JP2009176004A - Control system of automatic dispenser - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a control system of an automatic dispenser capable of applying to a storage medium, such as, USB memory, and of rewriting or writing information, while ensuring full security. <P>SOLUTION: The control system of the automatic dispenser comprises a managing device 10 for writing information into the USB memory 30, and a control device 20 of the automatic dispenser for rewriting control program information 32 to be stored in the USB memory 30, when the USB memory 30 is connected. The managing device 10 writes pieces of security level information 31, whose security levels are specified in each kind of files into the USB memory 30 by a state being added with signature and being encrypted. The control device 20 performs signature check by decrypting the security level information 31 and rewrites the control program information 32, according to the security level specified by the security level information. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a control system for a vending machine, and more specifically, information related to a predetermined program and data stored in the external storage medium in a control device for the vending machine to which the external storage medium is electrically connected. The present invention relates to a control system for a vending machine that rewrites or writes predetermined data information to the external storage medium.

  Conventionally, the control device of the vending machine to which the external storage medium is electrically connected is rewritten information on a predetermined program or data stored in the external storage medium, or predetermined data information is transferred to the external storage medium. A vending machine control system for writing data is known.

  Such a vending machine control system includes a management device and a vending machine control device. The management device is, for example, a personal computer (PC) or the like, and information relating to a predetermined program or data is written to or stored in an external storage medium electrically connected on a dedicated tool. This is for reading data information.

  The control device of the vending machine includes a program storage device, a data storage device, and an arithmetic device. The program storage device is an electrically rewritable nonvolatile memory such as a flash memory, for example, and stores a control program. The data storage device is a memory with power source backup such as DRAM or SRAM, for example, for storing data accessed by the control program. The arithmetic device is, for example, a CPU, and is for executing a control program stored in the program storage device. In the control device of the vending machine, the arithmetic device performs an operation by executing a control program, and the control program records various data such as sales data in a predetermined area of the data storage device.

  In the control system, for example, when upgrading the control program, a dedicated memory card in which a new control program is generated and written by the management device is electrically connected to the control device, and the program storage device The control program is rewritten to a new control program by executing a rewriting program stored together with the control program (see, for example, Patent Document 1).

JP 2000-172917 A

  By the way, the control system of the vending machine as described above has the following problems because a dedicated memory card is used as an external storage medium. Memory cards are relatively difficult to obtain because they are not intended for consumers, and are expensive in price. Moreover, the capacity of the memory card is low enough to store information for only one vending machine. When upgrading to multiple types of vending machines, the memory card for multiple models is used. There is a concern that it may be complicated.

  On the other hand, in recent years, for example, a storage medium represented by a USB memory or the like is relatively easy to obtain because it is widely used and mass-produced for consumers such as personal computers and digital devices, and is also low in price and memory capacity. The capacity is increasing.

  If such a USB memory or the like is used as the external storage medium in the control system described above, the information of vending machines for multiple models can be stored in one USB memory due to the increased memory capacity and lower price of the USB memory. Therefore, the boot process for rewriting information related to a predetermined program or data or writing predetermined data information is not complicated, and the cost can be reduced. However, when a storage medium such as a USB memory is used, information on vending machines for a plurality of models can be stored. Therefore, it is required to secure safety for each information.

  In view of the above circumstances, the present invention provides a control system for a vending machine that can be applied to a storage medium such as a USB memory and can rewrite or write information while ensuring sufficient safety. For the purpose.

  In order to achieve the above object, a control system for a vending machine according to claim 1 of the present invention writes information on a predetermined program or data to an externally connected external storage medium, or stores the information on the external storage medium. When a management device that reads stored data information and the external storage medium are electrically connected, information relating to a predetermined program or data stored in the external storage medium is rewritten or stored in a storage means. And a vending machine control system for writing predetermined data information to the external storage medium, wherein the management device stores the plain text as it is or provides a signature and encryption. A security level is provided for each file type with a security level indicating that at least one of the conversion is performed and stored. The control device decrypts the security level information and performs a signature check, and rewrites or writes it according to the security level specified in the security level information. It is characterized by performing.

  According to a second aspect of the present invention, there is provided a control system for a vending machine according to the first aspect, wherein the control device stores program information stored in the external storage medium in a rewritable internal memory. When the version is newer than the program information having the same file name, the program information stored in the external storage medium is read and rewritten with the program information stored in the external storage medium.

  According to a third aspect of the present invention, there is provided a control system for a vending machine according to the second aspect, wherein the control device is configured such that the program information having the same file name as the program information stored in the internal memory is stored in the external storage. When a plurality of programs are stored on the medium, the latest version of the program information is read and rewritten.

  According to a fourth aspect of the present invention, in the control system for a vending machine according to any one of the first to third aspects, the management device uses the file name of the program information as the predetermined program information. Using the file name, the control device performs decryption and / or signature check according to the security level, and writes the information to the external storage medium using a signature and / or encryption. It is characterized by rewriting.

  In addition, the control system for a vending machine according to claim 5 of the present invention is the control system according to any one of claims 1 to 4 described above, wherein the management device provides a file to be used for pre-shipment operations of the vending machine. While writing the security level information that defines the security level to store in plain text, the file used for the work after the vending machine is shipped is subjected to at least one of signature assignment and encryption. The security level information in which the security level is specified is written.

  A control system for a vending machine according to a sixth aspect of the present invention is the control system according to any one of the first to fifth aspects, wherein the control device decrypts the program information and / or performs a signature check. In the case of rewriting or when the control device writes the data information after applying a signature and / or encryption, it is provided with notifying means for informing that effect.

  According to the control system of the vending machine of the present invention, the security level that the management device stores in plain text or stores by performing at least one of adding a signature and encryption is defined for each file type. The security level information is signed and written to the external storage medium in an encrypted state, and the control device decrypts the security level information and performs a signature check. According to the security level specified in the security level information Since rewriting or writing is performed, the security according to the security level can be ensured for each information while ensuring the confidentiality of the security level information itself. Therefore, the present invention can be applied to a storage medium such as a USB memory, and has an effect that information can be rewritten or written while ensuring sufficient safety.

  Exemplary embodiments of a control system for a vending machine according to the present invention will be described below in detail with reference to the accompanying drawings.

  FIG. 1 schematically shows a control system for a vending machine according to an embodiment of the present invention. The vending machine control system illustrated here includes a management device 10 and a vending machine control device 20.

  The management device 10 is, for example, a personal computer (PC) or the like, generates information about a predetermined program on a dedicated tool, and stores the information in the USB memory 30 that is an electrically connected external storage medium. Is written, or data information stored in the USB memory 30 is read out. In the present embodiment, the management apparatus 10 will be described as writing information to the USB memory 30, and the case where the USB memory 30 is used as an example of an external storage medium will be described.

  The management device 10 generates security level information 31 and control program information 32 and writes these information in the USB memory 30. The security level information 31 is defined as a security level for each file type (for each extension) that is stored in plain text or stored by performing at least one of adding a signature and encryption. More specifically, as shown in FIG. 2, the security level is divided into four levels of “0”, “1”, “2”, “4”, and the level “0” is stored in plain text. Level “1” is to be stored with a signature, level “2” is to be encrypted and stored, and level “4” is to be signed and encrypted for storage.

  More specifically, when writing to the USB memory 30, as shown in FIG. 3, information is written in plain text at level “0”, and a signature is calculated at level “1”. After that, a signature is given and information is written. At level “2”, information is written after being encrypted. At level “4”, signature is given and encrypted, and information is written. On the other hand, when reading from the USB memory 30, as shown in FIG. 4, at level “0”, the information is read out in plain text, and at level “1”, the signature is checked after the signature calculation is performed. At level "2", the information is read and the information is written. At level "4", after the decryption is performed, the signature is calculated and checked, and the information is written.

  In addition, the security level information 31 defines a level “0” for a file provided for work before the vending machine is shipped from, for example, a factory (pre-shipment work). Levels “1”, “2”, or “4” are defined for files to be used for operations after shipment (post-shipment operations). In the following description, it is assumed that the security level information 31 defines the level “4” for the control program information 32.

  Further, the security level information 31 is stored in the USB memory 30 in a state where a signature is applied and encrypted by the management apparatus 10. As the signature algorithm and encryption algorithm here, a generally well-known method may be adopted, or a method based on a unique algorithm may be adopted.

  As will be described later, the control program information 32 is information necessary for the CPU 21 constituting the control device 20 to execute processing. The control program information 32 written to the USB memory 30 is rewritten by the control device 20. belongs to.

  The control device 20 of the vending machine constitutes a vending machine and controls the operation of each part of the vending machine in an integrated manner, and includes a CPU 21, a flash memory 22, an SRAM 23, and an interface 24. It is configured.

  The CPU 21 is an arithmetic device that executes various programs, and is for executing control program information 221 stored in the flash memory 22.

  The flash memory 22 is an electrically rewritable non-volatile memory, and stores the control program information 221 as described above. The SRAM 23 has a data area 231 for storing various data (sales data, setting data, etc.) when executing various programs such as the control program information 221. The SRAM 23 holds data by a backup power source 26.

  The interface 24 is electrically connected to various devices constituting the vending machine. In the illustrated example, the interface 24 is connected to the display unit 27 as a characteristic feature of the present invention. The display unit 27 is, for example, a liquid crystal screen, and the details thereof will be described later. However, when the control device 20 is rewriting information, the display unit 27 is in the process of processing, the remaining time of the process, or the like. Is a notification means for displaying. The display unit 27 displays an error when rewriting or the like cannot be performed. The CPU 21, flash memory 22, SRAM 23, and interface 24 described above are electrically connected by a bus 25.

  FIG. 5 is a flowchart showing the contents of the control program information writing process executed by the management apparatus 10 shown in FIG. As a premise of the description, the security level information 31 is already stored in the USB memory 30 in a state where a signature is applied and encrypted by the management apparatus 10, and the control program information 32 to be processed this time is stored. Is assumed that level "4" is defined.

  In the management apparatus 10, control program information is generated on a specific dedicated tool (step S101). As shown in FIG. 6, the generated control program information has a name including program information (A), version information (B), and extension (C).

  After generating the control program information, the management apparatus 10 gives the control program information (raw data) that has been scrambled with the file name to the one calculated from the data as a signature (step S102, step S102). S103).

  Then, the management apparatus 10 performs the entire encryption including the signature assigned in step S103 (step S104), and thereafter, the control program information 32 that is assigned and encrypted with the USB memory 30 that is electrically connected. Is written (step S105), and the current process is terminated.

  According to this, since the control program information 32 stored in the USB memory 30 is signed and encrypted, even if the USB memory 30 is lost, the contents of the control program information 32 are stored. There is no fear of being known. As the signature algorithm and the encryption algorithm in the above processing contents, a generally well-known method may be adopted, or a method based on a unique algorithm may be adopted. Further, here, the writing process of the control program information 32 of one target vending machine is described in the USB memory 30, but in the present invention, the control program information of a plurality of types of vending machines may be written simultaneously. .

  FIG. 7 is a flowchart showing the contents of the control program information rewriting process executed by the control device 20 shown in FIG.

  When the USB memory 30 is attached to the control device 20, the USB memory 30 is electrically connected to the bus 25 and gives a connection signal to the CPU 21.

  When the connection signal from the USB memory 30 is input (step S201: Yes), the CPU 21 reads the security level information 31 stored in the USB memory 30 (step S202). More specifically, the security level information 31 is temporarily read into the SRAM 23, and decryption and signature check are performed to grasp the security level (level “4”) of each file.

  Thereafter, the CPU 21 extracts program information and version information, which are header information of the control program information 221 already stored in the flash memory 22 (step S203), and stores it in the USB memory 30 using, for example, an API function. A file name list of the control program information 32 is generated (step S204).

  The CPU 21 that has generated the file name list narrows down the file name list having the program information extracted in step S203 in the file name list (step S205), and if there is no identical file name (step S206: No). Then, an error is displayed on the display unit 27 through the interface 24 (step S207), and the current process is terminated. According to this, it is possible to notify the user of the control system that the rewriting process has failed.

  On the other hand, when the same file name exists (step S206: Yes), the CPU 21 selects a file (step S208). More specifically, when there are a plurality of identical file names, the CPU 21 selects the latest version information among them, and when there is one identical file name, it is unconditional. Select that file.

  The CPU 21 that has selected the file reads the control program information 32, which is the file, from the USB memory 30 to the SRAM 23 (step S209), and decrypts it according to the security level (step S210). The combined CPU 21 calculates the signature obtained by scrambled the control program information (raw data) calculated from the data with the file name (step S211), that is, the same as step S102 above. The signature is calculated by this method, and a signature check is performed to check whether or not the calculated signature matches the signature decrypted in step S210 (step S212).

  As a result, if the calculated signature and the decrypted signature do not match (step S212: No), the CPU 21 displays an error on the display unit 27 through the interface 24 (step S213), and ends the current process. According to this, it is possible to notify the user of the control system that the rewriting process has failed.

  On the other hand, if the signatures match (step S212: Yes), the CPU 21 rewrites the control program information 221 already stored in the flash memory 22 and the control program information 32 read into the SRAM 23 (step S214). . That is, new control program information 32 is written into the flash memory 22. In the rewriting process, the CPU 21 causes the display unit 27 to display that the rewriting process is in progress or the remaining time until the end of the rewriting process through the interface 24. Then, after the rewriting process is finished, the current process is finished.

  As described above, according to the control system of the vending machine in the embodiment of the present invention, the management device 10 writes the security level information 31 to the USB memory 30 in a state where the security level information 31 is signed and encrypted, and the control device 20 decrypts the security level information 31, performs a signature check, and rewrites the control program information 32 in accordance with the security level defined in the security level information 31, thus ensuring the confidentiality of the security level information 31 itself. However, the safety according to the security level can be ensured for the control program information 32 as well. Therefore, it can be applied to, for example, a storage medium such as the USB memory 30, and information can be rewritten while ensuring sufficient safety.

  According to the control system, the management apparatus 10 gives a signature to the control program information 32 using the file name of the information and writes it to the external storage medium, and the control apparatus 20 sets the file name according to the security level. Since the information is rewritten by using the signature check, it is possible not only to detect that the control program information 32 has been tampered with but also to detect that the file name of the control program information 32 has been renamed.

  Also, according to the control system, the management device 10 writes the security level information 31 in which the level “0” is defined for the file provided for the pre-shipment operation of the vending machine, while the post-shipment operation of the vending machine. Since the security level information 31 in which the level “1”, “2” or “4” is defined is written for the file to be used for the boot process in the factory, for example, the time can be shortened. Moreover, it is not always necessary to assign and encrypt a signature even after shipment, and it is only necessary to assign and encrypt a signature as necessary, so that the boot process can be shortened.

  Furthermore, according to the control system, when the rewriting process is performed, the fact that the rewriting process is being performed or the remaining time until the end of the rewriting process is displayed on the display unit 27, so that the user is performing the rewriting process. I can recognize that. Moreover, since an error is displayed on the display unit 27, the user can also recognize that the rewriting process has failed.

  The preferred embodiment of the present invention has been described above, but the present invention is not limited to this, and various modifications can be made. For example, in the above-described embodiment, the control device 20 reads and rewrites the control program information 32 from the USB memory 30, but in the present invention, the control means stores it in a storage means such as the SRAM 23, for example. The setting / sales data and logging data may be written in an external storage medium such as a USB memory. The data information written in this way is read out to the management apparatus when the USB memory is electrically connected to the management apparatus.

  In the above embodiment, the signature of the control program information is calculated and assigned using the file name. In the present invention, encryption and decryption can be performed by writing a scramble using the file name. It does not matter even if it is. In other words, the key for encryption and the key for decryption may be scrambled using the file name and converted using the file name. Thereby, when the file name of the control program information is renamed, the decryption key is not paired with the encryption key, and decryption is not normally performed.

  Furthermore, in the above-described embodiment, the display unit 27 has been described as a liquid crystal display screen or the like. However, in the present invention, for example, an LED lamp or a buzzer may be used.

  As described above, the control system of the vending machine according to the present invention is useful for boot processing using an external storage medium such as a USB memory.

It is a schematic diagram which shows typically the control system of the vending machine which is embodiment of this invention. It is a chart showing a security level. It is explanatory drawing about the case where it writes in USB memory. It is explanatory drawing about the case where it reads from USB memory. It is a flowchart which shows the content of the write-in process of the control program information which the management apparatus shown in FIG. 1 implements. It is explanatory drawing which shows an example of the name of the produced | generated control program information. It is a flowchart which shows the content of the rewriting process of the control program information which the control apparatus shown in FIG. 1 implements.

Explanation of symbols

10 management device 20 control device 21 CPU
22 Flash memory 23 SRAM
24 interface 25 bus 26 backup power supply 27 display unit 30 USB memory 31 security level information 32 control program information

Claims (6)

A management device for writing information relating to a predetermined program or data in an electrically connected external storage medium, or reading data information stored in the external storage medium;
Rewriting information about a predetermined program or data stored in the external storage medium when the external storage medium is electrically connected, or writing predetermined data information stored in a storage unit to the external storage medium A vending machine control system comprising:
The management apparatus stores a plaintext or a state in which a security level information in which at least one of a signature addition and encryption is stored and a security level specified for each file type is added and encrypted To write to the external storage medium,
A control system for a vending machine, wherein the control device decrypts the security level information, performs a signature check, and rewrites or writes the security level information according to a security level defined in the security level information.   The control device stores the program information stored in the external storage medium when the version is newer than the program information of the same file name stored in the rewritable internal memory. 2. The control system for a vending machine according to claim 1, wherein the program information is read and rewritten with the program information stored in the external storage medium.   The control device reads and rewrites the latest version of program information when a plurality of program information having the same file name as the program information stored in the internal memory is stored in the external storage medium. The control system for a vending machine according to claim 2. The management apparatus writes the predetermined program information in the external storage medium by applying a signature and / or encryption using a file name of the program information,
The control device performs decryption and / or signature check using the file name according to the security level, and rewrites the information. The vending machine control system described.   The management device writes security level information in which a security level for storing files in plain text is written for files to be used for pre-shipment operations of the vending machine, while for post-shipment operations of the vending machine. 5. The security level information stipulated by a security level for storing at least one of applying a signature and encrypting a file to be provided is written. Vending machine control system.   When the control device rewrites the program information by performing decryption and / or signature check, or when the control device writes the data information by applying a signature and / or encryption, a notification to that effect The vending machine control system according to any one of claims 1 to 5, further comprising means.

Images