JP5729985B2 - A highly secure gaming machine communication device - Google Patents

Description

  The present invention relates to a communication device for a gaming machine. More specifically, the present invention relates to a gaming machine communication device that secures gaming machine security.

  In the prior art, the main board that performs the main control of the gaming machine is equipped with a microcomputer for controlling the gaming machine, and further, the payout board that controls the payout of game balls and the symbol display board that controls the display of symbols such as a liquid crystal screen A control command in which processing contents are defined is transmitted to the sub-board. The sub board operates based on a control command transmitted from the main board.

  In the communication path between the main board and the sub board, the control command is not encrypted and transmitted in a state that can be read by a third party, and other control data is not included. Is used alone. Therefore, since the control command is easily extracted and decoded, there is a problem that the control command is analyzed by a third party. In addition, since the control command is deciphered, there is a risk that a person who cheats the gaming machine may tamper with the control command and illegally obtain a prize ball.

  Further, since the communication path between the main board and the sub board is used without establishing the reliability of the communication path including the influence of noise or the like, the reliability of the communication path in the conventional communication method In order to obtain data, the same data is transmitted a plurality of times. In addition, if an unauthorized person to a gaming machine connects an illegally modified main board to a communication path and a control command is issued by the illegally modified main board, the sub board side detects such an illegality. I couldn't.

  The present invention secures the reliability of a communication path between a main board and a sub board in a gaming machine, particularly a pachinko machine, and complicates data flowing in the communication path to make it difficult to decode a control command. The purpose is to detect the possibility of unauthorized transmission or falsification of control commands and to ensure the confidentiality and integrity of data used in communication between boards.

  A communication device in a gaming machine according to the present invention includes a first board and a second board connected to the first board via a communication path, and the first board generates dummy data continuously. A check data generation rule is applied to the generator and the dummy data to generate check data, and a dummy data string including dummy data and check data is generated, and a dummy data string including at least dummy data is further generated. A stream data generator that generates a data stream from control command data in which processing contents to be executed by the second board are defined and a dummy data string, and a transmission module that transmits the data stream to the second board. The two boards include a receiving module that receives the data stream and dummy data from the received data stream. A stream for acquiring a column and control command data, checking whether check data in a dummy data column is generated based on a check data generation rule, and further checking whether a data stream is normal The stream data analyzer establishes the reliability of the communication path when the check data is generated based on the check data generation rule, and the stream data analyzer further receives the received data stream. If the data stream is not normal, the reliability of the communication path can be denied.

  In the communication device in the gaming machine according to the present invention, whether or not the data stream is normal can be confirmed by confirming whether or not the data stream is continuous after the reliability of the communication path is established. it can.

  In the communication device in the gaming machine according to the present invention, when the check data is included in the dummy data string, whether or not the data stream is normal is checked after the reliability of the communication path is established. This can be done by checking whether the check data is generated based on the check data generation rule.

  In the communication device in the gaming machine according to the present invention, the second board further includes a communication path data register, and the stream data generator includes key data generated based on a unique value for each board in the dummy data string. The stream data analyzer is configured to acquire key data from the dummy data string and store it in the communication path data register when establishing the reliability of the communication path. To confirm whether the data stream is normal, after the reliability of the communication path is established, the stream data analyzer acquires the key data from the dummy data string, and stores the acquired key data in the communication path data register. This can be done by comparing the stored key data.

  In the communication device in the gaming machine according to the present invention, the stream data analyzer obtains the control command data, and then checks whether the data stream is normal in the data stream transmitted after the obtained control command data. It can be carried out.

  In the communication device in the gaming machine according to the present invention, the first board includes an encryption circuit, and the second board includes a decryption circuit capable of decrypting the data encrypted by the encryption circuit.

  In the communication device in the gaming machine according to the present invention, the key data and / or the check data can be included only in a predetermined dummy data string.

  According to the present invention, when the reliability of the communication path is not established, it is possible to detect and eliminate data with low reliability due to unauthorized transmission or alteration, including the influence of noise or the like, on the data flowing through the communication path. it can. This eliminates the need for a substrate that transmits data to transmit the same data multiple times.

  In addition, since the reliability of the communication path between the boards is always confirmed, the developer of the gaming machine can perform a design considering the reliability of the communication path. For example, if the reliability is denied after establishing the reliability of the communication channel, the fact is notified to the liquid crystal screen of the gaming machine or the computer managing the gaming machine, or until the reliability of the communication channel is established The receiving board can be designed in consideration of processing such as discarding received data.

  Further, it is difficult for a third party to decode the communication content between the main board and the sub-board, and the communication contents are not falsified by the third party. As a result, it is possible to always perform normal operations for the control of the display of symbols and the payout process which is most important in the gaming machine.

It is the block diagram which showed the outline of the gaming machine which concerns on one Embodiment of this invention. It is the block diagram which showed the outline | summary of the main board | substrate which concerns on one Embodiment of this invention. 6 is a flowchart for explaining an embodiment of the data stream transmission side operation according to the present invention. It is the schematic which showed the image of the production | generation process of the data stream by this invention. 6 is a flowchart illustrating an example of an operation on the data stream receiving side according to the present invention.

  FIG. 1 is a block diagram showing an outline of a gaming machine 100 according to an embodiment of the present invention. The gaming machine 100 includes a main board 120, a symbol display board 130 and a payout board 140, which are sub boards, a power supply 150, and a system bus 110. The power supply 150 supplies power to each of the substrates 120 to 140. The substrates 120 to 140 are connected via the system bus 110. The symbol display board 130 controls symbols displayed on the gaming machine. The payout board 140 controls processing for payout of the gaming machine. The main board 120 communicates with the symbol display board 130 and the payout board 140 via the system bus 110 serving as a communication path, and controls them. The system bus 110 can be a serial communication bus and, if necessary, a parallel communication bus. Note that the gaming machine 100 may include a board having a function other than the symbol display board 130 and the payout board 140. And each board | substrate can transmit / receive a control command, and the board | substrate which received the control command performs a process based on a control command.

  FIG. 2 is a block diagram showing an outline of the main board 120 according to the embodiment of the present invention. The main board 120 includes a CPU 205, RAM 210, transmission module 215, reception module 220, transmission control command data register 225, reception control command data register 230, communication path data register 235, dummy data generator 240, stream data generator 245, encryption , A stream data analyzer 260, and a ROM 265.

  The CPU 205 is connected to the RAM 210, ROM 265, transmission control command data register 225, reception control command data register 230, and communication path data register 235 via the CPU bus 265. The transmission module 215 and the reception module 220 are connected to the system bus 110 that is a communication path, and the main board 120 can communicate with the other sub-boards 130 and 140 via the system bus 110. The decryption circuit 255 can decrypt the data encrypted by the encryption circuit 250.

  The configuration of the main board 120 is one example. Those skilled in the art will understand that the main board 120 may have a different configuration. For example, the transmission control command data register 225, the reception control command data register 230, and the communication path data register 235 can be integrated into one or more registers. In another embodiment, the RAM 210 can be used in place of the registers 225, 230, and 235. As another embodiment, the processes performed by the dummy data generator 240, the stream data generator 245, the encryption circuit 250, the decryption circuit 255, and the stream data analyzer 260 are stored in a program stored in the ROM 265. It can also be executed by the CPU 205 based on this.

  In this embodiment, the sub-boards 130 and 140 may have the same configuration as the main board 120. In this embodiment, the main board 120 and the sub boards 130 and 140 can bidirectionally transmit and receive data streams.

  As another example, one or both of the sub-boards 130 and 140 may be configured differently from the main board 120. For example, other parts not shown in FIG. 2 can be added to the sub-boards 130 and 140, or a part of the configuration shown in FIG. 2 can be omitted. .

  As another example, the main board 120 may include only a configuration for transmitting a data stream. For example, the configuration includes CPU 205, RAM 210, ROM 265, transmission module 215, transmission control command data register 225, dummy data generator 240, stream data generator 245, encryption circuit 250, and a part of CPU bus 265. Or all of them.

  The sub-boards 130 and 140 may have only a configuration for receiving the data stream. For example, the configuration includes CPU 205, RAM 210, ROM 265, reception module 220, reception control command data register 230, communication path data register 235, decoding circuit 255, stream data analyzer 260, and part of CPU bus 265. Or all of them. In this embodiment, the data stream is transmitted from the main board 120 to the sub boards 130 and 140 only in one direction.

  FIG. 3 is a flowchart for explaining an embodiment of the data stream transmission side operation according to the present invention.

  First, the stream data generator 245 generates key data (step 305). The key data is preferably information unique to each board. In the present embodiment, when each board has a unique ID (such as an ID assigned to each CPU), the key data is the unique ID itself or data generated based on the unique ID. can do. In addition, a value (for example, a fixed value) generated according to another different rule can be used as the key data. Thereafter, the stream data generator 245 generates a dummy data string using the dummy data generated by the dummy data generator 240 (step 310).

  The encryption circuit 250 encrypts the generated dummy data string (step 315). However, when the importance of keeping data secret is low, the step of encrypting the dummy data string can be omitted. The stream data generator 245 checks whether a control command has been generated (step 320). In this embodiment, the CPU 205 generates a control command and stores it in the transmission control command data register 225. In this case, the stream data generator 245 can check whether or not the control command has been generated by periodically accessing the transmission control command data register 225 and acquiring the stored control command. In another embodiment, the CPU 205 can send a control command to the stream data generator 245. In this case, the stream data generator 245 confirms that the control command has been generated by receiving the control command from the CPU 205.

  When the control command has been generated (step 320), the stream data generator 245 adds the control command to the encrypted dummy data string (step 325). As another embodiment, the stream data generator 245 can add the head stream data to the head of the dummy data string only when the dummy data string is first generated. For example, the head stream data can be data that is not used in normal communication (for example, “00000000”, “11111111”, or a combination thereof). As a result, the receiving-side board can easily determine whether or not the received data is the top data of the data stream by detecting the top stream data.

  The stream data generator 245 converts the data sequence generated in steps 315 and 325 into a data stream (step 330). In this case, the stream data generator 245 may add data for error detection and correction to the data stream for transmission when converting the data string into the data stream. As a result, even when a communication error occurs in the communication path, error correction can be performed on the receiving side substrate, and the convenience of the communication path is improved. Thereafter, the transmission module 215 transmits the generated data stream to another board (step 335).

  As can be understood from the processing flow of FIG. 3, as long as the processing of the transmission-side board does not operate normally, there is no interruption or pause with respect to the generation of the data stream. No data stream can be generated.

FIG. 4 is a schematic diagram illustrating an image of a data stream generation process according to the present invention. In this figure, one frame of data is assumed to be 8 bits. Thus, in one frame, the number of ways 2 ⁸ is expressed (i.e., when expressed in decimal, the number is 0 to 255). A state 405 of the data stream shown in FIG. 4A indicates that dummy data 455 including data for five frames is generated. The data stream state 410 shown in FIG. 4B indicates that the key data 460 is added to the dummy data 455. After that, the data stream state 415 shown in FIG. 4C indicates that the check data 465 is added to the dummy data 455 and the key data 460, and the dummy data string 480 is generated (step 310 in FIG. 3). .

  In this embodiment, the dummy data string can be data of a certain number of frames. In this embodiment, the dummy data string is 8 frames in which check data 465 for 1 frame is added after 7 frames of data consisting of dummy data 455 for 5 frames and key data 460 for 2 frames. This is a data string. As another embodiment, the dummy data string can be generated without including the key data. In this case, all the data for seven frames are dummy data.

  The dummy data 455 generated by the dummy data generator 240 is data generated according to a predetermined dummy data generation rule (for example, the generated data is always “11110000”) or randomly generated data. be able to. Here, it is preferable that the dummy data is randomly generated data that is not a fixed value or a fixed value. This is because check data, which will be described later, is based on dummy data, so that the value of the check data also changes when the dummy data changes. Thus, every time dummy data is generated, the dummy data value changes, so that it is more difficult for a third party to decode the dummy data and the check data.

  The check data 460 can be data obtained according to a predetermined check data generation rule defined between the transmission-side board and the reception-side board. In this embodiment, the check data obtained by the check data generation rule can always be a constant value. As another example, the check data obtained by the check data generation rule may be a result obtained by the check data calculation. The check data calculation will be described later.

  The state 420 of the data stream shown in FIG. 4D shows that the generated dummy data string is encrypted (step 315 in FIG. 3). As the encryption method, a known encryption method such as DES, triple DES, AES, or RSA can be used.

  Thereafter, when the control command is not generated, a newly encrypted dummy data string is generated (steps 310 and 315 in FIG. 3). The state 425 of the data stream shown in FIG. 4E indicates that the newly generated encrypted dummy data string 485 is added to the data stream in the state 420.

  Thereafter, when a control command is generated, the control command is added (step 325 in FIG. 3). The state 430 of the data stream shown in FIG. 4F indicates that the control command 490 is added to the data stream in the state 425.

  Further, in the subsequent processing, a new dummy data string or control command is further added after the control command 490 (not shown). As a result, the data stream becomes a continuous uninterrupted stream, and it becomes difficult for a third party to specify a control command in the communication path.

  As another example, control command start data may be included between the dummy data string in the data stream and the control command. The control command start data may be data that is not used in normal communication (for example, “00000000”, “11111111”, or a combination thereof). As a result, the control command can be easily detected on the board on the data stream receiving side.

  As another embodiment, the encryption circuit 250 can encrypt not only the dummy data string but also the control command. As yet another example, the encryption circuit 250 may encrypt the entire data stream. As a result, since the control command and the like are encrypted, it becomes more difficult for the third party to specify the control command.

  As another example of the dummy data string, the check data 465 and / or the key data 460 may be added only to a predetermined dummy data string that is strongly related to improving security. Examples of the predetermined dummy data string include a predetermined number of dummy data strings transmitted first, a dummy data string after a control command is transmitted, and the like. As a result, the process of adding check data and key data to the dummy data string can be reduced, so that an extra burden is not imposed on the CPU 205. In this embodiment, it is necessary to previously define a dummy data string including check data and / or key data in the transmission side board and the reception side board.

  As an example of the check data calculation described above, the calculation may be performed by performing a logical product calculation using predetermined data other than the check data in the dummy data string. For example, when the data used in the check data calculation is the data of the first frame and the second frame, and the data of the first frame and the second frame are “11000011” and “10011110”, respectively, the check data by the logical product calculation The result of the calculation is “10000010”. Further, the data used in the check data calculation can be all the data of the frame other than the check data.

  As another embodiment of the check data calculation, data for 7 frames other than the check data in the dummy data string is expressed in decimal numbers for each frame, and a predetermined calculation is performed using them. As an example of the predetermined calculation, the obtained decimal number is multiplied in order (specifically, the decimal value obtained from the data of the first frame and the second frame is multiplied, and the multiplication result) Is multiplied by the decimal value obtained from the data of the third frame (such calculation is repeated up to the seventh frame). Then, a value obtained by sequentially multiplying is subjected to a remainder operation with a numerical value “255” (a value obtained by sequentially multiplying is divided by a numerical value “255” to obtain a remainder), and the result of the remainder operation is expressed in a binary number. This value can be used as check data. As another example of the predetermined calculation, the sum of the obtained decimal values can be calculated, the sum value can be expressed in binary, and the lower 1 octet (8 bits) value can be used as check data. As will be apparent to those skilled in the art, other different calculation methods can be used for the check data calculation.

  FIG. 5 is a flowchart for explaining an embodiment of the data stream receiving side operation according to the present invention.

  Initially, the receiving module 220 on a board different from the board that transmitted the data stream receives the data stream (step 505). The decryption circuit 255 decrypts the head portion of the encrypted dummy data sequence acquired by the stream data analyzer 260 (for example, data for the top eight frames of the data stream state 430 in FIG. 4) ( Step 510). As another embodiment, when the head stream data is added to the data stream, the stream data analyzer 260 can easily determine whether or not certain data is the head of the data stream by using the head stream data. can do. When transmission of the data stream is stopped and transmission is started again, the stream data analyzer 260 can easily detect the head of the data stream to be transmitted again by using the head stream data. Then, the stream data analyzer 260 acquires data from the decoded dummy data string (step 515).

  The stream data analyzer 260 checks whether the check data in the acquired data is generated based on the check data generation rule (step 520). When the check data is generated based on the check data generation rule (step 520), the reliability of the communication path is established (step 525).

  As another embodiment, whether or not the check data is generated based on the check data generation rule is determined not only by determining the leading dummy data string but also by determining one or more of the subsequent dummy data strings. It can also be executed. As a result, the check data is confirmed a plurality of times, so that the reliability of the communication path can be further improved. In one embodiment, channel data register 235 may have an area for a channel trust flag. In this embodiment, when the reliability of the communication path is established, the stream data analyzer 260 or the CPU 205 turns on the communication path reliability flag. Thus, after the reliability of the communication path is established, the CPU 205 or the like refers to the communication path reliability flag in the communication path data register 235 and confirms that the communication path reliability flag is on, thereby It can be easily confirmed that reliability is established.

  As another embodiment, when key data is included in the dummy data string, the stream data analyzer 260 or the CPU 205 stores the key data in the communication path data register 235 in the step of establishing the reliability of the communication path. Steps may be included.

  If the check data has not been generated based on the check data generation rule (step 520), the process ends without establishing the reliability of the communication path (step 560). As another example, when the check data has not been generated based on the check data generation rule (step 520), the destination board can send an error notification to the source board.

  After the communication path reliability is established (step 525), the stream data analyzer 260 obtains the next set of data in the data stream (step 530). The stream data analyzer 260 checks whether or not the acquired data stream data is normal (step 535).

  In this embodiment, whether or not the data stream is normal can be confirmed by confirming whether or not predetermined error notification data is included in the data stream.

  As another example, whether or not the data stream is normal can be confirmed by confirming that the data stream is continuous. In this case, it is determined that there is an abnormality in the data stream when a discontinuous portion is confirmed in the received data stream. That is, when the communication path is disconnected or the transmission source board is replaced, the data stream is interrupted, so that an abnormality in the data stream is detected immediately. Therefore, this abnormality detection process is performed only with a simple determination process for determining whether or not the data stream is continuous without performing a process with a large processing load such as decrypting an encrypted dummy data string. Therefore, it is not necessary to place an extra burden on the CPU 205 or the like.

  As another embodiment, when the next data set acquired in step 530 is a dummy data string, whether or not the data stream is normal is checked by the stream data analyzer 260 using the decoding circuit 255. This can be done by decrypting the encrypted dummy data string in the next data set and checking whether the check data of the dummy data string is generated based on the check data generation rule (step 510). To the same processing as step 520). In this embodiment, when it is confirmed that the check data is not generated based on the check data generation rule, it is determined that there is an abnormality in the data stream.

  As yet another embodiment, when the next data set acquired in step 530 is a dummy data string, and the dummy data string includes key data, whether or not the data stream is normal The data analyzer 260 uses the decryption circuit 255 to decrypt the encrypted dummy data string in the next data set to obtain key data, and is stored in the obtained key data and communication path data register 235. This can be done by comparing the existing key data. In this embodiment, when it is confirmed that the acquired key data is different from the key data stored in the communication path data register 235, it is determined that there is an abnormality in the data stream.

  Further, whether or not the data stream is normal can be confirmed by one or a combination of two or more of these embodiments.

  When it is determined that the data stream is normal (step 535), the stream data analyzer 260 checks whether or not a control command exists in the acquired data (step 540). If there is no control command, the next set of data in the data stream is obtained (step 530). In this embodiment, the presence of a control command is determined using control command start data.

  If there is a control command, the stream data analyzer 260 acquires the control command and stores it in the reception control command data register 235 (step 545). As a result, the CPU 205 can use a control command for executing processing specific to the board. As another example, the stream data analyzer 260 may transmit the acquired control command to the CPU 205.

  As another example, after the control command is acquired, the stream data analyzer 260 further confirms that the data stream after the acquired control command is normal (the same processing as steps 530 and 535), The control command can be stored in the reception control command data register 230. Thereby, it is possible to avoid the use of a control command that is highly likely to be illegal, and to further improve the integrity of the control command. This is because if an abnormality in the data stream is detected after detection of the control command, the control command is likely to have been transmitted improperly or tampered with.

  As another example, the confirmation of whether or not the data stream is normal (step 520) may be performed only after acquisition of the control command (step 545). As a result, the abnormality detection process of the data stream is performed only when there is a high possibility of detecting fraud, so the number of executions of the abnormality detection process can be reduced, so that no extra burden is placed on the CPU 205.

  After acquiring the control command, the next set of data is acquired (step 530), and if it is determined that the data stream is not normal (step 535), the stream data analyzer 260 or the CPU 205 denies the reliability of the communication path. (Step 555). When the communication path reliability flag is used, when the reliability of the communication path is denied, the stream data analyzer 260 or the CPU 205 turns off the communication path reliability flag. Thereafter, the process ends (step 560). As a result, after the reliability of the communication path is denied, the CPU 205 or the like refers to the communication path reliability flag in the communication path data register 235 and confirms that the communication path reliability flag is off. It can be easily confirmed that reliability has not been established. Further, since there is a high possibility that a control command transmitted while the reliability of the communication path is not established has been illegally transmitted or altered, the CPU 205 or the like can control the control command not to be used. .

  According to the present invention, since a data stream is transmitted without interruption in a one-way or two-way communication path between the main board 120 and the sub boards 130 and / or 140, it is more difficult to detect a control command by a third party. Can be. Further, by using the data stream, it is possible to easily ensure the reliability of the communication path, and to detect unauthorized transmission or tampering of the control command.

  Although the present invention has been described for communication within a gaming machine, it can also be used for other data communication such as the Internet and general peer-to-peer communication.

  As long as there is no operational contradiction, such as using data that should not be used in a certain step in the processing flow described above, the processing flow can be freely changed. be able to.

  Each embodiment described above is an example for explaining the present invention, and the present invention is not limited to these embodiments. The present invention can be implemented in various forms without departing from the gist thereof.

Claims (7)

A communication device for data communication between a plurality of boards in a gaming machine,
A first substrate;
A second substrate connected to the first substrate via a communication path;
With
The first substrate is
A dummy data generator that continuously generates dummy data;
A check data generation rule is applied to the dummy data to generate check data, a dummy data string including the dummy data and the check data is generated, and a dummy data string including at least the dummy data is further generated. A stream data generator that generates a data stream from the control command data in which the processing content to be executed by the second substrate is defined and the dummy data string;
A transmission module for transmitting the data stream to the second substrate;
With
The second substrate is
A receiving module for receiving the data stream;
Obtaining the dummy data string and the control command data from the received data stream, and confirming whether the check data in the dummy data string is generated based on the check data generation rules, then A stream data analyzer that checks whether the data stream is normal;
With
The stream data analyzer establishes reliability of the communication path when the check data is generated based on the check data generation rule, and the stream data analyzer further determines that the received data stream is A communication device in a gaming machine, wherein whether or not the data stream is normal is confirmed, and if the data stream is not normal, the reliability of the communication path is denied.   Whether or not the data stream is normal is confirmed by confirming whether or not the data stream is continuous in the stream data analyzer after the reliability of the communication path is established. The communication apparatus according to claim 1.   When the check data is included in the dummy data string, whether or not the data stream is normal is confirmed by the stream data analyzer after the reliability of the communication path is established. The communication apparatus according to claim 1, wherein the check data is confirmed by checking whether the check data is generated based on the check data generation rule. The second substrate further includes a communication path data register,
The stream data generator is configured to generate the data stream by including key data generated based on a unique value for each board in the dummy data string,
The stream data analyzer is configured to acquire the key data from the dummy data string when establishing reliability of the communication path, and store the key data in the communication path data register,
Whether or not the data stream is normal is confirmed after the reliability of the communication path is established, the stream data analyzer acquires the key data from the dummy data string, and the acquired key data and The communication apparatus according to claim 1, wherein the communication apparatus is performed by comparing with key data stored in the communication path data register.   The stream data analyzer, after acquiring the control command data, confirms whether or not the data stream is normal in a data stream transmitted after the acquired control command data. The communication apparatus according to claim 1.   The first board includes an encryption circuit, and the second board includes a decryption circuit capable of decrypting data encrypted by the encryption circuit. The communication apparatus of Claims 5-5.   The communication device according to claim 3, wherein the key data and / or the check data is included only in a predetermined dummy data string.

Images