CN112446055A - Method for preventing embedded electronic circuit equipment from being copied - Google Patents
Method for preventing embedded electronic circuit equipment from being copied Download PDFInfo
- Publication number
- CN112446055A CN112446055A CN201910736845.XA CN201910736845A CN112446055A CN 112446055 A CN112446055 A CN 112446055A CN 201910736845 A CN201910736845 A CN 201910736845A CN 112446055 A CN112446055 A CN 112446055A
- Authority
- CN
- China
- Prior art keywords
- equipment
- software
- program
- computer
- mcu chip
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 35
- 238000013475 authorization Methods 0.000 claims abstract description 31
- 238000004891 communication Methods 0.000 claims abstract description 20
- 238000005516 engineering process Methods 0.000 claims abstract description 8
- 230000006870 function Effects 0.000 claims description 9
- 238000004519 manufacturing process Methods 0.000 abstract description 8
- 238000013461 design Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000001788 irregular Effects 0.000 description 1
- 238000012827 research and development Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/76—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Mathematical Physics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method for preventing an embedded electronic circuit device from being copied. The method is to encrypt the target programs of all programmable devices in the circuit, remove the JTAG interface when designing the embedded MCU chip circuit, and use the application programming technology to download the target programs to the programmable devices. The communication data between the equipment and the computer is encrypted and transmitted, communication service software is designed on the computer and is responsible for specifically communicating with the hardware equipment, and the equipment application software exchanges data with the communication service software through a shared memory technology. And (3) generating different authorization files by using software according to the ID of each device, writing the authorization files into the embedded MCU chip of the corresponding device during production, wherein the authorization files cannot be authorized again once being written into the device, and only the device program written with the correct authorization file can normally run.
Description
Technical Field
The invention relates to a method for preventing a circuit from being cloned and copied, in particular to a method for preventing an embedded electronic circuit device from being copied.
Background
With the development of the copy board technology and the IC decryption technology, embedded device circuits face more and more risks of being copied, how to protect the embedded devices from being illegally copied is receiving attention of various enterprises, and a plurality of methods for protecting intellectual property of circuits also appear. A more common method is to install encryption software on a computer of an enterprise research and development technician, and encrypt a schematic diagram, a PCB file, a mechanical drawing, a source program file, and the like of a circuit device development process, so that the technical file cannot be opened when being copied to other computers without authorized encryption. Can polish off chip LOGO at hardware circuit design itself, adopt the component that does not have the device sign and under the prerequisite that does not influence the function, place the interference element, PCB adopts buried hole and blind hole technique, makes the via hole hide in the board, adopts some more rarely used, the singlechip of partial cold door to increase the degree of difficulty that counterfeiter purchased. According to the method, the design source file of the circuit equipment can be well protected from being leaked by installing the encryption software on a computer of a technician, but the production file of the circuit equipment is likely to be leaked during production, and particularly, the method is suitable for small and medium-sized enterprises with frequent production and debugging personnel flow and irregular confidential management. The method for preventing the circuit copying adopted in the hardware circuit design can increase the difficulty of the circuit design and the hardware cost, and the method only increases the difficulty of the circuit copying and the cost of the circuit copying and cannot solve the problem that circuit equipment is copied due to leakage of production files.
Disclosure of Invention
The invention provides a method for preventing an embedded electronic circuit device from being copied, and aims to solve the technical defects.
The specific technical scheme for solving the problems is as follows:
the invention is realized by combining software and hardware, as shown in fig. 1, the hardware comprises an embedded MCU chip, the MCU chip can be a single chip microcomputer, an ARM or a DSP chip which can read and write the FLASH memory in the chip, the target program of the MCU chip is encrypted by using XTEA algorithm and 128-bit key, and the target program can be the target program of the single chip microcomputer, the ARM, the DSP or the FPGA. In order to prevent the target program from being read out, the JTAG interface of the embedded MCU chip is removed from hardware, and the JTAG interface is set to GPIO when the program is powered on to ensure that the JTAG debugging function of the JTAG debugging chip is invalid. Developing a BootLoader program with an IAP function, solidifying the BootLoader program to a starting address space of the embedded MCU chip, developing an IAP program downloading software at a computer end, decrypting the encrypted target program by using the IAP software through the BootLoader program and downloading the decrypted target program to the embedded MCU chip.
The communication between the equipment and the computer comprises IAP target program downloading and data transmission in normal work, and the communication data is encrypted by adopting an XTEA algorithm and a 128-bit secret key, so that the program and the data cannot be correctly intercepted in the transmission process. Communication service software is designed on the computer, the communication service software is responsible for communication with hardware equipment, and equipment application software exchanges data with the communication service software through a shared memory technology.
And designing an authorized use function in the MCU chip program, and detecting whether the equipment is authorized to use or not in real time. During production, different authorization files are generated by using software according to the ID of each device, the authorization files are written into the embedded MCU chip of the corresponding device, once the authorization files are written into the device, the authorization files cannot be authorized again, only the device program written with the correct authorization files can normally run, and otherwise, the device which runs abnormally cannot use the program. The software for generating the authorization file by the equipment ID is used by binding computer hardware, can be used only on a specific computer and cannot be used by copying the software to other computers.
Compared with the prior art, the invention adopting the technical scheme has the following technical effects: the object program and communication data are encrypted, and the authorized use method is adopted, so that once the equipment production file is leaked or the hardware circuit is copied, the equipment program cannot normally run even if the hardware circuit is produced under the condition that an encryption key, IAP software, authorization generation software and an authorization file are not available.
Drawings
FIG. 1 is a schematic diagram of the hardware components of the present invention;
FIG. 2 is a hardware composition diagram of an embodiment of the invention;
FIG. 3 is a flow diagram of object program download of an embodiment of the present invention;
FIG. 4 is a flowchart of authorization file production of the present invention;
FIG. 5 is a flow chart of application execution according to an embodiment of the present invention.
Detailed Description
The technical solution of the present invention will be further described with reference to the following specific embodiments and the accompanying drawings, but the present invention is not limited to this embodiment.
Fig. 2 shows a hardware composition structure of the embodiment, which mainly includes an MCU circuit, a FLASH memory, an FPGA circuit, and an ADC acquisition circuit, where the MCU chip uses an ARM chip STM32F103CBT6, the FPGA chip uses EP4CE22F17C7N, and the FLASH memory is used to store a target program of the FPGA, and no additional hardware is required to be added in the method for preventing the electronic circuit from being copied, where the ARM chip and the FPGA chip are programmable devices and both have target programs. The JTAG interface of an ARM chip and an FPGA chip is removed during hardware design, the serial port supporting the ISP function is reserved in an ARM chip circuit for downloading a BootLoader program, the JTAG interface is set to GPIO after the ARM program runs, the JTAG debugging function of the JTAG debugging function is disabled, and the FPGA chip circuit is designed to be configured in an AS mode by using the ARM chip.
Fig. 3, fig. 4 and fig. 5 are implementation flows of the embodiment of the present invention.
In step S301, the target program is encrypted.
Firstly, the target programs of the ARM and the FPGA are encrypted on a computer by using an XTEA algorithm and a 128-bit secret key.
In step S302, IAP downloading software is used on the computer to send the encrypted ARM and FPGA target program to the ARM, the IAP downloading software sends data to the outside through the communication interface of the computer, the data is encrypted by the XTEA algorithm and the 128-bit key, but the encryption key of the communication data is different from the encryption key of the target program.
In step S303, the BootLoader in the ARM receives the encrypted communication data and decrypts the encrypted communication data.
And step S304 is carried out after the communication data is decrypted, whether the target program downloaded by IAP is ARM program or FPGA program is judged, if the target program is ARM program, the target program of ARM is decrypted, then the ARM target program is written into FLASH program, and if the target program is FPGA program, the encrypted target program is directly stored in the externally-expanded FLASH chip.
When the target programs are all successfully downloaded, step S305 is executed, and the ARM application is executed.
As shown in fig. 4, the operation flow of the authorization generation software is that when the authorization generation software is opened on the computer, step S401 is executed first, and the authorization generation software first reads the hardware information of the computer, determines whether the software is working on the preset computer, and if the verification is successful, the software can be used. The hardware information may include a network card MAC address, a hard disk serial number, and a BIOS version. The authorization file can be effectively prevented from being illegally generated by binding the computer hardware.
Step S402, generating an authorization file, reading the 96-bit ID value of the ARM by the authorization generation software, and generating a unique authorization file according to the ID value.
And S403, sending an authorization file, sending the authorization file to an ARM corresponding to the ID value by authorization generation software, and encrypting communication data in the sending process by adopting an XTEA algorithm and a 128-bit key.
The operation flow of the ARM application program for the copy protection method of the present invention is shown in fig. 5.
Step S501, after the ARM application program is started, whether a correct authorization file is written is judged.
And when the authorization file is correctly written, executing the step S502, configuring the FPGA chip and executing the ARM functional program.
And step S503, when the FPGA program and the ARM program are operated, the system works normally.
It should be understood that the steps described above are not in the exact order of execution and that all changes that can be envisioned and do not affect the implementation of the functions are intended to be within the scope of the invention.
Claims (8)
1. A method for preventing the duplication of an embedded electronic circuit device is characterized in that:
the hardware comprises an embedded MCU chip which encrypts all object programs of the programmable devices in the circuit and downloads the object programs to the programmable devices by using an application programming (IAP) technology; the method comprises the following steps that communication data between equipment and a computer are encrypted and transmitted, communication service software is designed on the computer and is responsible for specifically communicating with hardware equipment, and equipment application software exchanges data with the communication service software through a shared memory technology; when equipment is produced, different authorization files are generated by using software according to the ID of each piece of equipment, the authorization files are written into the embedded MCU chip of the corresponding equipment, once the authorization files are written into the equipment, the authorization files cannot be authorized again, and only the equipment program written with the correct authorization files can normally run.
2. The method of claim 1, wherein the method further comprises:
the embedded MCU chip is a singlechip, an ARM or a DSP chip which can read and write the internal FLASH memory.
3. The method of claim 1, wherein the method further comprises:
the target program encryption processing for all programmable devices in the circuit is the target program encryption processing for the programmable devices by using 128 keys.
4. The method of claim 1, wherein the method further comprises:
the downloading of the target program to the programmable device by using an application programming (IAP) technology in the embedded MCU chip means that a BootLoader program with an IAP function is developed and solidified to a starting address space of the embedded MCU chip, the computer end uses IAP software to download the encrypted target program to the embedded MCU chip through the BootLoader program, and the encrypted target program is decrypted in the BootLoader program.
5. The method of claim 1, wherein the method further comprises:
the target program can be a target program of a singlechip, an ARM, a DSP or an FPGA.
6. The method of claim 1, wherein the method further comprises:
the communication data between the equipment and the computer are encrypted and transmitted by adopting a 128-bit secret key.
7. The method of claim 1, wherein the method further comprises:
the encryption is implemented using the XTEA algorithm.
8. The method of claim 1, wherein the method further comprises:
the software for generating the authorization file according to the equipment ID is used by binding computer hardware and can be used only on a specific computer.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910736845.XA CN112446055A (en) | 2019-08-10 | 2019-08-10 | Method for preventing embedded electronic circuit equipment from being copied |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910736845.XA CN112446055A (en) | 2019-08-10 | 2019-08-10 | Method for preventing embedded electronic circuit equipment from being copied |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112446055A true CN112446055A (en) | 2021-03-05 |
Family
ID=74740623
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910736845.XA Pending CN112446055A (en) | 2019-08-10 | 2019-08-10 | Method for preventing embedded electronic circuit equipment from being copied |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112446055A (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102685740A (en) * | 2012-03-29 | 2012-09-19 | 公安部第三研究所 | Short-distance wireless communication node and wireless communication method |
| CN103488916A (en) * | 2013-08-12 | 2014-01-01 | 中国航天科工集团第三研究院第八三五七研究所 | On-missile software encipherment protection method |
| CN103823698A (en) * | 2014-02-27 | 2014-05-28 | 四川九洲电器集团有限责任公司 | Method and device for programming and starting FPGA target program and DSP target program |
| CN105069350A (en) * | 2015-08-24 | 2015-11-18 | 上海繁易电子科技有限公司 | Encryption method and apparatus for embedded operating system |
| CN105303071A (en) * | 2015-09-18 | 2016-02-03 | 许继集团有限公司 | Embedded equipment program authorization protection method |
| CN107590368A (en) * | 2017-08-25 | 2018-01-16 | 济南中维世纪科技有限公司 | The method of embedded device program anti-copy |
| CN108848064A (en) * | 2018-05-24 | 2018-11-20 | 武汉久乐科技有限公司 | authorization management method and system |
-
2019
- 2019-08-10 CN CN201910736845.XA patent/CN112446055A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102685740A (en) * | 2012-03-29 | 2012-09-19 | 公安部第三研究所 | Short-distance wireless communication node and wireless communication method |
| CN103488916A (en) * | 2013-08-12 | 2014-01-01 | 中国航天科工集团第三研究院第八三五七研究所 | On-missile software encipherment protection method |
| CN103823698A (en) * | 2014-02-27 | 2014-05-28 | 四川九洲电器集团有限责任公司 | Method and device for programming and starting FPGA target program and DSP target program |
| CN105069350A (en) * | 2015-08-24 | 2015-11-18 | 上海繁易电子科技有限公司 | Encryption method and apparatus for embedded operating system |
| CN105303071A (en) * | 2015-09-18 | 2016-02-03 | 许继集团有限公司 | Embedded equipment program authorization protection method |
| CN107590368A (en) * | 2017-08-25 | 2018-01-16 | 济南中维世纪科技有限公司 | The method of embedded device program anti-copy |
| CN108848064A (en) * | 2018-05-24 | 2018-11-20 | 武汉久乐科技有限公司 | authorization management method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7475254B2 (en) | Method for authenticating software using protected master key | |
| CN100449558C (en) | Sleep protection | |
| US8296585B2 (en) | Method of encrypting/decrypting the document and a safety management storage device and system method of its safety management | |
| CN1327357C (en) | System and method for verification | |
| EA012921B1 (en) | Method and device for protecting software from unauthorized use | |
| JP2008072717A (en) | Hard disc streaming cryptographic operations with embedded authentication | |
| CN113039545A (en) | Secure boot assistance for devices and related systems, methods, and devices | |
| EP1668472A2 (en) | Secure protection method for access to protected resources in a processor | |
| WO2005006109A2 (en) | System and method for authenticating software using hidden intermediate keys | |
| EP1320803A2 (en) | Embedded security device within a nonvolatile memory device | |
| CN114785503B (en) | Cipher card, root key protection method thereof and computer readable storage medium | |
| CN105184196A (en) | Electronic system information security protection system and method | |
| JP2008033512A (en) | Security chip and platform | |
| JP2008005408A (en) | Recorded data processing apparatus | |
| CN101447009A (en) | Method, device and system for installing software | |
| KR20140055909A (en) | Security information sharing system and execution method thereof | |
| US8479014B1 (en) | Symmetric key based secure microprocessor and its applications | |
| KR101638257B1 (en) | Method for protecting source code of application and apparatus for performing the method | |
| CN109902453A (en) | A kind of software enciphering method | |
| JP2004282391A (en) | Information processor having authentication function and method for applying authentication function | |
| CN114816549B (en) | Method and system for protecting bootloader and environment variable thereof | |
| KR101604892B1 (en) | Method and devices for fraud prevention of android-based applications | |
| JP2006146358A (en) | Usb peripheral equipment control system and usb peripheral equipment control method | |
| CN112446055A (en) | Method for preventing embedded electronic circuit equipment from being copied | |
| WO2019057612A1 (en) | Distributed deployment of unique firmware |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |