1. Field of the Invention
This invention relates to data protection systems for computer systems in general, and more particularly to a data protection system having user programmable power sequences to efficiently manage the limited power available from a reserve power supply.
2. Brief Description of the Prior Art
Almost without exception, most currently used computer systems, from the smallest microprocessor operated devices on up to the large, so-called "main frame" computer systems, rely at least to some extent on volatile memory arrays to temporarily store data being processed. Such memory arrays are referred to as "volatile," because they require constant electrical power to retain data. If electrical power to the memory array is interrupted as a result of a power failure or a failure of the memory power supply, the data stored in the memory will be lost.
A common type of volatile memory array used by such computer systems is the so-called Dynamic Random Access Memory, or DRAM. DRAM memory arrays are used in a wide variety of computer memory devices, such as RAM memory arrays, memory caching systems, and solid state disk drive systems, because they are relatively compact and inexpensive and can store large amounts of data. One characteristic of such Dynamic Random Access Memories (DRAMs) is that they need to be periodically "refreshed" (i.e., electrically recharged) every few milliseconds to retain data over extended periods of time. Therefore, Dynamic Random Access Memory arrays require suitable hardware refreshing apparatus to provide such periodic data refreshment. Unfortunately, if the electrical power to the DRAM array and the data refreshing apparatus is interrupted, even momentarily, the data stored in the DRAM array will be lost forever and must be replaced or reconstructed before computer operations can resume.
Since such data replacement or reconstruction tends to be relatively difficult and time consuming, and may even be impossible in some circumstances, numerous data protection systems have been devised to help prevent data loss during various types of long and short term power failures or surges that would otherwise result in a partial or total loss of the data stored in such volatile memory arrays. Examples of such data protection systems are shown in U.S. Pat. No. 3,980,935 issued to Worst; U.S. Pat. No. 4,327,410 issued to Patel et al.; U.S. Pat. No. 4,375,663 issued to Arcara et at.; U.S. Pat. No. 4,458,307 issued to McAnlis et at.; U.S. Pat. No. 4,525,800 issued to Hameria; U.S. Pat. No. 4,677,311 issued to Morita; U.S. Pat. No. 4,698,808 issued to Ishii; U.S. Pat. No. 4,763,333 issued to Byrd; U.S. Pat. No. 4,800,532 issued to Honeck et at.; U.S. Pat. No. 4,874,960 issued to Cybela; and U.S. Pat. No. 4,907,150 issued to Arroyo et al.
Most of the existing data protection systems, such as those listed above, can be grouped into one of two categories or classifications depending on the particular data saving strategy that is utilized. Data protection systems falling into the first category (hereinafter referred to as category I systems) typically rely on relatively large capacity storage batteries in the reserve power supplies to continually supply power to the volatile memory arrays and memory refreshing apparatus until the main power is restored. In contrast, data protection systems falling into the second category (hereinafter referred to as category II systems) usually include memory transfer apparatus in addition to the data refreshing apparatus to transfer data from the volatile memory arrays into non-volatile memory arrays (i.e., memory arrays that can retain data without power) upon detecting power failures.
Unfortunately, a major drawback associated with the category I data protection systems is that if the main power remains interrupted for a long period of time, the reserve power supplies (usually comprising conventional storage batteries) may be exhausted, resulting in a complete loss of data. One way to circumvent this problem has been to provide relatively large capacity back-up batteries in the reserve power supplies to extend the time that the systems can preserve data in the volatile memory array. However, such large reserve batteries require large capacity battery chargers and associated components, which increase the overall costs, complexities, and sizes of such data protection systems. Furthermore, most category I systems rely on the reserve power supply to supply power to the entire computer system, including the main processor and any peripheral devices, thereby substantially increasing the power demands placed on the reserve power supply. Therefore, regardless of the size of the battery in the reserve power supply, there is always a chance that the battery will be exhausted before the main power is restored, resulting in a complete loss of data.
Another disadvantage associated with category I systems is that the reserve power supplies are only used on rare occasions, since power outages or failures of the main power supplies are relatively infrequent. Therefore, it is simply not efficient to provide large capacity reserve power supplies when such supplies are infrequently required. Unfortunately, reducing the capacities of the components of such reserve power supplies to make their costs acceptable introduces the problem of limiting the amount of time that the data protection systems can compensate for power interruptions.
The category II data protection systems were developed in response to the shortcomings associated with the category I systems described above. Most of the category II data protection systems immediately transfer data stored in the volatile computer memories into a non-volatile memory as soon as a power interruption is detected. Since the volatile memory arrays and the data protection system need only be energized during the time necessary to transfer the data to the non-volatile memory, much smaller reserve batteries can be used in the reserve power supply without compromising the ability of the data protection system to preserve data. Accordingly, category II data protection systems have tended to be effective in reducing the sizes of the reserve battery systems, because the power consuming volatile memory arrays only require power until the data stored therein can be transferred into non-power consuming non-volatile memory arrays. As soon as all the data are transferred by such a system, the entire data protection system is then usually shut down.
An example of such a category II data protection system is described in the patent issued to Byrd (U.S. Pat. No. 4,763,333). Essentially, Byrd discloses a data protection system for PC-type computers which saves the data stored in various volatile memory arrays in the computer into a non-volatil. e memory, such as a magnetic disk, as soon as a power interruption is detected. Byrd accomplishes this data protection function by immediately connecting the reserve power supply to the CPU and the volatile memory array (RAM), as well as to all the other devices connected to the CPU, to preserve the data in the volatile memories associated with these devices. Byrd's system then transfers all data stored in the respective volatile memories of such devices, including the CPU state, operating system, application program, and user data, into the non-volatile memory. When power is restored, Byrd's data protection system then transfers the data from the non-volatile memory array back into the respective volatile memory arrays from which the data originated, thereby restoring the PC to the exact state in which it was before the power failed, right down to the cursor position on the screen.
While the system disclosed by Byrd is useful in many circumstances, it is not without drawbacks. For example, while Byrd's system is suitable for relatively small, low power consuming computers, such as PCs, it cannot be effectively adapted for use in a larger, main frame computer, because of the enormous power loads that would be placed on the reserve batteries by the large central processor and volatile memory arrays, not to mention the numerous high power consuming peripheral devices, such as solid state disks, that are commonly connected to such a large computer system. Providing a large enough reserve power supply to energize these components, even for a short time according to the teachings of Byrd, is just not practical.
Another problem associated with the data protection system according to Byrd is that there is no convenient means of stopping the data transfer process if power is restored to the system during the time the data are being transferred from the volatile memory arrays into the non-volatile memory, such as would occur in relatively common, but momentary power outages lasting only a few seconds or minutes. With Byrd's system, the user must wait until the data protection system transfers all the data into the non-volatile memory and back into the volatile memories before computer operation can be resumed. While this delay is not a problem for small PCs, since the amount of data being handled is relatively small and can be quickly transferred, it is impractical on large computer systems since the amount of data being handled is many orders of magnitude larger. Further, if such a large computer system needs to be briefly shut down to service a piece of equipment, the users will have to wait for Byrd's data recovery sequence to be completed before they can use the system.
Therefore, there is a need for a data protection system that can be effectively used with larger, high power consuming computer systems that include relatively large volatile RAM arrays, solid state disks, data caching systems, and the like, while only requiring a relatively small reserve battery to ensure data protection. Such a data protection system should be capable of temporarily powering the volatile memory arrays to allow the computer system to be rapidly restored to operation following short power outages, and yet ensure full data integrity by storing the data in non-volatile memory in the event the power failure is of long duration. Ideally, such a data protection system should have a user configurable power sequence to allow the user to tailor the operation of the system depending on the size of the reserve battery utilized and should have a user selectable recovery option to allow the user to select whether the data transfer process will be completed if power is restored during that process. Until this invention, no such data protection system existed.