CN112788382A - Set top box with safety debugging function - Google Patents
Set top box with safety debugging function Download PDFInfo
- Publication number
- CN112788382A CN112788382A CN202011633686.XA CN202011633686A CN112788382A CN 112788382 A CN112788382 A CN 112788382A CN 202011633686 A CN202011633686 A CN 202011633686A CN 112788382 A CN112788382 A CN 112788382A
- Authority
- CN
- China
- Prior art keywords
- top box
- debugging
- password
- interface
- function
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004422 calculation algorithm Methods 0.000 claims description 3
- 238000012217 deletion Methods 0.000 claims description 2
- 230000037430 deletion Effects 0.000 claims description 2
- 238000012544 monitoring process Methods 0.000 claims 1
- 238000000034 method Methods 0.000 abstract description 4
- 238000013475 authorization Methods 0.000 abstract description 3
- 238000011161 development Methods 0.000 description 4
- 230000002159 abnormal effect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000009434 installation Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000007792 addition Methods 0.000 description 1
- 238000004883 computer application Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 238000013515 script Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/41—Structure of client; Structure of client peripherals
- H04N21/4104—Peripherals receiving signals from specially adapted client devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/451—Execution arrangements for user interfaces
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/41—Structure of client; Structure of client peripherals
- H04N21/426—Internal components of the client ; Characteristics thereof
- H04N21/42692—Internal components of the client ; Characteristics thereof for reading from or writing on a volatile storage medium, e.g. Random Access Memory [RAM]
Abstract
The invention discloses a set-top box with a safe debugging function, which comprises a main chip and a debugging interface, wherein the main chip at least comprises: a storage area for storing the serial number of the set-top box; a random access memory for storing a password; defaulting to a debugging console in a closed state; software with password checking function and controlling the debugging console to open; program partitions containing UI interface display files and system startup files; wherein, the storage area is permanently in a read-only state after being written once. The method encrypts the debugging function of the set-top box, generates the unique password, avoids security holes caused by password leakage, improves the security of system software, effectively prevents the system software from being leaked, prevents illegal users from accessing the system to obtain information, only provides related debugging functions for related partners in authorization, limits the corresponding set-top box, and cannot open other box debugging functions by the same password.
Description
Technical Field
The invention relates to the field of set top boxes, in particular to a set top box with a safety debugging function.
Background
At present, the development and application of a set top box or the development and debugging of system functions in the market are realized by connecting a computer and the set top box, compiling a program after the computer is coded, and importing the application program into a set top box software system for installation and debugging and development. The access mode is generally universal, and the adb or serial port terminal is connected with the set top box, accessed to the console, debugged, installed and applied. At present, the debugging function of the set-top box generally defaults to an open state or an unencrypted state, the set-top box is not subjected to security access control, and key technical values of programs, scripts, configuration files and the like in the set-top box can be directly obtained and used illegally. And the illegal invader can obtain the related programs and applications in the set-top box by a simple method. The software value safety is not effectively guaranteed, so that the safety of the set-top box needs to be improved, and illegal utilization is blocked.
Disclosure of Invention
Aiming at the defects in the prior art, the invention provides the set top box with the safety debugging function, which is used for encrypting the debugging function of the set top box, encrypting according to the key read-only data to generate a corresponding password and carrying out authentication and authorization through the password. And the profit of illegal users trying to access the system software is avoided.
The invention adopts the following technical scheme:
a set-top box with a safety debugging function comprises a main chip and a debugging interface, wherein the main chip at least comprises:
a storage area for storing the serial number of the set-top box;
a random access memory for storing a password;
defaulting to a debugging console in a closed state;
software with password checking function and controlling the debugging console to open;
program partitions containing UI interface display files and system startup files;
wherein, the storage area is permanently in a read-only state after being written once.
The invention encrypts the debugging function of the set-top box, the default debugging console of the system is in a closed state, and the debugging console can be opened only after a correct password is input; each set top box generates a unique serial number of the password, the generated password has uniqueness due to the characteristic that the chip storage area is permanently read only after being written once, security holes caused by password leakage are avoided, system software security is improved, system software is effectively prevented from being leaked, an illegal user is prevented from accessing a system to obtain information, related debugging functions are only used by related partners in authorization, corresponding set top boxes are limited, and other box debugging functions cannot be started by the same password.
Drawings
Fig. 1 is a debugging execution flow diagram of a preferred embodiment of a set-top box with a secure debugging function according to the present invention.
Fig. 2 is a schematic diagram of a connection between a set-top box with a security debugging function and a debugging device according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
A set-top box with secure debug functionality, comprising a main chip and a debug interface, the main Chip (CPU) comprising at least:
a storage area for storing the serial number of the set-top box;
a Random Access Memory (RAM) for storing a password;
defaulting to a debugging console in a closed state;
software with password checking function and controlling the debugging console to open;
program partition containing UI interface display File (FLASH) and system start-up file;
wherein, the storage area is permanently in a read-only state after being written once.
In the embodiment, a storage area in a main chip of the set-top box is written with a string number, after the set-top box is powered on, a system in a program loading partition of the main chip starts a set-top box system, system software reads the string number and a software version number in the storage area, encrypts the string number, converts the encrypted data into decimal data which is stored in a Random Access Memory (RAM) as a password, and the system software monitors a digital key value of a remote controller, compares the received digital key value of the remote controller with the encrypted decimal data password, and opens a debugging console if the results are the same. The functional program of the debugging console is a linux program, so that the situation that the android system cannot be started due to abnormal crash in the process of debugging the android set top box is prevented.
In some embodiments of the invention, the UI interface displays at least a software version number and a set-top box serial number, when the set-top box is powered on for the first time and started, a password setting interface is displayed to prompt a user to input the set-top box serial number and the software version number, then a password is automatically generated according to the set-top box serial number and the software version number and stored in a Random Access Memory (RAM), and then when the set-top box needs to enter a debugging console each time, the UI interface displays a password input interface to prompt the user to input the password; in some cases, the set-top box can automatically read the serial number and the software version number of the set-top box and automatically generate the password when the set-top box is turned on for the first time, and in this case, a password setting interface does not appear on the UI interface. The encryption algorithm may adopt an OTP algorithm, and a dynamic password is generated at each entry, and the dynamic password is only obtained by an administrator, which can refer to the prior art.
In some embodiments of the present invention, the set top box with a security debugging function specifically includes the following steps:
in the production stage, starting a factory automation coding program, calling a main chip OTP interface by the automation coding program, and writing a unique serial number of a single set top box into an OTP area of a chip;
after the set top box is powered on and started up again, the main chip reads the string number in the OTP, the string number and the software version number are used as plaintext character strings, the character strings are encrypted to generate ciphertext, the ciphertext is converted into decimal data of 0-9, key bits are taken as passwords, and the passwords are cached in a Random Access Memory (RAM); the set-top box serial number is obtained through the OTP reading interface when the set-top box is started in the set-top box software, and is displayed under a certain debugging interface of the software, so that a debugger can provide serial number information. The version number of each version of the set-top box software version is different;
when debugging is needed, the UI interface displays an input password, the main chip monitors key values input by the remote controller, records characters continuously input by the remote controller, compares the input characters with passwords stored in a Random Access Memory (RAM), judges that input data is correct when the two data are equal, automatically opens a debugging console by the main chip and makes a display prompt in the UI;
after the debugging console is opened, a debugging program is started, the main chip monitors the connection of debugging equipment, and after the debugging equipment is connected, the debugging program executes instruction operation by sending a corresponding instruction or program, and performs addition, deletion, modification, check and installation operation on the program in the set top box FLASH. The debugging equipment is generally a computer, and can also be a mobile phone or other mobile terminals, and the connection mode can adopt a network interface such as a local area network or a network online connection mode like WiFi, and can also adopt a serial port terminal connection. The debugging function program is a linux program, so that the situation that the android system cannot be started due to abnormal crash in the process of debugging the android set top box is prevented.
The invention provides a preferred implementation scheme of a set-top box with a security debugging function, and the specific operation of the implementation example during security debugging is as follows, as shown in fig. 1:
(1) the set-top box is started, the serial number and the system software version number are checked in a debugging page, the serial number and the software version number are informed to a set-top box manager, and the manager inputs a private number and a software version in computer application and encrypts the private number and the software version to generate a password;
(2) and (3) starting the set top box, inputting a password provided by an administrator by the remote controller, automatically popping up when the password is correct to prompt that the debugging function is opened, entering the step 3, and automatically quitting when the password is incorrect.
(3) The set-top box is connected with the computer through the network port and the router to the same local area network, as shown in fig. 2, the terminal debugging tool is opened at the computer end, the connection with the set-top box is successful, and then the debugging development of the application or program is carried out.
Finally, the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made to the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention, and all of them should be covered in the claims of the present invention.
Claims (10)
1. A set-top box with a security debugging function is characterized by comprising a main chip and a debugging interface, wherein the main chip at least comprises:
a storage area for storing the serial number of the set-top box;
a random access memory for storing a password;
defaulting to a debugging console in a closed state;
software with password checking function and controlling the debugging console to open;
program partitions containing UI interface display files and system startup files;
wherein, the storage area is permanently in a read-only state after being written once.
2. The set-top box with security debugging function of claim 1, wherein said UI interface displays at least a software version number and a set-top box serial number.
3. The set top box with security debugging function of claim 1, wherein the set top box is manufactured by a factory automation coding program calling a main chip to write a set top box serial number into the storage area, and the set top box serial number is unique.
4. The set top box with security debugging function of claim 1, characterized in that the main chip encrypts and decrypts according to the following way:
encryption: reading the string number and the software version number of the storage area, adding the string number and the software version number as plaintext character strings, encrypting the plaintext character strings to generate ciphertext, converting the ciphertext into decimal data to obtain a password for opening a debugging function of the set top box, and caching the password in a random access memory;
and (3) decryption: and monitoring and recording characters input by the control end, comparing the characters with a password formed in an encryption stage, judging that input data is correct when the two data are equal, automatically controlling a debugging switch to open a debugging console, and prompting in a UI (user interface).
5. The set top box with security debugging function of claim 4 characterized in that the control end comprises a remote controller.
6. The set-top box with security debugging function of claim 1, wherein the set-top box is connected to the computer through a debugging interface, and the debugging function program is a linux program.
7. The set-top box with security debugging function of claim 1, characterized in that the debugging interface comprises a network interface or a serial port terminal.
8. The set-top box with the security debugging function according to claim 4, wherein the encryption is performed after the set-top box is first powered on, the set-top box is connected with the computer through the debugging interface after being powered on, the UI displays a password setting interface on the computer, checks the serial number and the software version number, inputs the serial number and the software version number into the computer, and generates the password through automatic encryption by the main chip.
9. A set-top box with secure debugging functions as in claim 1, said debugging console comprising set-top box program installation, deletion operations.
10. A set-top box with secure debug capabilities as claimed in claim 4, said encryption employing the OTP algorithm.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011633686.XA CN112788382A (en) | 2020-12-31 | 2020-12-31 | Set top box with safety debugging function |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011633686.XA CN112788382A (en) | 2020-12-31 | 2020-12-31 | Set top box with safety debugging function |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112788382A true CN112788382A (en) | 2021-05-11 |
Family
ID=75754859
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011633686.XA Pending CN112788382A (en) | 2020-12-31 | 2020-12-31 | Set top box with safety debugging function |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112788382A (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7117352B1 (en) * | 2002-02-13 | 2006-10-03 | Lsi Logic Corporation | Debug port disable mechanism |
| CN101808252A (en) * | 2009-12-18 | 2010-08-18 | 康佳集团股份有限公司 | Method for acquiring failure messages of set top box and acquisition module thereof |
| CN102231115A (en) * | 2011-06-07 | 2011-11-02 | 深圳市九洲电器有限公司 | Method and system for safely starting set top box |
| CN104394466A (en) * | 2014-12-09 | 2015-03-04 | 四达时代通讯网络技术有限公司 | Production method of high-safety set-top box |
| CN105578284A (en) * | 2015-12-24 | 2016-05-11 | 四川迪佳通电子有限公司 | Method and system for managing interfaces of set top box |
| CN105812877A (en) * | 2016-03-23 | 2016-07-27 | 福建新大陆通信科技股份有限公司 | Set-top box starting method and system based on Chip ID |
| CN106303755A (en) * | 2016-09-27 | 2017-01-04 | 天脉聚源(北京)传媒科技有限公司 | A kind of interface ciphering method, device and Set Top Box login system |
| WO2018103275A1 (en) * | 2016-12-09 | 2018-06-14 | 上海新微技术研发中心有限公司 | Soc chip having debugging interface security mechanism, and method |
-
2020
- 2020-12-31 CN CN202011633686.XA patent/CN112788382A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7117352B1 (en) * | 2002-02-13 | 2006-10-03 | Lsi Logic Corporation | Debug port disable mechanism |
| CN101808252A (en) * | 2009-12-18 | 2010-08-18 | 康佳集团股份有限公司 | Method for acquiring failure messages of set top box and acquisition module thereof |
| CN102231115A (en) * | 2011-06-07 | 2011-11-02 | 深圳市九洲电器有限公司 | Method and system for safely starting set top box |
| CN104394466A (en) * | 2014-12-09 | 2015-03-04 | 四达时代通讯网络技术有限公司 | Production method of high-safety set-top box |
| CN105578284A (en) * | 2015-12-24 | 2016-05-11 | 四川迪佳通电子有限公司 | Method and system for managing interfaces of set top box |
| CN105812877A (en) * | 2016-03-23 | 2016-07-27 | 福建新大陆通信科技股份有限公司 | Set-top box starting method and system based on Chip ID |
| CN106303755A (en) * | 2016-09-27 | 2017-01-04 | 天脉聚源(北京)传媒科技有限公司 | A kind of interface ciphering method, device and Set Top Box login system |
| WO2018103275A1 (en) * | 2016-12-09 | 2018-06-14 | 上海新微技术研发中心有限公司 | Soc chip having debugging interface security mechanism, and method |
Non-Patent Citations (2)
| Title |
|---|
| 周伟: "机顶盒信息安全测试的重要性", 《有线电视技术》 * |
| 胡冰松等: "一种安全的智能机顶盒实现方案", 《电信科学》 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7313705B2 (en) | Implementation of a secure computing environment by using a secure bootloader, shadow memory, and protected memory | |
| US7562160B2 (en) | Storage device and method of setting configuration information of same | |
| KR20100016657A (en) | Method and apparatus for protecting simlock information in an electronic device | |
| TW201447759A (en) | System and method for managing and diagnosing a computing device equipped with unified extensible firmware interface (UEFI)-compliant firmware | |
| KR20090007123A (en) | Secure boot method and semiconductor memory system for using the method | |
| JPH05334253A (en) | Method for utilizing information processing workstation with password and information processing workstation utilizing the method | |
| US9262631B2 (en) | Embedded device and control method thereof | |
| Götzfried et al. | Analysing Android's Full Disk Encryption Feature. | |
| CN113722720B (en) | System starting method and related device | |
| CN107273150B (en) | Preloading firmware downloading and writing method and device | |
| JP4791250B2 (en) | Microcomputer and its software falsification prevention method | |
| WO2021051591A1 (en) | Secure keyboard realizing method and apparatus, and computer device and storage medium | |
| WO2022126644A1 (en) | Model protection device, method, and computing device | |
| EP2429226B1 (en) | Mobile terminal and method for protecting its system data | |
| CN112468294A (en) | Access method and authentication equipment for vehicle-mounted TBOX | |
| EP3787219A1 (en) | Key processing method and device | |
| CN112613011B (en) | USB flash disk system authentication method and device, electronic equipment and storage medium | |
| CN106951771B (en) | Mobile terminal using method of android operating system | |
| CN113127844A (en) | Variable access method, device, system, equipment and medium | |
| CN112788382A (en) | Set top box with safety debugging function | |
| CN112231649A (en) | Firmware encryption processing method, device, equipment and medium | |
| CN115688120A (en) | Secure chip firmware importing method, secure chip and computer readable storage medium | |
| CN111814137B (en) | Operation and maintenance method, operation and maintenance system and storage medium of terminal | |
| CN113162936A (en) | Method and system for preventing abnormal dynamic analysis | |
| CN113569205A (en) | SDK software interface service authorization method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210511 |