Printer Friendly

What is SCSI-based protection information and why should you care?

Data protection has become an increasingly important issue for IT professionals as they juggle the growing demand for highly available, instant access data, with the increasing value of data. The value of this data is based on potential productivity loss, financial loss or even the threat of legal action due to regulatory noncompliance. Many components of a storage system may have data protection designed-in such as Error Correction Code (ECC) memory or Cyclic Redundancy Check (32 bit) (CRC-32) in Serial Attached SCSI (SAS), Serial Advanced Technology Attachment (SATA) and fibre channel (FC) Input/output (I/O) interfaces. While storage systems may incorporate some data protection, what is often lacking is the ability to provide end-to-end data protection with an open standard. The solution may lie in the SCSI-based data protection model called "protection information".

Protection information ensures that an I/O transaction has completed without any bad blocks written to disks. Protection information gets applied as the server writes the data to the storage system. During the retrieval of the data, the server checks to make sure that the exact data that was written to the storage system is read back correctly thus providing end-to-end data protection. While the proprietary end-to-end data protection schemes have been around for years, the recent adoption of the T10 SCSI-based protection information provides the first standard data protection specification that works with all the SCSI-based transports including SAS, FC, and iSCSI. The T10 data protection standard provides interoperability between host controllers, external storage systems and drives and will result in a lower cost to facilitate widespread deployment from midrange to low-end storage systems.

How Does It Work?

Each standard data block is expanded to include eight byte protection information. For example if the block length is 512 bytes with the protection information added, the total block length will be 520 bytes. The protection information, depicted in Figure 1, is composed of the following sub-fields: 2 bytes for the data block guard; 2 bytes for the data block application tag; and 2 bytes for the data block reference tag.

* Data Block Guard: This field is two bytes long and is comprised of a CRC-16 calculated on the preceding data block.

* Data Block Application Tag: This field is two bytes long and its usage is unique to the application. This tag may include context data specific to an application's I/O operation. For a file manager, the application tag may include a LUN or hashed file ID. For a database, the application tag may include a hashed record entry.

* Data Reference Tag: This field is composed of the least significant four bytes of the logical block address of the command that is associated with this block. This field will increment by one for each successive block.

Some of the errors that protection information can detect include the following:

* Data bits that are flipped in the data block possibly due to system noise. These errors can be flagged by comparing the calculated CRC value to the data block guard field.

* Displacement errors due to algorithmic issues such as an incorrectly programmed descriptor or bad DMA programming. Displacement errors can occur when the wrong block is selected in the buffers in the external storage system or HBA. This type of error can be detected by checking the reference tag to make sure that it is incremented by one with each subsequent block. A block's reference tag that does not follow the incrementing sequence is flagged as an error. Algorithmic errors such as these can crop up with updated drivers and firmware.

* Silent drive errors occur when the drive delivers the wrong block data, but indicates that the data is correct. Silent drive errors also can be detected by comparing the reference tag field of the block to make sure the blocks are in sequence. Silent drive errors are a concern with the increased adoption of desktop SATA drives in enterprise storage systems. SATA desktop drives have a lower mean-time-to-data-loss (MTTDL) compared to enterprise-level drives.

Write with Protection Information Added

As shown in Figure 1-a, the host the protection information fields are appended prior to the data being written to the external storage system. Protection information can be appended to the blocks at the application level or in the HBA (Host Bus Adapter). Protection information can be checked at the external storage system interface (channel adapter) to validate that the data through the storage transport is correct (as shown in figure 1-b). The protection information data should also be checked in the external storage subsystem (device adapter interface) prior to writing to the disk drive (Figure 1-c) or even in the drive (Figure 1-d). Checking the data prior to writing to the disk or at the disk will detect write errors that could propagate as latent write errors when the data is read back at a later time. Note that if there is a bad DMA on the write to the disk, a reference tag check to see if the blocks were sent in incrementing order would flag this error.


To handle the extra eight byte protection information, the SCSI block commands were modified to provide the ability to read, write, and verify blocks with the protection information, as well as the ability to calculate, strip and append the protection information to the data. For this method to be widely adopted, it must provide protection information enabled SCSI target devices the ability to work with both legacy SCSI initiator devices and protection information enabled SCSI initiator devices. This ability to work with both legacy initiators and protection enabled initiators is facilitated with additional fields in the SCSI commands as shown in Table 2. Check conditions are initiated when an error is detected, or the disk is not properly formatted to receive the protection information data. Prior to sending data, the application needs to determine if the SCSI target device supports protection information, which is accomplished with the INQUIRY command.

The T10 technical group of the International Committee for Information Technology Standards (INCITS) defined an open protection standard which adds protection information to each data block, allowing multiple check points along the data path to detect errors prior to the errors becoming catastrophic data losses. As this protection information model is implemented in silicon, even midrange and low end storage systems will be able to provide end-to-end data protection. Protection information meets the increasing demand for standard, low cost way to maximize data protection with from the host to disk and back.

For IT professionals, data protection has become a significant issue as organizations place a higher premium on avoiding the downtime due to corrupted or lost data. The storage infrastructure has grown more complex with several servers accessing terabytes of data through switches, appliances, switch based disk arrays controllers and management software. With increased complexity the risk of corrupted data or the wrong data getting written to disk due to system failures has increased as well especially with the use of higher capacity desktop SATA drives. SCSI-based protection information can help to minimize this risk of data loss by protecting data through the complete data path. The advantages of protection information standard for IT professionals are clear: interoperability between storage components, lower cost storage components offering data protection and the highest level of data protection through the entire data path.


Holt, Keith "End-to-end Data Protection Justification" Document T10/03-111, July 1, 2003

Penokie, George "End-to-End Error Class" Document T10/03-207

T10/1799-D SCSI Block Commands-3 (SBC-3)

T10/1731-D SCSI Primary Commands-4 (SPC-4)

Stephen Leo is senior technical marketing engineer, Intel Storage Group.
Byte\B 7 6 5 4 3 2 1 0

0 DATA BLOCK (e.g. 512 bytes, or 4096 bytes,...)
n - 1
n + 1 (LSB)
n + 3 (LSB)
n + 7 (LSB)

Figure 1. -- Data Bock with Protection Information Fields


READ (10)/(12)/(16)/(32) 1
VERIFY (10)/(12)/(16)
WRITE (10)/(12)/(16)/(32)1
WRITE AND VERIFY (10)/(12)/(16)
WRITE SAME (10)/(12)

Other Commands

REBUILD (16)/(32)
REGENERATE (16)/(32)
XDWRITE (10)/(32)
XDREAD (10)/(32)
XDWRITE EXTENDED (10)/(32)/(64)
XPWRITE (10)/(32)

Table 1. Note: 1 Read(32) and Write(32) are new commands.
COPYRIGHT 2006 West World Productions, Inc.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2006, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Author:Leo, Stephen
Publication:Computer Technology Review
Date:Sep 1, 2006
Previous Article:WAFS & CDP let organizations move beyond acceleration attempts, delivers WAN file access performance and continuous backup consolidation.
Next Article:Secure edge messaging appliances with embedded LDAP maximize email protection.

Related Articles
PACKETIZED SCSI: The Need For Speed.
Adaptec Goes Ultra With Three RAID Controllers.
Plain Talk About Recordable DVD.
Serial ATA: opening new markets for ATA RAID. (Serial ATA).
What is Serial-Attached SCSI? (From the SCSI Expert).
iStor: enabling channel support for SMB/SME iSCSI solutions now.
ATA and SATA drive usage goes beyond expectations.
HIPAA compliance using serial ATA.
iSCSI and Serial Attached SCSI: storage technologies for SMBs and remote offices.

Terms of use | Privacy policy | Copyright © 2018 Farlex, Inc. | Feedback | For webmasters