The storage of mission-critical data has posed a dilemma for instrumentation recorder providers and users. Using ruggedized storage devices is extremely costly, yet affordable commercial media must be specially adapted for ruggedized applications.

Until recently, the cost of high-density storage systems capable of withstanding extreme temperature and vibration, while supporting high data rates, was beyond most program budgets. Project managers were forced to use media types such as linear tape to record their mission data. These offered, at best, marginal reliability in extreme conditions.

Depending on the type, each platform has unique operational requirements. Helicopter and rotary engine aircraft require systems that withstand 0.076 g2/Hz, and 20 g-peak half-sine wave vibration for applications such as catapults and traps on aircraft carriers. Fighter aircraft require operation in 10g linear acceleration and high jerk environments. Ground systems, such as tanks and combat vehicles, have extremely high temperature requirements (-40°C to +85°C) and must withstand high vibration and shock. These requirements are coupled with the need for operation in an extremely dirty environment.

Environmental Effects on Stored Data

Economic considerations require commercially available drives to be deployed in data acquisition equipment, leaving limited capability for designed-in protection against known environmental influences. For data storage, tape media has significant cost advantages, with the lowest cost per bit and high-volume efficiency.

However, the record/replay process requires the flexible, temperature- and humidity-sensitive tape to be mechanically moved across either fixed or moving heads. This process is highly susceptible to the effects of vibration and acceleration, causing tape debris, time base variations and head-to-tape separation. These effects result in error rates so high that error detection and correction strategies cannot be guaranteed to work in non-benign environments.

Hard drives in hermetically sealed housings provide relatively good protection against foreign debris and the ambient environment. The rugged nature of platters and very lightweight head components provide a degree of built-in acceleration tolerance.

However, the drives rely on very fine gas bearings to separate the flying heads and platter. Both excess acceleration and reduction in air pressure at high altitudes in a lower cost, non-sealed drive are likely to cause a crash. Unlike the temporary loss of data experienced with an over-stressed tape drive, a single head crash can prevent normal access to all data on a hard drive and is likely to render the drive inoperable.

Providing Affordable Storage for Military Applications

Solid state media has the inherent advantage of no moving parts. The effects of temperature, humidity, shock, vibration, acceleration, altitude, fungal attack, RFI and foreign material intrusion can be controlled within desirable limits if the media is designed to meet the appropriate standards (Figure 1).

Although the reliability and longevity of individual bit storage elements are not as robust as magnetic media, this can be vastly improved by the sophisticated management of memory cells. Static and dynamic wear-leveling, standard and dynamic bad block management, and error detection and correction code extend the flash lifespan and result in highly reliable and rugged solid state storage media.

The ongoing trend of decreasing prices in solid state storage media, combined with its native ruggedness, has made this the most appropriate media for extremely ruggedized applications. Prices have already fallen to a level that promises a lower total cost-per-recording-system than the cost of earlier magnetic-based media. The additional costs for ruggedizing and hermetically sealing the tape or hard disk drives, and the extra space required for these solutions that often translates into additional cost overhead, make solid state solutions attractive on overall price as well.

Designing Rugged, Fully Electronic Data Recorders

Today, the use of digital processing improves data recorder signal quality, as well as data reliability and security. Redundancy can easily be added everywhere in the digital recording process to secure data transmission and storage with checksums. Sophisticated error detection and correction techniques can also be applied.

There are additional benefits to the fully electronic solution. The use of solid state disk (SSD) media that directly supports standard interfaces enables easy transfer of digitally stored data to commercial computers via standard interfaces such as SCSI, SATA, IDE, IEEE 1394, USB and Ethernet. Standard computer backup techniques can be used for data archiving, enabling low-cost yet highly reliable solutions.

Environmental extremes such as shock, vibration, dust, salt water, extreme temperature ranges and high altitude severely compromise the reliability of data recorders. A recorder that contains only electrical components can more easily be designed to withstand these conditions.

Typically, electronic components can easily be assembled and sealed against altitude, dust and salt water intrusion. Careful component selection and handling of worst-case timing during the design phase ensure operation at extreme temperature ranges. Vibration and shock can be handled mainly by careful mechanical design and the use of rugged interconnections both internally in the recorder and between the recorder and the media.

For example, msystems’ SSDs are specifically designed to meet the environmental requirements of military missions. With no moving parts, they operate in the harshest environmental conditions defined by MIL-STD-810F: an operating temperature range of -40° to +85°C, a humidity range of 5% to 95%, shock conditions at 1,500g half-sine and random vibration of 16.3g (10 Hz to 2,000 Hz) at an altitude of 80,000 feet.

In data recorder design, vendors such as Heim Data Systems are constantly challenged to isolate the storage media from extremely harsh environments to make it even more rugged. Placing the SSD on an internal shock mount, as Heim did with msystem’s disk, extends the vibration envelope beyond the MIL-STD-810F specification (Figure 2).

Declassifying Media to Protect Sensitive Data

Securing confidential data in emergency situations is essential for mission-critical systems. Teamwork between Heim and msystems has resulted in successful data recorder operation in various secure, classified environments and operational scenarios requiring immediate declassification of the media, such as an aircraft crash or troop ambush in hostile territory.

U.S. security agencies define several levels of erasing sensitive data for various storage media types. Each U.S. military force has compiled its own internal document, based on DoD/NSA instructions.

Erasing is also known by several other terms. “Clearing” eradicates data on the media before it is reused, in an environment that provides an acceptable level of protection for the data stored on the media before clearing. “Sanitizing,” or “purging,” removes data on the media before it is reused, in an environment that does not provide an acceptable level of protection for the data on the media before sanitizing. “Destroying” physically damages the media so it is totally unusable, making data retrieval impossible.

Securely erasing magnetic media is difficult due to the extreme persistence of magnetization history in the magnetic domains of both tape and disk platters. The only effective, rapid security for stored data is complete destruction of the magnetic material. While very high-powered degaussers can prevent normal access to stored data, they are power-hungry, heavy, large and susceptible to operator error. They cannot be airborne or used quickly in an emergency.

Conversely, the erased state of a flash memory cell has very little dependence on its previous logic states. Carefully planned erasure sequences and known data pattern writing can quickly either establish or undo the security of every cell in a SSD. Memory chips can be erased and overwritten in parallel. Therefore, the built-in declassification algorithm supports erasing and multiple overwriting within seconds, leaving behind no trace of classified data.

Solid state flash disks are available that use this algorithm to perform secure erase and sanitize procedures. Once secure erase has been activated, auto-resume secure erase guarantees successful completion of the process in the event that it must be prematurely halted in an emergency.

As the density of flash continues to double every 12 months in the same silicon footprint, its cost continues to decrease, making it more attractive and affordable as a replacement for magnetic tape and mechanical hard disks in military applications.

msystems
Sunnyvale, CA.
(408) 470-4440.
[www.msystems.com].

Heim Data Systems
Mary Esther, FL.
(850) 243-2350.
[www.heimdata.com].