Vulnerabilities in MLC NAND Flash Memory Programming: Experimental Analysis, Exploits, and Mitigation Techniques

Vulnerabilities in MLC NAND Flash Memory Programming: Experimental Analysis, Exploits, and Mitigation Techniques

Modern NAND flash memory chips provide high density by storing two bits ofdata in each flash cell, called a multi-level cell (MLC). An MLC partitions the threshold voltage range of a flash cell into four voltage states. When aflash cell is programmed, a high voltage is applied to the cell. Due to pa...

Full description

Saved in:
Bibliographic Details
Published in:2017 IEEE International Symposium on High Performance Computer Architecture (HPCA) pp. 49 - 60
Main Authors: Yu Cai, Ghose, Saugata, Yixin Luo, Ken Mai, Mutlu, Onur, Haratsch, Erich F.
Format: Conference Proceeding
Language:English
Published: IEEE 01-02-2017
Subjects:
Computer architecture
Flash memories
Interference
Microprocessors
Programming
Threshold voltage
Transistors
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Modern NAND flash memory chips provide high density by storing two bits ofdata in each flash cell, called a multi-level cell (MLC). An MLC partitions the threshold voltage range of a flash cell into four voltage states. When aflash cell is programmed, a high voltage is applied to the cell. Due to parasitic capacitance coupling between flash cells that are physically close to each other, flash cell programming can lead to cell-to-cell program interference, which introduces errors into neighboring flash cells. In order to reduce the impact of cell-to-cell interference on the reliability ofMLC NAND flash memory, flash manufacturers adopt a two-step programming method, which programs the MLC in two separate steps. First, the flash memory partially programs the least significant bit of the MLC to some intermediate threshold voltage. Second, it programs the most significant bit to bring the MLC up to its full voltage state. In this paper, we demonstrate that two-step programming exposes new reliability and security vulnerabilities. We experimentally characterize the effects of two-step programming using contemporary 1X-nm (i.e., 15-19nm)flash memory chips. Wefind that a partially-programmed flash cell (i.e., a cell where the second programming step has not yet been performed) is much more vulnerable to cell-to-cell interference and read disturb than a fully-programmed cell. We show that it is possible to exploit these vulnerabilities on solid-state drives (SSDs) to alter the partially-programmed data, causing (potentially malicious) data corruption. Building on our experimental observations, we propose several new mechanisms for MLC NAND flash memory that eliminate or mitigate data corruption in partially-programmed cells, thereby removing or reducing the extent of the vulnerabilities, and at the same time increasing flash memory lifetime by 16%.
ISSN:2378-203X
DOI:10.1109/HPCA.2017.61