CN214540763U - On-line protection device of embedded software - Google Patents
On-line protection device of embedded software Download PDFInfo
- Publication number
- CN214540763U CN214540763U CN202023082116.4U CN202023082116U CN214540763U CN 214540763 U CN214540763 U CN 214540763U CN 202023082116 U CN202023082116 U CN 202023082116U CN 214540763 U CN214540763 U CN 214540763U
- Authority
- CN
- China
- Prior art keywords
- authorization
- core processor
- arm multi
- online
- programmable logic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The utility model provides an online protection device of embedded software, including a network driver, an ARM many core processor and a programmable logic, the utility model provides a current public key system do not consider embedded system resource value, do not utilize the coexistent advantage of heterogeneous polymorphic type treater and can't effectively protect the transmission scheduling problem of authorization information, have the characteristics of high integration, miniaturization, high flexibility and easy design, satisfy the demand of the online protection of high embedded software.
Description
Technical Field
The utility model relates to a technical field that embedded system's high performance calculated specifically is an online protection device of embedded software.
Background
The ARM multi-core processor and the programmable logic are widely applied to control systems and radar communication signal processors on spacecrafts such as satellites and rockets. With the fine division of technology, embedded software and technology need to be transferred and reused among different research institutions and enterprises, and in the process, intellectual property rights need to be protected through technical means. Where protection of the embedded software is particularly important.
The protection of embedded software is usually realized by verifying an authorization code or an authorization file, and the authorization code and the authorization file are usually given in a ciphertext manner. Authorization codes and authorization document verification are typically implemented in software. The prior art has a relatively complete design in the aspect of general software protection, and the latest patent application also has the consideration in the aspect of embedded software protection, but has the following defects:
1) the prior art mainly aims at the scene design of general personal computers, servers, mobile internet and cloud computing, is mostly based on a public key system, and has complex and huge computing system;
2) the precious degree of embedded system resources is not considered, and a universal software protection mechanism cannot be directly transplanted;
3) heterogeneous multi-type processors of an embedded system are not utilized to coexist, so that the potential safety characteristic can be provided;
4) the authorization information transmission cannot be protected.
In view of the above disadvantages of the existing solutions, in combination with the latest technical development, it is necessary to invent a device for realizing online protection of embedded software by making full use of the characteristics that an embedded system is composed of heterogeneous multi-type processors.
SUMMERY OF THE UTILITY MODEL
The utility model aims to solve the technical problem that an online protection device of embedded software is provided to resources are saved and the problem of embedded software protection is solved. Therefore, the utility model adopts the following technical scheme:
an online protection device of embedded software comprises a network driver, an embedded ARM multi-core processor and programmable logic:
the network driver is a network interface supporting connection with a remote authorization center and is used for SN number transmission and authorization file transmission; the network type can adopt Ethernet, optical fiber network, serial port and other networks which support information and file transmission; the SN number is a unique serial number of the online protection device;
the ARM multi-core processor is provided with an authorization file transmission interface, an SN number reading interface, a software authority control module, an authorization code checking calculation resource and a calculation capacity; wherein the authorization file transfer interface is capable of extracting an authorization code from the authorization file;
the programmable logic is provided with an authorization code check sum identification circuit;
the network driver is connected with the ARM multi-core processor, and the SN number and the authorization file transmission interface of the ARM multi-core processor are communicated with the online authorization center through the network driver;
the programmable logic is connected with the ARM multi-core processor, and when the programmable logic is adopted for authorization code verification and identification, the result of the authorization code verification and identification is reported to the ARM multi-core processor; and the ARM multi-core processor completes authority control accordingly.
The utility model adopts the network to transmit the authorization file information, and does not need to store the authorization file information in the equipment, thereby simplifying the circuit design, improving the design flexibility and shortening the design period; the authorization code check and identification can be completed in an ARM multi-core processor or a programmable logic, and different levels of safety are supported.
The embedded ARM multi-core processor and the programmable logic which form the online protection device of the embedded software can be mutually independent devices and can also be integrated into a system on chip (SoC).
The utility model discloses an online protection device of embedded software adopts the online mode to transmit only SN number and authorization file ciphertext, convenient and fast and support nimble authorization file to revise and update; the network interface mounted on the ARM multi-core processor is adopted, so that the design is simplified, an authorization file does not need to be locally stored in the production process and the use process of the equipment, and high flexibility is supported; the scheme supports to adopt the software mode to accomplish the authorization information to check promptly, supports again to adopt programmable logic to realize the authorization information to check to support the security of different ranks, adopt the utility model discloses, can realize high integrated level, miniaturization, possess embedded SoC software protection of very high flexibility, higher security.
Drawings
Fig. 1 is an application scenario of the online protection device of embedded software according to the present invention.
Fig. 2 is a block diagram of the online protection device for embedded software according to the present invention.
Fig. 3 is another block diagram of the online protection device for embedded software according to the present invention.
Detailed Description
Reference will now be made in detail to the embodiments of the present invention, examples of which are illustrated in fig. 1, wherein like or similar reference numerals refer to like or similar elements or elements having like or similar functions throughout. The embodiments described below with reference to the drawings are exemplary and intended to be used for explaining the present invention, and should not be construed as limiting the present invention.
In order to fully understand the technical content of the present invention, specific embodiments are given below, and the technical solution of the present invention is described and explained in more detail with reference to the accompanying drawings.
Fig. 1 is an application scenario for adopting the present invention. An online authorization center 11 and the online protection device 12 of the embedded software provided by the utility model form an embedded software protection system; the online protection device 12 of the embedded software provides an equipment unique serial number (SN number) to the online authorization center 11 online, where the SN number may be a factory serial number or a string of serial numbers of any unique identifier stored in the embedded protection device 12; the online authorization center 11 receives the unique serial number (SN number) of the online protection device 12 of the embedded software online, generates an authorization code according to the SN number and the software function authorization list, and sends the authorization code to the online protection device 12 of the embedded software online. The SN number may be a factory serial number, or a string of serial numbers of any unique identifier stored in the embedded protection device 12; the authorization code generating function is that the online authorization center 11 encrypts the SN number and the authorization list through a certain encryption algorithm to form a ciphertext for the online protection device 12 of the embedded software to check the SN number and identify the software function authorization list; the function of sending the authorization code online refers to that the authorization code is transmitted online in order to realize software authorization and protection flexibly.
Fig. 2 shows a block diagram of the online protection device for embedded software according to the present invention, and its components include a network driver 21, an embedded ARM multi-core processor 22, and a programmable logic 23.
The network driver 21 is a network interface supporting connection with a remote authorization center and is used for SN number transmission and authorization file transmission; the network type can adopt Ethernet, optical fiber network, serial port and other networks which support information and file transmission;
the ARM multi-core processor 22 is provided with an SN number and authorization file transmission interface 221 and an SN number reading interface 222, and is provided with the operation resources and the operation capacity of a software authority control 223 module; wherein the authorization file transfer interface 221 is capable of extracting an authorization code from an authorization file;
the programmable logic 23 is provided with an authorized code checksum identification circuit 231;
the network driver 21 is connected with the ARM multi-core processor 22, and the SN number of the ARM multi-core processor 22 and the authorization file transmission interface 221 are communicated with the online authorization center through the network driver 21;
the programmable logic 23 is connected with the ARM multi-core processor 22; the programmable logic 23 completes the authorization code checksum identification 231 and reports the result of the authorization code checksum identification to the ARM multi-core processor 22; the ARM multicore processor 22 completes authority control accordingly.
Fig. 3 shows another block diagram of the online protection device for embedded software according to the present invention, and its components include a network driver 31, an embedded ARM multi-core processor 32, and a programmable logic 33.
The network driver 31 is connected with the ARM multi-core processor 32, and the SN number of the ARM multi-core processor 32 and the authorization file transmission interface 321 are communicated with the online authorization center through the network driver 31;
the ARM multi-core processor 32 is provided with an SN (serial number) and authorization file transmission interface 321, an SN reading interface 322, and the operation resources and the operation capability of a software authorization code check and authority control 322 module;
the programmable logic 33 does not participate in software protection work and is used for business processing;
the network driver 31 is connected with the ARM multi-core processor 32, and the SN number of the ARM multi-core processor 32 and the authorization file transmission interface 321 are communicated with the online authorization center through the network driver 31; wherein the authorization-file-transfer interface 321 has the capability of extracting the authorization code from the authorization file;
the embedded ARM multi-core processor 22 or 32 and the programmable logic 23 or 33, which constitute the online protection device of the embedded software, may be independent devices, or may be a system on chip (SoC) which is wholly or partially integrated together.
It should be understood that the technical contents of the present invention described above are further disclosed from the perspective of specific embodiments, which aim to make the contents of the present invention easier to understand, but do not represent embodiments of the present invention and the protection of the claims is limited thereto. The scope of protection of the invention is set forth in the appended claims, and all obvious modifications which are within the spirit of the invention are intended to be covered by the protection of the invention.
Claims (1)
1. An online protection device of embedded software is characterized by comprising a network driver, an embedded ARM multi-core processor and programmable logic:
the network driver is a network interface supporting connection with a remote authorization center and is used for SN number transmission and authorization file transmission; the network type can adopt Ethernet, optical fiber network, serial port and other networks which support information and file transmission; the SN number is a unique serial number of the online protection device;
the ARM multi-core processor is provided with an authorization file transmission interface, an SN number reading interface, a software authority control module, an authorization code checking calculation resource and a calculation capacity; wherein the authorization file transfer interface is capable of extracting an authorization code from the authorization file;
the programmable logic is provided with an authorization code check sum identification circuit;
the network driver is connected with the ARM multi-core processor, and the SN number and the authorization file transmission interface of the ARM multi-core processor are communicated with the online authorization center through the network driver;
the programmable logic is connected with the ARM multi-core processor, and when the programmable logic is adopted for authorization code verification and identification, the result of the authorization code verification and identification is reported to the ARM multi-core processor; and the ARM multi-core processor completes authority control accordingly.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202023082116.4U CN214540763U (en) | 2020-12-18 | 2020-12-18 | On-line protection device of embedded software |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202023082116.4U CN214540763U (en) | 2020-12-18 | 2020-12-18 | On-line protection device of embedded software |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN214540763U true CN214540763U (en) | 2021-10-29 |
Family
ID=78294970
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202023082116.4U Active CN214540763U (en) | 2020-12-18 | 2020-12-18 | On-line protection device of embedded software |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN214540763U (en) |
-
2020
- 2020-12-18 CN CN202023082116.4U patent/CN214540763U/en active Active
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111492624B (en) | Method and control system for controlling and/or monitoring a device | |
| CN106022080A (en) | Cipher card based on PCIe (peripheral component interface express) interface and data encryption method of cipher card | |
| CN1319294A (en) | Adapter having secure function and computer secure system using it | |
| CN102857484A (en) | Method, system and device for implementing single sign-on | |
| CN110968006B (en) | RPA robot control system and method based on mail system | |
| CN114255031A (en) | System for executing cross block chain of transaction, cross chain transaction method and equipment | |
| CN102404326B (en) | Method, system and device for validating safety of messages | |
| CN109391694A (en) | Document transmission method and relevant device based on SFTP | |
| CN102971739A (en) | Protecting account security settings using strong proofs | |
| CN209627406U (en) | One-way import system is isolated in inter-network based on radio-frequency technique | |
| CN214540763U (en) | On-line protection device of embedded software | |
| CN110659143B (en) | Communication method and device between containers and electronic equipment | |
| CN214540764U (en) | Off-line protection device of embedded software | |
| US11038856B2 (en) | Secure in-line network packet transmittal | |
| CN213987497U (en) | High-reliability off-line protection device for embedded software | |
| US20050080659A1 (en) | Server including an encoded data converter apparatus | |
| KR102083792B1 (en) | Closed home IoT service system | |
| CN113905094A (en) | Industrial Internet integration method, device and system | |
| CN112463722A (en) | Off-line protection system and configuration method of embedded SoC software | |
| CN111859351A (en) | Method, system, server and storage medium for writing information into chip | |
| US11284244B1 (en) | Data white box device utilized in conjunction with intelligent terminal | |
| CN112463720A (en) | Online protection system and online protection method of embedded SoC software | |
| US20220124492A1 (en) | Application White Box Device Utilized In Conjunction With Intelligent Terminal | |
| US11589231B2 (en) | System white box device utilized in conjunction with intelligent terminal | |
| CN110958285A (en) | Data storage system based on block chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant |