JP2010172486A - Electronic equipment, game machine, main control board, peripheral board, authentication method and authentication program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To correct an expected value to be used for authenticating a main control board by a simple method, and to prevent fraudulent control of a peripheral board from a main control board and misuse of the expected value and information concerning authentication. <P>SOLUTION: In the electronic equipment having the main control board 310 and a peripheral board 330 carrying out prescribed processing on the basis of a control command sent by the main control board 310, when the control command to be sent to the peripheral board 330 is a command which starts or ends processing of a jackpot condition, the main control board 310 adds correction data to correct the expected value to be used for collating data sent from the main control board 310, authentication data to authenticate the main control board 310 and dummy data of the authentication data. The peripheral board 330 authenticates the main control board 310 as it is when receiving the dummy data and authenticates the main control board 310 by using a corrected expected value when receiving the authentication data. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to an electronic device, a gaming machine, a main control board, a peripheral board, an authentication method, and an authentication program that include a plurality of boards and authenticate communication between these boards.

  Conventionally, in an electronic apparatus having a plurality of substrates, various techniques have been proposed for preventing fraud on these substrates. As an electronic device provided with a plurality of substrates, for example, there is a pachinko gaming machine. The pachinko gaming machine includes a main control board that controls the operation of the entire electronic device and a controlled board (peripheral board) that performs the operation of each part of the electronic device. The main control board outputs a control signal including a control command to the peripheral board, and the other peripheral boards have a function of executing an operation according to the control signal transmitted from the main control board.

  Examples of frauds with respect to the main control board include a method of replacing a regular main control board with an illegal control board, or altering a program code that defines processing performed by the main control board. In order to prevent such fraud, for example, a technique has been proposed in which program data recorded in a ROM mounted on the main control board is checked by a ROM checker to prevent illegal exchange of the ROM ( For example, see the following Patent Document 1.)

  As another method, the ROM mounted in the peripheral board such as the display control unit holds in advance an expected value for collating other boards, and this expected value is compared with the main control board and When the sum of IDs (unique values) of other peripheral boards matches, a technique for detecting that an illegal board has been inserted by authenticating other boards has been proposed (for example, (See Patent Document 2 below.)

JP 11-333108 A JP-A-2005-21330

  However, according to the technique disclosed in Patent Document 1 described above, although falsification of program data can be detected, it is possible to prevent an unauthorized control board from being connected between a regular main control board and a controlled board. Can not. For this reason, there is a problem that the controlled substrate performs unauthorized control by the control signal output from the unauthorized control substrate.

  Here, a fraud prevention technique according to the prior art will be described with reference to FIGS. 14 and 15. FIG. 14 is an explanatory diagram showing an outline of a fraud prevention technique according to the prior art. FIG. 15 is an explanatory diagram showing an example of inserting an unauthorized control board. As shown in FIG. 14, the regular main control board 1401 outputs a regular control signal RS to the peripheral board 1402 to control the operation of the peripheral board 1402. The regular main control board 1401 is provided with an inspection port 1403. The program data recorded in the ROM or the like provided in the regular main control board 1401 is inspected from the inspection port 1403 to inspect whether the regular main control board 1401 is fraudulent.

  However, as shown in FIG. 15, an unauthorized control board 1501 may be inserted between the regular main control board 1401 and the peripheral board 1402. The unauthorized control board 1501 discards or ignores the authorized control signal RS output from the authorized main control board 1401 and outputs an unauthorized control signal FS to the peripheral board 1402 instead. Here, the peripheral board 1402 cannot determine whether the input signal is the normal control signal RS or the illegal control signal FS. For this reason, there is a problem that the peripheral board 1402 operates in accordance with an unauthorized control signal FS.

  In addition, since the inspection port 1403 is provided only on the regular main control board 1401, even if the inspection using the inspection port 1403 is performed, the inspection result for the process in the regular main control board 1401 is returned. . For this reason, even if the inspection using the inspection port 1403 is performed, there is a problem that unauthorized control by the unauthorized control board 1501 cannot be detected.

  Further, with the technique of Patent Document 2 described above, it can be detected that an unauthorized control board has been inserted. However, since the ID changes when the substrate is changed, there is a problem that the expected value must be rewritten every time another substrate is changed. Therefore, there is a problem that the setting of the board for performing authentication of the main control board and other peripheral boards must be changed every time the main control board and other peripheral boards are changed, which is troublesome.

  Further, in the technique of Patent Document 2, when any of the boards is changed, an abnormality canceling switch is provided that automatically updates the expected value with the sum of the IDs of the changed main control board and other peripheral boards. . However, for example, if the abnormality release switch is operated while an unauthorized substrate is inserted, there is a problem that the unauthorized substrate is authenticated as a regular substrate.

  The present invention corrects the expected value used for authenticating the main control board by a simple method in order to solve the above-mentioned problems caused by the prior art, and also performs illegal control from the main control board to the peripheral board, the expected value and It is an object of the present invention to provide an electronic device, a gaming machine, a main control board, a peripheral board, an authentication method, and an authentication program that can prevent the use of information related to authentication.

  In order to solve the above-described problems and achieve the object, an electronic device according to a first aspect of the present invention includes a main control unit that transmits a control command, and a predetermined control based on the control command transmitted by the main control unit. A correction unit that corrects an expected value that is held in the peripheral unit and used for collation of data transmitted from the main control unit. Correction data generating means for generating the correction data, authentication data generating means for generating authentication data for authentication processing for authenticating the main control unit, dummy data of the authentication data (hereinafter referred to as “dummy authentication data”) ) And a control command (hereinafter referred to as “big hit start”) that starts the processing of the big hit status by the dummy authentication data generating means for generating Correction data addition that adds the correction data generated by the correction data generation means to the control command in the case of a control command that terminates the processing of the jackpot state (hereinafter referred to as “big jack end command”) And when the control data to be transmitted to the peripheral portion is the jackpot start command or the jackpot end command after the correction data is added by the correction data adding means, the authentication data generating means An authentication data adding means for adding the authentication data to the control command, and a control command other than the control command to which the correction data or the authentication data is added by the correction data adding means or the authentication data adding means, For dummy authentication data generation means Dummy authentication data adding means for adding dummy authentication data generated in the above, the control command to which the correction data is added by the correction data adding means (hereinafter referred to as “control command with correction data”), the authentication data The control command to which the authentication data is added by the adding means (hereinafter referred to as “control command with authentication data”) or the control command to which the dummy authentication data is added by the dummy authentication data adding means (hereinafter referred to as “dummy authentication”). Transmitting the control command with data ”to the peripheral portion, the peripheral portion including the control command with correction data, the control command with authentication data, or the dummy transmitted by the main control portion. Receiving means for receiving a control command with authentication data; and When the control command with correction data is received, a correction means for correcting the expected value held in the peripheral portion using the control command with correction data and the control command with authentication data are received by the reception means. If received, a determination means for determining whether or not a value calculated using the control command with authentication data matches the expected value corrected by the correction means; and An authentication unit that authenticates the main control unit when it is determined that the value calculated using the control command matches the expected value, and the authentication unit performs the dummy authentication by the receiving unit When the control command with data is received, the main control unit is authenticated.

  According to the first aspect of the present invention, when the control command transmitted from the main control unit is a jackpot start command or a jackpot end command, correction data and authentication data are added to the control command. Thereby, compared with the case where correction data or authentication data is transmitted independently, the communication load between a main control part and a peripheral part can be reduced. Moreover, compared with the case where correction data or authentication data is transmitted alone, the possibility that correction data or authentication data is extracted from communication data and analyzed can be reduced. Furthermore, since the correction process or the authentication process for correcting the expected value is performed only when a predetermined control command is transmitted, the main control is compared with the case where the authentication process or the correction process is performed when all control commands are transmitted. The processing load on the part and the peripheral part can be reduced. The correction data and the authentication data may be added to only one of the jackpot start command or jackpot end command. In this case, the processing load on the main control unit and the peripheral part can be further reduced, and the work of adding authentication processing and correction processing to the electronic device is further facilitated. Further, since the authentication process is performed after the correction process is performed, for example, even if the main control unit is changed, the changed main control unit can be authenticated as a regular board.

  Further, correction data may be added to the control command when the control command is a jackpot start command, and authentication data may be added to the control command when the control command is a jackpot end command. In this case, the jackpot start command and the jackpot end command are each transmitted once in this order when a jackpot occurs, so that if the jackpot occurs, the correction process and the authentication process can be reliably performed in this order. . Thereby, since the time interval between the correction process and the authentication process is shortened, the strength of the authentication process can be improved.

  Further, when the control command is a jackpot end command, correction data may be added to the control command, and when the control command is a jackpot start command, authentication data may be added to the control command. In this case, since the authentication process can be performed when the jackpot state is started, the jackpot state can be performed in a safe state.

  Further, dummy authentication data can be added to the control command when it is not the timing of the correction process or the authentication process. As a result, it is possible to prevent a third party from knowing when correction data or authentication data has been transmitted. Therefore, the correction data and the authentication data can be prevented from being stolen, so that the authentication strength can be increased.

  Furthermore, there is only one transmission unit that transmits the control command with correction data, the control command with authentication data, or the control command with dummy authentication data to the peripheral unit, and it is not divided for each type of data to be added. And it is divided for every data which the addition part which adds correction data, authentication data, or dummy authentication data adds. For this reason, when the present invention is applied to a device such as a gaming machine, it is possible to save a memory capacity for storing program codes and data. In addition, for example, when performing operation verification of a device such as a gaming machine to which the present invention is applied, only one transmitter needs to be verified, and the number of steps required for verification can be reduced. For example, even if the timing of adding any data is known to a third party, the timing of adding other data is not known, so the strength of authentication can be increased.

  According to a second aspect of the present invention, in the electronic device according to the first aspect, the correction data adding means may be configured such that the control command to be transmitted to the peripheral portion is supplied with power to the main control portion. In the case of the jackpot start command or the jackpot end command after a predetermined number of times, the correction data is added to the jackpot start command or the jackpot end command.

  According to the invention of claim 2, for example, even if the main control unit is changed to another main control unit before the power is turned on, the jackpot start command or the jackpot end command after a predetermined number of times after the power is turned on Thus, the expected value corresponding to the changed main control unit can be corrected. For this reason, it is possible to perform the correction process before the authentication process, and it is possible to prevent the correction process from being overlooked by a third party. Therefore, it is possible to authenticate the changed main control unit as a legitimate board and to prevent the correction data from being stolen.

  According to a third aspect of the present invention, in the electronic device according to the first or second aspect, the correction data adding means may be configured such that the control command transmitted to the peripheral section is reset by the main control section. In the case of the jackpot start command or the jackpot end command after a predetermined number of times, the correction data is added to the jackpot start command or the jackpot end command.

  According to the third aspect of the present invention, for example, the expected value can be corrected when a jackpot start command or jackpot end command is transmitted a predetermined number of times after the start of operation after reset. For this reason, it is possible to perform the correction process before the authentication process, and it is possible to prevent the correction process from being overlooked by a third party. Therefore, it is possible to authenticate the changed main control unit as a legitimate board and to prevent the correction data from being stolen.

  An electronic device according to a fourth aspect of the present invention is the electronic device according to any one of the first to third aspects, wherein the dummy authentication data adding means includes the control to which the correction data or the authentication data is added. When the control command other than the command is the jackpot start command or the jackpot end command before the correction data is added, the dummy authentication data is added.

  According to the fourth aspect of the present invention, even when it is known that a correction process or an authentication process is performed when a jackpot start command or a jackpot end command is transmitted to a third party, for example, the timing of sending the correction data or the authentication data is set. Since it is not known, correction data and authentication data are not stolen, and the strength of authentication can be increased.

  An electronic device according to a fifth aspect of the present invention is the electronic device according to any one of the first to third aspects, wherein the dummy authentication data adding means is of a type other than the jackpot start command or the jackpot end command. In the case of a control command, the dummy authentication data is added.

  According to the invention of claim 5, for example, the third party cannot know that the correction process or the authentication process is being performed when the jackpot start command or the jackpot end command is transmitted. The strength of authentication can be increased.

  An electronic device according to a sixth aspect of the present invention is the electronic device according to any one of the first to fifth aspects, wherein the authentication unit receives the control command with dummy authentication data by the reception unit. The main control unit is authenticated by omitting the process of determining whether or not the value calculated by using the dummy authentication data by the determination unit matches the expected value.

  According to the sixth aspect of the present invention, dummy authentication data transmission processing can be added without increasing unnecessary processing in the peripheral portion. Therefore, the correction data and authentication data can be prevented from being stolen by a simple method, and the strength of authentication can be increased.

  An electronic device according to a seventh aspect of the present invention is the electronic device according to any one of the first to fifth aspects, wherein the determining means uses the control command with dummy authentication data received by the receiving means. Whether the value calculated by the determination unit matches the expected value, and the authentication unit determines that the determination result by the determination unit matches the value calculated using the dummy authentication data and the expected value. Regardless of whether or not it is performed, the main control unit is authenticated.

  According to the seventh aspect of the present invention, even when the peripheral portion receives dummy authentication data, the same processing as when authentication data is received can be performed. For this reason, the processing time in the peripheral portion or the amount of heat generated by the processing can be comparable to that when the normal authentication data is received and the authentication processing is performed. Therefore, since it is possible to prevent a third party from knowing the timing at which the authentication processing is performed in the peripheral portion, the strength of authentication can be further increased.

  An electronic device according to an eighth aspect of the present invention is the electronic device according to any one of the first to seventh aspects, wherein the authentication data adding means transmits the control command to the peripheral section. In the case of the jackpot end command for ending the jackpot state process started by the control command with correction data transmitted by the control data, the authentication data is added to the jackpot end command.

  According to the eighth aspect of the present invention, since the correction process can be performed before the authentication process, the changed main control unit can be authenticated as a regular board. In addition, since the authentication process can be performed after the correction process is performed, the strength of the authentication can be improved.

  An electronic apparatus according to a ninth aspect of the present invention is the electronic device according to any one of the first to eighth aspects, wherein the main control unit is changed to the other main control unit. In this case, correction data for correcting the expected value held in the peripheral portion to an expected value used for collation of data transmitted from the other main control unit is generated.

  According to the ninth aspect of the invention, the correction process can be performed every time the main control unit is changed. For this reason, it is possible to prevent the expected value held in the peripheral part from being corrected, although the main control part is changed.

  According to a tenth aspect of the present invention, in the electronic device according to any one of the first to ninth aspects, the main control unit records a unique value set in the main control unit. The correction data generation unit generates the correction data using the unique value recorded by the recording unit.

  According to the tenth aspect of the present invention, when there are a plurality of main control units, it is possible to generate correction data with values that can recognize each main control unit. As a result, the expected value can be set to a value unique to each main control unit, so that it becomes easier to detect an unauthorized substrate and the strength of authentication can be improved.

  According to an eleventh aspect of the present invention, in the electronic device according to the tenth aspect, the correction data generating unit may be configured such that when the main control unit is changed to another main control unit, the correction unit is stored in the recording unit. The difference between the recorded unique value set in the main control unit before the change and the unique value set in the other main control unit after the change is calculated as the correction data. It is characterized by producing | generating as.

  According to the eleventh aspect of the present invention, when there are a plurality of main control units, it is possible to generate correction data based on a difference in values that can recognize each main control unit. As a result, the expected value can be set to a value unique to each main control unit, so that it becomes easier to detect an unauthorized substrate and the strength of authentication can be improved.

  An electronic device according to a twelfth aspect of the invention is the electronic device according to the tenth or eleventh aspect, wherein the correction data generation means uses the control command to add the correction data together with the unique value. It is characterized by generating data.

  According to the twelfth aspect of the present invention, the authentication data is generated using the control command (predetermined control command) transmitted together with the correction data. In general, an unauthorized control board attempts to cause an unauthorized operation to be performed by transmitting a control command different from that of a regular main control unit. Therefore, if the correction data is generated by using the control command transmitted this time, even if the correction data is reused by an unauthorized control board, the correction data and the control command cannot be matched, and the fraud is detected. be able to.

  An electronic device according to a thirteenth aspect of the present invention is the electronic device according to any one of the first to ninth aspects, wherein the main control unit includes recording means for recording a predetermined program code, and the correction data. The generating means generates the correction data using a program code recorded in the recording means.

  According to the thirteenth aspect of the present invention, the correction data is generated using the program code recorded in the main control unit. Thereby, fraud such as rewriting of the program code recorded in the main control unit or replacement of the main control unit can be detected.

  According to a fourteenth aspect of the present invention, in the electronic device according to the thirteenth aspect, the correction data generating means generates the correction data using the control command for adding the correction data together with the program code. It is characterized by doing.

  According to the fourteenth aspect of the present invention, the authentication data is generated using a control command (a jackpot start command or a jackpot end command) transmitted together with the correction data. In general, an unauthorized control board attempts to cause an unauthorized operation to be performed by transmitting a control command different from that of a regular main control unit. Therefore, if the correction data is generated by using the control command transmitted this time, even if the correction data is reused by an unauthorized control board, the correction data and the control command cannot be matched, and the fraud is detected. be able to.

  An electronic device according to a fifteenth aspect of the present invention is the electronic device according to any one of the first to fourteenth aspects, wherein the main control unit includes recording means for recording a predetermined program code, and the authentication data The generating means generates the authentication data using the program code recorded by the recording means.

  According to the fifteenth aspect of the present invention, the authentication data is generated using the program code recorded in the main control unit. Thereby, fraud such as rewriting of the program code recorded in the main control unit or replacement of the main control unit can be detected.

  According to a sixteenth aspect of the present invention, in the electronic device according to the fifteenth aspect, the authentication data generation means generates the authentication data using the control command that adds the correction data together with the program code. It is characterized by doing.

  According to the sixteenth aspect of the present invention, authentication data is generated using a control command (a jackpot start command or a jackpot end command) transmitted together with the authentication data. Therefore, if the authentication data is generated using the control command transmitted this time, even if the authentication data is reused by an unauthorized control board, the authentication data cannot be matched with the control command, and the fraud is detected. be able to.

  An electronic device according to a seventeenth aspect of the present invention is the electronic device according to any one of the first to sixteenth aspects, wherein the correction unit is configured such that the control command transmitted from the main control unit includes the correction data. In the case of a control command, the expected value held in the peripheral portion is corrected using the control command with correction data.

  According to the seventeenth aspect of the present invention, the peripheral portion can determine whether or not to perform the correction process only by checking whether or not the correction data is added to the control command. Therefore, it is possible to reduce the processing load on the peripheral part due to the correction process.

  An electronic device according to an invention of claim 18 is the electronic device according to any one of claims 1 to 16, wherein the correction means is configured such that the control command transmitted from the main control unit is the jackpot start command. Alternatively, in the case of the jackpot end command, the expected value held in the peripheral portion is corrected using the control command with correction data.

  According to the eighteenth aspect of the present invention, the peripheral unit can confirm the type of the control command transmitted by the main control unit and determine whether or not to perform the correction process. Therefore, it is possible to facilitate the timing design between the process based on the control command and the correction process.

  An electronic device according to a nineteenth aspect of the present invention is the electronic device according to any one of the first to eighteenth aspects, wherein the determination means includes the control data transmitted from the main control unit with the authentication data. In the case of a control command, it is determined whether or not the value calculated using the control command with authentication data matches the expected value.

  According to the nineteenth aspect of the present invention, the peripheral part can determine whether or not to perform the authentication process only by confirming whether or not the authentication data is added to the control command. Therefore, the processing load on the peripheral part due to the authentication process can be reduced.

  An electronic device according to a twentieth aspect of the invention is the electronic device according to any one of the first to twentieth aspects, wherein the determining means is configured such that the control command transmitted from the main control unit is the jackpot start command. Alternatively, in the case of the jackpot end command, it is determined whether or not the value calculated by using the control command with authentication data matches the expected value.

  According to the twentieth aspect of the present invention, the peripheral unit can confirm the type of the control command transmitted by the main control unit and determine whether or not to perform the authentication process. Therefore, it is possible to easily perform the timing design between the process based on the control command and the authentication process.

  An electronic device according to a twenty-first aspect of the invention is the electronic device according to any one of the first to twentieth aspects, wherein the peripheral portion is notified when the main control portion is not authenticated by the authenticating means. Output means for outputting a signal is provided.

  According to the twenty-first aspect of the present invention, the user can be notified that fraud has been made to the main control unit.

  A gaming machine according to a twenty-second aspect of the invention includes the electronic device according to any one of the first to twenty-first aspects, wherein the main control board transmits the control command with authentication data, and the peripheral board is An authentication process is performed based on the control command with authentication data transmitted by the main control board.

  According to the invention of claim 22, the function of the electronic device according to claims 1 to 21 can be applied to a gaming machine such as a pachinko gaming machine.

  A main control board according to a twenty-third aspect of the present invention is a main control board that is mounted on an electronic device and transmits a control command for causing a peripheral board to perform a predetermined process. Correction data generating means for generating correction data for correction processing for correcting expected values used for collation of data transmitted from the control board, and authentication for generating authentication data for authentication processing for authenticating the main control board Control for causing data generation means, dummy authentication data generation means for generating dummy data of the authentication data (hereinafter referred to as “dummy authentication data”), and the control command to be transmitted to the peripheral board to start processing in a big hit state Command (hereinafter referred to as “big hit start command”) or a control command (hereinafter referred to as “big hit end command”) that terminates the processing of the big hit status. And the correction data adding means for adding the correction data generated by the correction data generating means to the control command, and after the correction data is added by the correction data adding means, the peripheral data When the control command to be transmitted to the board is the jackpot start command or the jackpot end command, authentication data adding means for adding the authentication data generated by the authentication data generating means to the control command, and the correction data adding Dummy authentication data adding means for adding dummy authentication data generated by the dummy authentication data generating means to a control command other than the control command to which the correction data or the authentication data is added by the means or the authentication data adding means And correction data addition The control command to which the correction data is added by the stage (hereinafter referred to as “control command with correction data”), and the control command to which the authentication data is added by the authentication data adding means (hereinafter referred to as “control command with authentication data”). Or transmission means for transmitting the control command to which the dummy authentication data is added by the dummy authentication data adding means (hereinafter referred to as “control command with dummy authentication data”) to the peripheral board. Features.

  According to the twenty-third aspect of the present invention, when the control command transmitted from the main control board is a jackpot start command or a jackpot end command, correction data and authentication data are added to the control command. Thereby, the communication load between the main control board and the peripheral board can be reduced as compared with the case where the correction data or the authentication data is transmitted alone. Moreover, compared with the case where correction data or authentication data is transmitted alone, the possibility that correction data or authentication data is extracted from communication data and analyzed can be reduced. In addition, since the correction process or authentication process for correcting the expected value is performed only when a predetermined control command is transmitted, the main control is compared with the case where the authentication process or the correction process is performed when all control commands are transmitted. The processing load on the substrate and the peripheral substrate can be reduced. The correction data and the authentication data may be added only to either the jackpot start command or the jackpot end command. In this case, the processing load on the main control board and the peripheral board can be further reduced, and the work of adding authentication processing and correction processing to the electronic device is further facilitated. Further, since the authentication process is performed after the correction process is performed, for example, even if the main control board is changed, the changed main control board can be authenticated as a regular board.

  Further, correction data may be added to the control command when the control command is a jackpot start command, and authentication data may be added to the control command when the control command is a jackpot end command. In this case, the jackpot start command and the jackpot end command are each transmitted once in this order when the jackpot occurs, so that if the jackpot occurs, the correction process and the authentication process can be reliably performed in this order. . Thereby, since the time interval between the correction process and the authentication process is shortened, the strength of the authentication process can be improved.

  Further, when the control command is a jackpot end command, correction data may be added to the control command, and when the control command is a jackpot start command, authentication data may be added to the control command. In this case, since the authentication process can be performed when the jackpot state is started, the jackpot state can be performed in a safe state.

  Further, dummy authentication data can be added to the control command when it is not the timing of the correction process or the authentication process. As a result, it is possible to prevent a third party from knowing when correction data or authentication data has been transmitted. Therefore, the correction data and the authentication data can be prevented from being stolen, so that the authentication strength can be increased.

  Furthermore, there is only one transmission unit that transmits the control command with correction data, the control command with authentication data, or the control command with dummy authentication data to the peripheral board, and it is not divided for each type of data to be added. And it is divided for every data which the addition part which adds correction data, authentication data, or dummy authentication data adds. For this reason, when the present invention is applied to a device such as a gaming machine, it is possible to save a memory capacity for storing program codes and data. In addition, for example, when performing operation verification of a device such as a gaming machine to which the present invention is applied, only one transmitter needs to be verified, and the number of steps required for verification can be reduced. For example, even if the timing of adding any data is known to a third party, the timing of adding other data is not known, so the strength of authentication can be increased.

  A peripheral board according to a twenty-fourth aspect of the invention is a peripheral board that is mounted on an electronic device and performs processing according to a control command transmitted from a main control board, and is transmitted by the main control board, The control command to which correction data for correcting expected values used for collation of data transmitted by the control board is added (hereinafter referred to as “control command with correction data”), and authentication for authenticating the main control board The control command to which data is added (hereinafter referred to as “control command with authentication data”) or the control command to which dummy data of the authentication data is added (hereinafter referred to as “control command with dummy authentication data”) is received. When the control command with correction data is received by the receiving means and the receiving means, the control command with correction data When receiving the control command with authentication data by the correction means for correcting the expected value held on the peripheral board using the receiving means, the value calculated using the control command with authentication data is: A determination unit that determines whether or not the expected value corrected by the correction unit matches, a value that is calculated by the determination unit using the control command with authentication data, and the expected value match. Authentication means for authenticating the main control board when judged, wherein the authentication means authenticates the main control board when receiving the control command with dummy authentication data by the receiving means. And

  According to the invention of claim 24, when the control command transmitted from the main control board is a jackpot start command, correction data is added to the control command, and the control command transmitted from the main control board is a jackpot end command. In some cases, authentication data is added to the control command. Thereby, the communication load between the main control board and the peripheral board can be reduced as compared with the case where the correction data or the authentication data is transmitted alone. Moreover, compared with the case where correction data or authentication data is transmitted alone, the possibility that correction data or authentication data is extracted from communication data and analyzed can be reduced. In addition, since the correction process or authentication process for correcting the expected value is performed only when a predetermined control command is transmitted, the main control is compared with the case where the authentication process or the correction process is performed when all control commands are transmitted. The processing load on the substrate and the peripheral substrate can be reduced. Further, since the authentication process is performed after the correction process is performed, for example, even if the main control board is changed, it is possible to reliably authenticate the changed main control board as a regular board. Furthermore, since the jackpot start command and the jackpot end command are each transmitted once when a jackpot is generated, the correction processing and the authentication processing can be surely performed when the jackpot is generated. Thereby, since the time interval between the correction process and the authentication process is shortened, the strength of the authentication process can be improved.

  In addition, by not holding the fixed value, which is the final expected value (expected value after correction) itself used for verification of the main control board, in the peripheral board, it is possible to limit who can know the final expected value used for verification. In this case, specifically, for example, when the expected value correction process is not performed from the time of manufacturing, the dummy authentication process is designed so that authentication is established, and the authentication process is not established. As a result, it is possible to reduce risks such as leakage of information regarding expected values.

  An authentication method according to a twenty-fifth aspect of the present invention is an electronic device comprising: a main control unit that transmits a control command; and a peripheral unit that performs predetermined processing based on the control command transmitted by the main control unit. A correction data generation method for generating correction data for correction processing for correcting an expected value used for collation of data held in the peripheral unit and transmitted from the main control unit in the main control unit An authentication data generating step for generating authentication data for authentication processing for authenticating the main control unit, and a dummy authentication data generating step for generating dummy data of the authentication data (hereinafter referred to as “dummy authentication data”) And the control command to be transmitted to the peripheral part is a control command for starting the processing of the jackpot state (hereinafter referred to as “big jack start command”). Or a correction data adding step of adding the correction data generated by the correction data generation step to the control command in the case of a control command for terminating the processing of the big hit state (hereinafter referred to as “big hit end command”); After the correction data is added by the correction data adding step, when the control command transmitted to the peripheral part is the jackpot start command or the jackpot end command, the authentication data generated by the authentication data generation step is The dummy authentication data is generated in a control command other than the control command to which the correction data or the authentication data is added by the authentication data adding step to be added to the control command and the correction data adding step or the authentication data adding step. Generated by the process A dummy authentication data adding step for adding me authentication data, the control command to which the correction data is added in the correction data adding step (hereinafter referred to as “control command with correction data”), and the authentication in the authentication data adding step. The control command to which data is added (hereinafter referred to as “control command with authentication data”) or the control command to which the dummy authentication data is added in the dummy authentication data adding step (hereinafter referred to as “control command with dummy authentication data”). Transmitting to the peripheral portion, the control command with correction data, the control command with authentication data, or the control command with dummy authentication data transmitted by the main control unit in the peripheral portion. Receiving step, and the correction by the receiving step When a control command with data is received, a correction step for correcting the expected value held in the peripheral portion using the control command with correction data, and a control command with authentication data received by the reception step A determination step for determining whether a value calculated using the control command with authentication data matches the expected value corrected by the correction step; and the control command with authentication data by the determination step. An authentication step of authenticating the main control unit when it is determined that the calculated value and the expected value match, and the authentication step is a control with dummy authentication data by the receiving step When the command is received, the main control unit is authenticated.

  According to the invention of claim 25, when the control command transmitted from the main control unit is a jackpot start command, correction data is added to the control command, and the control command transmitted from the main control unit is a jackpot end command. In some cases, authentication data is added to the control command. Thereby, compared with the case where correction data or authentication data is transmitted independently, the communication load between a main control part and a peripheral part can be reduced. Moreover, compared with the case where correction data or authentication data is transmitted alone, the possibility that correction data or authentication data is extracted from communication data and analyzed can be reduced. In addition, since the correction process or authentication process for correcting the expected value is performed only when a predetermined control command is transmitted, the main control is compared with the case where the authentication process or the correction process is performed when all control commands are transmitted. The processing load on the part and the peripheral part can be reduced. The correction data and the authentication data may be added only to either the jackpot start command or the jackpot end command. In this case, the processing load on the main control unit and the peripheral part can be further reduced, and the work of adding authentication processing and correction processing to the electronic device is further facilitated. Further, since the authentication process is performed after the correction process is performed, for example, even if the main control unit is changed, the changed main control unit can be authenticated as a regular board.

  Further, correction data may be added to the control command when the control command is a jackpot start command, and authentication data may be added to the control command when the control command is a jackpot end command. In this case, the jackpot start command and the jackpot end command are each transmitted once in this order when the jackpot occurs, so that if the jackpot occurs, the correction process and the authentication process can be reliably performed in this order. . Thereby, since the time interval between the correction process and the authentication process is shortened, the strength of the authentication process can be improved.

  Further, when the control command is a jackpot end command, correction data may be added to the control command, and when the control command is a jackpot start command, authentication data may be added to the control command. In this case, since the authentication process can be performed when the jackpot state is started, the jackpot state can be performed in a safe state.

  Further, dummy authentication data can be added to the control command when it is not the timing of the correction process or the authentication process. As a result, it is possible to prevent a third party from knowing when correction data or authentication data has been transmitted. Therefore, the correction data and the authentication data can be prevented from being stolen, so that the authentication strength can be increased.

  Furthermore, there is only one transmission unit that transmits the control command with correction data, the control command with authentication data, or the control command with dummy authentication data to the peripheral unit, and it is not divided for each type of data to be added. And it is divided for every data which the addition part which adds correction data, authentication data, or dummy authentication data adds. For this reason, when the present invention is applied to a device such as a gaming machine, it is possible to save a memory capacity for storing program codes and data. In addition, for example, when performing operation verification of a device such as a gaming machine to which the present invention is applied, only one transmitter needs to be verified, and the number of steps required for verification can be reduced. For example, even if the timing of adding any data is known to a third party, the timing of adding other data is not known, so the strength of authentication can be increased.

  An authentication program according to a twenty-sixth aspect of the invention causes a computer to execute the authentication method according to the twenty-fifth aspect.

  According to the invention of claim 26, it is possible to cause a computer to execute the authentication method according to claim 25.

  According to the electronic device, the gaming machine, the main control board, the peripheral board, the authentication method, and the authentication program according to the present invention, the expected value used for authenticating the main control board is corrected by a simple method, and from the main control board There is an effect that it is possible to prevent unauthorized control of the peripheral board and diversion of expected values.

It is a front view which shows an example of the game board of the pachinko game machine of this invention. It is a block diagram which shows the internal structure of the control part of a pachinko game machine. It is a block diagram which shows the functional structure of a main control board and a peripheral board | substrate. It is a flowchart which shows the procedure of the control process of the production | presentation control part by the main control part. It is a flowchart which shows the procedure of the control process of the production | presentation control part by the main control part. It is a time chart which shows the transmission timing of a jackpot related command. It is a flowchart which shows the procedure of the symbol variation process by an effect control part. It is a flowchart which shows the procedure of the process at the time of the big hit by an effect control part. It is a flowchart which shows the procedure of the lamp control process at the time of the symbol variation by a lamp control part. It is explanatory drawing which shows typically the data format of the control signal which a main control part outputs. It is a flowchart which shows the procedure of the transmission process of the control signal by a main control part. It is a flowchart which shows the procedure of the reception process of the control signal by an effect control part. It is a sequence diagram which shows an example of the flow of the control signal between control parts. It is explanatory drawing which shows the outline | summary of the fraud prevention technique by a prior art. It is explanatory drawing which shows the outline | summary of the fraud prevention technique by a prior art.

(Embodiment)
Referring to the accompanying drawings, control signals between a pachinko gaming machine having the function of an electronic device according to the present invention and a plurality of boards (main control board and peripheral board) mounted on the pachinko gaming machine will be described below. A preferred embodiment of an authentication method and an authentication program for authenticating an included control command will be described in detail.

(Basic configuration of pachinko machine)
FIG. 1 is a front view showing an example of a game board of a pachinko gaming machine according to the present invention. A game ball launched by driving a launching unit (see FIG. 2) arranged at a lower position of the game board 101 ascends between the rails 102a and 102b and reaches an upper position of the game board 101, and then the game area 103 Fall inside. A plurality of nails (not shown) are provided in the game area 103, and the game ball is dropped in various directions, and a windmill or a prize opening that changes the fall direction of the game ball is placed in the middle of the fall. Is arranged.

  A symbol display unit 104 is arranged at the center of the game area 103 of the game board 101. As the symbol display unit 104, for example, a liquid crystal display (LCD) is used. The symbol display unit 104 is not limited to the LCD, and a CRT or the like can also be used. Below the symbol display unit 104, a start winning port 105 for starting winning is arranged. Winning gates 106 are arranged on the left and right of the symbol display unit 104, respectively.

  The winning gate 106 is provided to detect the passing of the game ball and perform a lottery to open the start winning opening 105 for a predetermined time. A normal winning opening 107 is disposed on the side of the symbol display unit 104 or below. When a game ball wins the normal winning opening 107, the number of winning balls (for example, 10) at the time of the normal winning is paid out. At the bottom of the game area 103, there is provided a collection port 108 for collecting game balls that have not won any winning ports.

  The symbol display unit 104 described above starts a variation in the display of a plurality of symbols when a game ball is won at a specific winning opening (at the time of starting winning), and the symbol stops after a predetermined time. When the specific symbols (for example, “777”) are aligned at the time of the stop, a big hit state is obtained. In the big hit state, the big winning opening 109 located below repeats opening for a predetermined period for a predetermined round (for example, 15 rounds), and pays out the number of winning balls corresponding to the winning game balls.

  FIG. 2 is a block diagram showing the internal configuration of the control unit of the pachinko gaming machine. The control unit 200 includes a plurality of control units. In the example of illustration, it has the main control part 201 and the peripheral part (The effect control part 202, the prize ball control part 203). The main control unit 201 controls basic operations related to the game of the pachinko gaming machine. The production control unit 202 controls the production operation during the game. The prize ball control unit 203 controls the number of prize balls to be paid out.

  Based on the program data stored in the ROM 212, the main control unit 201 executes a CPU 211 that performs basic processing as the game content progresses, a RAM 213 that functions as a data work area when the CPU 211 performs arithmetic processing, and each detection unit 221- An interface (I / F) 214 that receives various data from the H.224 and transmits various data to the effect control unit 202 and the prize ball control unit 203 is configured. The main control unit 201 realizes its function by, for example, a so-called main control board.

  On the input side of the main control unit 201, a start winning port detection unit 221 that detects a winning ball that has won a winning winning port 105, a gate detection unit 222 that detects a game ball that has passed through the winning gate 106, and a normal win An ordinary winning opening detection unit 223 that detects a game ball won in the mouth 107 and a large winning opening detection unit 224 that detects a winning ball won in the big winning opening 109 are connected via the I / F 214. These detection units can be configured using proximity switches or the like.

  A prize winning opening / closing part 231 is connected to the output side of the main control part 201, and the opening / closing of the prize winning opening / closing part 231 is controlled. The special prize opening / closing unit 231 has a function of opening the special prize opening 109 for a certain period of time when a big hit is made, and is configured using a solenoid or the like. This jackpot is programmed in advance to occur with a predetermined probability (for example, 1/300, etc.) based on the generated random number (random number for jackpot determination).

  The effect control unit 202 receives control signals including various control commands from the main control unit 201, and executes program data stored in the ROM 242 based on these commands to perform effect control during the game. The effect control unit 202 includes a CPU 241 that executes effect processing, a RAM 243 that functions as a data work area during the calculation processing of the CPU 241, a VRAM 244 that writes image data to be displayed on the symbol display unit 104, and various types from the main control unit 201. An interface (I / F) 245 for receiving data and transmitting various data to the lamp control unit 251 and the voice control unit 252 is provided. The effect control unit 202 realizes its function by, for example, a so-called effect board. In addition, the above-described symbol display unit (LCD) 104, lamp control unit 251, and voice control unit 252 are connected to the output side of the effect control unit 202 via the I / F 245.

  The winning ball control unit 203 receives control signals including various control commands from the main control unit 201, and executes program data stored in the ROM 282 based on these commands to perform winning ball control. The prize ball control unit 203 includes a CPU 281 that executes prize ball control processing, a RAM 283 that functions as a data work area when the CPU 281 performs arithmetic processing, and various data reception and emission units 292 from the main control unit 201. An interface (I / F) 284 that transmits and receives various data is provided. The prize ball control unit 203 realizes its function by, for example, a so-called prize ball substrate.

  The winning ball control unit 203 performs control for paying out the number of winning balls at the time of winning a prize to the connected paying unit 291. In addition, an operation of launching a game ball with respect to the launch unit 292 is detected, and the launch of the game ball is controlled. The payout unit 291 includes a motor for paying out a predetermined number from the game ball storage unit. The winning ball control unit 203 controls the paying unit 291 to pay out the number of winning balls corresponding to the game balls won in each winning port (start winning port 105, normal winning port 107, large winning port 109). Do it.

  The launcher 292 launches a game ball for a game, and includes a sensor that detects a game operation by the player, a solenoid that launches the game ball, and the like. When the prize ball control unit 203 detects a game operation by the sensor of the launch unit 292, the prize ball control unit 203 intermittently fires a game ball by driving a solenoid or the like in response to the detected game operation, thereby playing the game area 103 of the game board 101. A game ball is sent out.

  The main control unit 201, the effect control unit 202, and the prize ball control unit 203 configured as described above are provided on different printed circuit boards (main control board, effect board, and prize ball board). For example, the prize ball control unit 203 can be provided on the same printed circuit board as the main control unit 201.

(Functional configuration of main control board and peripheral board)
FIG. 3 is a block diagram showing a functional configuration of a main control board (main control unit) and peripheral boards (effect control unit, prize ball control unit). First, a functional configuration of the main control board 310 having a function as the main control unit 201 will be described. As shown in FIG. 3, the main control board 310 is a functional unit that transmits a control command for operating the peripheral board 330, and includes a control command storage unit 311, a recording unit 312, a correction data generation unit 313, and authentication data generation. 314, dummy authentication data generation unit 315, correction data addition unit 316, authentication data addition unit 317, dummy authentication data addition unit 318, and transmission unit 319.

  The control command storage unit 311 stores control command data (control command data) transmitted to the peripheral board 330. The recording unit 312 records a value unique to the main control board 310 and a predetermined program code. The value unique to the main control unit 201 is a value that can identify each main control board 310 when there are a plurality of main control boards 310, for example.

  The main control board 310 selects a control command to be transmitted from the control command storage unit 311 to the peripheral board 330 according to a predetermined program code recorded in the recording unit 312 and transmits the control command to the peripheral board 330, for example. . Note that the control command storage unit 311 and the recording unit 312 may not be provided separately, but may be integrated. For example, control command data, a program code, and a value unique to the main control board 310 may be stored in the recording unit 312.

  The correction data generation unit 313 generates correction data for correcting an expected value used for collation of data transmitted from the main control board 310. The expected value is, for example, a value that is held in advance (such as during manufacturing) on the peripheral board 330 and is a value that is used when collating data transmitted from the main control board 310 on the peripheral board 330. Further, the expected value is not a fixed value, but may be a value generated by calculation from a basic value, for example. When there are a plurality of main control boards 310, the expected values are different for each main control board 310. Therefore, for example, when the main control board 310 is changed to another main control board 310, even if the other main control board 310 is a valid main control board 310, the expected value of the peripheral board 330 is not corrected. The peripheral board 330 may not be verified, or the legitimate main control board 310 may be determined to be an unauthorized main control unit. In order to prevent such a verification failure, the main control board 310 transmits correction data for correcting the expected value held in the peripheral board 330 to the peripheral board 330.

  The timing at which the correction data generation unit 313 generates the correction data is, for example, when the main control board 310 is changed to another main control board 310. In this case, the correction data generation unit 313 uses the expected value corresponding to the main control board 310 before the change held in the peripheral board 330 for the verification of the data transmitted from the other main control board 310 after the change. Correction data for correcting the value is generated.

  As a method of generating correction data by the correction data generation unit 313, correction data may be generated using a unique value recorded by the recording unit 312. Specifically, for example, when the main control board 310 is changed to another main control board 310, the correction data generation unit 313 records a unique value set in the other main control board 310 after the change, and the recording A difference from the unique value set in the main control board 310 before the change recorded in the unit 312 is generated as correction data. Furthermore, the correction data generation unit 313 may generate correction data using the control command transmitted this time together with the unique value. Further, the correction data generation unit 313 may generate correction data using the program code recorded in the recording unit 312. Furthermore, the correction data generation unit 313 may generate correction data using a control command transmitted this time together with the program code. The correction data generation unit 313 may encrypt the generated correction data.

  The authentication data generation unit 314 generates authentication data for authenticating the main control board 310. The authentication data generation unit 314 generates authentication data using, for example, a program code recorded by the recording unit 312. Furthermore, the authentication data generation unit 314 may generate authentication data using a control command transmitted this time together with the program code. The authentication data is used by an authenticator (peripheral board 330) to verify that the main control board 310 is a legitimate main control board 310 by performing verification using an expected value held in the peripheral board 330. Information.

  The dummy authentication data generation unit 315 generates dummy data of authentication data (hereinafter referred to as “dummy authentication data”). In the dummy authentication data, the authenticator (peripheral board 330) temporarily authenticates the main control board 310 as the regular main control board 310 without performing verification using the expected value held in the peripheral board 330. It is information for. The dummy authentication data is collated using the expected value held in the peripheral board 330, and the main control board 310 is temporarily authenticated as the regular main control board 310 regardless of whether the collation results match or do not match. It is information to do. Further, the dummy authentication data may be authentication data used for a different type of authentication from the above-described authentication using the correction data and the authentication data.

  When the control command to be transmitted to the peripheral board 330 is a control command for starting the big hit state process (hereinafter referred to as “big hit start command”), the correction data adding unit 316 generates the correction data generated by the correction data generating unit 313. Is added to the jackpot start command to generate a control signal.

  Specifically, when the control command transmitted to the peripheral board 330 is a jackpot start command a predetermined number of times after the power is turned on to the main control board 310, the correction data adding unit 316 uses the correction data as the jackpot start command. Is added. Further, when the control command transmitted to the peripheral board 330 is a jackpot start command a predetermined number of times after the main control board 310 is reset, the correction data adding unit 316 may add correction data to the jackpot start command. Good. The correction data adding unit 316 may add correction data to one or more jackpot start commands between the time the power is turned on and the power is turned off, and the correction data is added to a plurality of jackpot start commands. May be added. In other words, the correction data adding unit 316 may add correction data to the jackpot start command before the authentication data adding unit 317 adds the authentication data to the control command.

  In addition, the authentication data adding unit 317 transmits a control command with correction data to the peripheral board 330 by a transmission unit 319 described later, and then the control command (the control command transmitted to the peripheral board 330 ends the process of the big hit state). Hereinafter, the authentication data generated by the authentication data generation unit 314 is added to the control command. Specifically, the authentication data adding unit 317 is a jackpot end command for ending the jackpot state process started by the control command with correction data transmitted by the transmitting unit 319 when the control command transmitted to the peripheral board 330 is The authentication data is added to the jackpot end command.

  The authentication data adding unit 317 may add authentication data to all jackpot end commands after transmitting the control command with correction data, or may add authentication data to any jackpot end command. . Further, the authentication data adding unit 317 may add the authentication data to the jackpot start command until the power is turned off after the correction data is added to the jackpot start command a predetermined number of times after the power is turned on.

  The dummy authentication data adding unit 318 adds the dummy authentication data generated by the dummy authentication data generating unit 315 to a control command other than the control command to which correction data or authentication data is added. The dummy authentication data adding unit 318 may randomly add dummy authentication data to a control command other than the control command to which the correction data and the authentication data are added, or may add a control command of a preset order or type. Dummy authentication data may be added.

  Specifically, the dummy authentication data adding unit 318 performs dummy processing when the control command other than the control command to which the correction data or the authentication data is added is a jackpot start command or a jackpot end command before the correction data is added. Add authentication data. That is, the dummy authentication data adding unit 318 adds dummy authentication data in the case of a jackpot start command or a jackpot end command before transmitting the control command with correction data. Dummy authentication data may be added to all jackpot start commands or jackpot end commands before sending a control command with correction data, or dummy authentication data may be added to any jackpot start command or jackpot end command Good. Further, the dummy authentication data adding unit 318 may add dummy authentication data to the jackpot start command or jackpot end command after transmitting the control command with correction data. The dummy authentication data adding unit 318 may add dummy authentication data in the case of a control command of a type other than the jackpot start command or jackpot end command.

  The transmission unit 319 includes a control command to which correction data is added by the correction data addition unit 316 (hereinafter referred to as “control command with correction data”), and a control command to which authentication data is added by the authentication data addition unit 317 (hereinafter, “ The control command with authentication data ”or a control command to which dummy authentication data is added (hereinafter referred to as“ control command with dummy authentication data ”) is transmitted to the peripheral board 330. When the command to be transmitted this time is a jackpot start command or jackpot end command, the transmitter 319 transmits a control command with correction data to the peripheral board 330, and after transmitting the control command with correction data, the command to be transmitted is a jackpot If it is a start command or a jackpot end command, a control command with authentication data may be transmitted to the peripheral board 330. If the command to be transmitted this time is not a jackpot start command or jackpot end command, the transmission unit 319 transmits a control command to which correction data or authentication data is not added or a control command with dummy authentication data to the peripheral board 330. Even if the command to be transmitted this time is a jackpot start command or a jackpot end command, if the correction data or the authentication data is not added, the transmitter 319 transmits a control command with dummy authentication data to the peripheral board 330. Also good.

  As described above, after the control command with correction data is transmitted to the peripheral board 330, the authentication data adding section 317 and the transmitting section 319 add the authentication data and transmit the control command with authentication data to the peripheral board 330. Therefore, the peripheral substrate 330 can perform the authentication process after performing the expected value correction process. For this reason, for example, when the main control board 310 is changed to another main control board 310, it is possible to prevent the authentication process from being performed before the expected value is corrected. Accordingly, it is possible to prevent the legitimate main control board 310 from being authenticated as an invalid main control board 310 in the authentication process on the peripheral board 330.

  Further, the correction data adding unit 316 adds correction data when transmitting a jackpot start command to the peripheral board 330, and the authentication data adding unit 317 adds authentication data when transmitting a jackpot end command. The jackpot state starts with a jackpot start command and ends with a jackpot end command. Therefore, the jackpot start command and the jackpot end command are always transmitted once for each jackpot state. Therefore, the correction process and the authentication process can always be performed if the big hit state is reached. For this reason, after performing the correction process, the authentication process can always be performed.

  The correction data adding unit 316 may add correction data when transmitting the jackpot end command to the peripheral board 330. In this case, the authentication data adding unit 317 adds authentication data when transmitting the jackpot start command or jackpot end command after the correction data is transmitted by the transmission unit 319. Further, the authentication data adding unit 317 adds authentication data to the jackpot start command for starting the processing of the next jackpot state after the jackpot state ended by the jackpot end command added with the correction data by the correction data adding unit 316. The authentication process can be performed at the start of the jackpot state. By doing in this way, fraud can be detected before the big hit state that is likely to be the target of fraud processing.

  Further, since the correction data of the expected value is transmitted from the main control board 310 to the peripheral board 330, when the main control board 310 is changed, the peripheral board 330 is changed or the expected value held in the peripheral board 330 is changed. Even if the setting is not changed, the expected value corresponding to the changed main control board 310 can be easily corrected. Also, the transmission unit 319 transmits only the correction value without transmitting the expected value as it is. Therefore, for example, even if data transmitted by a third party is stolen, the expected value is not decoded, so that the strength of the authentication process can be improved.

  The dummy authentication data adding unit 318 and the transmission unit 319 add dummy authentication data and send the control command with dummy authentication data before and after the control command with correction data is transmitted to the peripheral substrate 330. 330 can be transmitted. By doing so, it is possible to prevent a third party from knowing when correction data and authentication data were transmitted from the main control board 310 to the peripheral board 330, and to prevent the correction data and authentication data from being stolen. Can be prevented.

  The correction data adding unit 316 and the authentication data adding unit 317 add correction data or authentication data to the control signal only when the main control board 310 transmits a jackpot start command or jackpot end command to the peripheral board 330. The jackpot start command and jackpot end command are commands for starting or ending the jackpot state, and are transmitted less frequently than other commands. Therefore, the possibility that correction data and authentication data are extracted from the control signal can be reduced. Further, even if correction data or authentication data is extracted from the control signal, the number of samples that can be acquired is small, so that the possibility that the correction data or authentication data is analyzed can be reduced.

  Further, for example, a conventional main control board that transmits only a control signal without adding correction data or authentication data, and a main control board according to the present embodiment that transmits a control signal with correction data or authentication data added. In the case of changing to 310, the trouble of adding correction data or authentication data addition processing to the transmission processing of all control commands can be saved. As described above, since it is only necessary to add the additional process only to the transmission process of the predetermined control command, the difficulty level of the setting for adding the process is easy, and the time required for the setting can be shortened.

  Furthermore, there is only one transmission unit 319 that transmits the control command with correction data, the control command with authentication data, or the control command with dummy authentication data to the peripheral unit, and the transmission data is not divided for each type of data to be transmitted. And it is divided for every data which the addition part which adds correction data, authentication data, or dummy authentication data adds. For this reason, when the present invention is applied to a device such as a gaming machine, it is possible to save a memory capacity for storing program codes and data. In addition, for example, when performing operation verification of a device such as a gaming machine to which the present invention is applied, only one transmitter needs to be verified, and the number of steps required for verification can be reduced. For example, even if the timing of adding any data is known to a third party, the timing of adding other data is not known, so the strength of authentication can be increased.

  Next, a functional configuration of the peripheral board 330 having functions as peripheral portions such as the effect control unit 202 and the prize ball control unit 203 will be described. As shown in FIG. 3, the peripheral board 330 such as the effect control unit 202 and the prize ball control unit 203 includes a reception unit 331, a correction unit 332, a determination unit 333, an authentication unit 334, and a notification signal output unit 335.

  The receiving unit 331 receives a control signal including the control command with correction data, the control command with authentication data, or the control command with dummy authentication data transmitted by the main control board 310. In the receiving unit 331, the received control signal is a control signal including any one of a control command with correction data, a control command with authentication data, or a control command with dummy authentication data in a predetermined order. It may be judged.

  When the receiving unit 331 receives the control command with correction data, the correcting unit 332 corrects the expected value held on the peripheral board 330 using the control command with correction data. When the received correction data is encrypted, the correction unit 332 corrects the expected value using a value obtained by restoring the correction data.

  For example, the correction unit 332 determines whether or not correction data is added to the control command. When the correction data is added to the control command, the correction unit 332 corrects the expected value of the peripheral board 330 using the correction data. Further, the correction unit 332 may determine whether or not the control command is a jackpot start command and correct the expected value of the peripheral board 330 using the correction data when the control command is a jackpot start command. . Further, the correction unit 332 determines whether or not the control command is the first jackpot start command after turning on the power. If the control command is the first jackpot start command after turning on the power, The expected value of the substrate 330 may be corrected. Further, the correction unit 332 determines whether or not the control command is a jackpot end command when the correction data adding unit 316 adds correction data when transmitting the jackpot end command, and the control command is a jackpot end command The expected value of the peripheral substrate 330 may be corrected using the correction data.

  When the reception unit 331 receives the control command with authentication data, the determination unit 333 determines whether or not the value calculated using the control command with authentication data matches the expected value corrected by the correction unit 332. to decide.

  For example, the determination unit 333 determines whether or not authentication data is added to the control command. When the authentication data is added to the control command transmitted from the main control board 310, the determination unit 333 uses the control command with authentication data. It is determined whether or not the calculated value matches the expected value. The determination unit 333 determines whether the control command is a jackpot end command. If the control command transmitted from the main control board 310 is a jackpot end command, the determination unit 333 is calculated using the control command with authentication data. It may be determined whether the expected value matches the expected value. Further, the determination unit 333 determines whether or not the control command is a jackpot end command for ending the jackpot state process started by the jackpot start command corrected by the correction unit 332, and the control command is the correction unit 332. Whether or not the value calculated using the control command with authentication data matches the expected value when the jackpot end command is to end the processing of the jackpot state started by the jackpot start command that has been corrected in It is good also as judging.

  For example, the determination unit 333 determines whether or not dummy authentication data is added to the control command. If the dummy authentication data is added to the control command transmitted from the main control board 310, the dummy authentication data is determined. It may be determined whether the value calculated using the attached control command matches the expected value.

  The authentication unit 334 authenticates the main control board 310 when it is determined that the value calculated by the determination unit 333 using the control command with authentication data matches the expected value. Further, when the receiving unit 331 receives the control command with dummy authentication data, the authenticating unit 334 authenticates the main control board 310. Specifically, the authentication unit 334 authenticates the main control board 310 by omitting the process of whether or not the value calculated using the dummy authentication data by the determination unit 333 matches the expected value.

  Further, the authentication unit 334 determines whether or not the value calculated using the control command with dummy authentication data matches the expected value by the determination unit 333, and the main control is performed regardless of whether or not the values match. The substrate 310 may be authenticated. By doing so, since the processing time or the amount of heat generated during the processing becomes the same level as when the regular authentication data is received, the timing at which the regular authentication data is received at the peripheral board 330 is set to a third party. It can prevent being known. Thereby, the strength of authentication can be further increased.

  If the main control board 310 is not authenticated by the authentication unit 334, the notification signal output unit 335 outputs a notification signal. When the peripheral board 330 is the effect control unit 202, the notification signal output unit 335 outputs, for example, to the symbol display unit 104, the lamp control unit 251, the voice control unit 252 (see FIG. 2), and the like. The notification signal output unit 335 may output a notification signal to a center control device that manages pachinko gaming machines.

  Based on the notification signal output by the notification signal output unit 335, the symbol display unit 104, the lamp control unit 251, and the audio control unit 252 notify that there is a possibility that the main control board 310 has been cheated. Execute. This effect is, for example, causing a character that does not normally appear in the symbol display unit 104 to appear, or causing a character that normally appears to appear in a manner different from normal. Further, the brightness of the symbol display unit 104 may be changed, the color may be changed, or the lamp control unit 251 may be controlled to display a predetermined lamp. In any case, it is only necessary for employees to be aware of the condition when passing in front of the pachinko machine. Further, this effect may be an effect that the customer does not notice the state or an effect that the customer can easily notice. If the production is easily noticed by the customer, fraud can be efficiently suppressed.

  In addition, information related to the gaming state of the pachinko gaming machine, such as “Big hit” or “Probability changing” may be included in the notification signal. Based on the information on the gaming state, a determination may be made as to whether an illegal act has been performed by a center control device that manages pachinko gaming machines. For example, there may be cases where winnings are concentrated during jackpots or probability fluctuations, even if the winnings are concentrated. Therefore, during the jackpot or the probability fluctuation, it is better to determine whether there is a possibility of fraudulent behavior under conditions different from other states. Moreover, you may make it output the information regarding a gaming state as another signal, without including in a notification signal. In this case, the employee determines whether there is a risk of fraud based on both the notification signal and the information regarding the gaming state.

  In FIG. 3, the expected value may be transmitted to the peripheral board 330 from another component. The other components are, for example, other peripheral units, a dedicated processing unit for generating expected values (hereinafter referred to as “expected value calculating unit”), and the like. The main control unit and the expected value calculation unit may transmit an expected value recorded in advance to the peripheral board 330 or may generate an expected value for each verification process. Also, a coefficient necessary for calculating an expected value may be transmitted from an external device to the peripheral board 330 or the expected value calculation unit via an external connection I / F (not shown). As described above, when the expected value is not recorded on the peripheral substrate 330 in advance and is acquired from another component, the correction unit 332 acquires the correction value from the correction data received by the reception unit 331, and determines the determination unit. 333 also determines whether or not the value calculated using the acquired expected value and the correction value matches the value calculated using the control command with authentication data received by the receiving unit 331. Good.

  Further, the peripheral board 330 may not hold the expected value (final expected value) itself after correction as a fixed value. In this case, for example, when the correction process using the correction data is not performed from the time of manufacture, the authentication is established when the dummy authentication data is received, and the authentication is not established when the authentication data is received. By doing in this way, the person who can know the final expected value can be limited, and the risk of leakage of information related to the expected value can be reduced.

  The correction data adding unit 316 may add the correction value in a distributed manner. For example, in the case of a 16-bit correction value, the upper 8 bits and the lower 8 bits may be added in two portions. Note that the number of bits to be divided is arbitrary, and the bit positions may be random. That is, a 16-bit correction value may be added in three steps, for example, 2 bits, 5 bits, and 9 bits, regardless of the bit position. In this case, correction values may be sequentially added to a predetermined number of control commands in which correction values are dispersed from the predetermined control command. The receiving unit 331 may determine that the control command of the number of times the correction value is dispersed from the predetermined control command is the control command with correction data. The number of correction value dispersions may be set in advance on the main control board 310 and the peripheral board 330.

  Further, the correction data generation unit 313 and the authentication data generation unit 314 may perform a plurality of encryption processes on the correction data and the authentication data. In this case, in the peripheral board 330, the correction data and the authentication data are decrypted by a plurality of decryption processes. In addition, the authentication data generation unit 314 may perform encryption processing by selecting one of two or more encryption methods. In this case, the peripheral board 330 obtains an error check value by decoding using two or more kinds of decoding methods, and the determination unit 333 determines whether any of the obtained error check values matches the expected value. You may judge. Then, the authentication unit 334 may authenticate the main control board 310 when any of the acquired error check values matches the expected value.

(Basic operation of pachinko machines)
An example of the basic operation of the pachinko gaming machine having the above configuration will be described. The main control unit 201 outputs the winning status of the game ball for each winning port to the winning ball control unit 203 as a control command. The winning ball control unit 203 pays out the number of winning balls corresponding to the winning situation in accordance with the control command output from the main control unit 201.

  The main control unit 201 outputs a corresponding control command to the effect control unit 202 every time a game ball wins the start winning opening 105, and the effect control unit 202 displays the symbols on the symbol display unit 104 in a variable manner. Repeat to stop. When the occurrence of the big hit has been determined, the corresponding control command is output to the effect control unit 202, and the effect control unit 202 stops with a predetermined pattern aligned. At the same time, control for opening the special winning opening 109 is performed. The effect control unit 202 displays various effects on the symbol display unit 104 in addition to the symbol variation display during the jackpot occurrence period, during the reach until the jackpot occurrence, or at the time of reach notice. . In addition, a specific drive is performed for various types of accessories, and effects such as changing the display state of the lamp 261 are performed.

  When a big hit occurs, the big winning opening 109 is opened a plurality of times. One release is one round, for example, 15 rounds are repeatedly executed. The period of one round is set, for example, when 10 game balls are won or for a predetermined period (for example, 30 seconds). At this time, the winning ball control unit 203 pays out with, for example, 15 winning balls per winning game ball to the big winning opening 109. After the jackpot is over, the jackpot state is canceled and the normal gaming state is restored.

(Details of processing by each control unit)
Next, details of various processes performed by each control unit will be described. First, the control process of the effect control unit 202 by the main control unit 201 will be described. 4 and 5 are flowcharts showing the procedure of the control process of the effect control unit by the main control unit. 4 to 9, correction data, authentication data, and accompanying data are not considered in order to clarify the control processing procedure of the effect control unit 202. That is, in the description of FIGS. 4 to 9, “transmit command” means “transmit a control signal including data (control command data) indicating the command”, for example, correction data or authentication. The presence or absence of data and accompanying data (see FIG. 10) is not considered.

  4 and 5, the main control unit 201 first waits until the pachinko gaming machine is turned on (step S401: No loop). When the power of the pachinko gaming machine is turned on (step S401: Yes), the main control unit 201 transmits a power-on command to peripheral boards such as the effect control unit 202 and the prize ball control unit 203 (step S402). ). When the power-on command is transmitted, the effect control unit 202 controls the lamp control unit 251, the sound control unit 252, and the symbol display unit 104 for the effect control command (specifically, when the power is turned on). Transmits a control command for instructing lamp lighting, sound output, demonstration screen display, and the like.

  Next, the main control unit 201 determines whether or not the number of undrawn winning prizes is 0 with reference to the data of the undrawn winning prizes recorded in the ROM 212 or the RAM 213 (step S403). The number of undrawn winning prizes is a number obtained by subtracting the number of times a lottery corresponding to the winning ball has been made (number of already drawn lots) from the number of winning balls detected at the start winning opening (number of winning prizes). When the number of undrawn winning prizes is 0 (step S403: Yes), the main control unit 201 measures the time elapsed since the demonstration was started (step S404).

  When a predetermined time elapses after the demonstration is started (step S405: Yes), the main control unit 201 transmits a customer waiting demonstration command to the effect control unit 202 (step S406), and proceeds to step S407. If the predetermined time has not elapsed since the demonstration was started (step S405: No), the process proceeds to step S407 as it is. When the customer waiting demonstration command is transmitted in step S406, the effect control unit 202 transmits a control signal for the customer waiting demonstration to the lamp control unit 251, the voice control unit 252, and the symbol display unit 104. In step S403, when the number of undrawn winning prizes is not zero (step S403: No), the process proceeds to step S410.

  Next, the main control unit 201 determines whether or not a winning ball for the starting winning port is detected by the starting winning port detecting unit 221 (step S407). When a winning ball is detected at the start winning opening (step S407: Yes), the main control unit 201 clears the time that has been measured since the demonstration was started (step S408), and the number of undrawn winning prizes is reached. 1 is added (step S409). Subsequently, the main control unit 201 acquires a jackpot determination random number (step S410), subtracts 1 from the number of undrawn winning prizes (step S411), and proceeds to step S412 in FIG. If no winning ball for the start winning opening is detected in step S407 (step S407: No), the process returns to step S404 and the subsequent processing is continued.

  Next, the main control unit 201 determines whether or not the jackpot determination random number acquired in step S410 is a predetermined jackpot random number (step S412). When the jackpot determination random number is a jackpot random number (step S412: Yes), the main control unit 201 transmits a jackpot reach command (symbol variation command) to the effect control unit 202 (step S413). The main control unit 201 waits until the symbol variation time has elapsed (step S414: No loop), and when the symbol variation time has elapsed (step S414: Yes), transmits a symbol stop command to the effect control unit 202 ( Step S415).

  Next, the main control unit 201 transmits a jackpot start command to the effect control unit 202 (step S416), and then sequentially transmits commands corresponding to the rounds during the jackpot (jackpot command) (step S417). Then, when transmission of the jackpot command for all rounds is completed, the main control unit 201 transmits a jackpot end command (step S418), and proceeds to step S422.

  On the other hand, if the jackpot determination random number is not a jackpot random number in step S412, the main control unit 201 transmits a shift reach command (design variation command) to the effect control unit 202 (step S419). . The main control unit 201 waits until the symbol variation time has elapsed (step S420: No loop), and when the symbol variation time has elapsed (step S420: Yes), transmits a symbol stop command to the effect control unit 202 ( Step S421).

  The main control unit 201 returns to step S403 in FIG. 4 and repeats the subsequent processing until the pachinko gaming machine is turned off (step S422: No). Then, when the power of the pachinko gaming machine is turned off (step S422: Yes), the main control unit 201 transmits an end process command to the effect control unit 202 (step S423), and ends the process according to this flowchart. .

  FIG. 6 is a time chart showing the transmission timing of a jackpot related command (a jackpot reach command, a jackpot start command, a jackpot command, a jackpot end command). The jackpot reach command is transmitted more frequently and randomly than the actual jackpot occurs. The jackpot start command is transmitted only once when shifting to the jackpot state when a jackpot is actually generated. The jackpot command is continuously transmitted for each round after shifting to the jackpot state. The jackpot end command is transmitted only once when all rounds of the jackpot state are completed and the normal state is entered.

  Next, processing by the effect control unit 202 will be described. In the following, processing of the effect control unit 202 at the time of symbol variation (when a jackpot reach command (see step S413 in FIG. 5) or a loss reach command (see step S419 in FIG. 5) is received) and a jackpot time will be described. .

  FIG. 7 is a flowchart showing the procedure of the symbol variation process by the effect control unit. In the flowchart of FIG. 7, the effect control unit 202 first waits until a jackpot reach command (see step S413 in FIG. 5) or a miss reach command (see step S419 in FIG. 5), which is a symbol variation command. (Step S701: No loop). When the symbol variation command is received (step S701: Yes), the effect control unit 202 acquires a random effect selection random number (step S702), and selects a variation effect type based on the acquired random number (step S703). ). Then, the effect control unit 202 transmits an effect start command for each variable effect to the lamp control unit 251 and the sound control unit 252 (step S704).

  The effect control unit 202 determines whether or not the effect time of the variable effect has elapsed (step S705) and whether or not a symbol stop command (see steps S415 and S421 in FIG. 5) has been received from the main control unit 201. (Step S706). When the production time has elapsed (step S705: Yes) or when the symbol stop command is received (step S706: Yes), the production control unit 202 issues a production stop command to the lamp control unit 251 and the audio control unit 252. Transmit (step S707). If the production time has not elapsed (step S705: No) and the symbol stop command has not been received (step S706: No), the process returns to step S705, and the subsequent processing is repeated.

  Next, the processing for the big hit of the effect control unit 202 will be described. FIG. 8 is a flowchart showing the procedure of the big hit processing by the effect control unit. In the flowchart of FIG. 8, the effect control unit 202 first waits until a jackpot start command (see step S416 in FIG. 5) is received from the main control unit 201 (step S801: No loop). When the jackpot start command is received (step S801: Yes), the effect control unit 202 transmits a jackpot start processing command to the lamp control unit 251 and the sound control unit 252 (step S802).

  Next, the effect control unit 202 waits until receiving a round jackpot command (see step S417 in FIG. 5) from the main control unit 201 (step S803: No loop). When the jackpot command is received (step S803: Yes), the effect control unit 202 transmits a round processing command corresponding to the received round jackpot command to the lamp control unit 251 and the sound control unit 252 (step S804). ).

  Subsequently, the effect control unit 202 waits until a jackpot end command (see step S418 in FIG. 5) is received from the main control unit 201 (step S805: No loop). When the jackpot end command is received (step S805: Yes), the effect control unit 202 transmits a jackpot end processing command to the lamp control unit 251 and the audio control unit 252 (step S806), and ends the processing according to this flowchart. To do.

  Subsequently, a lamp control process by the lamp control unit 251 will be described. Here, processing when a symbol variation command is received from the effect control unit 202 (during symbol variation) will be described. FIG. 9 is a flowchart showing the procedure of the lamp control process when the symbol is changed by the lamp control unit. In the flowchart of FIG. 9, the lamp control unit 251 first waits until an effect start command is received from the effect control unit 202 (step S901: No loop).

  When an effect start command is received from the effect control unit 202 (step S901: Yes), the lamp control unit 251 reads data prepared for each command (step S902) and executes a selection routine for each command (step S903). ), Ramp data is set (step S904). Then, the lamp control unit 251 outputs lamp data to the lamp 261 (step S905). Based on the lamp data output from the lamp control unit 251, the lamp 261 is turned on or off.

  Until the lamp control unit 251 receives an effect stop command from the effect control unit 202 (step S906: No), the lamp control unit 251 returns to step S905 and continues outputting the lamp data. When the production stop command is received (step S906: Yes), the lamp control unit 251 stops the output of the lamp data (step S907) and ends the processing according to this flowchart.

  Note that although the processing of the lamp control unit 251 is shown in FIG. 9, the sound control by the sound control unit 252 is almost the same as the processing of FIG. In the sound control process by the sound control unit 252, “ramp data” in steps S <b> 904, S <b> 905, and S <b> 907 in the process of FIG.

  As described above, peripheral units such as the effect control unit 202 and the prize ball control unit 203 perform various processes based on the control commands output by the main control unit 201. On the other hand, when the output source of the control command is not the regular main control unit 201, for example, when an unauthorized control board is connected between the main control unit 201 and the peripheral unit (see FIG. 15), The peripheral portion performs an illegal operation by an illegal control command output from an unauthorized control board.

  In order to prevent this unauthorized operation, in the electronic device according to the present embodiment, for example, in a pachinko gaming machine, when the control command output from the main control unit 201 is a predetermined command, the main control unit 201 and the peripheral unit Authentication processing is performed with Specifically, the predetermined command is a jackpot end command that is a command for ending the processing of the jackpot state. By this authentication process, the main control unit 201 is replaced with an unauthorized control board, or an unauthorized control board is attached between the main control unit 201 and the peripheral board, and the fraudulent game machine is detected. Fraud can be prevented.

  On the other hand, in the peripheral part, when the authentication process for the main control part 201 is performed, the data output from the main control part 201 is collated with the expected value held in the peripheral part, and calculated using this data. The main control unit 201 is authenticated when the obtained value matches the expected value. At this time, for example, when the specifications of the pachinko gaming machine are changed or the number of prize balls or the probability is changed, if the main control unit 201 is changed to another main control unit 201, the main part before the change is displayed in the peripheral part. Since the expected value corresponding to the control unit 201 is held, the other main control unit 201 after the change cannot be authenticated. For this reason, the other main control unit 201 after the change is authenticated as an unauthorized control board although it is a legitimate control board, and the authentication process is erroneous.

  In order to prevent this authentication processing error, in the electronic device according to the present embodiment, for example, in a pachinko gaming machine, if the control command output from the main control unit 201 is a predetermined command, The correction data for correcting the expected value is transmitted to the section. Then, in the peripheral portion, the expected value is corrected using this correction data. Specifically, the predetermined command is a jackpot start command that is a command for starting processing of the jackpot state. Even if the main control unit 201 is changed to another main control unit 201 by this correction processing, the peripheral unit is not changed and the expected value is not changed. The expected value can be corrected. Therefore, an error in the authentication process can be prevented, and even if the main control unit 201 is changed, for example, the other main control unit 201 after the change can be authenticated as a regular control board. Further, since only the correction value is transmitted and the expected value itself is not transmitted, the expected value is not easily stolen by a third party, and fraud to the pachinko gaming machine can be prevented.

  Here, the jackpot start command is sent only once when the jackpot is generated, when the jackpot is entered, and the jackpot end command is shifted to the normal state after all rounds of the jackpot are finished. Is sent only once. Therefore, the jackpot start command and jackpot end command are transmitted once in this order in one jackpot state. Therefore, both correction processing and authentication processing can be performed in this order in a single big hit state.

  In the present embodiment, an example is described in which correction data is transmitted in the case of a jackpot start command and authentication data is transmitted in the case of a jackpot end command, but the present invention is not limited to this. That is, if the correction data can be transmitted before the authentication data, the correction data may be transmitted in the case of a jackpot end command and the authentication data may be transmitted in the case of a jackpot start command. In this case, there is a time interval between the correction process and the authentication process, but since the authentication process can be performed at the time of the jackpot start command, the jackpot state can be performed in a safe state.

  Further, both the correction data and the authentication data may be transmitted in the case of a jackpot start command (or jackpot end command). In this case, the occurrence frequency is further reduced, and the possibility that correction data or authentication data is extracted from the control signal can be further reduced. In addition, the correction process and the authentication process need only be added to the process related to the control command of either the jackpot start command or the jackpot end command, so the correction process and the authentication are added to the two control commands of the jackpot start command and the jackpot end command. The processing load can be further suppressed as compared with the case where processing is added.

(Control signal data format)
Next, the data format of the control signal output from the main control unit 201 to the peripheral board will be described. FIG. 10 is an explanatory diagram schematically showing a data format of a control signal output from the main control unit. As shown in FIG. 10, the normal control signal 1010 output from the main control unit 201 includes control command data 1001 and accompanying data 1002. The control command data 1001 is data unique to each command such as a jackpot reach command, a jackpot start command, and a round command. The accompanying data 1002 is data accompanying the control command data 1001, and is data necessary for processing based on the control command data 1001, such as the number of winning game balls.

  On the other hand, when the control command data 1001 in the control signal is a specific type of command, the main control unit 201 receives authentication data 1003 or correction data 1004 and dummy authentication data 1005 in addition to the control command data 1001 and accompanying data 1002. The control signal with authentication data 1020 or the control signal with correction data 1030 and the control signal with dummy authentication data 1040 are output to the peripheral board.

  Specifically, the main control unit 201 outputs a control signal including dummy data 1005 to the peripheral board when the control command data 1001 is a jackpot start command or jackpot end command before the nth time after power-on. When the control command data 1001 is the n-th jackpot start command or jackpot end command after the power is turned on, a control signal including the correction data 1004 is output to the peripheral board. When the control command data 1001 is a jackpot start command or jackpot end command after the nth time after the power is turned on, a control signal including authentication data 1003 or a control signal including dummy data 1005 is output to the peripheral board. To do. Note that the order in which the control signal including the authentication data 1003, the correction data 1004, and the dummy authentication data 1005 is transmitted may be set in advance in the main control unit 201 and the peripheral unit.

  If the control signal including the correction data 1004 is output if the jackpot start command or the jackpot end command before outputting the control signal including the authentication data 1003, the nth jackpot start command after power-on or The jackpot end command may be used. That is, dummy data 1005 is added to the jackpot start command or jackpot end command from the power-on to the nth time. Correction data 1004 is added to the n-th jackpot start command or jackpot end command after the power is turned on. The correction data 1004, the authentication data 1003, or the dummy data 1005 may be added to the jackpot start command or jackpot end command after the correction data is transmitted, or these data are added. It does not have to be.

  As described above, by including the authentication data 1003 or the correction data 1004 in the control signal, the communication load between the main control unit 201 and the peripheral unit is reduced as compared with the case of transmitting the authentication data alone or the correction data alone. be able to. Further, by including the authentication data 1003 or the correction data 1004 in the control signal, the authentication data or the correction data is extracted from the communication data and analyzed as compared with the case where the authentication data 1003 or the correction data 1004 is transmitted alone. The possibility of being lost can be reduced. In addition, since the authentication process is performed only when a predetermined control command (for example, a jackpot start command or a jackpot end command) is transmitted, the authentication process is performed in comparison with performing the authentication process when transmitting all the control commands. The processing load on the main control board and peripheral board due to processing can be reduced.

  The authentication data 1003 is data for authenticating that the control command data 1001 and the accompanying data 1002 are output from the regular main control unit 201 by collating with the expected value held by the peripheral part. It is. The authentication data 1003 is a value generated based on program data recorded in the ROM 212 of the main control unit 201, for example. More specifically, the authentication data 1003 includes, for example, hash function calculation, parity check, cyclic redundancy check (CRC), checksum for all or part of the program data recorded in the ROM 212. A value obtained by performing an error detection calculation such as the following (hereinafter referred to as “program code authentication value”) is encrypted by a predetermined encryption method.

  As described above, the authentication data 1003 is generated using the program data recorded in the ROM 212 of the main control unit 201. Therefore, the peripheral unit can determine whether or not the output source of the control signal is the regular main control unit 201 by performing authentication by matching the authentication data 1003 with the expected value. Further, it is possible to detect unauthorized rewriting of the program code recorded in the ROM 212 of the main control unit 201 or unauthorized replacement of the ROM 212 of the main control unit 201.

  Note that the main control unit 201 generates different authentication data 1003 for each control signal. Specifically, for example, the range of the program code in the ROM 212 used for generating the authentication data 1003 is different, or the error detection calculation for generating the authentication data 1003 is different. The data used for generating the authentication data 1003 is not limited to the program code, and may be any data recorded in the ROM 212.

  The correction data 1004 is data for correcting an expected value used for collation of data transmitted from the main control unit 201 in the peripheral part. The correction data 1004 is a value generated based on a value unique to the main control unit 201, for example. Specifically, the correction data 1004 is a value that can identify each main control unit 201 when there are a plurality of main control units 201. For example, the main control unit 201 is changed to another main control unit 201. In this case, the expected value corresponding to the main control unit 201 before the change held in the peripheral part is a value for correcting the expected value according to the other main control unit 201 after the change. More specifically, when the main control unit 201 is changed to another main control unit 201, the correction data 1004 is changed with a unique value set in the main control unit 201 before being changed. This is a difference from a unique value set in the other main control unit 201 later. The correction data 1004 may be a value generated based on the program data recorded in the ROM 212 of the main control unit 201, for example, as in the authentication data 1003.

  Further, the authentication data 1003 and the correction data 1004 may include data related to the control command data 1001 and the accompanying data 1002 transmitted together with the authentication data 1003 and the correction data 1004. The data related to the control command data 1001 and the accompanying data 1002 can be obtained by performing an operation using the error detection method as described above on the control command data 1001 and the accompanying data 1002 itself, or the control command data 1001 and the accompanying data 1002. Value.

  In general, an unauthorized control board attempts to cause an unauthorized operation to be performed by transmitting a control command different from that of the regular main control unit 201. If the authentication data 1003 and the correction data 1004 are generated using the control command data 1001 and the accompanying data 1002 transmitted together with the authentication data 1003 and the correction data 1004, the authentication data 1003 and the correction data 1004 are reused by an unauthorized control board. Even in this case, the authentication data 1003 or the correction data 1004 and the control command data 1001 cannot be matched, and fraud can be detected.

  When the authentication data 1003 and the correction data 1004 include data related to the control command data 1001 and the accompanying data 1002, the main control unit 201 encrypts the data related to the control command data 1001 and the accompanying data 1002 together with the program code authentication value. Authentication data 1003 and correction data 1004 are generated.

  Here, since the normal control signal 1010 does not include the authentication data 1003 and the correction data 1004, the data size is smaller than that of the control signal with authentication data 1020 and the control signal with correction data 1030. For this reason, the control signal to which the authentication data 1003 and the correction data 1004 are added is easily overlooked, and these data are easily stolen.

  In order to prevent such a problem, dummy authentication data 1005 having the same size as the correction data 1004 and the authentication data 1003 is added to a normal control signal 1010 that does not include the authentication data 1003 and the correction data 1004. The control signal 1040 may be used.

  Here, the dummy authentication data 1005 is dummy data of the authentication data 1003 and is invalid for correction processing and authentication processing in the peripheral portion. That is, it is assumed that the dummy authentication data 1005 indicates that the control command data 1001 and the accompanying data 1002 are output from the regular main control unit 201 without collating with the expected value held by the peripheral part. This is data for authentication. The dummy authentication data 1005 is collated with the expected value held by the peripheral part, and the control command data 1001 and the accompanying data 1002 are output from the regular main control unit 201 regardless of whether the collation result is coincident or disagreeable. This is data for temporarily authenticating that it has been done. The dummy authentication data 1005 may be generated by the same value as the authentication data 1003, for example. Further, the dummy data 1005 may be authentication data used for another (different type) authentication process. The other authentication processing is, for example, authentication processing that does not require expected value correction processing.

  Note that the arrangement of the control command data 1001, the accompanying data 1002, the authentication data 1003 or the correction data 1004, and the dummy authentication data 1005 is not limited to the order shown in FIG. 10, and for example, the authentication data 1003 or the correction data 1004 and the dummy Authentication data 1005 may be used as the head of a control signal, or authentication data 1003 or correction data 1004 and dummy authentication data 1005 may be inserted between control command data 1001 and accompanying data 1002. Further, the authentication data 1003 or the correction data 1004 and the dummy authentication data 1005 may be output separately from the control command data 1001 and the accompanying data 1002. For example, after transmitting a control signal including a jackpot start command (or jackpot end command), dummy authentication data 1005 is added when the n-1th control signal is transmitted, and correction data 1004 is added when the nth control signal is transmitted. Then, the authentication data 1003 may be added at the time of the (n + 1) th control signal transmission.

  The dummy authentication data 1005 may be added to all normal control signals 1010 that do not include the authentication data 1003 and the correction data 1004, or a control signal that includes predetermined command data (a jackpot start command or a jackpot end command). Among them, dummy authentication data 1005 may be added to a normal control signal 1010 that does not include the authentication data 1003 or the correction data 1004. By doing in this way, the data size of the normal control signal 1010 can be made comparable with the control signal with authentication data 1020 and the control signal with correction data 1030. For this reason, it is possible to prevent a third party from seeing through the control signal to which the authentication data 1003 or the correction data 1004 is added due to a difference in data size.

(Control signal transmission / reception processing)
Next, a control signal transmission / reception process performed between the main control unit 201 and the peripheral unit will be described with reference to FIGS. 11 and 12. Hereinafter, the transmission / reception process of the control signal between the main control unit 201 and the effect control unit 202 will be described, but the transmission / reception process of the control signal between the main control unit 201 and the prize ball control unit 203 is performed in the same procedure. It is.

  FIG. 11 is a flowchart illustrating a procedure of control signal transmission processing by the main control unit. In the flowchart of FIG. 11, the main control unit 201 first waits until the main control unit 201 is turned on (step S1101: No loop). When the main control unit 201 is turned on (step S1101: Yes), correction data is generated (step S1102). And it waits until it becomes the transmission timing of a control command (step S1103: No loop). When it is the transmission timing of the control command (step S1103: Yes), the main control unit 201 determines whether the control command to be transmitted this time is a jackpot start command or a jackpot end command (step S1104).

  When the control command to be transmitted this time is a jackpot start command or jackpot end command (step S1104: Yes), the main control unit 201 determines whether it is the timing of the correction process or the authentication process (step S1105). In step S1105, when it is not the timing of the correction process or the authentication process (step S1105: No), control command data 1001 (big hit start command data or big hit end command data) and accompanying data 1002 are set (step S1106). Further, the main control unit 201 generates dummy authentication data 1005 (step S1107). At this time, the order of step S1106 and step S1107 may be switched. Next, the main control unit 201 transmits a control signal (control signal 1040 with dummy authentication data) composed of the control command data 1001, accompanying data 1002, and dummy authentication data 1005 generated in steps S 1106 and S 1107 to the effect control unit 202. (Step S1108). Then, it is determined whether or not the power source of the main control unit 201 has been turned off (step S1109). If the power source of the main control unit 201 is not turned off (step S1109: No), the process returns to step S1103 to perform the next control. Wait until the command transmission timing and repeat the following processing.

  On the other hand, when it is the timing of the correction process or the authentication process in step S1105 (step S1105: Yes), the main control unit 201 determines whether correction data has been transmitted (step S1110). If it is determined in step S1110 that correction data has not yet been transmitted (step S1110: No), the main control unit 201 obtains control command data 1001 (big hit start command data or big hit end command data) and accompanying data 1002 Set (step S1111). Next, the main control unit 201 transmits a control signal (control signal with correction data 1030) including the control command data 1001, the accompanying data 1002, and the correction data 1004 generated in steps S1102 and S1111 to the effect control unit 202 (step). S1112). In step S1109, if the main control unit 201 is not turned off, the process returns to step S1103, waits until the next control command transmission timing, and repeats the subsequent processing.

  In step S1110, when the correction data has already been transmitted (step S1110: Yes), the main control unit 201 sets the control command data 1001 (big hit start command data or big hit end command data) and accompanying data 1002 ( Step S1113). Further, the main control unit 201 generates authentication data 1003 (step S1114). At this time, the order of step S1109 and step S1110 may be switched. Next, the main control unit 201 transmits a control signal (control signal with authentication data 1020) including the control command data 1001, the accompanying data 1002, and the authentication data 1003 generated in steps S1113 and S1114 to the effect control unit 202 (step). S1115). Then, the process proceeds to step S1109, and if the power is not turned off, the process returns to step S1103, waits until the next control command transmission timing, and the subsequent processing is repeated.

  When the control command transmitted this time in step S1104 is a command other than the jackpot start command or jackpot end command (step S1104: No), the main control unit 201 controls the control command data 1001 (other than the jackpot start command or jackpot end command). Command) and accompanying data 1002 are set (step S1116). Next, a control signal (normal control signal 1010) composed of the control command data 1001 and the accompanying data 1002 set in step S1116 is transmitted to the effect control unit 202 (step S1117). Then, the process proceeds to step S1109, and if the power is not turned off, the process returns to step S1103, waits until the next control command transmission timing, and the subsequent processing is repeated. If the power is turned off in step S1109 (step S1109: Yes), the processing according to this flowchart is terminated.

  In the flowchart of FIG. 11, the correction data is generated in step S1102. However, the present invention is not limited to this, and the correction data 1004 may be generated before transmitting the control signal with correction data 1030 in step S1112. Specifically, for example, when the correction data 1004 is generated using a program code or a control command, it is determined in step S1110: No that the correction data 1004 is not transmitted, and then in step S1111 the control command data 1001 and The correction data 1004 may be generated before the accompanying data 1002 is set. Further, the correction data 1004 may be generated after setting the control command data 1001 and the accompanying data 1002 in step S1111 and before transmitting the control signal with correction data 1030 in step S1112.

  In the flowchart of FIG. 11, when the correction data 1004 has already been transmitted in step S1110: Yes, the processing of steps S1113 to S1115 is performed and the control signal with authentication data 1020 is transmitted. It is not a thing. For example, even if it is determined in step S1110: Yes that the correction data 1004 has already been transmitted, the process of steps S1111 and S1112 may be performed to transmit the control signal with correction data 1030 again.

  In the flowchart of FIG. 11, when the control command to be transmitted this time in Step S1104: No is a command other than the jackpot start command or jackpot end command, the processing from Step S1116 to Step S1117 is performed, and the normal control signal 1010 is processed. However, it is not limited to this. For example, when the control command to be transmitted this time in step S1104: No is a command other than the jackpot start command or jackpot end command, the processing of steps S1106 to S1108 is performed to transmit the control signal 1040 with dummy authentication data. Good.

  In this way, the main control unit 201 adds the correction data 1004 or the authentication data 1003 to the control command data 1001 only when transmitting the jackpot start command and jackpot end command to the peripheral board. The jackpot start command and jackpot end command are commands for starting or ending the jackpot state, and are transmitted less frequently than other commands. Therefore, the possibility that the correction data 1004 or the authentication data 1003 is extracted from the control signal can be reduced. Further, even if the correction data 1004 and the authentication data 1003 are extracted from the control signal, since the number of samples that can be acquired is small, the possibility that the authentication data is analyzed can be reduced. Furthermore, even when it is not the timing of the correction process or the authentication process, dummy authentication data 1005 having the same size as the correction data 1004 or the authentication data 1003 can be added to the control signal. Thus, it is possible to prevent a third party from seeing when the control signal to which the correction data 1004 and the authentication data 1003 are added is transmitted, so that the correction data 1004 or the authentication data 1003 is further extracted. The possibility can be reduced.

  Also, the jackpot start command is transmitted only once when the jackpot is generated when the jackpot is actually generated, and the jackpot end command is shifted to the normal state after all rounds of the jackpot are completed. It is sent only once. Therefore, the jackpot start command and jackpot end command are transmitted once in this order in a single jackpot state. Therefore, both correction processing and authentication processing can be performed in this order in a single big hit state. In this way, since the occurrence frequency is low and the authentication process can be performed without a gap after the expected value is corrected, there is a possibility that an unauthorized board is inserted between the correction process and the authentication process. The strength of authentication can be increased.

  Next, control signal reception processing by the effect control unit 202 will be described. FIG. 12 is a flowchart showing a procedure of control signal reception processing by the effect control unit 202. In the flowchart of FIG. 12, the effect control unit 202 first waits until a control signal is received from the main control unit 201 (step S1201: No loop). When the control signal is received from the main control unit 201 (step S1201: Yes), the effect control unit 202 determines whether or not the correction data 1004 is included in the received control signal (step S1202). Whether or not the correction data 1004 is included in the control signal is determined by, for example, whether the control signal has a data amount larger than that of the normal control signal or the nth control signal after the peripheral power is turned on. This is done by determining whether or not a flag indicating that the correction data 1004 is included is set in the control signal.

  In step S1202, when the correction data 1004 is included in the control signal (step S1202: Yes), the effect control unit 202 extracts the correction data 1004 from the control signal and uses the correction data 1004 to produce the effect control unit 202. The expected value held in is corrected (step S1203).

  In step S1202, the effect control unit 202 determines that the control command data 1001 included in the control signal is data of a jackpot start command or jackpot end command, not whether or not the correction data 1004 is included in the received control signal. It may be determined whether or not there is. In this case, when the control command data 1001 included in the control signal is data of a jackpot start command or jackpot end command, the effect control unit 202 extracts the correction data 1004 from the control signal, and proceeds to step S1203. In step S1202, the effect control unit 202 may determine whether the data is an n-th jackpot start command or jackpot end command data after the power is turned on, for example. In this case, the effect control unit 202 may extract correction data from the control signal when the data is the n-th jackpot start command or jackpot end command, and may proceed to step S1203.

  Next, processing based on the control command data 1001 and accompanying data 1002 included in the control signal is performed (step S1204), the process returns to step S1201, waits until the next control signal is received, and the subsequent processing is repeated. Do it.

  On the other hand, in step S1202, when the correction data 1004 is not included in the control signal (step S1202: No), the effect control unit 202 includes authentication data 1003, dummy authentication data 1005, and the like in the control signal received in step S1201. It is determined whether data relating to authentication is included (step S1205). The determination as to whether or not the data related to authentication is included in the control signal is made, for example, by determining whether or not the data amount of the control signal is larger than that of the normal control signal.

  In step S1205, the effect control unit 202 determines that the control command data 1001 included in the control signal is data of a jackpot start command or jackpot end command, not whether or not the received control signal includes data related to authentication. It may be determined whether or not there is. In this case, when the control command data 1001 included in the control signal is data of a jackpot start command or jackpot end command, the effect control unit 202 determines that the control signal includes data related to authentication, and step S1206. Proceed to In step S1205, the effect control unit 202 may determine whether the data is a jackpot start command or a jackpot end command other than the nth time after the power is turned on (or reset), for example. In this case, the production control unit 202 includes data related to authentication in the control signal when the data is a jackpot start command or jackpot end command other than the nth time since the power is turned on (or reset). You may judge.

  If the control signal includes data related to authentication (step S1205: Yes), the effect control unit 202 determines whether the data related to authentication is dummy authentication data 1005 (step S1206). The determination as to whether the data related to authentication is dummy authentication data 1005 is, for example, a control signal having a data amount of a control signal larger than that of a normal control signal before the nth time from when the peripheral power is turned on. This is performed by determining whether or not the control signal is present, or determining whether or not a flag indicating that the dummy authentication data 1005 is included is set in the control signal.

  In step S1206, the effect control unit 202 determines whether or not the data related to authentication is dummy authentication data 1005, and whether or not the control command data 1001 included in the control signal is jackpot start command data or jackpot end command data. May be judged. In this case, when the control command data 1001 included in the control signal is other than the jackpot start command or jackpot end command data, the effect control unit 202 determines that the dummy authentication data 1005 is present, and the jackpot start command or jackpot end If the data is command data, the authentication data 1003 may be determined. Further, in step S1206, the effect control unit 202 may determine whether the data is a jackpot start command or jackpot end command before the nth time after the power is turned on (or reset), for example. . In this case, the production control unit 202 uses the dummy authentication data 1005 as the data related to authentication when the data is the jackpot start command or jackpot end command before the nth time after the power is turned on (or reset). If the data is a jackpot start command or jackpot end command after the nth time, it may be determined that the data related to authentication is the authentication data 1003.

  If it is determined in step S1206 that the data related to authentication is dummy authentication data 1005 (step S1206: Yes), the process proceeds to step S1204 without collating with the expected value, and the control command data 1001 included in the control signal. Then, processing based on the accompanying data 1002 is performed.

  On the other hand, when it is determined in step S1206 that the data related to authentication is the authentication data 1003 (step S1206: No), the effect control unit 202 extracts the authentication data 1003 from the control signal, and the expected value corrected in step S1203 Is obtained (step S1207), and it is determined whether or not the authentication data 1003 included in the control signal matches the expected value (step S1208). At this time, the effect control unit 202 may determine whether or not the authentication data 1003 and the expected value have a predetermined relationship, rather than whether or not the authentication data 1003 and the expected value match. The predetermined relationship is, for example, a relationship in which a value obtained by performing a predetermined calculation on the authentication data 1003 matches an expected value.

  If the authentication data matches the expected value (step S1208: Yes), the effect control unit 202 authenticates the validity of the main control unit 201 that has transmitted the control signal, and proceeds to step S1204 to be included in the control signal. The processing based on the control command data 1001 and the accompanying data 1002 is performed. On the other hand, when the authentication data does not match the expected value (step S1208: No), the effect control unit 202 does not authenticate the validity of the main control unit 201 that has transmitted the control signal, and the control command data 1001 and the accompanying data 1002 are not authenticated. And a notification signal is output from the notification signal output unit 336 (see FIG. 3) (step S1209), and the processing according to this flowchart ends. Note that in step S1208, only one of data discarding and notification may be performed.

  In step S1205, if the control signal does not include authentication-related data (step S1205: No), that is, if the control signal is a normal control signal 1010, the effect control unit 202 performs collation with the expected value. Instead, the process may directly proceed to step S1204 to perform processing based on the control command data 1001 and the accompanying data 1002.

  In the flowchart of FIG. 12, when the effect control unit 202 does not hold the expected value in advance and the expected value is transmitted from another component, the expected value is not corrected in step S1203 and the correction data 1004 is stored. Extracted and recorded in a recording unit or the like. Then, after obtaining the expected value from another component in step S1207, the expected value is corrected using the recorded correction data 1004, and the process proceeds to step S1208, where the corrected expected value matches the authentication data 1003. It may be determined whether or not.

  In the flowchart of FIG. 12, it is determined in step S1206 whether or not the data related to authentication is dummy authentication data 1005. However, the present invention is not limited to this. For example, if it is determined in step S1205: Yes that authentication-related data is included, the processing in steps S1207 and S1208 may be performed. If the data related to authentication is dummy authentication data 1005, the process may proceed to step S1204 even if the dummy authentication data 1005 does not match the expected value in step S1208.

  By doing in this way, even if the production | presentation control part 202 receives any of the authentication data 1003 or the dummy authentication data 1005, the processing amount and processing time in the production | presentation control part 202 can be made unchanged. As a result, it is possible to prevent a third party from seeing when the authentication data 1003 used for the normal authentication process has been received, and to prevent the authentication data 1003 from being stolen.

(Example of control signal flow between control units)
Next, the flow of control signals between the main control unit 201 and the peripheral unit will be described with reference to the sequence diagram of FIG. Here, the peripheral portion is, for example, the effect control unit 202 or the prize ball control unit 203 (FIG. 2). FIG. 13 is a sequence diagram illustrating an example of a flow of a control signal between control units. In FIG. 13, a portion surrounded by a dotted line A is a dummy authentication processing step for one time, a portion surrounded by a dotted line B is a correction processing step for one time, and a portion surrounded by a dotted line C is 1 This is a step of authentication processing for a batch. The dummy authentication process is an authentication process in which authentication is temporarily established in the peripheral part without collating with an expected value. In the sequence diagram of FIG. 13, in order to clarify the correction process and the authentication process, the flow of control signals for commands other than the jackpot start command or jackpot end command is omitted.

  As shown in FIG. 13, when the control command data 1001 is a jackpot start command or jackpot end command before a predetermined number (x <n) after the peripheral power is turned on, the main control unit 201 controls the control command data 1001 and accompanying data 1002 are set (step S1301). In addition, the main control unit 201 generates an error check value Cb ′ (step S <b> 1302). Here, the error check value Cb ′ is a numerical value capable of detecting an error generated from a predetermined program code or the like recorded in a recording unit or the like included in the main control unit 201. The error check value Cb 'is preferably an operation result value of an actual error check value and a salt value. Further, b ′ represents the processing order of the dummy authentication processing. For example, in the case of the first dummy authentication processing after the peripheral power is turned on, b ′ = 1.

  Further, the main control unit 201 generates authentication data 1003 (Vcb ′) (step S1303). In step S1303, for example, authentication data 1003 (Vcb ') is generated by the following equation (1). In step S1303, the encryption calculation method may be one type or two or more types. When there are two or more encryption methods, in step S1303, one type of encryption method is selected from a plurality of encryption methods, and an encryption operation is performed using the selected encryption method. Further, the encryption process by the encryption operation may be performed twice or more. x represents the processing order of the jackpot start command or jackpot end command, and Fx is, for example, a jackpot start command or jackpot end command before the nth (x <n) after the main control unit 201 is turned on. The control command data 1001 and accompanying data 1002 set in step S1302 are shown.

    Vcb '= Ec (Cb', Fx) (1)

  Next, the main control unit 201 transmits an authentication data-added control signal 1020 (Fx, Vcb ′) including control command data 1001, accompanying data 1002, and authentication data 1003 to the peripheral unit (step S1304). In step S1304, the control command data 1001 (Fx) in which the accompanying data 1002 is set to the xth before the nth after power is supplied to the peripheral portion, and the authentication data 1003 (Vcb ′) are You may transmit to a peripheral part separately. In this case, the transmission order may be out of order.

  The peripheral unit receives the control signal with authentication data (Fx, Vcb ′) transmitted in step S1304 (step S1305). Then, the main control unit 201 is authenticated without collating with the expected value, and processing based on the control command data 1001 and the accompanying data 1002 is performed (step S1306).

  Next, when the control command data 1001 is a predetermined (n) jackpot start command or jackpot end command after the peripheral power is turned on, the main control unit 201 generates a correction value Ma (step S1311). The correction value Ma is a value for correcting the expected value for collation of the main control unit 201, and is a value that is the basis of the correction data 1004. The correction value Ma is preferably a calculation result value of an actual correction value and a salt value. Further, a represents the processing sequence of the correction processing. For example, in the case of the first correction processing after the main control unit 201 is turned on, a = 1. The generation of the correction value Ma in step S1311 may be performed before the correction data is generated in step S1313, which will be described later. Specifically, for example, it may be performed before the dummy authentication process, that is, before step S1301.

  If the control command data 1001 is a jackpot start command or jackpot end command, the main control unit 201 sets the control command data 1001 (jackpot start command data or jackpot end command data) and accompanying data 1002 (step S1312). . Further, the main control unit 201 generates correction data 1004 (Vma) (step S1313). In step S1313, for example, correction data 1004 (Vma) is generated by the following equation (2). Here, n represents the processing sequence of the jackpot start command or jackpot end command, and is set in step S1312 at the time of the nth jackpot start command or jackpot end command after the main control unit 201 is turned on, for example. Control command data 1001 and accompanying data 1002 are shown. Ec (A, B) represents an encryption operation expression. Note that the encryption processing by the encryption operation may be performed twice or more.

    Vma = Ec (Ma, Fn) (2)

  Specifically, for example, when Ma = 0x35 and Fn = 0x22, and Ec (A, B) is A xor B (exclusive OR), Vma is expressed as 0x17 by the following equation (3). Become.

Vma = Ec (0x35, 0x22)
= 0x35 xor 0x22
= 0x17 (3)

  Next, the main control unit 201 transmits a control signal with correction data 1030 (Fn, Vma) including control command data 1001, accompanying data 1002, and correction data 1004 to the peripheral part (step S1314). In step S1314, control command data 1001 (Fn) in which the accompanying data 1002 is set at the nth time of the jackpot start command or jackpot end command and the correction data 1004 (Vma) are separately transmitted to the peripheral portion. May be. In this case, the transmission order may be out of order.

  The effect control unit 202 receives the control signal with correction data (Fn, Vma) transmitted in step S1314 (step S1315). Next, the effect control unit 202 restores the correction data 1004 (Vma) (step S1316). In step S1316, the correction data 1004 (Vma) is restored by the following equation (4) to obtain the correction value Ma. Here, Dc (A, B) represents a decoding arithmetic expression.

    Ma = Dc (Vma, Fn) (4)

  Here, specifically, for example, when Vma = 0x17 and Fn = 0x22 and Dc (A, B) is A xor B, Ma becomes 0x35 according to the following equation (5).

Ma = Dc (0x17, 0x22)
= 0x17 xor 0x22
= 0x35 (5)

  Next, an expected value correction process is performed using the correction value Ma acquired in step S1316 (step S1317). For example, if the expected value is not held in advance in the peripheral portion, in step S1317, the peripheral portion acquires the expected value from another control unit, and performs the expected value correction process on the acquired expected value. Then, the peripheral part performs processing based on the control command data 1001 and the accompanying data 1002 (step S1318).

  Specifically, when the expected value (old expected value) held in advance in step S1317 is 0xAC, the expected value (new expected value) corrected by the correction process is calculated by the following equation (6). 0x77. The peripheral portion holds this 0x77 as an expected value for collation of the main control unit 201.

    0xAC (old expected value) −0x35 (correction value) = 0x77 (new expected value) (6)

  Next, when the control command data 1001 is a jackpot start command or jackpot end command after a predetermined number (y <n) after the peripheral power is turned on, the main control unit 201 controls the control command data 1001 and associated data. 1002 is set (step S1321). Further, the main control unit 201 generates an error check value Cb (step S1322). Here, the error check value Cb is a numerical value capable of error detection generated from a predetermined program code or the like recorded in a recording unit or the like included in the main control unit 201. The error check value Cb is preferably an operation result value of an actual error check value and a salt value. Further, b represents the processing order of the authentication processing. For example, in the case of the first authentication processing after the power is turned on, b = 1.

  Further, the main control unit 201 generates authentication data 1003 (Vcb) (step S1323). In step S1323, for example, authentication data 1003 (Vcb) is generated by the following equation (7). In step S 1323, the encryption calculation method may be one type or two or more types. If there are two or more encryption schemes, in step S1323, one encryption scheme is selected from a plurality of encryption schemes, and an encryption operation is performed using the selected encryption scheme. Further, the encryption process by the encryption operation may be performed twice or more. y represents the processing sequence of the jackpot start command or jackpot end command, and Fy is, for example, a jackpot start command or jackpot end command after the nth (y> n) after the main control unit 201 is turned on. The control command data 1001 and accompanying data 1002 set in step S1321 are shown. Fy is, for example, control command data 1001 and associated data set in step S1321 at the time of the jackpot end command for ending the jackpot state started by the nth jackpot start command after the main control unit 201 is turned on. It may be 1002.

    Vcb = Ec (Cb, Fy) (7)

  Specifically, for example, when Cb = 0x77 and Fy = 0x22, and Ec (A, B) is A xor B, Vcb is 0x55 according to the following equation (8).

Vcb = Ec (0x77, 0x22)
= 0x77 xor 0x22
= 0x55 (8)

  Next, the main control unit 201 transmits an authentication data-added control signal 1020 (Fy, Vcb) including control command data 1001, accompanying data 1002, and authentication data 1003 to the peripheral unit (step S1324). In step S1324, the control command data 1001 (Fy) in which the accompanying data 1002 is set to the yth after the nth after the peripheral power is turned on, and the authentication data 1003 (Vcb) are separately provided. May be transmitted to the peripheral part. In this case, the transmission order may be out of order.

  The peripheral part receives the control signal with authentication data (Fy, Vcb) transmitted in step S1324 (step S1325). Next, the effect control unit 202 restores the authentication data 1003 (Vcb) (step S1326). In step S1326, the authentication data 1003 (Vcb) is restored by the following equation (9) to obtain the error check value Cb. In step S1326, when one type of encryption method is selected from the plurality of encryption methods in step S1324 and encryption processing is performed, decryption is performed using a plurality of decryption methods.

    Cb = Dc (Vcb, Fy) (9)

  Specifically, for example, when Vcb = 0x55 and Fy = 0x22, and Dc (A, B) is A xor B, the error check value Cb is 0x77 according to the following equation (10).

Cb = Dc (0x55, 0x22)
= 0x55 xor 0x22
= 0x77 (10)

  Next, an authentication process is performed using the expected value (new expected value) corrected in step S1317 and the error check value Cb acquired in step S1326 (step S1327). In step S1327, for example, when the expected value and the error check value Cb match, the main control unit 201 is authenticated. Note that in step S1327, the main control unit 201 may be authenticated when any of the error check values Cb decoded in step S1326 and obtained by the plurality of decoding methods matches the expected value.

  Here, specifically, the new expected value is 0x77 as calculated by the above equation (6), and the error check value Cb is 0x77 as calculated by the above equation (10). . Therefore, since the new expected value matches the error check value Cb, authentication is established in this case.

  If authentication is established in step S1327, the peripheral unit performs processing based on the control command data 1001 and accompanying data 1002 (step S1328). If authentication is not established in step S1327, the control command data 1001 and accompanying data 1002 are discarded (see step S1208 in FIG. 12).

  In the sequence diagram of FIG. 13, as an example, the control signal 1040 with dummy authentication data is transmitted at the jackpot start command or jackpot end command before the nth, and at the nth jackpot start command or jackpot end command. The control signal with correction data 1030 is transmitted to the control signal 1030, and the control signal with authentication data 1020 is transmitted when the jackpot start command or the jackpot end command is later than the nth, but the present invention is not limited to this. Specifically, for example, when the jackpot start command or jackpot end command from when the control signal with correction data 1030 is transmitted until when the control signal with authentication data 1020 is transmitted, the control signal with dummy authentication data 1040 is set. Alternatively, a normal control signal 1010 to which correction data 1004 or authentication data 1003 is not added may be transmitted.

  In the sequence diagram of FIG. 13, the dummy authentication process may or may not be performed a plurality of times before the correction process. Prior to the authentication process, at least one correction process may be performed. That is, before the control signal with correction data 1030 is transmitted, the control signal with dummy authentication data 1040 or the normal control signal 1010 is transmitted, and after the control signal with correction data 1030 is transmitted, the dummy authentication data is added. In addition to the control signal 1040 or the normal control signal 1010, the control signal with authentication data 1020 may be transmitted, or the control signal with correction data 1030 may be further transmitted.

  In the sequence diagram of FIG. 13, the peripheral part may not hold the corrected expected value (final expected value) itself as a fixed value after performing the expected value correction in step S <b> 1317. In this case, for example, if the correction process (B) using the correction data 1004 is not performed from the time of manufacture, authentication is established in the dummy authentication process (A), and authentication is not established in the authentication process (C). To do. By doing in this way, the person who can know the final expected value can be limited, and the risk of leakage of information related to the expected value can be reduced.

  Further, in the specific example in the sequence diagram of FIG. 13, the exclusive OR is used for the encryption arithmetic expression and the decryption arithmetic expression, but other arithmetic expressions such as four rules and encryption arithmetic may be used. That is, the authentication method or the arithmetic expression determined in advance may be used in the main control unit 201 and the peripheral unit.

  Further, the authentication process using the authentication data may be performed at the time when a plurality of authentication data is received, instead of being performed every time the authentication data is received. In this case, for example, when the peripheral unit receives the first authentication data together with the first jackpot start command data (or jackpot end command data) and the first control data, the peripheral unit does not perform the authentication process, The jackpot start command data (or jackpot end command data) and the first control data are processed. When the peripheral unit receives the second authentication data together with the second jackpot start command data (or jackpot end command data) and the second control data, the second jackpot start command data (or jackpot end) Before performing the process based on the command data) and the second control data, the authentication process using the first authentication data is performed. At this time, the peripheral part may perform the authentication process using both the first authentication data and the second authentication data. In this way, if authentication processing is performed at the time when a plurality of authentication data is received, it is possible to prevent erroneous authentication processing when extra data is added to the control signal due to an error. it can. In the above description, the authentication process has been described, but the same applies to the correction process.

  In the above description, the authentication data is transmitted when the jackpot start command data (or jackpot end command data) is transmitted. However, the authentication data is transmitted when another control command is transmitted. Also good. Specifically, for example, the authentication data may be transmitted when any one or more of a power-on command, a jackpot reach command, a jackpot command, a customer waiting demo command, a miss command, and the like are transmitted. . In the above description, the dummy authentication data 1005 is transmitted when the jackpot start command (or jackpot end command) is transmitted. However, the present invention is not limited to this. For example, even when correction data 1004 and authentication data 1003 are transmitted only when a jackpot start command (or jackpot end command) is transmitted, dummy authentication data 1005 may be transmitted when another control command is transmitted. . In this way, it is possible to further prevent the third party from seeing the timing at which the correction data 1004 and the authentication data 1003 are transmitted, and to further prevent the correction data 1004 and the authentication data 1003 from being stolen.

  As described above, in the electronic device according to the present embodiment, when a predetermined control command is transmitted, expected value correction is performed using correction data for correcting expected values used for verification of the main control unit in the peripheral part. Perform processing. In addition, when transmitting a predetermined control command after transmitting the correction data, authentication processing is performed using authentication data for authenticating the validity of the main control unit. The correction data is generated by a value unique to the main control unit. For example, when the main control unit is changed, the correction data is generated by a difference between a value unique to the main control unit before the change and a value unique to the main control unit after the change.

  The authentication data is generated by program data stored in the regular main control unit. When the value calculated using the authentication data matches the expected value corrected using the correction data, the main control unit can be authenticated as a regular main control unit. For this reason, it can be detected that the authorized main controller is replaced with an unauthorized substrate, or that an unauthorized substrate is attached between the authorized main controller and the peripheral portion. Further, when the main control unit is changed to another regular main control unit, it is possible to prevent the changed main control unit from being erroneously authenticated as an unauthorized substrate. Furthermore, if correction data and authentication data including control command data and accompanying data to be transmitted this time are generated, the reuse of correction data and authentication data by an illegal control board is prevented, and unauthorized use of electronic devices is prevented. Can be prevented.

  In addition, by not holding the fixed value, which is the final expected value (expected value after correction) itself used for collation of the main control unit, in the peripheral part, it is possible to limit the persons who can know the final expected value used for collation. In this case, specifically, for example, when the expected value correction process is not performed from the time of manufacturing, the dummy authentication process is designed so that authentication is established, and the authentication process is not established. As a result, it is possible to reduce risks such as leakage of information regarding expected values.

  In addition to the timing for performing the correction process and the authentication process, dummy authentication data can be added when a predetermined control command is transmitted. The dummy authentication data is dummy data of the authentication data and is not used for correction processing or authentication processing. For example, even before the correction process is performed, the main control unit can be temporarily authenticated. Therefore, the timing at which correction data and authentication data are transmitted, that is, points where correction processing and authentication processing are performed is prevented from being overlooked by a third party, and risks such as leakage of information on expected values and information on authentication are further reduced. can do.

  Moreover, in the electronic device (for example, pachinko gaming machine) according to the present embodiment, for example, when the main control unit transmits a jackpot start command or jackpot end command to the peripheral unit, the peripheral unit checks the main control unit. Expected value correction processing and authentication processing for authenticating the validity of the main control unit. Therefore, by changing only the timing design of the jackpot start command and jackpot end command, it is possible to cause the existing pachinko gaming machine to execute the correction process and the authentication process. Compared to the case where correction processing and authentication processing are performed at the time of transmission of all control commands, authentication processing and authentication processing are performed during the period when the jackpot start command and jackpot end command are transmitted (at the start and end of processing of the jackpot state). Since only correction processing is performed, the processing load on the main control unit and the peripheral unit can be reduced. The correction data and the authentication data may be added to only one of the jackpot start command or jackpot end command. In this case, the processing load on the main control unit and the peripheral part can be further reduced, and the work of adding authentication processing and correction processing to the electronic device is further facilitated.

  In the pachinko gaming machine according to the present embodiment, for example, when the control command is a jackpot start command, correction data is added to the control command, and when the control command is a jackpot end command, the control command is authenticated. Append data. The jackpot start command is sent only once when the jackpot is actually generated, when the jackpot state is entered, and the jackpot end command is issued when all rounds of the jackpot state are finished and the transition is made to the normal state. Only sent once. Therefore, the jackpot start command and jackpot end command are transmitted once in this order in one jackpot state. Therefore, both correction processing and authentication processing can be performed in this order in a single big hit state. In this way, since the interval between the correction process and the authentication process is small, the accuracy of the authentication process can be improved, and fraud to the main control unit and the peripheral part can be detected more reliably.

  Further, when the control command is a jackpot end command, correction data may be added to the control command, and when the control command is a jackpot start command, authentication data may be added to the control command. In this case, since the authentication process can be performed when the jackpot state is started, the jackpot state can be performed in a safe state.

  The control method for the main control unit and the peripheral units described in the present embodiment can be realized by executing a program prepared in advance on a computer such as a personal computer or a workstation. This program is recorded on a computer-readable recording medium such as a hard disk, a flexible disk, a CD-ROM, an MO, and a DVD, and is executed by being read from the recording medium by the computer. The program may be a transmission medium that can be distributed via a network such as the Internet.

  As described above, the present invention is useful for an electronic device in which fraud to the control unit is concerned and a control board mounted on the electronic device, and in particular, a pachinko gaming machine, a slot gaming machine, and other various gaming machines. Suitable for

301 main control board 311 control command storage unit 312 recording unit 313 correction data generation unit 314 authentication data generation unit 315 dummy authentication data generation unit 316 correction data addition unit 317 authentication data addition unit 318 dummy authentication data addition unit 319 transmission unit 330 peripheral board 331 Reception unit 332 Correction unit 333 Judgment unit 334 Authentication unit 335 Unattended signal output unit

Claims (26)

An electronic apparatus comprising: a main control unit that transmits a control command; and a peripheral unit that performs predetermined processing based on the control command transmitted by the main control unit,
The main control unit
Correction data generation means for generating correction data for correction processing for correcting an expected value used for collation of data held in the peripheral portion and transmitted from the main control unit;
Authentication data generating means for generating authentication data for authentication processing for authenticating the main control unit;
Dummy authentication data generating means for generating dummy data of the authentication data (hereinafter referred to as “dummy authentication data”);
The control command to be transmitted to the peripheral portion is a control command for starting the jackpot state processing (hereinafter referred to as “big jack start command”) or a control command for ending the jackpot state processing (hereinafter referred to as “big jack end command”). The correction data adding means for adding the correction data generated by the correction data generating means to the control command;
After the correction data is added by the correction data adding means, when the control command transmitted to the peripheral part is the jackpot start command or the jackpot end command, the authentication data generated by the authentication data generating means Authentication data adding means for adding to the control command;
A dummy for adding dummy authentication data generated by the dummy authentication data generating means to a control command other than the control command to which the correction data or the authentication data is added by the correction data adding means or the authentication data adding means. An authentication data adding means;
The control command to which the correction data is added by the correction data adding means (hereinafter referred to as “control command with correction data”), and the control command to which the authentication data is added by the authentication data adding means (hereinafter referred to as “authentication”). A control command with data ") or a transmission means for transmitting the control command to which the dummy authentication data is added by the dummy authentication data adding means (hereinafter referred to as a" control command with dummy authentication data ") to the peripheral portion;
With
The peripheral portion is
Receiving means for receiving the control command with correction data, the control command with authentication data or the control command with dummy authentication data transmitted by the main control unit;
When the control command with correction data is received by the receiving means, the correction means for correcting the expected value held in the peripheral part using the control command with correction data;
When receiving the control command with authentication data by the receiving means, a determination to determine whether or not the value calculated using the control command with authentication data matches the expected value corrected by the correction means Means,
An authentication unit that authenticates the main control unit when it is determined that the value calculated by the determination unit using the control command with authentication data matches the expected value;
With
The electronic device is characterized in that, when the receiving unit receives the control command with dummy authentication data, the authentication unit authenticates the main control unit.   When the control command to be transmitted to the peripheral portion is the jackpot start command or the jackpot end command after a predetermined number of times after power is turned on to the main control section, the correction data adding means The electronic device according to claim 1, wherein the correction data is added to the jackpot end command.   When the control command transmitted to the peripheral portion is the jackpot start command or the jackpot end command after a predetermined number of times after the main control section is reset, the correction data adding means is configured to execute the jackpot start command or the jackpot The electronic apparatus according to claim 1, wherein the correction data is added to an end command.   The dummy authentication data addition means, when the control command other than the control command to which the correction data or the authentication data is added is the jackpot start command or the jackpot end command before the correction data is added, The electronic device according to claim 1, wherein the dummy authentication data is added.   The dummy authentication data adding means adds the dummy authentication data in the case of a control command of a type other than the jackpot start command or the jackpot end command. The electronic device described.   When the authentication unit receives the control command with dummy authentication data by the receiving unit, the authentication unit performs processing to determine whether or not the value calculated using the dummy authentication data by the determination unit matches the expected value. The electronic device according to claim 1, wherein the electronic control unit is omitted and authenticates the main control unit. The determination means determines whether the value calculated using the control command with dummy authentication data received by the reception means matches the expected value;
The authentication unit authenticates the main control unit regardless of whether or not a result of determination by the determination unit matches a value calculated using the dummy authentication data and the expected value. The electronic device as described in any one of Claims 1-5.   The authentication data adding means, when the control command to be transmitted to the peripheral portion is the jackpot end command for ending the jackpot state processing started by the control command with correction data transmitted by the transmitting means, The electronic device according to claim 1, wherein the authentication data is added to the jackpot end command.   When the main control unit is changed to another main control unit, the correction data generation unit uses the expected value held in the peripheral unit to collate data transmitted from the other main control unit. The electronic device according to claim 1, wherein correction data for correcting the expected value to be used is generated. The main control unit
Recording means for recording a unique value set in the main control unit;
The electronic device according to claim 1, wherein the correction data generation unit generates the correction data using the unique value recorded by the recording unit.   When the main control unit is changed to another main control unit, the correction data generation unit is recorded in the recording unit and has a unique value set in the main control unit before being changed. The electronic device according to claim 10, wherein a difference from a unique value set in the other main control unit after being changed is generated as the correction data.   The electronic device according to claim 10, wherein the correction data generation unit generates the correction data using the control command that adds the correction data together with the unique value. The main control unit
Comprising a recording means for recording a predetermined program code;
The electronic device according to claim 1, wherein the correction data generation unit generates the correction data using a program code recorded in the recording unit.   The electronic device according to claim 13, wherein the correction data generation unit generates the correction data using the control command that adds the correction data together with the program code. The main control unit
Comprising a recording means for recording a predetermined program code;
The electronic device according to claim 1, wherein the authentication data generation unit generates the authentication data using a program code recorded by the recording unit.   16. The electronic apparatus according to claim 15, wherein the authentication data generation unit generates the authentication data using the control command that adds the authentication data together with the program code.   When the control command transmitted from the main control unit is the control command with correction data, the correction unit corrects the expected value held in the peripheral portion using the control command with correction data. The electronic device according to any one of claims 1 to 16, wherein   When the control command transmitted from the main control unit is the jackpot start command or the jackpot end command, the correction means uses the correction data control command to hold the expected value held in the peripheral portion. The electronic device according to claim 1, wherein the electronic device is corrected.   In the case where the control command transmitted from the main control unit is the control command with authentication data, the determination means determines whether the value calculated using the control command with authentication data matches the expected value. The electronic device according to claim 1, wherein it is determined whether or not.   The determination means, when the control command transmitted from the main control unit is the jackpot start command or the jackpot end command, a value calculated using the control command with authentication data, the expected value, The electronic device according to claim 1, wherein it is determined whether or not the two match. The peripheral portion is
21. The electronic apparatus according to claim 1, further comprising an output unit that outputs a notification signal when the main control unit is not authenticated by the authentication unit. An electronic device according to any one of claims 1 to 21, comprising:
The main control board transmits the control command with authentication data, and the peripheral board performs authentication processing based on the control command with authentication data transmitted by the main control board. A main control board that is mounted on an electronic device and transmits a control command to perform a predetermined process on a peripheral board,
Correction data generation means for generating correction data for correction processing for correcting an expected value used for collation of data held in the peripheral board and transmitted from the main control board;
Authentication data generating means for generating authentication data for authentication processing for authenticating the main control board;
Dummy authentication data generating means for generating dummy data of the authentication data (hereinafter referred to as “dummy authentication data”);
The control command to be transmitted to the peripheral board is a control command for starting a jackpot state process (hereinafter referred to as “big jack start command”) or a control command for ending a jackpot state process (hereinafter referred to as a “big jack end command”) The correction data adding means for adding the correction data generated by the correction data generating means to the control command;
After the correction data is added by the correction data adding means, if the control command to be transmitted to the peripheral board is the jackpot start command or the jackpot end command, the authentication data generated by the authentication data generating means Authentication data adding means for adding to the control command;
A dummy for adding dummy authentication data generated by the dummy authentication data generating means to a control command other than the control command to which the correction data or the authentication data is added by the correction data adding means or the authentication data adding means. An authentication data adding means;
The control command to which the correction data is added by the correction data adding means (hereinafter referred to as “control command with correction data”), and the control command to which the authentication data is added by the authentication data adding means (hereinafter referred to as “authentication”). A control command with data ") or a transmission means for transmitting the control command to which the dummy authentication data is added by the dummy authentication data adding means (hereinafter referred to as" control command with dummy authentication data ") to the peripheral board;
A main control board comprising: A peripheral board that is mounted on an electronic device and performs processing according to a control command transmitted from the main control board,
The control command (hereinafter referred to as “control command with correction data”) to which correction data for correcting an expected value used for collation of data transmitted by the main control board and transmitted by the main control board is added. The control command to which authentication data for authenticating the main control board is added (hereinafter referred to as “control command with authentication data”) or the control command to which dummy data of the authentication data is added (hereinafter referred to as “dummy authentication”). Receiving means for receiving a control command with data),
When receiving the control command with correction data by the receiving means, correction means for correcting the expected value held on the peripheral board using the control command with correction data;
When receiving the control command with authentication data by the receiving means, a determination to determine whether or not the value calculated using the control command with authentication data matches the expected value corrected by the correction means Means,
Authentication means for authenticating the main control board when it is determined that the value calculated by the determination means using the control command with authentication data matches the expected value;
With
The peripheral board according to claim 1, wherein the authentication means authenticates the main control board when the receiving means receives the control command with dummy authentication data. An authentication method in an electronic device comprising: a main control unit that transmits a control command; and a peripheral unit that performs predetermined processing based on the control command transmitted by the main control unit,
In the main control unit,
A correction data generation step for generating correction data for correction processing for correcting an expected value used for collation of data held in the peripheral portion and transmitted from the main control unit;
An authentication data generation step of generating authentication data for authentication processing for authenticating the main control unit;
Dummy authentication data generation step for generating dummy data of the authentication data (hereinafter referred to as “dummy authentication data”);
The control command to be transmitted to the peripheral portion is a control command for starting the jackpot state processing (hereinafter referred to as “big jack start command”) or a control command for ending the jackpot state processing (hereinafter referred to as “big jack end command”). If it is, a correction data addition step of adding the correction data generated by the correction data generation step to the control command
After the correction data is added by the correction data adding step, when the control command transmitted to the peripheral part is the jackpot start command or the jackpot end command, the authentication data generated by the authentication data generation step An authentication data adding step for adding to the control command;
A dummy for adding dummy authentication data generated by the dummy authentication data generating step to a control command other than the control command to which the correction data or the authentication data is added by the correction data adding step or the authentication data adding step. An authentication data addition process;
The control command to which the correction data is added in the correction data adding step (hereinafter referred to as “control command with correction data”), and the control command to which the authentication data is added in the authentication data adding step (hereinafter referred to as “authentication”). A transmission command for transmitting the control command to which the dummy authentication data is added in the dummy authentication data adding step (hereinafter referred to as “control command with dummy authentication data”) to the peripheral portion;
Including
In the periphery,
Receiving the control command with correction data, the control command with authentication data or the control command with dummy authentication data transmitted by the main control unit;
When the control command with correction data is received by the receiving step, a correction step of correcting the expected value held in the peripheral portion using the control command with correction data;
When the control command with authentication data is received by the reception step, a determination is made to determine whether or not a value calculated using the control command with authentication data matches the expected value corrected by the correction step Process,
An authentication step of authenticating the main control unit when it is determined that the value calculated using the control command with authentication data by the determination step matches the expected value;
Including
The authentication method is characterized in that the main control unit is authenticated when the control command with dummy authentication data is received in the receiving step.   An authentication program causing a computer to execute the authentication method according to claim 25.

Images