master control end in a data protection method of NAND FLASH abnormal power failure.

Fig. 5 is a schematic diagram of a data protection device with NAND FLASH abnormal power down.

Fig. 6 is a schematic diagram illustrating signal transmission from voltage anomaly to trigger protection in a data protection method with NAND FLASH abnormal power down.

Fig. 7 is a schematic voltage diagram of NAND FLASH chip in an abnormal power-down state in a data protection method of NAND FLASH abnormal power-down.

Fig. 8 is a schematic diagram of a NAND FLASH chip write sequence in a data protection method for NAND FLASH abnormal power down.

Fig. 9 is a schematic diagram of time taken by a NAND FLASH chip write sequence in a data protection method for NAND FLASH abnormal power down.

FIG. 10 is a flowchart of ECC operation in a data protection method for NAND FLASH abnormal power down.

Fig. 11 is a schematic diagram of a simplified embodiment of the method for protecting data in NAND FLASH abnormal power down, in which the main control end ECC codec performs discrimination and screening on the original data and the abnormal data.

Fig. 12 is a schematic diagram showing that the transmission paths of the user data and the ECC Code are not identical when the ECC of the device side is used.

Fig. 13 is a data protection flow chart of a data protection method for NAND FLASH abnormal power down.

Reference numerals

100. A main control end; 110. a power management unit; 120. a central processing unit; 130. a NAND flash memory controller; 200. NAND FLASH chips.

Detailed Description

For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.

The conception, specific structure, and technical effects produced by the present invention will be clearly and completely described below with reference to the embodiments and the drawings to fully understand the objects, aspects, and effects of the present invention.

It should be noted that, unless otherwise specified, when a feature is referred to as being "fixed" or "connected" to another feature, it may be directly or indirectly fixed or connected to the other feature. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. Furthermore, unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art. The terminology used in the description presented herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. The term "and/or" as used herein includes any combination of one or more of the associated listed items.

It should be understood that although the terms first, second, third, etc. may be used in this disclosure to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element of the same type from another. For example, a first element could also be termed a second element, and, similarly, a second element could also be termed a first element, without departing from the scope of the present disclosure. The use of any and all examples, or exemplary language (e.g., "such as") provided herein, is intended merely to better illuminate embodiments of the invention and does not pose a limitation on the scope of the invention unless otherwise claimed. Further, as used herein, the industry term "pose" refers to the position and pose of an element relative to a spatial coordinate system.

Referring to fig. 1 to 13, an embodiment of the present invention provides a method and an apparatus for protecting data in NAND FLASH abnormal power failure, where the method for protecting data in NAND FLASH abnormal power failure is applied to a device for protecting data in NAND FLASH abnormal power failure, where the device for protecting data in NAND FLASH abnormal power failure includes a master control end 100 and a NAND FLASH chip 200 sequentially connected, the master control end 100 includes a power management unit 110, a central processing unit CPU120 and a NAND FLASH memory controller 130 sequentially connected, and an output of the NAND FLASH memory controller 130 is connected to the NAND FLASH chip 200, and referring to fig. 1 and 13, the method and the apparatus for protecting data in NAND FLASH abnormal power failure include the following steps:

S100, the power management unit 110 detects NAND FLASH the real-time voltage of the chip 200 in real time, and if the power management unit 110 confirms that the NAND FALSH chip is in an abnormal power-down state, the power management unit 110 immediately sends an interrupt signal to the central processor 120;

s200, the central processing unit 120 executes an interrupt service function to control the NAND flash memory controller 120 to interrupt writing operation of the NAND FLASH chip 200;

and S300, after the next power-on, the master control end 100 scans data in a full disk, if ECC decoding fails, the upper layer driver is informed, the upper layer driver receives a message from the bottom layer driver that ECC decoding fails, and the data which fails decoding is considered to be abnormal data.

Specifically, the data protection method for NAND FLASH abnormal power failure in the present invention may be divided into two stages:

the method is characterized by comprising the following steps of firstly interrupting the current writing operation, and aiming at avoiding destroying the stored data in the storage medium or generating new unstable data;

And secondly, after abnormal power failure occurs, the original data and the abnormal data are judged and screened by using the ECC module of the main control end 100to realize the purpose of eliminating the abnormal data.

Compared with the prior art, the invention has the following characteristics.

(1) The reliability is high. The PMU is used for effectively identifying the power failure scene, reducing interference factors such as voltage jitter and the like and reducing the probability of false triggering;

(2) The response time is short. The interrupt mode is adopted, so that the response can be performed at microsecond time, and the protection measures can be implemented immediately after the power is turned off;

(3) The compatibility is high. The protection scheme combining the main control and NAND FLASH is adopted, so that the software and hardware coordination degree is high, and the method is theoretically applicable to data protection of all NAND FLASH types;

(4) Low cost and high universality. The method does not depend on a standby battery and a capacitor with large capacity, can greatly reduce cost and has higher universality;

(5) The occupied space is small. NAND FLASH are generally used in small embedded devices, if a standby battery and a large-capacity capacitor are used, space conditions of products are also considered, which adds a plurality of restrictions to application scenes;

(6) And the stability of the system is improved. By using the method of encoding ECC and decoding ECC of the main control terminal 100, abnormal data generated by abnormal power failure can be accurately distinguished, and the damage caused by the use of the abnormal data by a system is avoided.

The invention discloses a data protection method and device for NAND FLASH abnormal power failure applied to an abnormal power failure scene, and aims to solve the problem of damage of NAND FLASH data caused by power failure instant writing operation. The protection method and the device mainly comprise the steps of monitoring an abnormal power-down scene, interrupting and protecting write operation at the moment of abnormal power-down, and processing abnormal data by re-powering up after abnormal power-down. The method and the device are applied to the abnormal power failure scene, can effectively reduce damage of the power failure scene to NAND FLASH data, ensure that abnormal data written in at the moment of abnormal power failure can be accurately judged, avoid the damage caused by the use of the abnormal data by a system, solve the problem of metastable data written in at the moment of power failure, and greatly improve the stability of the system.

In general, power down during a read operation does not cause any harm to NAND FLASH data, but power down during a write operation can have serious consequences. Because the voltage is unstable at the moment of power failure, the amplitude and phase of the transmitted level signal are shifted, which may cause erroneous data to be written into the correct NAND FLASH addresses, and may cause erroneous data to be written into the wrong addresses, and even erroneous data to be written into the wrong addresses. These errors will have destructive effects on NAND FLASH data, which may cause serious consequences such as the next restart not being started, an application program error reporting, and a system crash.

Another hazard of abnormal power loss is a reduced retention time of the written data. For example, in the power-down process, correct Data is written to a correct address, but due to the characteristic that NAND FLASH programming writing cannot be completed instantaneously, sudden power-down occurs to cause insufficient programming writing time, written Data is in a metastable state, the Retention time (Data recovery) of the Data cannot achieve the expected effect, and the situation that the Data is read normally for the first few times and is read abnormally for the last few times may occur.

Based on the above mentioned hazards, the invention provides NAND FLASH data protection method and device for abnormal power failure. It is worth noting that abnormal power failure is a power failure scene which cannot be predicted in advance and is caused by an unreliability factor, and the protection method and the protection device can avoid the occurrence of the abnormal power failure scene and only can minimize the damage caused by the abnormal power failure. The data written in the moment of abnormal power failure can not be recovered, and the data written in the moment must be lost, so that the data protection of abnormal power failure is limited.

The data protection method and device for NAND FLASH abnormal power failure, which are set forth in the invention, can ensure that the data which is abnormally written in the moment of power failure can be checked on the premise of allowing the data which is being written in the moment of power failure to be lost, and can ensure that the system can be restarted stably and normally after the key data is abnormally powered down when the key data is not damaged.

Further, referring to fig. 2, step S100 includes:

S110, under normal conditions, the real-time voltage of the NAND FLASH chip 200 is kept within the voltage range of normal operation;

s120, if the power management unit 110 detects that the real-time voltage of the NAND FLASH chip 200 is rapidly reduced, the power management unit 110 processes abnormal voltage data, and when the real-time voltage is lower than a voltage threshold and the duration exceeds a preset time threshold, the power management unit 110 confirms that the NAND FLASH chip 200 is in an abnormal power-down state;

S130, after the power management unit 110 confirms that the NAND FLASH chip 200 is in an abnormal power-down state, the power management unit 110 immediately sends an interrupt signal to the central processing unit 120.

For step S130, the method of notifying the NAND flash memory controller 130 by using the interrupt is an important feature of the present invention, and corresponds to the feature of high real-time performance of the present invention, because the interrupt is implemented by hardware means, which can be almost considered to be generated in real time, and software means such as semaphore needs to undergo a series of process scheduling, and the scheduling time depends on the load of the current system, and may not be timely notified to NAND FLASH chip 200 (NFC) to generate effective protection.

Specifically, the instantaneous interruption of the current write operation when an abnormal power failure occurs is the most direct and effective protection measure, and the earlier the interruption time, the less the damage caused by the power failure, which is roughly divided into 2 main steps:

(1) The power management unit 110 (PMU) monitors the abnormal voltage, processes the abnormal voltage, determines whether the duration of the abnormal voltage satisfies the power-down condition, and referring to fig. 7, if the duration of the abnormal voltage is greater than T1, comprehensively determines that the abnormal voltage is in the power-down scenario, generates an interrupt signal, and transmits the interrupt signal to the NAND FLASH chip 200 (NFC).

(2) NAND FLASH chip 200 (NFC) performs the corresponding interrupt service function in response to the interrupt signal.

Referring to fig. 7, nand_vh is the maximum voltage at which NAND FLASH chips can normally operate, nand_vl is the minimum voltage at which NAND FLASH chips 200 can normally operate, and 1.08 x nand_vl is a relatively reasonable threshold voltage.

The normal power supply voltage of NAND FLASH is typically 2.7V-3.6V (below 2.7V will not work properly), while the CPU core voltage of the CPU is typically about 1V. This means that when the voltage is in the interval of 1V to 2.7V, NAND FLASH chip 200 is already operating abnormally, but the CPU can still operate normally, if the CPU operation is not interrupted in time or the writing operation of NAND FLASH chip 200 is interrupted, abnormal data may be written, causing a series of adverse effects.

The method presented by the present invention is to interrupt NAND FLASH the write operation of chip 200. Because the CPU is used as the operation core of the whole system, if the operation of the CPU is interrupted, the influence range is not just NAND FLASH of the chip 200, but other modules are also included, other problems can be caused due to the wide influence range, and the influence can be reduced to the minimum by interrupting the writing operation of the NAND FLASH chip 200.

Another important issue is determining the condition of interruption, setting a reasonable threshold voltage to determine if an abnormal power loss has occurred. The abnormal voltage threshold setting detected by the power management unit 110 (PMU) cannot be set too high or too low. Because the probability of false triggering protection by setting too high voltage is also increased, the current writing operation is interrupted by slight voltage jitter; setting the abnormal voltage threshold too low to be insufficient for NAND FLASH the lowest voltage margin for normal operation of the chip 200 leaves too short for performing the protection method to produce effective protection.

The abnormal voltage threshold can be adjusted by measuring a voltage change curve when power is lost and combining actual conditions. The abnormal voltage threshold is set to be 1.08 times of the lowest power supply voltage of NAND FLASH chips according to the existing test environment. Thus, the threshold voltage is about 20 microseconds to the lowest operating voltage of NAND FLASH chips 200, and the time of 20 microseconds is fully utilized to interrupt the current NAND FLASH chip 200 writing operation to generate a protection effect.

Referring to fig. 6 and 7, the power management unit 110 (PMU) collects the voltage of the NAND FLASH chip 200 in real time. When a rapid drop in voltage occurs, the power management unit 110 (PMU) processes abnormal voltage data. If the voltage is below the set abnormal voltage threshold and is met for a period of time T1, then an abnormal power loss is considered to have occurred. The power management unit 110 (PMU) module generates an interrupt signal, and the CPU executes an interrupt service function to control the NAND flash controller 120 to interrupt the writing operation of the NAND FLASH chip 200.

There are two key points above:

a. The basis for determining that an abnormal power failure has occurred is that the abnormal voltage must be satisfied for a duration T1. Otherwise, under the condition that some power supply conditions are bad, false triggering can occur, and an error interrupt signal is generated to the NFC.

B. The NAND flash controller 130 (NFC) needs to be informed by generating an interrupt signal, not by means of a semaphore of software or the like. Because interrupts are implemented by hardware, they can be almost considered to be generated in real time, and the semaphore needs to be scheduled by a series of processes, the scheduling time depends on the load of the current system, and it may not be able to timely inform the NAND flash controller 130 (NFC) to generate effective protection.

Further, in step S110, the voltage range of the normal operation of the NAND FLASH chip 200 is between the lowest operation voltage and the highest operation voltage.

Further, the minimum operating voltage is 2.7 volts and the maximum operating voltage is 3.6 volts.

Further, in step S120, the voltage threshold is 1.08-1.1 times of the lowest working voltage of NAND FLASH chips 200.

Further, referring to fig. 3, step S200 includes:

s210, the central processing unit 120 controls the NAND flash memory controller 130 to execute a reset operation;

S220, after the NAND flash memory controller 130 is reset, the master control terminal 100 controls the NAND flash memory controller 130 to lower the clock frequency, and the NAND flash memory controller 130 sends a reset signal to the NAND FLASH chip 200;

S230, the master control terminal 100 closes the function of the related GPIO and actively cuts off the communication link with the NAND FLASH chip 200.

Specifically, the NAND flash controller 130 (NFC) responds to an interrupt signal generated by the power management unit 110 (PMU) and performs an interrupt service function. In the interrupt service function, the following work is done:

1. The master control terminal 100 resets the process. The NAND flash controller 130 (NFC) must be reset first in order to terminate the operation currently being performed by the NAND flash controller 130 (NFC);

And 2, resetting the NAND FLASH chip 200. At this time, the high probability voltage is unstable, and the bus cannot maintain a higher transmission rate, so that the clock frequency of the NAND flash memory controller 130 (NFC) needs to be adjusted down, which creates a better condition for sending the reset signal, and improves the success rate of the reset operation. Finally, a reset signal is sent to NAND FLASH chip 200 to terminate NAND FLASH chip 200 writing data into the memory cells;

3. Modifying the associated GPIO configuration, turning off the associated GPIO functions, prevents the drive resume write operation from causing data to be written when power is lost.

Further, referring to fig. 4, step S300 includes,

S310, the main control terminal 100 judges and identifies abnormal data through ECC module decoding, and the abnormal data can not pass verification when ECC decoding is carried out;

s320, if ECC decoding fails, notifying an upper layer driver;

s330, the upper layer driver receives the information of decoding failure of the ECC of the bottom layer driver, and determines that the data of decoding failure is abnormal data.

Specifically, in some embodiments, if the timing of the interruption is not timely enough, the Data is already written, but the Retention time (Data recovery) of the Data is not enough due to power failure, the scenario can still be ECC decoded successfully, but the Data is unstable.

Specifically, in some embodiments, the ECC encoding is required before the ECC Code is written, and the ECC decoding is required after the ECC Code is read, so that the original data and the abnormal data are discriminated and screened in the reading stage.

In addition, when the ECC of the master control end is used, the master control end is both a producer and a consumer of the ECC. The NAND FLASH chip cannot distinguish abnormal or normal data, and the ECC decoding fails when the main control terminal reads the abnormal data next time, so that the abnormal data can be identified.

Referring to fig. 10, in some specific embodiments, for ECC module codec, ECC is a technique that can implement data error checking and correction, and has mainly two functions: error detection and correction. The ECC Code is written either to normal data or to abnormal data. At the moment of power failure, the data without writing errors or the data quantity of the data with writing errors are within the error correction capability range of the ECC, and the ECC can be successfully decoded; and otherwise, the error correction capability is exceeded, and decoding fails. The error correction capability of the ECC is limited, and the amount of data that can be corrected is fixed for a given ECC Code. With this characteristic, erroneous data must be written due to voltage instability in the power-down state. If the amount of data written in the error is small and can be corrected within the error correction capability of the ECC, the data can be corrected from the abnormal data to the normal data, and can be used as the normal data later. If the amount of error data written is large, the subsequent decoding failure can be determined as abnormal data and discarded.

Referring to fig. 10, for an abnormal power down scenario, the power down occurs in two phases, ① or ②; and the stage ③④⑤ of judging and screening the abnormal data occurs when the abnormal data is read in the next power-on mode, and the main control reads the abnormal ECC code and the user decoding fails and is identified as the abnormal data.

Specifically, an abnormal power failure may write some abnormal data, and the correctness and integrity of the data cannot be guaranteed, and even a stack of disordered data may be generated, so that the consequences generated once the abnormal data are used cannot be expected.

After abnormal power failure occurs, the original data and the abnormal data are distinguished, so that the abnormal data can be prevented from being used as normal data by the system, the risk of system breakdown is avoided, and the system stability is improved. After abnormal power failure occurs, abnormal and unstable data are screened, so that the damage possibly caused by the abnormal power failure can be reduced by separating the good data and the bad data, and the method is an indispensable method for guaranteeing the stable operation of the system.

NAND FLASH chip 200, due to its physical nature, requires the use of ECC for data checking and error correction. NAND FLASH ECC are generally applied in two ways, one is to calculate the ECC Code by the NAND FLASH device side, and the other is to calculate the ECC Code by the master 100 side.

In order to accurately determine the abnormal data after the occurrence of the abnormal power failure, the main control terminal 100 must calculate the ECC Code. Because the method of calculating the ECC Code by the NAND FLASH chip 200 equipment end has a scene that abnormal data cannot be distinguished. For example, when abnormal power failure occurs, the power supply voltage is already unstable, and the amplitude and the time sequence phase of the high level and the low level may be seriously deviated from the standards, so that NAND FLASH chips 200 receive abnormal data. If the equipment end calculates ECC, an ECC Code based on abnormal data is generated, and the abnormal data can be exactly matched with the ECC Code and can be successfully decoded, the abnormal data can be used as normal data, and unexpected serious consequences can be generated.

When the main control terminal 100 is used to calculate the ECC Code, if the power supply voltage is unstable, the electrical timing is seriously deviated from the standard, and the NAND FLASH chip 200 equipment receives the abnormal data and the abnormal ECC Code sent from the main control terminal 100. Because the voltage and time sequence deviation under the power failure scene are irregular, the abnormal data and the abnormal ECC Code are not necessarily matched, and the error data can not pass the verification when ECC decoding is carried out, so that the abnormal data can be judged, and the aim of separating good data from bad data is fulfilled.

Further, in the step S330, if the data in the stage of writing the user data and the data in the stage of loading the ECC encoding are in the abnormal power-down state, the data is in the cache of the NAND FLASH chip 200, and is not actually written into the NAND FLASH chip 200, and the power-down has no effect on the original data in the NAND FLASH chip 200.

Further, referring to fig. 8 and 9, the write operation with respect to NAND FLASH chip 200 is largely divided into two phases, in which the master outputs data to be written into a cache (NAND FLASH), referred to as a Program Load; NAND FLASH writing data from an internal cache into a storage unit is called Program execution. These two phases occupy more than 95% of the write time, and one of the data protection methods of the present invention interrupts the write operations of these two phases.

With reference to fig. 9, the impact of the interrupt protection at each stage is explained:

1. The interruption protection occurs at stage ①. At this time, the written abnormal data is located in the cache of NAND FLASH chip 200, is not written in the true sense, and the original data in NAND FLASH chip 200 is not damaged due to power failure.

2. The interruption protection occurs at stage ②. The situation is similar to ① at this time.

3. The interruption protection occurs at stage ③. At this time, NAND FLASH chip 200 is writing data into the memory cell, NAND FLASH chip 200 is in busy state, and if the abnormal data is not written completely at this time, the writing operation is terminated, and although the data is written completely, the writing is incomplete, and the data which can be judged to be abnormal by ECC decoding can be used at the next start. Abnormal data cannot be used, only the data written in at the moment of power failure is lost, and the system is not affected.

4. The interruption protection occurs after stage ③. The abnormal data is written into the NAND memory cell at this time, and the error data written at the moment of power failure can only be discriminated by decoding the ECC by the master control terminal 100. In this case, since the voltage and timing shift is irregular when the power is abnormally turned off, the abnormal data and the abnormal ECC Code are not necessarily matched, and the error data cannot be checked when ECC decoding is performed, and the system can determine the error data and discard the error data.

The Program Load phase requires approximately 80 to 340 microseconds, and the Program execution requires approximately 400 microseconds, assuming that each page is 2048 bytes in size, for a 50M frequency write analysis. The protection mechanism of the scheme can respond and complete processing within 20 microseconds, basically ensures that the interrupt is in ①②③ stages, and can better protect the integrity and the correctness of the original data. If the interruption is not timely, the main control can decode ECC to distinguish abnormal data, so that the possible harm caused by the abnormal data is avoided, and the aim of protection is fulfilled.

Regarding the problem that the power down scene results in insufficient Data Retention time (Data recovery), the present invention also provides a solution: when the abnormal power-down system is restarted for the first time, the data block which is written in last is driven to be scanned, the data of the data block is migrated, and a new block is found again to be written in and replaced, so that the holding time of the data is prolonged.

The invention further provides NAND FLASH data protection devices for abnormal power failure, which are used for realizing the NAND FLASH data protection method for abnormal power failure, and the device comprises the following steps:

The main control terminal 100, the main control terminal 100 comprises a power management unit 110, a central processing unit CPU 120 and a NAND flash memory controller 130 which are sequentially connected;

NAND FLASH chip 200, the output of the NAND flash controller 130 is connected to the NAND FLASH chip 200.

Specifically, the hardware needs to have the following functions:

(1) The master control terminal 100 has a power management unit 110 (Power Manger Unit, PMU) capable of checking NAND FLASH voltages in real time, and the power management unit 110 (Power Manger Unit, PMU) has a function of adjusting abnormal voltage threshold and has a device for resisting voltage interference.

(2) The CPU of the master 100 is enabled to receive interrupt signals from the power management unit 110 (Power Manger Unit, PMU), and the master 100 is enabled to respond to interrupt signals and execute corresponding interrupt service functions.

(3) NAND FLASH chip 200 supports sending a reset command to interrupt a currently ongoing erase, program, or write operation.

Further, the invention relates to a computer readable storage medium having stored thereon program instructions which when executed by a processor implement a method as described above.

Referring to fig. 6, in some specific embodiments, in the data protection device with NAND FLASH abnormal power down, the signal flows in the signaling flow between the master 100SOC and the NAND flash controller 130. Referring to fig. 11, in some specific embodiments, the data is not changed during the transmission process, and even if the change occurs, the normal data can be obtained through ECC correction. Therefore, the user data and the ECC Code can be necessarily decoded successfully and recognized as normal data under normal conditions. In abnormal situations, the voltage instability causes the data to change during the transmission process, and finally, a large amount of unexpected abnormal data (which can be simply understood as random errors) is obtained. After the next power-on, the main control end scans the full-disk data, and the data with failure ECC decoding can be identified as abnormal data and discarded.

In contrast, referring to fig. 12, when the ECC of the device side is used, the ECC Code is generated by the device side, and the generated ECC Code is not changed in the transmission process due to power failure. Therefore, the generated ECC Code is matched with the abnormal user data, and the ECC module can not screen and judge the abnormal data when the main control terminal scans the data next time, but does not actually accord with the expected data. Distinction from using master ECC: when the device-side ECC is used, the transmission paths of the user data and the ECC Code are not identical.

The Chinese and English definitions mentioned in the invention are as follows:

NAND: one of the flash memory types is commonly used to describe the type of flash memory.

PMU: a power management unit (Power Manger Unit).

CPU: and a central processing unit.

ECC: technology (Error CHECKING AND correction) capable of realizing data Error checking and Correcting

ECC Code: the encoding generated for the target data using the ECC algorithm may be used for data error checking and correction.

NFC: NAND flash Controller (NAND FLASH Controller).

IRQ: an interrupt request (Interrupt Require).

GPIO: a general purpose input/output port for transmitting level signals.

Interrupt service function: in response to the interrupt request, the currently executing thread is interrupted to jump to a piece of functional code executed at a fixed location of the interrupt vector table.

It should be appreciated that the method steps in embodiments of the present invention may be implemented or carried out by computer hardware, a combination of hardware and software, or by computer instructions stored in non-transitory computer-readable memory. The method may use standard programming techniques. Each program may be implemented in a high level procedural or object oriented programming language to communicate with a computer system. However, the program(s) can be implemented in assembly or machine language, if desired. In any case, the language may be a compiled or interpreted language. Furthermore, the program can be run on a programmed application specific integrated circuit for this purpose.

Furthermore, the operations of the processes described herein may be performed in any suitable order unless otherwise indicated herein or otherwise clearly contradicted by context. The processes (or variations and/or combinations thereof) described herein may be performed under control of one or more computer systems configured with executable instructions, and may be implemented as code (e.g., executable instructions, one or more computer programs, or one or more applications), by hardware, or combinations thereof, collectively executing on one or more processors. The computer program includes a plurality of instructions executable by one or more processors.

Further, the method may be implemented in any type of computing platform operatively connected to a suitable computing platform, including, but not limited to, a personal computer, mini-computer, mainframe, workstation, network or distributed computing environment, separate or integrated computer platform, or in communication with a charged particle tool or other imaging device, and so forth. Aspects of the invention may be implemented in machine-readable code stored on a non-transitory storage medium or device, whether removable or integrated into a computing platform, such as a hard disk, optical read and/or write storage medium, RAM, ROM, etc., such that it is readable by a programmable computer, which when read by a computer, is operable to configure and operate the computer to perform the processes described herein. Further, the machine readable code, or portions thereof, may be transmitted over a wired or wireless network. When such media includes instructions or programs that, in conjunction with a microprocessor or other data processor, implement the steps described above, the invention described herein includes these and other different types of non-transitory computer-readable storage media. The invention may also include the computer itself when programmed according to the methods and techniques of the present invention.

The computer program can be applied to the input data to perform the functions described herein, thereby converting the input data to generate output data that is stored to the non-volatile memory. The output information may also be applied to one or more output devices such as a display. In a preferred embodiment of the invention, the transformed data represents physical and tangible objects, including specific visual depictions of physical and tangible objects produced on a display.

The present invention is not limited to the above embodiments, but can be modified, equivalent, improved, etc. by the same means to achieve the technical effects of the present invention, which are included in the spirit and principle of the present invention. Various modifications and variations are possible in the technical solution and/or in the embodiments within the scope of the invention.

Claims (10)

1. The data protection method of NAND FLASH abnormal power failure, the data protection method of NAND FLASH abnormal power failure is applied to a data protection device of NAND FLASH abnormal power failure, the data protection device of NAND FLASH abnormal power failure comprises a main control end (100) and a NAND FLASH chip (200) which are sequentially connected, the main control end (100) comprises a power management unit (110), a central processing unit (120) and a NAND flash memory controller (130) which are sequentially connected, and the output of the NAND flash memory controller (130) is connected with the NAND FLASH chip (200), and the method is characterized by comprising the following steps:

S100, the power management unit (110) detects the real-time voltage of the NAND FLASH chip (200) in real time, and if the power management unit (110) confirms that the NAND FALSH chip is in an abnormal power-down state, the power management unit (110) immediately sends an interrupt signal to the central processing unit (120);

S200, a central processing unit (120) executes an interrupt service function to control the NAND flash memory controller (120) to interrupt the writing operation of the NAND FLASH chip (200);

And S300, after the next power-on, the master control end (100) scans the data in the whole disk, if the ECC decoding fails, the upper layer driver is informed, the upper layer driver receives the message from the bottom layer driver that the ECC decoding fails, and the data which fails in decoding is considered to be abnormal data.

2. The method for protecting data in the case of NAND FLASH abnormal power failure according to claim 1, wherein step S100 includes:

s110, under normal conditions, the real-time voltage of the NAND FLASH chip (200) is kept in a voltage range of normal operation;

S120, if the power management unit (110) detects that the real-time voltage of the NAND FLASH chip (200) is rapidly reduced, the power management unit (110) processes abnormal voltage data, and when the real-time voltage is lower than a voltage threshold and the duration exceeds a preset time threshold, the power management unit (110) confirms that the NAND FLASH chip (200) is in an abnormal power-down state;

S130, after the power management unit (110) confirms that the NAND FLASH chip (200) is in an abnormal power-down state, the power management unit (110) immediately sends an interrupt signal to the central processing unit (120).

3. The method for protecting data against abnormal power failure at NAND FLASH of claim 2, wherein in step S110, the voltage range of normal operation of the NAND FLASH chip (200) is between a lowest operation voltage and a highest operation voltage.

4. The method for protecting data against an abnormal power loss of NAND FLASH as defined in claim 3,

The minimum operating voltage is 2.7 volts and the maximum operating voltage is 3.6 volts.

5. The method for protecting data against abnormal power failure at NAND FLASH of claim 2, wherein in step S120, the voltage threshold is 1.08-1.1 times the lowest operating voltage of NAND FLASH chip (200).

6. The method for protecting data from abnormal power loss of NAND FLASH of claim 1, wherein step S200 includes:

s210, the central processing unit (120) controls the NAND flash memory controller (130) to execute a reset operation;

S220, after the NAND flash memory controller (130) is reset, the master control end (100) controls the NAND flash memory controller (130) to lower the clock frequency, and the NAND flash memory controller (130) sends a reset signal to the NAND FLASH chip (200);

s230, the main control terminal (100) closes the function of the related GPIO and actively cuts off the communication link with the NAND FLASH chip (200).

7. The method for protecting data against an abnormal power loss according to claim 1, wherein step S300 comprises,

S310, the main control end (100) decodes, judges and identifies abnormal data through an ECC module, and the abnormal data cannot pass verification when ECC decoding is carried out;

s320, if ECC decoding fails, notifying an upper layer driver;

s330, the upper layer driver receives the information of decoding failure of the ECC of the bottom layer driver, and determines that the data of decoding failure is abnormal data.

8. The method for protecting data against abnormal power loss according to claim 7, wherein in said step S310,

If in the abnormal power-down state, the data is in a cache stage of writing user data and ECC codes into the NAND FLASH chip (200), and the data is not really written into the NAND FLASH chip (200), and the power-down has no influence on the original data in the NAND FLASH chip (200).

A data protection device for abnormal power failure of nand FLASH, configured to implement a data protection method for abnormal power failure NAND FLASH as set forth in any one of claims 1 to 8, wherein the device includes:

The main control terminal (100), the main control terminal (100) comprises a power management unit (110), a central processing unit (120) and a NAND flash memory controller (130) which are connected in sequence;

NAND FLASH chip (200), the output of the NAND flash memory controller (130) is connected with the NAND FLASH chip (200).

10. A computer readable storage medium having stored thereon program instructions which, when executed by a processor, implement the method of any of claims 1 to 8.