Safe command execution and error recovery for storage devices

US 8,578,179 B2
Filed: 10/19/2007
Issued: 11/05/2013
Est. Priority Date: 10/19/2007
Status: Expired due to Fees

First Claim

Patent Images

1. A storage device, comprising:

a storage medium for storing data;

a controller configured for and/or capable of;

providing a command interpreter for execution of one or more commands within said storage device;

determining whether said command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands; and

allowing said command interpreter to execute said one or more commands when said controller determines that said command interpreter has maintained its integrity;

wherein said controller is further configured for and/or capable of;

attempting to reconstruct said command interpreter using an error recovery mechanism that uses error recovery code integrated with executable content of said command interpreter when said controller determines that said command interpreter has not maintained its integrity; and

attempting to obtain a valid version of said command interpreter from an external source when said attempting to reconstruct said command interpreter fails to reconstruct said command interpreter.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for execution of commands securely within a storage device are disclosed. Integrity of a command interpreter is verified before allowing it to execute commands within the storage device. The integrity of the commands can also be checked to safeguard against various threats including, for example, malicious attacks, unintentional errors and defects that can adversely affect stored content and execution. Error recovery techniques can be used to reconstruct the command interpreter and/or commands that are found to be defective. In addition, secure techniques can be used to obtain trusted versions of the command interpreter and/or commands from an authenticated external source.

Citations

17 Claims

1. A storage device, comprising:
- a storage medium for storing data;
  
  a controller configured for and/or capable of;
  
  providing a command interpreter for execution of one or more commands within said storage device;
  
  determining whether said command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands; and
  
  allowing said command interpreter to execute said one or more commands when said controller determines that said command interpreter has maintained its integrity;
  
  wherein said controller is further configured for and/or capable of;
  
  attempting to reconstruct said command interpreter using an error recovery mechanism that uses error recovery code integrated with executable content of said command interpreter when said controller determines that said command interpreter has not maintained its integrity; and
  
  attempting to obtain a valid version of said command interpreter from an external source when said attempting to reconstruct said command interpreter fails to reconstruct said command interpreter.
- View Dependent Claims (2, 3, 4)
- - 2. The storage device of claim 1, wherein said controller and/or command interpreter are further configured for and/or capable of:
    - attempting to reconstruct said one or more commands using an error recovery mechanism when it is determined that said one or more commands have not maintained their integrity; and
      
      attempting to obtain a valid version of said one or more commands from an external source when it is determined that said one or more commands have not maintained their integrity.
  - 3. The storage device of claim 1, wherein said storage device includes one or more of the following:
    - a hard disk drive, a flash drive, and optical drive, a non-volatile memory device, a volatile memory device.
  - 4. The storage device of claim 1, wherein said storage device is a hard disk drive that can be configured to communicate with a host system.

5. A method of controlling the execution of one or more commands by a storage device that effectively provides a command interpreter for execution of said one or more commands, said method comprising:
- determining whether a command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands;
  
  allowing said command interpreter to execute one or more commands when said determining determines that said command interpreter has maintained its integrity;
  
  wherein said method further comprises;
  
  attempting to reconstruct said command interpreter using an error recovery mechanism that uses error recovery code integrated with executable content of said command interpreter when determining determines that said command interpreter has not maintained its integrity; and
  
  attempting to reconstruct said one or more commands using an error recovery mechanism when determining determines that said one or more commands have not maintained their integrity.
- View Dependent Claims (6, 7)
- - 6. The method of claim 5, wherein said method further comprises:
    - attempting to obtain a valid version of said command interpreter from an external source when said attempting to reconstruct said command interpreter fails to reconstruct said command interpreter; and
      
      attempting to obtain a valid version of said one or more commands from an external source when said attempting to reconstruct said one or more commands fails to reconstruct said one or more commands.
  - 7. The method of claim 6, wherein said method further comprises:
    - obtaining a signed version of said command interpreter that includes error recovery code; and
      
      determining based on a signature of said signed version of said command interpreter whether said signed version is a valid version of said command interpreter.

8. A method of controlling the execution of one or more commands by a storage device that effectively provides a command interpreter for execution of said one or more commands, said method comprising:
- determining whether a command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands;
  
  allowing said command interpreter to execute one or more commands when said determining determines that said command interpreter has maintained its integrity;
  
  wherein said determining of whether said command interpreter has maintained its integrity comprises;
  
  obtaining at least one known integrity value for said command interpreter;
  
  determining at least one current integrity value for said command interpreter;
  
  comparing said at least one known integrity value to said at least one current integrity value; and
  
  determining based on said comparing whether said command interpreter has maintained its integrity;
  
  wherein said known integrity value is a signed known message digest of said command interpreter.
- View Dependent Claims (9, 11)
- - 9. The method of claim 8, wherein said known integrity value is a signed known message digest of executable content of said command interpreter and error recovery code which has been incorporated with said executable content of said command interpreter.
  - 11. The method of claim 8, wherein said known integrity value and/or current integrity value are secured and/or protected against unauthorized access by one or more of the following:
    - storing said known integrity value and/or current integrity value in internal memory and/or secured memory; and
      
      encrypting said known integrity value and/or current integrity values using one or more of the following;
      
      public key signature algorithm, a root key algorithm using a unique and protected symmetric key, a private key, a pair of public and private keys.

10. A method of controlling the execution of one or more commands by a storage device that effectively provides a command interpreter for execution of said one or more commands, said method comprising:
- determining whether a command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands;
  
  allowing said command interpreter to execute one or more commands when said determining determines that said command interpreter has maintained its integrity;
  
  wherein said method comprises;
  
  obtaining a current version of said command interpreter from memory of said storage device;
  
  computing the message digest of said current version of said command interpreter;
  
  comparing said message digest of said current version of said command interpreter to said signed message digest of said command interpreter;
  
  extracting executable content of said command interpreter for execution when said comparing determining that said message digest of said current version of said command interpreter is equal to said signed message digest of said command interpreter;
  
  attempting to reconstruct said executable content of said command interpreter using an error recovery technique that utilizes error recovery code incorporated with said executable content of said command interpreter;
  
  incorporating said error recovery code into a reconstructed content of said command interpreter to generate a reconstructed command interpreter when said attempting to reconstruct said executable content;
  
  computing the message digest of said reconstructed command interpreter; and
  
  comparing said message digest of said reconstructed command interpreter to said signed known message digest to determine whether said command interpreter has been correctly reconstructed.

12. A non-transitory storage medium storing executable instructions for effectively controlling execution of one or more commands by a storage device, said non-transitory storage medium comprising:
- executable instructions for determining whether a command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands;
  
  executable instructions for allowing said command interpreter to execute one or more commands when said determining determines that said command interpreter has maintained its integrity;
  
  wherein said determining of whether said command interpreter has maintained its integrity comprises;
  
  obtaining at least one known integrity value for said command interpreter;
  
  determining at least one current integrity value for said command interpreter;
  
  comparing said at least one known integrity value to said at least one current integrity value; and
  
  determining based on said comparing whether said command interpreter has maintained its integrity;
  
  wherein said known integrity value is a signed known message digest of said command interpreter.
- View Dependent Claims (13)
- - 13. The non-transitory storage medium of claim 12, wherein said non-transitory storage medium further comprises:
    - executable instructions for determining whether said one or more commands have maintained their integrity; and
      
      executable instructions for executing said one or more commands only when said determining determines that said one or more commands have maintained their integrity.

14. A non-transitory storage medium storing executable instructions for effectively controlling execution of one or more commands by a storage device, said non-transitory storage medium comprising:
- executable instructions for determining, based on a comparison of current integrity values for the command interpreter to expected integrity values whether a command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands;
  
  executable instructions for allowing said command interpreter to execute one or more commands by only when said determining determines that said command interpreter has maintained its integrity;
  
  wherein said non-transitory storage medium further comprises;
  
  executable instructions for attempting to reconstruct said command interpreter using an error recovery mechanism that uses error recovery code integrated with executable content of said command interpreter when determining determines that said command interpreter has not maintained its integrity; and
  
  executable instructions for attempting to reconstruct said one or more commands using an error recovery mechanism when said determining determines that said one or more commands have not maintained their integrity.
- View Dependent Claims (15)
- - 15. The non-transitory storage medium of claim 14, wherein said non-transitory storage medium further comprises:
    - executable instructions for attempting to obtain a valid version of said command interpreter from an external source when said attempting to reconstruct said command interpreter fails to reconstruct said command interpreter;
      
      executable instructions for attempting to obtain a valid version of said one or more commands from an external source when said attempting to reconstruct said one or more commands fails to reconstruct said one or more commands; and
      
      executable instructions for initiating error recovery operations in response to said controller determining that said command interpreter has not maintained its integrity.

16. A computing component for a storage device, wherein said storage device can use a command interpreter to execute one or more commands internally within said storage device, wherein said controller is configured for and/or capable of:
- determining, based on a comparison of current integrity values for the command interpreter to expected integrity values, whether said command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands internally within said storage device; and
  
  allowing said command interpreter to execute said one or more commands within said storage device when said controller determines that said command interpreter has maintained its integrity;
  
  wherein said controller is further configured for and/or capable of;
  
  attempting to reconstruct said command interpreter using an error recovery mechanism that uses error recovery code integrated with executable content of said command interpreter when said controller determines that said command interpreter has not maintained its integrity; and
  
  attempting to obtain a valid version of said command interpreter from an external source when said attempting to reconstruct said command interpreter fails to reconstruct said command interpreter.

17. A computing component for a storage device, wherein said storage device can use a command interpreter to execute one or more commands internally within said storage device, wherein said controller is configured for and/or capable of:
- determining whether a command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands;
  
  allowing said command interpreter to execute one or more commands when said determining determines that said command interpreter has maintained its integrity;
  
  wherein said determining of whether said command interpreter has maintained its integrity comprises;
  
  obtaining at least one known integrity value for said command interpreter;
  
  determining at least one current integrity value for said command interpreter;
  
  comparing said at least one known integrity value to said at least one current integrity value; and
  
  determining based on said comparing whether said command interpreter has maintained its integrity;
  
  wherein said known integrity value is a signed known message digest of said command interpreter.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
Aciicmez, Onur, Zhang, Xinwen
Primary Examiner(s)
Torres, Joseph D

Application Number

US11/875,219
Publication Number

US 20090106628A1
Time in Patent Office

2,209 Days
Field of Search

713/194, 714/38.1, 714/763
US Class Current

713/194
CPC Class Codes

G06F 11/08   Error detection or correcti...

G06F 21/554   involving event detection a...

G06F 21/64   Protecting data integrity, ...

G06F 21/80   in storage media based on m...

Safe command execution and error recovery for storage devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Safe command execution and error recovery for storage devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links