The present invention relates to a data storage system and method, and in particular to a system and method comprising or relating to mass data storage devices. The invention has particular application to data storage devices which may be subject to power interruption, for example arising from removal from an associated device or power failure of the associated device.
Almost all electronic devices require memory for data storage. Flash memory devices have become increasingly commonly used either as permanently installed internal data storage devices or as removable data storage devices, for example memory cards.
File Allocation Table (FAT) based file systems are commonly used for both embedded and removable data storage devices. FAT systems are particularly useful for removable data storage devices as they are supported by most operating systems used in personal computers, and thus present few interoperability or compatibility issues.
A FAT file system stores a file allocation table on the data storage device, which identifies where each file is stored at the hardware level of the data storage device, by mapping hardware level elements, referred to as clusters, to each stored file. The file allocation table also stores other information concerning the stored files, the file system, and the hardware level structure, in the form of metadata.
If power failures occur, then FAT systems are not safe. The relationship between file contents and file metadata, as well as the internal consistency of the file system may be damaged by a power failure, for example if the power failure occurs during a write operation. Furthermore, earlier versions of FAT file systems cannot cope with long file names, and those later versions that can cope with long file names do so in a relatively inefficient manner.
Some electronic devices monitor power levels and ensure a safe shutdown if power is close to being exhausted. However, even in the case of such devices, problems can occur if a removable data storage device is forcibly removed during a read or write operation, or if power failure occurs due to an unforeseen device or component failure.
Power failure problems can be particularly acute in an automotive environment, as power is often delivered by the vehicle battery to electronic devices associated with the vehicle. Examples of such electronic devices in an automotive environment include navigation devices, for example portable navigation devices (PNDs). The software, or other control system, of such electronic devices may have little or no control over the level of power delivered. For example, during an engine start, power can drop to dangerously low levels especially if the vehicle battery is old. That may cause corruption of data if a non-power fail safe file system, such as FAT, is used.
More generally, power failure problems can occur if an SD card, or any other removable memory device, is removed from a device or computer, for example a PC, whilst the SD card or memory device is being written to.
Some known file systems, for example Ext3, provide power fail safe journaling capabilities in which data to be stored by the file system is copied temporarily to a journal before being written to the location assigned by the file system. If a power failure occurs during a write procedure, a copy of data that is in the process of being written should be retained in the journal, and can be used to restore the correct data to the location assigned by the file system.
Other known file systems, for example ZFS, are power fail safe transactional file systems, in which existing data are not overwritten at the same physical location of a storage device by a new or amended version of the data. Instead, a set of writes of a new version of data is performed to a different location on the storage device than the area at which the previous version of the data is stored. The set of writes is usually written to free space on the storage device. The reference to the location of the data is then changed and the location of the previous version of the data is marked as free. The set of writes can be referred to as a transaction.
However, power fail safe journaled or transactional file systems are less prevalent than non-journaled or non-transactional file systems such as FAT, and can present significant compatibility and interoperability issues. That can present particular problems in the case of removable data storage devices, which may be required to be compatible with a wide variety of electronic devices or operating systems.
It is known to use combinations of file systems and, for example, to embed one file system inside another using a loopback arrangement. For example, in Linux Live CDs, a read-only Joliet file system is provided in combination with a further RamFS file system. The RamFS file system operates as a read/write layer over the CD's Joliot file system whilst in operation but is not power-fail-safe and anything stored in RamFS is lost when the RAM is not powered.
In another example, it is known to hold an Ext2 or Ext3 file system inside an NTFS file system on a personal computer, for example as provided in a VMWare Linux image. The user is able to read and write data freely from or to either the Ext2/Ext3 or NTFS file system in the personal computer.
In certain circumstances the use of combinations of file systems, particularly in loopback arrangements, can lead to the loss of certain functionality (for example, correct journaling) of one or other of the file systems or to unreliable operation of the file systems.