CN104657684B - Strengthen the method for reliability of smart card - Google Patents

Strengthen the method for reliability of smart card Download PDF

Info

Publication number
CN104657684B
CN104657684B CN201410427123.3A CN201410427123A CN104657684B CN 104657684 B CN104657684 B CN 104657684B CN 201410427123 A CN201410427123 A CN 201410427123A CN 104657684 B CN104657684 B CN 104657684B
Authority
CN
China
Prior art keywords
smart card
software switch
switch
erasable
software
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410427123.3A
Other languages
Chinese (zh)
Other versions
CN104657684A (en
Inventor
杨念东
蒙卡娜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing CEC Huada Electronic Design Co Ltd
Original Assignee
Beijing CEC Huada Electronic Design Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing CEC Huada Electronic Design Co Ltd filed Critical Beijing CEC Huada Electronic Design Co Ltd
Priority to CN201410427123.3A priority Critical patent/CN104657684B/en
Publication of CN104657684A publication Critical patent/CN104657684A/en
Application granted granted Critical
Publication of CN104657684B publication Critical patent/CN104657684B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)
  • Stored Programmes (AREA)

Abstract

The present invention be it is a kind of strengthen reliability of smart card method, the embedded software reliability design field of the smart card belonged in field of embedded software.The present invention proposes that one kind sets software switch in smart card programs, switched by control software, reduces the probability that performs erasable function of the smart card programs because of the mistake that is interfered, and reaches the purpose of enhancing reliability of smart card.

Description

Strengthen the method for reliability of smart card
Technical field
The invention belongs to the smart card software category in field of embedded software, more particularly to reliability of smart card method.
Background technology
Smart card is a kind of IC-card, and the integrated circuit in card includes central processor CPU, ROM, EEPROM (or other Jie Matter), RAM and the smart card software being stored in card and data.
Smart card generally has the hardware reliability safeguard measure such as voltage protection, frequency protection, but still exists some non- Under normal running conditions (such as power supply is unstable, plugs, the condition of electromagnetic interference), smart card programs pointer runs winged feelings Condition.Smart card programs pointer, which is run, to fly, it will usually program is returned to the state of mistake.According to the characteristics of application of IC cards, program is run It is winged to bring two kinds of consequences.First, in the case of most of program fleets, program will likely return to error condition, only can Cause using interrupting, because the host computer and background server of application of IC cards generally have the processing interrupted for application, therefore Influence very little;Another consequence is, because there is erasable program in smart card, if program fleet and have invoked erasable program Caused erasable should not be erasable the even erasable program code of data, then card can turn into invalid card.If producing There is this problem in link, can cause the decline of yield rate;If occurring this problem in user's hand, brought not to holder Just, card issuer the rate of complaints is caused to rise.
When being typically embedded into formula software to improve reliability class, N can be designed using the method for N version programs design The different program of individual identical function, the result that each version successively generates are compared to each other to determine to export.But this method meeting The construction cycle is caused to grow, performance is relatively low, and space-consuming is big, is typically the application scenarios for being not suitable for smart card.
Chip hardware can also take the design of some reliabilities sometimes, such as hardware design is first before the action such as erasable Certain command sequence is write, is not otherwise started erasable.But usual erasable function is by the command sequence and starts erasable be placed on In one function, once program fleet can then be sequentially written in command sequence and startup is erasable, will result in mistake to function entrance It is erasable.
The content of the invention
Smart card due to the characteristics of itself, it is necessary to which embedded software strengthens the overall reliability of smart card.In smart card More serious a kind of problem in integrity problem, be exactly smart card program pointer when being interfered run fly to cause program code or The situation that data are erased and written by mistake.A kind of method that the present invention is exactly to solve this problem and designed.
The method of this enhancing reliability of smart card provided by the invention, devises a software switch to control smart card The erasable function of nonvolatile memory it is erasable enabled, by the opening and closing operation of software switch be placed on erasable function it Outside, while the opening and closing operation by software switch and correct program operational process are combined closely.If software switch does not have There is opening, then program is not carried out the erasable instruction of erasable function or hardware.By the opening and closing operation of software switch and just True program operational process combines closely, then make it that software switch maximum probability is closed during program fleet.So as to When program is not run by the execution of normal program circuit flies to erasable function, the erasable instruction of erasable function or hardware will not It is successfully executed.
The present invention includes following software switch routine call method A:
(1) at the initial stage to be brought into operation in smart card, software switch is closed;
(2) initialization of smart card programs is carried out;
(3) entering application program of intelligent card before processing, software switch is being closed;
(4) the application of IC cards order to be received such as;
(5) after receiving application of IC cards order, software switch is opened;
(6) the application of IC cards order (containing erasable program is called) that processing receives, and returned data, then by software Switch is closed;
(7) step 4~step 6 is repeated.
One of effective foundation of this method is:If flying because interference program is run, step can hardly be completely performed Rapid 4~step 6, particularly performing in the reception link of the 4th step, will stop because can not receive correctly order, therefore When program fleet is to erasable function, the state in closing of software switch meeting maximum probability.
The present invention includes following software switch (Switch_Variable, using the switch of variable) Programming Methodology B:
(1) software switch opens or closes, and determines whether erasable operation is allowed to perform;
(2) software switch represent numeral will more than 4 bytes, i.e., 232Number according to this on;
(3) software switch can split into one group of switching variable, and 1 is represented with the judgement number of increase switch, such as 1 variable The sub switch of byte or 1 variable represent the sub switch of 2 bytes;
(4) when software switch is equal to one group of particular value, represent that switch is closed, such as 0x00000000;
(5) when software switch is equal to one group of particular value, represent that switch is opened, such as 0x6780904F.
The present invention includes the design method C of the erasable program of the nonvolatile memory below in conjunction with software switch:
(1) buffering area for the data write-in erasable operation of hardware being written into;
(2) call and judge software switch function.The function performance is to judge that software switch (Switch_Variable, represents Switch based on variable) whether opening (being determined by above-mentioned method A, method B) is in, if closed mode, then directly Connect execution chip abnormal interrupt or exit erasable program;If opening, then next step is performed;
(3) the erasable hardware operation of intelligent card chip is started;
Another software switch can be especially used as using some CPU instruction feature, such as the condition of instruction performs Attribute, i.e., when certain bit of certain SFR inside CPU is unsatisfactory for condition, CPU will not perform this current conditional order (commonly referred to as Instruction containing execution attribute of having ready conditions is conditional order).Illustrated below by taking ARM SC100 CPU conditional order as an example.
STREQ R2, [R1];For example, it is assumed that the instruction of this sentence represents hardware-initiated write operation, but because there are the two words of EQ Condition that matrix shows performs attribute, then explanation need " z " this CPU marks (such mark is the status indication inside CPU, It is typically stored in register cpsr) when being 1, the instruction of STREQ this sentence can just be performed (operand that R2 R1 are instruction) by CPU. If " z " is just only arranged to 1 before the instruction is performed, and to set the storage location of z sentence away from STREQ this Sentence instruction (remote with regard to the storage location that can make by the way that the sentence for setting z is encapsulated in another function), it is thus substantially complete The full program that prevented directly is run when flying to instruction that STREQ this startup is write, causes by mistake erasable situation.
The erasable program for the nonvolatile memory that the present invention includes the software switch below in conjunction with conditional order is set Meter method D:
(1) buffering area for the data write-in erasable operation of hardware being written into;
(2) switch (Switch_Instruction, representing the switch based on instruction) of conditional order is set to off
(3) call and judge software switch function.The function performance is whether to judge current switch (Switch_Variable) (determined in opening by above-mentioned method A, method B), if closed mode, then directly perform chip abnormal interrupt or Exit erasable program;If opening, then the switch of conditional order is set to out, and perform next step;
(4) the erasable hardware operation (using conditional order) of intelligent card chip is started;
Design method D is more preferable than design method C effect, but needs the support of cpu instruction.
Other supplementary means that can strengthen effect of the present invention also have:" intelligent the core of the card will be started using means such as function merging The software operation amount of the erasable hardware operation of piece " drops to the effect that at least, will can lift the present invention as far as possible;If design Into by hardware start it is erasable come identification software switch on (such as hardware design be it is erasable to etc. act before first to write Certain command sequence, then the command sequence and software switch can be subjected to certain matching), it will can lift effect of the invention Fruit.
This method provided by the invention --- facts have proved by what hot plug and voltage disturbance were tested --- can allow intelligence Energy card occurs as soon as a data from hundreds of interference and is mistakenly rewritten, and becomes more than 10,000 times and did not occurred the phenomenon, greatly increases The strong reliability of smart card, improve the yield rate of product.
Brief description of the drawings
, below will be to required in embodiment or description of the prior art in order to illustrate more clearly of technical scheme The accompanying drawing used is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, right For those of ordinary skill in the art, without having to pay creative labor, it can also be obtained according to these accompanying drawings Other accompanying drawings.
Fig. 1 is software switch routine call method A schematic diagrames;
Fig. 2 is the design method C schematic diagrames of erasable program;
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the present invention is specifically introduced.
Embodiment
Embodiment one:
The present embodiment provides a kind of call method of software switch program.As shown in figure 1, methods described includes:
Step A00, electrification reset, represent that intelligent card embedded software starts to perform.
Step A01, just start to perform in program, i.e., close software switch, be advantageous to closure program fleet band early Carry out detrimental effect.
Step A02, the work such as other initialization of smart card programs are performed.
Step A03~A06, be smart card data processing brief model, be presented as a kind of process of circular treatment.Intelligence It is a kind of passive equipment that can block, i.e., host computer hair data simultaneously return to response data to smart card, smart card reception processing, then Continue waiting for receiving next group of data (commonly referred to as ordering).
Step A03, software switch being closed at the beginning in loop body.
Step A04, the order that host computer issues is received.
Step A05, software switch is opened, it is allowed to erasing function is performed in command process.
Step A06, designated command is handled, and generally includes order validity checking, then processing order.
If program fleet takes office individual step one by one, state of the switch for closing is likely encountered, it is also possible to which running into switch is The state of opening, such as run and fly to A06, but the order at this moment " received " is often incorrect, also will not continue to perform backward. If in order to improve effect, can also design switch on closing and program circuit combine finer example.
Embodiment two:
The present embodiment provides a kind of design method of erasable program.As shown in Fig. 2 methods described includes:
Step C01, the purpose of erasable program is by the data programming that transmission is come in nonvolatile memory (EEPROM Or FLASH) on, usual hardware can provide a buffering area, hardware-initiated erasable in software rightful notice for depositing data Afterwards, hardware automatically can write the data of buffering area in nonvolatile memory.This step is will to treat that erasable data write-in is slow Rush area.
Step C02, whether inspection software switch 1 is 0x6780.Here it is that software switch is split as two sub switchs, i.e., Switch 1 and switch 2.Think that it is illegal to be currently entering this erasable program if different, will go to perform step C07.
Step C03, whether inspection software switch 2 is 0x904F.Think to be currently entering this erasable program right and wrong if different Method, it will go to perform step C07.
Step C04, it is legal to switch, then can perform startup programming, that is, start erasable.
Step C05, hardware programming release is waited.
Step C06, erasable program is completed and exited.
Step C07, the initial address for coming back to smart card programs starts to rerun (equivalent to restarting).Also can carry out Other kinds of error handle.
In this example, erasable function be only responsible for it is split put capable judgement into, i.e., whether it is erasable be by outside correct flow In software switch whether open decision.
Embodiment three:
For software switch (Switch_Variable, representing the switch based on variable) Programming Methodology, principle is out The quantity that Guan is represented is sufficiently large, reduces and is also not turned off switch when upper electric, program has just been run and flown to cause switch to be exactly in The probability of unlatching.
Generally can design software switch represent numeral more than 4 bytes, i.e., 232Number according to this on;
Switch is opened, is exactly to assign one group of particular value, such as 0x6780904F to software switch variable.
Closing switch, it is exactly to assign another group of particular value, such as 0x00000000 to software switch variable.
In a word, this enhancing reliability of smart card method provided by the invention is the experiment proved that, simple possible can be effective Settlement procedure, which is run, flies caused by mistake erasable situation, effectively improves the reliability of embedded software product.

Claims (7)

  1. A kind of 1. method for strengthening reliability of smart card, it is characterised in that control smart card non-volatile using a software switch Property the erasable function of memory it is erasable enabled;The opening and closing operation of software switch is placed on outside erasable function, and The opening and closing operation of software switch is placed in the correct flow of smart card programs operation, step is as follows:
    (1) at the initial stage to be brought into operation in smart card, software switch is closed;
    (2) initialization of smart card programs is carried out;
    (3) entering application program of intelligent card before processing, software switch is being closed;
    (4) the application of IC cards order to be received such as;
    (5) after receiving application of IC cards order, software switch is opened;
    (6) the application of IC cards order received, and returned data are handled, then closes software switch;
    (7) step (4)~step (6) is repeated.
  2. A kind of 2. method for strengthening reliability of smart card as claimed in claim 1, it is characterised in that the opening of software switch or Close, determine whether erasable operation is allowed to perform.
  3. A kind of 3. method for strengthening reliability of smart card as claimed in claim 1, it is characterised in that the number that software switch represents Word will more than 4 bytes, i.e., 232Number according to this on, with strengthen software switch representative digital complexity.
  4. 4. a kind of method for strengthening reliability of smart card as claimed in claim 1, it is characterised in that software switch can split into one Group switching variable, with the judgement number of increase switch.
  5. 5. a kind of method for strengthening reliability of smart card as claimed in claim 1, it is characterised in that software switch is equal to one group During particular value, represent that switch is closed.
  6. 6. a kind of method for strengthening reliability of smart card as claimed in claim 5, it is characterised in that software switch is equal to difference When one group of particular value described in claim 5, represent that switch is opened.
  7. 7. a kind of method for strengthening reliability of smart card as claimed in claim 1, it is characterised in that nonvolatile memory is wiped Program writing step is as follows:
    (1) buffering area for the data write-in erasable operation of hardware being written into;
    (2) judge whether current software switch is in opening, if closed mode, then directly perform in chip exception It is disconnected or exit erasable program;If opening, then next step is performed;
    Start the erasable hardware operation of intelligent card chip.
CN201410427123.3A 2014-08-27 2014-08-27 Strengthen the method for reliability of smart card Active CN104657684B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410427123.3A CN104657684B (en) 2014-08-27 2014-08-27 Strengthen the method for reliability of smart card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410427123.3A CN104657684B (en) 2014-08-27 2014-08-27 Strengthen the method for reliability of smart card

Publications (2)

Publication Number Publication Date
CN104657684A CN104657684A (en) 2015-05-27
CN104657684B true CN104657684B (en) 2018-01-30

Family

ID=53248791

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410427123.3A Active CN104657684B (en) 2014-08-27 2014-08-27 Strengthen the method for reliability of smart card

Country Status (1)

Country Link
CN (1) CN104657684B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1427346A (en) * 2001-12-19 2003-07-02 皇家菲利浦电子有限公司 Method and device for controlling EEPROM access, computer software product and readable storage medium
CN1691206A (en) * 2004-04-28 2005-11-02 松下电器产业株式会社 Non-volatile semiconductor storage device
CN101238492A (en) * 2005-06-07 2008-08-06 埃塞博斯集团有限公司 ITSO FVC2 application monitor
CN102567774A (en) * 2010-12-27 2012-07-11 北京中电华大电子设计有限责任公司 Smart card safety protection circuit and smart card safety protection method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1427346A (en) * 2001-12-19 2003-07-02 皇家菲利浦电子有限公司 Method and device for controlling EEPROM access, computer software product and readable storage medium
CN1691206A (en) * 2004-04-28 2005-11-02 松下电器产业株式会社 Non-volatile semiconductor storage device
CN101238492A (en) * 2005-06-07 2008-08-06 埃塞博斯集团有限公司 ITSO FVC2 application monitor
CN102567774A (en) * 2010-12-27 2012-07-11 北京中电华大电子设计有限责任公司 Smart card safety protection circuit and smart card safety protection method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
带软件锁非易失性随机存取存储器OKS1295---8M×8;BDTIC官网的博客;《blog.sina.com.cn/s/blog_4d8e01280100d1kl.html》;20090317;正文1-3段 *

Also Published As

Publication number Publication date
CN104657684A (en) 2015-05-27

Similar Documents

Publication Publication Date Title
US11664077B2 (en) Nonvolatile semiconductor memory device which performs improved erase operation
CN101243451B (en) Method and device for protecting embedded memory
US20020129195A1 (en) Microcomputer with built-in programmable nonvolatile memory
US8621298B2 (en) Apparatus for protecting against external attack for processor based on arm core and method using the same
CN103745167B (en) The IAP method and device of single-chip microcomputer
CN102446141B (en) Device and method for realizing write protection control
CN108319520A (en) Mobile device alternate operating system based on secure storage
CN104090788B (en) A kind of On-board software configuration and operation method and system based on load
CN109815171A (en) Method and apparatus for the Memory Controller discovery specific non-volatile memory devices of supplier
CN101639877B (en) Electronic device and method for updating basic input and output system thereof
CN106980473B (en) Method for improving read-write reliability and speed of EEPROM
US20150317245A1 (en) Bidirectional counter in a flash memory
EP2151755A1 (en) Electronic device and method for updating bios thereof
CN108460296A (en) SOC chip with debugging interface security mechanism and method
CN106371863A (en) Embedded multi-operation system boot program upgrading method
CN109408122A (en) A kind of equipment starting method, electronic equipment and computer storage medium
CN105898475A (en) Method for improving compatibility between intelligent TV and embedded multimedia card and intelligent TV
CN109933340A (en) A kind of spacecraft EEPROM in-orbit write-in and self checking method based on page mode
CN107729196B (en) Smart card power-off test method
TWI530954B (en) Apparatuses for securing software code stored in a non-volatile memory
US20130326124A1 (en) Power management architecture based on micro/processor architecture with embedded and external nvm
CN103995717B (en) A kind of method of embedded device software upgrading
US8495734B2 (en) Method and device for detecting an erroneous jump during program execution
CN104503810B (en) The method and device of BIOS/firmware in more new computer system
CN104657684B (en) Strengthen the method for reliability of smart card

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 102209 Beijing, Beiqijia, the future of science and technology in the south area of China electronic network security and information technology industry base C building,

Applicant after: Beijing CEC Huada Electronic Design Co., Ltd.

Address before: 100102 Beijing City, Chaoyang District Lize two Road No. 2, Wangjing science and Technology Park A block five layer

Applicant before: Beijing CEC Huada Electronic Design Co., Ltd.

COR Change of bibliographic data
GR01 Patent grant
GR01 Patent grant