There is often a need to securely remove data on an embedded flash storage device such as an Industrial CompactFlash or other PATA or SATA Device in an OEM design. For these requirements, the ATA Security Erase available on some devices is an ideal solution.
ATA Security Erase is a standard ATA command to erase all user data on the device.
ATA Security Erase is part of the ATA Security Feature Set. This feature set has been part of ATA specifications since ATA version 3. ATA Security Feature Set is optional, therefore, not all devices will support it. Host can determine if device supports it by reading the Identify Drive data.
ATA Security Erase gives the user a way to quickly erase all user data on the device without the need for special erase commands or issuing multiple write commands to overwrite the drive with ones.
To use ATA Security Erase, the user needs to follow the state transition diagram shown in the ATA Specifications. The procedure requires the user to set up a password first and issue a specific sequence of commands. The password will be erased when the erase command is done.
There is a known security hole with ATA Security Feature Set -- malware can set the password during boot time and lock the user out of the drive. To prevent that, some system BIOS are known to default to putting the device in a Frozen state, which essentially disables the ATA Security Feature. To get out of this state, the device needs to be hard reset or power reset.
I hope this has been an informative intro to the ATA Security Erase Feature. All Cactus Industrial Grade Flash Storage Products support the ATA Security Feature Set. If you need more information regarding this feature or others on your embedded OEM design, please contact Cactus expert.