ISS Technology Update, Volume 9, Number 2

which is equivalent to a disabled mode to avoid bus contention. When system power is lost, the FPGA waits for the clock

enable signal of the Smart Array controller to transition to low, signaling that the controller has stopped driving the DDR2

bus. At this time, the FPGA assumes control of the bus and begins moving data from the DRAMs to the non-volatile NAND

flash memory on the cache module. Upon the next power up, the FPGA restores the cache by moving data from the flash

memory to the DRAMs. After the cache has been restored to the DRAMs, the Smart Array controller verifies that the data has

been retained correctly. If verified, the data is transferred to the disk drives.

HP Smart Array support

At the time of publication, the FBWC is supported on the Smart Array P410, P410i, P411, P212, P812, and P712m

controllers. The FBWC is another instance where HP design and engineering have increased reliability and reduced

maintenance issues for customers.

HP Smart Array Erase Drive function

Securely sanitizing disk drives involves completely overwriting the drive data at the lowest level, below the OS file system

and partition tables. With SAS and SATA drives, this means overwriting all of the logical blocks on the drive. Third-party

utilities can perform this task; however, HP Smart Array controllers with Smart Array Advanced Pack (SAAP) include an

integrated Erase Drive feature that can quickly and efficiently erase data without installing additional software. This feature is

accessed through the Array Configuration Utility (ACU).

Smart Array Erase Drive

The Smart Array Erase Drive function is available through the ACU for any logical or physical drive in an array. When a

physical drive is to be erased, it is taken offline (as if failed) to maintain the data integrity of any of the fault-tolerant logical

drives that it was a part of. Typically, an administrator would use this feature to erase a physical drive that is reporting a

predictive failure, in preparation for replacing it.

The Erase Drive function operates by writing zeroes to every logical block on the logical or physical drive. This overwrites all

file contents as well as the metadata, including all RAID controller, partition, and file system metadata. At a simplified level,

erasing a drive can be seen as serial write process, because its speed is governed by the average sequential write

throughput of the drive. As a result, a drive erase can take several hours to complete on a moderately sized 500-GB midline

SATA drive.

Selecting an erase pattern

Overwriting information with a single pass on a modern disk drive provides a reasonable level of data protection when

retiring drives from service (see Dr. Craig Wright’s article in Additional resources). However, some users are concerned that

sophisticated instrumentation can be used to detect the small residual magnetic flux that is left when a value of one is

overwritten with a zero versus a zero being overwritten with a zero. To eliminate the ability to recover data from an erased

drive, an administrator can configure the Smart Array Erase Drive function to perform a two-pass or three-pass erase pattern.

In both cases, the drive is overwritten with a random pattern of ones and zeroes before being overwritten with zeroes on the

final pass. A multi-pass erase will, of course, either double or triple the time needed to complete the erase drive operation.

Additional resources

Resource URL

"Overwriting Hard Drive Data" by Dr. Craig

Wright, 2009

https://blogs.sans.org/computer-forensics/2009/01/15/overwriting-

hard-drive-data

Overview of and link to Guidelines for Media

Sanitization. NIST publication SP 800-88

http://www.nist.org/nist_plugins/content/content.php?content.52