Vulnerabilities / Threats // Insider Threats
3/3/2011
10:49 AM
Connect Directly
RSS
E-Mail
50%
50%

PCI Express Spec For SSDs Released

Solid-state drives will see significant performance gains by running on a PCIe platform rather than SATA, said the Non-Volatile Memory Host Controller Interface Work Group.

A working group has released an Intel-led specification for using PCI Express as the platform for solid-state drives instead of the slower performing SATA interface typically used today.

The Non-Volatile Memory Host Controller Interface (NVMCI) Work Group released the specification on Monday, with the goal of helping to enable the broad adoption of SSDs using the PCIe interface.

Advances in SSD technology have surpassed the older SATA interface, so a new platform infrastructure is needed "to keep pace and allow the system to realize the full potential of these devices," the NVMCI Work Group said in a statement.

The NVM Express 1.0 specification defines an optimized register interface, command set, and feature set for PCIe-based SSDs. The interface supports multi-core architectures found in most CPUs today. Within enterprise computing environments, the spec supports end-to-end data protection, security, and encryption, as well as having error reporting and management capabilities.

NVM Express offers a number of benefits as a standard interface through the interoperability it offers for multiple products, the workgroup said. For example, an operating system vendor can write one driver that works for SSDs from multiple vendors. Device makers can purchase SSDs from different suppliers and be confident that all will implement a consistent feature set.

In addition, device makers can use the same test suite across SSDs using NVM Express, thereby reducing time to market. Companies that say they are supporting the new spec include Dell, EMC, and Cisco.

"The NVM Express interface is an essential enabler for future generations of non-volatile memory storage solutions," Tom Macdonald, VP of the Intel architecture group, said in a statement.

A standard Linux driver for NVM Express is available and ready for download from Intel. A standard driver for Windows is under development, with an alpha release expected in the third quarter. The spec itself is also available through Intel's site.

The NVMHCI Work Group includes more than 70 companies. Core contributors include Cadence, Cisco, Dell, EMC, Fujitsu Technology Solutions, IDT, Intel, Marvell, Micron, Microsoft, NVELO, Oracle, Pliant, PLX, Samsung, SanDisk, SandForce, STEC, and Violin Memory.

Implementation of NVM Express requires a license from Intel. Members of the workgroup are entitled to a royalty-free license from Intel. A white paper on the spec is available on Intel's site.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.