JP2010269094A - Electronic device, game machine, main control board, peripheral board, authentication method and authentication program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent a fraud to an electronic device having a peripheral part which executes a prescribed processing based on a control command transmitted by a main control part. <P>SOLUTION: A peripheral board 320 authenticates the individuality of a main control board 310 based on whether or not an operation result obtained by executing a binary operation with respect to individuality authentication data and an expectation value for the individuality authentication are accorded with each other, and authenticates the operation sequence of the main control board 310 using a synchronous code. The synchronous code is generated using packet information output along with a transmission of the control command. When both authentications by the individuality authentication data and the synchronous code are satisfied, the peripheral board 320 executes a processing based on the control command. The main control board 310 changes the type of the packet information for use in the generation of the synchronous code based on the number of division used when generating the individuality authentication data. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to an electronic device, a gaming machine, a main control board, a peripheral board, an authentication method, and an authentication program that include a plurality of boards and authenticate communication between these boards.

  Conventionally, in an electronic apparatus having a plurality of substrates, various techniques have been proposed for preventing fraud on these substrates. Examples of the electronic device provided with a plurality of substrates include a pachinko gaming machine. The pachinko gaming machine includes a main control board that controls the operation of the entire electronic device and a controlled board (peripheral board) that performs the operation of each part of the electronic device. The main control board outputs a control signal including a control command to the peripheral board, and the other peripheral boards have a function of executing an operation according to the control signal transmitted from the main control board.

  In the case of an electronic device having such a configuration, examples of frauds with respect to the main control board include, for example, replacing a regular main control board with an illegal control board, or altering a program code that defines processing performed by the main control board. There is a technique. In order to prevent such fraud, for example, a technique has been proposed in which program data recorded in a ROM mounted on the main control board is checked by a ROM checker to prevent illegal exchange of the ROM ( For example, see the following Patent Document 1.)

JP 11-333108 A

  However, when the above-described conventional technology is used, the alteration of the program data can be detected. However, if an unauthorized control board is connected between the regular main control board and the controlled board, the unauthorized control board Unauthorized control due to an unauthorized control signal that is output cannot be prevented.

  FIG. 16 is an explanatory diagram showing an outline of a fraud prevention technique according to the prior art. FIG. 17 is an explanatory diagram showing an example of inserting an unauthorized control board. The unauthorized control by the unauthorized control board will be specifically described with reference to FIGS. 16 and 17. As shown in FIG. 16, the regular main control board 1601 normally sends the regular control signal RS to the peripheral board 1602. The output of the peripheral substrate 1602 is controlled. The regular main control board 1601 is provided with an inspection port 1603. The program data recorded in the ROM or the like provided inside the regular main control board 1601 is inspected from the inspection port 1603 to inspect whether the regular main control board 1601 is fraudulent.

  However, as shown in FIG. 17, there is a case where an unauthorized control board 1701 is inserted between the regular main control board 1601 and the peripheral board 1602 in order to perform unauthorized control of the electronic device. The unauthorized control board 1701 discards or ignores the authorized control signal RS output from the authorized main control board 1601 and outputs an unauthorized control signal FS to the peripheral board 1602 instead.

  In the case of the prior art, the peripheral board 1602 cannot determine whether the input signal is the normal control signal RS or the illegal control signal FS. Therefore, when an unauthorized control signal FS is input to the peripheral board 1602, there is a problem that an unauthorized operation cannot be detected and an operation corresponding to the control content of the unauthorized control signal FS is performed.

  In addition, since the inspection port 1603 is provided on the regular main control board 1601, even if the inspection using the inspection port 1603 is performed, the inspection result for the regular main control board 1601 is returned. Therefore, even if the inspection port 1603 is provided, there is a problem that unauthorized control by the unauthorized control board 1701 cannot be detected.

  FIG. 18 is an explanatory diagram showing an outline of signal switching by the signal switching circuit. As shown in FIG. 18, a signal switching circuit 1703 may be mounted in an unauthorized control board 1701 in addition to an unauthorized CPU 1702 that outputs an unauthorized control signal FS. When the signal switching circuit 1703 is mounted, the unauthorized control board 1701 outputs the normal control signal RS during the initial diagnosis or inspection operation of the control signal RS output from the normal CPU 1604, and during other operations, It can be switched to output an unauthorized control signal FS.

  In other words, by using the signal switching circuit 1703, the normal control signal RS output from the normal CPU 1604 can be output only when the inspection using the inspection port 1603 or the operation diagnosis of the CPU is performed. There is a problem in that the output of the unauthorized control signal FS cannot be detected even if the unauthorized prevention technology such as 1603 or operation diagnosis is used.

  In order to solve the above-described problems caused by the prior art, the present invention detects an unauthorized control signal output from an unauthorized control board, and can prevent unauthorized control of a peripheral board as a controlled unit, An object is to provide a gaming machine, a main control board, a peripheral board, an authentication method, and an authentication program.

  In order to solve the above-described problems and achieve the object, an electronic device according to the invention of claim 1 includes a main control unit and a peripheral unit that performs predetermined processing based on a control command transmitted by the main control unit. The main control unit includes a data storage unit for storing predetermined data and a number for dividing the data stored in the data storage unit (hereinafter referred to as “division number”). ) Determining means), dividing the data in the data storage means into the number of divisions, performing a binary operation satisfying a coupling law on each of the divided data, An individual authentication value generating means for generating individual authentication values for authenticating the individual for the number of divisions, and an operation authentication value for authenticating the operation order of the main control unit, output with transmission of the control command Synchronization code generation means for generating a synchronization code including packet information to be transmitted, and transmission means for transmitting the individual authentication value and the synchronization code for the number of divisions to the peripheral portion, the peripheral portion, Receiving means for receiving the individual authentication values for the number of divisions and the synchronization code, the calculation result obtained by performing the binary operation on the individual authentication values for the number of divisions, and the expected value of the calculation result (hereinafter, The main control using the individual authentication means for authenticating the individual of the main control unit based on whether or not the “expected value for individual authentication” matches, and the difference between the packet information included in the synchronization code Control command transmitted by the main control unit when both the authentication by the operation authentication unit for authenticating the operation order of the unit and the authentication by the individual authentication unit and the authentication by the operation authentication unit are established Command authenticating means for authenticating, wherein the expected value for individual authentication is a value obtained by performing the binary operation on all the data in the data storage means, and the synchronization code generating means The type of the packet information used for generating the synchronization code is changed based on the number of divisions.

  According to the first aspect of the invention, the main control unit changes the type of packet information used for generating the synchronization code based on the number of divisions of the data in the data storage means. Since the number of divisions is a value known only by the main control unit, the unauthorized analyst cannot know that the type of packet information used for generating the synchronization code has been changed. Thereby, when an unauthorized control unit is inserted between the main control unit and the peripheral unit, it is possible to detect fraud by checking the synchronization code.

  According to the invention of claim 1, the main control unit only when the individual authentication value for authenticating the individual of the main control unit and the synchronization code for authenticating the operation order of the main control unit are respectively authenticated. Authenticate the control command sent from. In this way, by performing authentication processing twice, it is possible to improve the strength of authentication and prevent unauthorized processing due to unauthorized control commands from being executed.

  According to the invention of claim 1, the peripheral unit authenticates the operation order of the main control unit using the synchronization code. When an unauthorized control unit is equipped with a signal switching circuit or the like, the continuity of operation of the main control unit is lost, and authentication of the operation sequence is not established. Therefore, according to the first aspect of the present invention, it is possible to detect an unauthorized control unit equipped with a signal switching circuit or the like.

  An electronic device according to a second aspect of the present invention is the electronic device according to the first aspect, wherein the synchronization code generation means includes the packet information continuously output with the transmission of the control command, and the control. The synchronization code is generated using any one of the packet information output at predetermined intervals with the transmission of the command.

  According to the second aspect of the present invention, it is possible to generate a synchronization code using packet information having different correlations.

  An electronic device according to a third aspect of the present invention is the electronic device according to the first or second aspect, wherein the synchronization code generating means uses the part or all of the individual authentication value and the packet information. A synchronization code is generated, and the operation authentication unit authenticates the operation of the main control unit using a part or all of the individual authentication value and the packet information.

  An electronic device according to a fourth aspect of the present invention is the electronic device according to the first or second aspect, wherein the individual authentication value generating means uses a part or all of the synchronization code and the divided data. The individual authentication value is generated using a part or all of the synchronization code and a value obtained by performing the binary operation on all the data in the data storage unit. The individual of the main control unit is authenticated by using the expected value for individual authentication.

  According to the third and fourth aspects of the present invention, the other authentication data is generated using one authentication data (individual authentication value or synchronization code, and so on). This makes it easier to detect fraud when fraud is performed on the authentication data, and the authentication strength can be improved.

  The electronic device according to a fifth aspect of the present invention is the electronic device according to any one of the first to fourth aspects, wherein the transmission means adds at least one of the individual authentication value and the synchronization code to the control command. In addition, the information is transmitted to the peripheral portion.

  According to the fifth aspect of the present invention, an increase in the communication load between the main control unit and the peripheral unit can be suppressed as compared with the case where the authentication data is transmitted alone. According to the invention of claim 5, the possibility that the authentication data is extracted and analyzed from the communication data can be reduced as compared with the case where the authentication data is transmitted alone.

  According to a sixth aspect of the present invention, in the electronic device according to the fifth aspect, the individual authentication value generation means generates the individual authentication value using the control command to which the individual authentication value is added. It is characterized by doing.

  According to a seventh aspect of the present invention, in the electronic device according to the fifth or sixth aspect, the synchronization code generation means generates the synchronization code using the control command to which the synchronization code is added. It is characterized by that.

  According to the sixth and seventh aspects of the present invention, the authentication data is generated using the control command to which the authentication data is added and transmitted. In general, an unauthorized control unit tries to cause an unauthorized operation to be performed by transmitting a control command different from that of a regular main control unit. If the authentication data is generated using the control command transmitted this time as in the inventions of claims 6 and 7, even if the authentication data is reused by an unauthorized control unit, the authentication data and the control command Mismatch is not possible and fraud can be detected.

  An electronic device according to an eighth aspect of the present invention is the electronic device according to any one of the first to seventh aspects, wherein the main control unit encrypts the individual authentication value and the synchronization code with a predetermined encryption method. And the transmitting means transmits the individual authentication value and the synchronization code encrypted by the predetermined encryption method, and the peripheral portion encrypts by the predetermined encryption method. And decrypting means for decrypting the individual authentication value and the synchronization code by a decryption method corresponding to the encryption method, wherein the individual authentication means and the operation authentication means are decrypted by the decryption means. Further, authentication is performed using the individual authentication value and the synchronization code.

  According to the eighth aspect of the present invention, it is possible to reduce the possibility that the authentication data generation method is analyzed or the authentication data is reused.

  An electronic device according to a ninth aspect of the present invention is the electronic device according to the eighth aspect, wherein the encryption unit changes the encryption method based on the number of divisions, and the decryption unit includes the individual authentication. The method for decrypting the individual authentication value is changed based on the number of the individual authentication values that have been subjected to the binary operation when authentication of the individual by means is established.

  According to the ninth aspect of the present invention, the fraud analyst cannot know the switching timing of the authentication data encryption method, and the authentication data generation method can be analyzed or the authentication data can be reused. Can be further reduced.

  An electronic device according to a tenth aspect of the present invention is the electronic device according to any one of the first to ninth aspects, wherein the data storage means stores program data used in the main control unit. To do.

  According to the tenth aspect of the present invention, it is possible to detect unauthorized rewriting of the program code recorded in the main control unit or unauthorized replacement of the data storage means of the main control unit.

  An electronic device according to an eleventh aspect of the present invention is the electronic device according to any one of the first to tenth aspects, wherein the binary operation is an addition or exclusive OR operation.

  According to the eleventh aspect of the present invention, addition or exclusive OR operation can be switched and used as the binary operation used for generating the authentication value.

  A gaming machine according to a twelfth aspect of the present invention includes the electronic device according to any one of the first to eleventh aspects, wherein the main control unit is a main control board, and the peripheral portion is a peripheral board. It is characterized by that.

  According to the twelfth aspect of the invention, the main control board changes the type of packet information used for generating the synchronization code based on the number of divisions of the data in the data storage means. Since the number of divisions is a value known only by the main control board, the unauthorized analyst cannot know that the type of packet information used for generating the synchronization code has been changed. As a result, when an illegal control board is inserted between the main control board and the peripheral board, the illegality can be detected by collating the synchronization code.

  According to the twelfth aspect of the present invention, only when the individual authentication value for authenticating the individual main control board and the synchronization code for authenticating the operation sequence of the main control board are respectively authenticated, Authenticate the control command sent from. In this way, by performing authentication processing twice, it is possible to improve the strength of authentication and prevent unauthorized processing due to unauthorized control commands from being executed.

  According to the invention of claim 12, the peripheral board authenticates the operation order of the main control board using the synchronization code. When an unauthorized control board is equipped with a signal switching circuit or the like, the continuity of operation of the main control board is lost, and the authentication of the operation order is not established. Therefore, according to the twelfth aspect of the invention, it is possible to detect an unauthorized control board equipped with a signal switching circuit or the like.

  A main control board according to a thirteenth aspect of the invention is a main control board that is mounted on an electronic device and transmits a control command for causing a peripheral board to perform a predetermined process, and is a data storage means for storing predetermined data. Determining means for determining the number of the data stored in the data storage means (hereinafter referred to as “number of divisions”), and dividing the data in the data storage means into the number of divisions; An individual authentication value generating means for generating an individual authentication value for authenticating an individual of the main control board by performing a binary operation satisfying a binding law for each of the divided data, As an operation authentication value for authenticating the operation sequence of the main control board, a synchronization code generating means for generating a synchronization code including packet information output with the transmission of the control command; Transmitting means for transmitting the individual authentication value and the synchronization code corresponding to the number of divisions to the peripheral board, wherein the synchronization code generation means determines the type of the packet information used for generation of the synchronization code as the number of divisions. It changes based on.

  According to the thirteenth aspect of the invention, the main control board changes the type of packet information used for generating the synchronization code based on the number of divisions of the data in the data storage means. Since the number of divisions is a value known only by the main control board, the unauthorized analyst cannot know that the type of packet information used for generating the synchronization code has been changed. As a result, when an illegal control board is inserted between the main control board and the peripheral board, the illegality can be detected by collating the synchronization code.

  The peripheral board according to the invention of claim 14 is a peripheral board that is mounted on an electronic device and performs a predetermined process based on a control command transmitted by the main control board, and is transmitted by the main control board. Item 2 above for the plurality of individual authentication values for authenticating the individual of the main control board, the receiving means for receiving the synchronization code for authenticating the operation of the main control board, and the plurality of individual authentication values An individual authentication means for authenticating an individual of the main control board based on whether or not an operation result obtained by the operation matches an expected value of the operation result (hereinafter referred to as “individual authentication expected value”); Operation authentication means for authenticating the operation sequence of the main control board using the difference of the packet information included in the synchronization code, both authentication by the individual authentication means and authentication by the operation authentication means A command authenticating means for authenticating a control command transmitted by the main control board when established, the expected value for individual authentication is obtained by performing the binary operation on all the data in the data storing means; It is a value that has been performed.

  According to the invention of claim 14, the peripheral board is used only when the individual authentication value for authenticating the individual main control board and the synchronization code for authenticating the operation sequence of the main control board are respectively authenticated. The control command transmitted from the main control board is authenticated. In this way, by performing authentication processing twice, it is possible to improve the strength of authentication and prevent unauthorized processing due to unauthorized control commands from being executed.

  According to the invention of claim 14, the peripheral board authenticates the operation sequence of the main control board using the synchronization code. When an unauthorized control board is equipped with a signal switching circuit or the like, the continuity of operation of the main control board is lost, and the authentication of the operation order is not established. Therefore, according to the fourteenth aspect of the present invention, it is possible to detect an unauthorized control board equipped with a signal switching circuit or the like.

  An authentication method according to a fifteenth aspect of the present invention is an authentication method in an electronic device comprising a main control unit and a peripheral unit that performs predetermined processing based on a control command transmitted by the main control unit. A determination step of determining a number of divisions of the data stored in the data storage means for storing predetermined data (hereinafter referred to as “division number”) in the main control unit; The data is divided into the number of divisions, a binary operation satisfying a coupling rule is performed on each of the divided data, and an individual authentication value for authenticating an individual of the main control unit is equal to the number of divisions. An individual authentication value generation step to be generated, and a synchronous code including packet information output along with transmission of the control command as an operation authentication value for authenticating the operation order of the main control unit. A synchronization code generation step for generating the individual authentication value for the number of divisions and a transmission step for transmitting the synchronization code to the peripheral portion, and the individual authentication value for the number of divisions in the peripheral portion. And a receiving step for receiving the synchronization code, a calculation result obtained by performing the binary operation on the individual authentication values for the number of divisions, and an expected value of the calculation result (hereinafter referred to as “individual authentication expected value”) ) To authenticate the individual of the main control unit based on whether or not and the operation of authenticating the operation order of the main control unit using the difference of the packet information included in the synchronization code A command authentication process for authenticating a control command transmitted by the main control unit when both the authentication step and the authentication in the individual authentication step and the authentication in the operation authentication step are established. The expected value for individual authentication is a value obtained by performing the binary operation on all the data in the data storage means. In the synchronization code generation step, the synchronization code generation step The type of the packet information to be used is changed based on the number of divisions.

  According to the fifteenth aspect of the present invention, the main control unit changes the type of packet information used for generating the synchronization code based on the number of divisions of the data in the data storage means. Since the number of divisions is a value known only by the main control unit, the unauthorized analyst cannot know that the type of packet information used for generating the synchronization code has been changed. Thereby, when an unauthorized control unit is inserted between the main control unit and the peripheral unit, it is possible to detect fraud by checking the synchronization code.

  According to the invention of claim 15, only when the individual authentication value for authenticating the individual of the main control unit and the synchronization code for authenticating the operation order of the main control unit are respectively authenticated, the main control unit Authenticate the control command sent from. In this way, by performing authentication processing twice, it is possible to improve the strength of authentication and prevent unauthorized processing due to unauthorized control commands from being executed.

  According to the invention of claim 15, the peripheral unit authenticates the operation order of the main control unit using the synchronization code. When an unauthorized control unit is equipped with a signal switching circuit or the like, the continuity of operation of the main control unit is lost, and authentication of the operation sequence is not established. Therefore, according to the fifteenth aspect of the invention, it is possible to detect an unauthorized control unit equipped with a signal switching circuit or the like.

  An authentication program according to claim 16 causes a computer to execute the authentication method according to claim 15.

  According to the sixteenth aspect of the present invention, the computer can execute the authentication method according to the fifteenth aspect.

  According to the electronic device, the gaming machine, the main control board, the peripheral board, the authentication method, and the authentication program according to the present invention, an illegal control signal output from the illegal control board is detected, and the peripheral board as the controlled part is illegal. Control can be prevented.

It is a front view which shows an example of the game board of the pachinko game machine of this invention. It is a block diagram which shows the internal structure of the control part of a pachinko game machine. It is a block diagram which shows the functional structure of a main control board and a peripheral board | substrate. It is a flowchart which shows the procedure of the control process of the production | presentation control part by the main control part. It is a flowchart which shows the procedure of the control process of the production | presentation control part by the main control part. It is a time chart which shows the transmission timing of a jackpot related command. It is a flowchart which shows the procedure of the symbol variation process by an effect control part. It is a flowchart which shows the procedure of the process at the time of the big hit by an effect control part. It is a flowchart which shows the procedure of the lamp control process at the time of the symbol variation by a lamp control part. It is explanatory drawing which shows typically the data format of the control signal which a main control part outputs. It is explanatory drawing which shows typically the production | generation method of the individual authentication data (individual test value) in a main control part. 4 is a flowchart illustrating a procedure of control signal transmission processing by the main control unit 201. It is a flowchart which shows the procedure of the authentication process of the main control part by a peripheral part. It is a flowchart which shows the procedure of the individual authentication process by a peripheral part. It is a sequence diagram which shows an example of the flow of data between control parts. It is explanatory drawing which shows the outline | summary of the fraud prevention technique by a prior art. It is explanatory drawing which shows the example of insertion of an unauthorized control board. It is explanatory drawing which shows the outline | summary of the signal switching by a signal switching circuit.

(Embodiment)
Referring to the accompanying drawings, control signals between a pachinko gaming machine having the function of an electronic device according to the present invention and a plurality of boards (main control board and peripheral board) mounted on the pachinko gaming machine will be described below. A preferred embodiment of an authentication method and an authentication program for authenticating an included control command will be described in detail.

(Basic configuration of pachinko machine)
FIG. 1 is a front view showing an example of a game board of a pachinko gaming machine according to the present invention. A game ball launched by driving a launching unit (see FIG. 2) arranged at a lower position of the game board 101 ascends between the rails 102a and 102b and reaches an upper position of the game board 101, and then the game area 103 Fall inside. A plurality of nails (not shown) are provided in the game area 103, and the game ball is dropped in various directions, and a windmill or a prize opening that changes the fall direction of the game ball is placed in the middle of the fall. Is arranged.

  A symbol display unit 104 is arranged at the center of the game area 103 of the game board 101. As the symbol display unit 104, for example, a liquid crystal display (LCD) is used. The symbol display unit 104 is not limited to the LCD, and a CRT or the like can also be used. Below the symbol display unit 104, a start winning port 105 for starting winning is arranged. Winning gates 106 are arranged on the left and right of the symbol display unit 104, respectively.

  The winning gate 106 is provided to detect the passing of the game ball and perform a lottery to open the start winning opening 105 for a predetermined time. A normal winning opening 107 is disposed on the side of the symbol display unit 104 or below. When a game ball wins the normal winning opening 107, the number of winning balls (for example, 10) at the time of the normal winning is paid out. At the bottom of the game area 103, there is provided a collection port 108 for collecting game balls that have not won any winning ports.

  The symbol display unit 104 described above starts a variation in the display of a plurality of symbols when a game ball is won at a specific winning opening (at the time of starting winning), and the symbol stops after a predetermined time. When the specific symbols (for example, “777”) are aligned at the time of the stop, a big hit state is obtained. In the big hit state, the big winning opening 109 located below repeats opening for a predetermined period for a predetermined round (for example, 15 rounds), and pays out the number of winning balls corresponding to the winning game balls.

  FIG. 2 is a block diagram showing the internal configuration of the control unit of the pachinko gaming machine. The control unit 200 includes a plurality of control units. In the example of illustration, it has the main control part 201 and the peripheral part (The effect control part 202, the prize ball control part 203). The main control unit 201 controls basic operations related to the game of the pachinko gaming machine. The production control unit 202 controls the production operation during the game. The prize ball control unit 203 controls the number of prize balls to be paid out.

  Based on the program data stored in the ROM 212, the main control unit 201 executes a CPU 211 that performs basic processing as the game content progresses, a RAM 213 that functions as a data work area when the CPU 211 performs arithmetic processing, and each detection unit 221- An interface (I / F) 214 that receives various data from the H.224 and transmits various data to the effect control unit 202 and the prize ball control unit 203 is configured. The main control unit 201 realizes its function by, for example, a so-called main control board.

  On the input side of the main control unit 201, a start winning port detection unit 221 that detects a winning ball that has won a winning winning port 105, a gate detection unit 222 that detects a game ball that has passed through the winning gate 106, and a normal win An ordinary winning opening detection unit 223 that detects a game ball won in the mouth 107 and a large winning opening detection unit 224 that detects a winning ball won in the big winning opening 109 are connected via the I / F 214. These detection units can be configured using proximity switches or the like.

  A prize winning opening / closing part 231 is connected to the output side of the main control part 201, and the opening / closing of the prize winning opening / closing part 231 is controlled. The special prize opening / closing unit 231 has a function of opening the special prize opening 109 for a certain period of time when a big hit is made, and is configured using a solenoid or the like. This jackpot is programmed in advance to occur with a predetermined probability (for example, 1/300, etc.) based on the generated random number (random number for jackpot determination).

  The effect control unit 202 receives control signals including various control commands from the main control unit 201, and executes program data stored in the ROM 242 based on these commands to perform effect control during the game. The effect control unit 202 includes a CPU 241 that executes effect processing, a RAM 243 that functions as a data work area during the calculation processing of the CPU 241, a VRAM 244 that writes image data to be displayed on the symbol display unit 104, and various types from the main control unit 201. An interface (I / F) 245 for receiving data and transmitting various data to the lamp control unit 251 and the voice control unit 252 is provided. The effect control unit 202 realizes its function by, for example, a so-called effect board. In addition, the above-described symbol display unit (LCD) 104, lamp control unit 251, and voice control unit 252 are connected to the output side of the effect control unit 202 via the I / F 245. The lamp control unit 251 controls lighting of the lamp 261. The voice control unit 252 controls voice output from the speaker 262.

  The winning ball control unit 203 receives control signals including various control commands from the main control unit 201, and executes program data stored in the ROM 282 based on these commands to perform winning ball control. The prize ball control unit 203 includes a CPU 281 that executes prize ball control processing, a RAM 283 that functions as a data work area when the CPU 281 performs arithmetic processing, and various data reception and emission units 292 from the main control unit 201. An interface (I / F) 284 that transmits and receives various data is provided. The prize ball control unit 203 realizes its function by, for example, a so-called prize ball substrate.

  The winning ball control unit 203 performs control for paying out the number of winning balls at the time of winning a prize to the connected paying unit 291. In addition, an operation of launching a game ball with respect to the launch unit 292 is detected, and the launch of the game ball is controlled. The payout unit 291 includes a motor for paying out a predetermined number from the game ball storage unit. The winning ball control unit 203 controls the paying unit 291 to pay out the number of winning balls corresponding to the game balls won in each winning port (start winning port 105, normal winning port 107, large winning port 109). Do it.

  The launcher 292 launches a game ball for a game, and includes a sensor that detects a game operation by the player, a solenoid that launches the game ball, and the like. When the prize ball control unit 203 detects a game operation by the sensor of the launch unit 292, the prize ball control unit 203 intermittently fires a game ball by driving a solenoid or the like in response to the detected game operation, thereby playing the game area 103 of the game board 101. A game ball is sent out.

  The main control unit 201, the effect control unit 202, and the prize ball control unit 203 configured as described above are provided on different printed circuit boards (main control board, effect board, and prize ball board). For example, the prize ball control unit 203 can be provided on the same printed circuit board as the main control unit 201.

(Functional configuration of main control board and peripheral board)
FIG. 3 is a block diagram showing a functional configuration of a main control board (main control unit) and peripheral boards (effect control unit, prize ball control unit). First, a functional configuration of the main control board 310 having a function as the main control unit 201 will be described. As shown in FIG. 3, the main control board 310 is a functional unit that transmits a control command for operating the peripheral board 320, and includes a data storage unit 311, a determination unit 312, an individual authentication value generation unit 313, and a synchronization code generation. The unit 314, the encryption unit 315, and the transmission unit 316 are configured.

  The data storage unit 311 stores predetermined data. The predetermined data is program data used in the main control board 310, for example. As the data storage unit 311, for example, a part of the ROM 212 (see FIG. 2) of the main control unit 201 can be used.

  The determination unit 312 determines the number of data to be divided (hereinafter referred to as “division number”) stored in the data storage unit 311. For example, the determination unit 312 uses a value generated by a random number generation circuit or a random number generation program as a division number, refers to a value generated in another process of the main control board 310 at a predetermined timing, and divides the value. Or a number.

  The individual authentication value generation unit 313 divides the data in the data storage unit 311 into the number of divisions, performs a binary operation that satisfies the combining law on each of the divided data, and authenticates the individual of the main control unit 201. Individual authentication data, which is an individual authentication value for generating, is generated for the number of divisions. The binary operation satisfying the combining rule is, for example, addition or exclusive OR operation. The individual authentication value generation unit 313 performs addition or exclusive OR operation on each of the divided data to generate authentication value data for the number of divisions.

  Here, the individual authentication data is an authentication value used to authenticate the individual of the main control unit 201 (that is, the main control board 310). The authentication of the individual means that the main control board 310 is physically (hardware) authenticated, and means that the main control board 310 is not replaced with an unauthorized board.

  The synchronization code generation unit 314 generates a synchronization code including packet information output with transmission of a control command as an operation authentication value for authenticating the operation order of the main control unit 201. The synchronization code is information for confirming that transmission of a control command by the main control board 310 is continuously executed.

  The synchronization code generation unit 314 changes the type of packet information used for generating the synchronization code based on the number of divisions. Specifically, the synchronization code generation unit 314 outputs packet information (continuous packet information) that is continuously output with the transmission of the control command and packets that are output at predetermined intervals with the transmission of the control command. A synchronization code is generated using either information (intermittent packet information).

  When a synchronization code is generated using continuous packet information, each packet information has a correlation of a predetermined interval. For this reason, the operation authentication unit 324 described later can authenticate the continuity of the operation of the main control board 310 by obtaining the correlation between a plurality of pieces of packet information.

  Further, when the synchronization code is generated using the intermittent packet information, each packet information is transmitted at an arbitrary interval, for example, a predetermined time interval or a predetermined clock number interval with the transmission of the control command of the main control board 310. Or at an output timing set at an interval of the number of instruction executions. For this reason, when packet information at continuous output timings are compared, the packet information has a correlation such that there is a time difference between predetermined intervals and a change amount such as an instruction execution quantity. Therefore, the operation authentication unit 324 described later authenticates the continuity of the operation of the main control board 310 by obtaining a correlation between a plurality of packet information. As the synchronization code, values acquired as packet information may be used as they are, or values obtained by performing a predetermined operation on these values may be used.

  By authenticating the operation sequence of the main control unit 201 using the synchronization code, even if the signal switching circuit 1703 is mounted inside the unauthorized control board 1701 as described in FIG. If the operation sequence authenticated by the code is not continuous, it is determined that the control command is transmitted from an unauthorized control board other than the control command transmitted from the main control board 310, and unauthorized control can be detected.

  The encryption unit 315 encrypts the individual authentication data and the synchronization code by a predetermined encryption method. The encryption method by the encryption unit 315 is arbitrary, but when a plurality of encryption methods can be used in the encryption unit 315, the encryption method may be changed based on the number of divisions. For example, when two encryption methods can be used in the encryption unit 315, the first method is changed when the division number is an even number, and the second method is changed when the division number is an odd number. The encryption unit 315 may encrypt the individual authentication data and the synchronization code using a control command in a control signal described later.

  The individual authentication value generation unit 313 may use a part or all of the synchronization code when generating the individual authentication data. In this case, for example, individual authentication data is generated by adding a part or all of the synchronization code to one of the divided data and performing a binary operation. Further, when the individual authentication data is encrypted by the encryption unit 315, a part or all of the synchronization code may be used. Similarly, the synchronization code generation unit 314 may use part or all of the individual authentication data when generating the synchronization code. Further, when encrypting the synchronization code in the encryption unit 315, a part or all of the individual authentication data may be used.

  The transmission unit 316 transmits the individual authentication data and the synchronization code for the number of divisions to the peripheral board 320. For example, the transmission unit 316 adds the individual authentication data and the synchronization code to the control command transmitted from the main control board 310 to the peripheral board 320, and transmits these data. The individual authentication data and the synchronization code may be transmitted simultaneously or separately.

  Next, a functional configuration of the peripheral board 320 having functions as peripheral portions such as the effect control unit 202 and the prize ball control unit 203 will be described. As shown in FIG. 3, the peripheral board 320 includes a reception unit 321, a decryption unit 322, an individual authentication unit 323, an operation authentication unit 324, and a command authentication unit 325.

  The receiving unit 321 receives the individual authentication data and the synchronization code for the number of divisions transmitted by the main control board 310. The receiving unit 321 receives these data, for example, by receiving a control signal to which individual authentication data or a synchronization code is added.

  The decryption unit 322 decrypts the authentication data and the synchronization code by a decryption method corresponding to the encryption method by the encryption unit 315. When the encryption method by the encryption unit 315 is changed based on the number of divisions, the decryption unit 322 becomes an object of calculation by the individual authentication unit 323 when the authentication of the main control board 310 is established. The decryption method is changed based on the number of individual authentication data.

  The individual authentication unit 323 is based on whether the calculation result obtained by performing the binary operation on the authentication data for the number of divisions received by the reception unit 321 matches the expected value (individual authentication expected value). The main control board 310 is authenticated. The binary operation performed by the individual authentication unit 323 and the binary operation performed by the individual authentication value generation unit 313 of the main control board 310 are the same type of binary operation. Since this binary operation satisfies the combining rule, the expected value generated from all the data in the data storage unit 311 matches the value obtained by performing the same operation on the individual authentication data generated from the divided data. Should do. Thereby, the individual authentication unit 323 authenticates the individuality of the main control board 310.

  When the individual authentication data is generated using a part or all of the synchronization code and the divided data, the individual authentication unit 323 includes the part or all of the synchronization code and the data storage unit 311. The individual of the main control unit 201 is authenticated using the expected value for individual authentication generated using the value obtained by performing the binary operation on all the data.

  The operation authentication unit 324 authenticates the operation order of the main control board 310 using the synchronization code received by the reception unit 321. As described above, the synchronization code includes a plurality of pieces of packet information generated at successive timings. Therefore, it is possible to determine whether or not the packet information has a predetermined correlation by obtaining the difference between the plurality of pieces of packet information. If the predetermined correlation is maintained, the control command transmission process has continuity and is not a control command transmitted from another unauthorized control board, and therefore, it is authenticated as the correct operation order.

  When a predetermined calculation is performed on the synchronization code, the operation authentication unit 324 performs a predetermined calculation according to the content of the calculation process of the synchronization code generation unit 314 of the main control board 310 and acquires the synchronization code. To do. When the synchronization code is an inspection value indicating the continuation state of the operation of the main control board 310, it is authenticated that the operation of the main control board 310 is in the correct order. Note that when the receiving unit 321 directly receives the synchronization code, the operation authentication unit 324 authenticates the operation order of the main control board 310 using the synchronization code.

  Note that when the synchronization code is generated using part or all of the individual authentication data and the packet information of the main control unit 201, the operation authentication unit 324 includes the part or all of the individual authentication data and the main authentication data. The operation of the main control unit 201 is authenticated using the packet information of the control unit 201.

  In the above description, the individual authentication unit 323 and the operation authentication unit 324 perform authentication processing independently, but generate a synchronization code using a part of the individual authentication data, or When the individual authentication data is generated by using a part of the synchronization code, the authentication with the other authentication data is performed after the authentication with one of the authentication data is completed.

  The command authentication unit 325 authenticates the control command transmitted by the main control unit 201 when both authentication by the individual authentication unit 323 and authentication by the operation authentication unit 324 are established. The peripheral board 320 performs processing based on the control command authenticated by the command authentication unit 325. When either one of the authentications fails, the command authentication unit 325 determines that an unauthorized control command (an unauthorized control signal) for performing unauthorized control is output from an unauthorized control board, and performs control. While discarding the command, the user may be notified of fraud.

(Basic operation of pachinko machines)
An example of the basic operation of the pachinko gaming machine having the above configuration will be described. The main control unit 201 outputs the winning status of the game ball for each winning port to the winning ball control unit 203 as a control command. The winning ball control unit 203 pays out the number of winning balls corresponding to the winning situation in accordance with the control command output from the main control unit 201.

  The main control unit 201 outputs a corresponding control command to the effect control unit 202 every time a game ball wins the start winning opening 105, and the effect control unit 202 displays the symbols on the symbol display unit 104 in a variable manner. Repeat to stop. When the occurrence of the big hit has been determined, the corresponding control command is output to the effect control unit 202, and the effect control unit 202 stops with a predetermined pattern aligned. At the same time, control for opening the special winning opening 109 is performed. The effect control unit 202 displays various effects on the symbol display unit 104 in addition to the symbol variation display during the jackpot occurrence period, during the reach until the jackpot occurrence, or at the time of reach notice. . In addition, a specific drive is performed for various types of accessories, and effects such as changing the display state of the lamp 261 are performed.

  When a big hit occurs, the big winning opening 109 is opened a plurality of times. One release is one round, for example, 15 rounds are repeatedly executed. The period of one round is set, for example, when 10 game balls are won or for a predetermined period (for example, 30 seconds). At this time, the winning ball control unit 203 pays out with, for example, 15 winning balls per winning game ball to the big winning opening 109. After the jackpot is over, the jackpot state is canceled and the normal gaming state is restored.

(Details of processing by each control unit)
Next, details of various processes performed by each control unit will be described. First, the control process of the effect control unit 202 by the main control unit 201 will be described. 4 and 5 are flowcharts showing the procedure of the control process of the effect control unit by the main control unit. 4 to 9, the correction data, the authentication data, and the accompanying data are not considered in order to clarify the control processing procedure of the effect control unit 202. That is, in the description of FIGS. 4 to 9, “transmit command” means “transmit a control signal including data (control command data) indicating the command”, for example, correction data or authentication. The presence or absence of data and accompanying data (see FIG. 10) is not considered.

  4 and 5, the main control unit 201 first waits until the pachinko gaming machine is turned on (step S401: No loop). When the power of the pachinko gaming machine is turned on (step S401: Yes), the main control unit 201 transmits a power-on command to peripheral parts such as the effect control unit 202 and the prize ball control unit 203 (step S402). ). When the power-on command is transmitted, the effect control unit 202 controls the lamp control unit 251, the sound control unit 252, and the symbol display unit 104 for effect control at the time of power-on (specifically, the lamp control unit 202). Control command to instruct the lighting of the LED, output of sound, display of the demonstration screen, etc.).

  Next, the main control unit 201 determines whether or not the number of undrawn winning prizes is 0 with reference to the data of the undrawn winning prizes recorded in the ROM 212 or the RAM 213 (step S403). The number of undrawn winning prizes is a number obtained by subtracting the number of times a lottery corresponding to the winning ball has been made (number of already drawn lots) from the number of winning balls detected at the start winning opening (number of winning prizes). When the number of undrawn winning prizes is 0 (step S403: Yes), the main control unit 201 measures the time elapsed since the demonstration was started (step S404).

  When a predetermined time elapses after the demonstration is started (step S405: Yes), the main control unit 201 transmits a customer waiting demonstration command to the effect control unit 202 (step S406), and proceeds to step S407. If the predetermined time has not elapsed since the demonstration was started (step S405: No), the process proceeds to step S407 as it is. When the customer waiting demonstration command is transmitted in step S406, the effect control unit 202 transmits a control signal for the customer waiting demonstration to the lamp control unit 251, the voice control unit 252, and the symbol display unit 104. In step S403, when the number of undrawn winning prizes is not zero (step S403: No), the process proceeds to step S410.

  Next, the main control unit 201 determines whether or not a winning ball for the starting winning port is detected by the starting winning port detecting unit 221 (step S407). When a winning ball is detected at the start winning opening (step S407: Yes), the main control unit 201 clears the time that has been measured since the demonstration was started (step S408), and the number of undrawn winning prizes is reached. 1 is added (step S409). Subsequently, the main control unit 201 acquires a jackpot determination random number (step S410), subtracts 1 from the number of undrawn winning prizes (step S411), and proceeds to step S412 in FIG. If no winning ball for the start winning opening is detected in step S407 (step S407: No), the process returns to step S404 and the subsequent processing is continued.

  Next, the main control unit 201 determines whether or not the jackpot determination random number acquired in step S410 is a predetermined jackpot random number (step S412). When the jackpot determination random number is a jackpot random number (step S412: Yes), the main control unit 201 transmits a jackpot reach command (symbol variation command) to the effect control unit 202 (step S413). The main control unit 201 waits until the symbol variation time has elapsed (step S414: No loop), and when the symbol variation time has elapsed (step S414: Yes), transmits a symbol stop command to the effect control unit 202 ( Step S415).

  Next, the main control unit 201 transmits a jackpot start command to the effect control unit 202 (step S416), and then sequentially transmits commands corresponding to the rounds during the jackpot (jackpot command) (step S417). Then, when transmission of the jackpot command for all rounds is completed, the main control unit 201 transmits a jackpot end command (step S418), and proceeds to step S422.

  On the other hand, if the jackpot determination random number is not a jackpot random number in step S412, the main control unit 201 transmits a shift reach command (design variation command) to the effect control unit 202 (step S419). . The main control unit 201 waits until the symbol variation time has elapsed (step S420: No loop), and when the symbol variation time has elapsed (step S420: Yes), transmits a symbol stop command to the effect control unit 202 ( Step S421).

  The main control unit 201 returns to step S403 in FIG. 4 and repeats the subsequent processing until the pachinko gaming machine is turned off (step S422: No). Then, when the power of the pachinko gaming machine is turned off (step S422: Yes), the main control unit 201 transmits an end process command to the effect control unit 202 (step S423), and ends the process according to this flowchart. .

  FIG. 6 is a time chart showing the transmission timing of a jackpot related command (a jackpot reach command, a jackpot start command, a jackpot command, a jackpot end command). The jackpot reach command is transmitted more frequently and randomly than the actual jackpot occurs. The jackpot start command is transmitted only once when shifting to the jackpot state when a jackpot is actually generated. The jackpot command is continuously transmitted for each round after shifting to the jackpot state. The jackpot end command is transmitted only once when all rounds of the jackpot state are completed and the normal state is entered.

  Next, processing by the effect control unit 202 will be described. In the following, processing of the effect control unit 202 at the time of symbol variation (when a jackpot reach command (see step S413 in FIG. 5) or a loss reach command (see step S419 in FIG. 5) is received) and a jackpot time will be described. .

  FIG. 7 is a flowchart showing the procedure of the symbol variation process by the effect control unit. In the flowchart of FIG. 7, the effect control unit 202 first waits until a jackpot reach command (see step S413 in FIG. 5) or a miss reach command (see step S419 in FIG. 5), which is a symbol variation command. (Step S701: No loop). When the symbol variation command is received (step S701: Yes), the effect control unit 202 acquires a random effect selection random number (step S702), and selects a variation effect type based on the acquired random number (step S703). ). Then, the effect control unit 202 transmits an effect start command for each variable effect to the lamp control unit 251 and the sound control unit 252 (step S704).

  The effect control unit 202 determines whether or not the effect time of the variable effect has elapsed (step S705) and whether or not a symbol stop command (see steps S415 and S421 in FIG. 5) has been received from the main control unit 201. (Step S706). When the production time has elapsed (step S705: Yes), or when the symbol stop command has been received (step S706: Yes), the production control unit 202 sends a production stop command to the lamp control unit 251 and the audio control unit 252. Is transmitted (step S707), and the processing according to this flowchart is terminated. If the production time has not elapsed (step S705: No) and the symbol stop command has not been received (step S706: No), the process returns to step S705, and the subsequent processing is repeated.

  Next, the processing for the big hit of the effect control unit 202 will be described. FIG. 8 is a flowchart showing the procedure of the big hit processing by the effect control unit. In the flowchart of FIG. 8, the effect control unit 202 first waits until a jackpot start command (see step S416 in FIG. 5) is received from the main control unit 201 (step S801: No loop). When the jackpot start command is received (step S801: Yes), the effect control unit 202 transmits a jackpot start processing command to the lamp control unit 251 and the sound control unit 252 (step S802).

  Next, the effect control unit 202 waits until receiving a round jackpot command (see step S417 in FIG. 5) from the main control unit 201 (step S803: No loop). When the jackpot command is received (step S803: Yes), the effect control unit 202 transmits a round processing command corresponding to the received round jackpot command to the lamp control unit 251 and the sound control unit 252 (step S804). ).

  Subsequently, the effect control unit 202 waits until a jackpot end command (see step S418 in FIG. 5) is received from the main control unit 201 (step S805: No loop). When the jackpot end command is received (step S805: Yes), the effect control unit 202 transmits a jackpot end processing command to the lamp control unit 251 and the audio control unit 252 (step S806), and ends the processing according to this flowchart. To do.

  Subsequently, a lamp control process by the lamp control unit 251 will be described. Here, processing when a symbol variation command is received from the effect control unit 202 (during symbol variation) will be described. FIG. 9 is a flowchart showing the procedure of the lamp control process when the symbol is changed by the lamp control unit. In the flowchart of FIG. 9, the lamp control unit 251 first waits until an effect start command is received from the effect control unit 202 (step S901: No loop).

  When an effect start command is received from the effect control unit 202 (step S901: Yes), the lamp control unit 251 reads data prepared for each command (step S902) and executes a selection routine for each command (step S903). ), Ramp data is set (step S904). Then, the lamp control unit 251 outputs lamp data to the lamp 261 (step S905). Based on the lamp data output from the lamp control unit 251, the lamp 261 is turned on or off.

  Until the lamp control unit 251 receives an effect stop command from the effect control unit 202 (step S906: No), the lamp control unit 251 returns to step S905 and continues outputting the lamp data. When the production stop command is received (step S906: Yes), the lamp control unit 251 stops the output of the lamp data (step S907) and ends the processing according to this flowchart.

  Note that although the processing of the lamp control unit 251 is shown in FIG. 9, the sound control by the sound control unit 252 is almost the same as the processing of FIG. In the sound control process by the sound control unit 252, “ramp data” in steps S <b> 904, S <b> 905, and S <b> 907 in the process of FIG.

  As described above, peripheral units such as the effect control unit 202 and the prize ball control unit 203 perform various processes based on the control commands output by the main control unit 201. On the other hand, when the output source of the control command is not the regular main control unit 201, for example, when an unauthorized control board is connected between the main control unit 201 and the peripheral unit (see FIG. 17), The peripheral portion performs an illegal operation by an illegal control command output from an unauthorized control board.

  In order to prevent this, in the pachinko gaming machine according to the present embodiment, an authentication process is performed between the main control unit 201 and the peripheral unit. More specifically, the peripheral unit is the authenticator and the main control unit 201 is the person to be authenticated, and the individual and the operation order of the main control unit 201 are authenticated. Authenticates the validity of the control signal. The authentication value (individual authentication data) used for authenticating the individual of the main control unit 201 is generated based on data obtained by arbitrarily dividing the program data recorded in the main control unit 201. Further, the authentication value (synchronization code) used for the authentication of the operation sequence of the main control unit 201 is generated based on packet information output with the transmission of the control command. This authentication process detects fraud such as the main control unit 201 being replaced with an unauthorized control board, or an unauthorized control board being attached between the main control unit 201 and the peripheral part, and the pachinko gaming machine Fraud can be prevented.

  In the present embodiment, the individual authentication data and the synchronization code (hereinafter referred to as “authentication data” together) are added to the control command data and transmitted. By adding the authentication data to the control command data, it is possible to suppress an increase in communication load between the main control unit 201 and the peripheral unit as compared with the case where the authentication data is transmitted alone. Further, by adding the authentication data to the control command data, it is possible to reduce the possibility that the authentication data is extracted from the communication data and analyzed as compared with the case where the authentication data is transmitted alone. The format of a control signal including authentication data and control command data will be described below.

(Control signal data format)
FIG. 10 is an explanatory diagram schematically showing a data format of a control signal output from the main control unit. FIG. 10 shows a normal control signal 1010 and a control signal with authentication data 1020 output from the main control unit 201. Further, as a modification of the control signal with authentication data 1020, a control signal with individual authentication data 1030 and a control signal with synchronization code 1040 are shown.

  A normal control signal 1010 includes control command data 1001 and accompanying data 1002. The control command data 1001 is data unique to each command such as a reach command, a jackpot start command, a round command, and the like. The accompanying data 1002 is data accompanying the control command data 1001, and is data necessary for processing based on the control command data 1001, such as the number of winning game balls.

  On the other hand, the control signal with authentication data 1020 includes individual authentication data 1003 and a synchronization code 1004 in addition to the control command data 1001 and the accompanying data 1002. The individual authentication data 1003 is data for authenticating the individual of the main control unit 201 that has transmitted the control command data 1001 and the accompanying data 1002. The synchronization code 1004 is data for authenticating the operation sequence of the main control unit 201. Each authentication data is specifically generated as follows.

(Generation method of individual authentication data (individual test value))
FIG. 11 is an explanatory diagram schematically showing a method for generating individual authentication data (individual test value) in the main control unit. The individual authentication data 1003 is generated using data recorded in the ROM 212 of the main control unit 201 or the like. More specifically, after dividing a predetermined area of the ROM 212 by an arbitrary number of divisions, a binary operation (semigroup operation) that satisfies the combining law is performed on the data stored in each of the divided areas, and an individual examination is performed. Calculate the value. Examples of the semi-group operation include addition and exclusive OR operation. Then, a value obtained by performing a predetermined calculation (for example, encryption processing) on the individual test value is set as authentication data. Whether or not the individual test value is encrypted is arbitrary, but it is desirable to encrypt it from the viewpoint of fraud prevention.

  When performing a predetermined calculation on the individual test value, a control command to which the individual test value is added may be used. In general, an unauthorized control unit tries to cause an unauthorized operation to be performed by transmitting a control command different from that of a regular main control unit. If the individual authentication data 1003 is generated by using the control command to be transmitted this time, even if the authentication value is reused by an unauthorized control unit, the authentication value and the control command cannot be matched and the fraud is detected. be able to.

  Further, when performing a predetermined calculation on the individual test value, a part or all of the synchronization code 1004 (or packet information) transmitted together may be used. As described above, in the peripheral portion, authentication is performed using the two authentication data of the individual authentication data 1003 and the synchronization code 1004. By generating one authentication data using the other authentication data, it is easy to detect fraud when the authentication data is fraudulent, and the authentication strength can be improved.

  The type of data used for calculating the individual test value is arbitrary. For example, program data (instruction code or fixed data) recorded in the ROM 212 of the main control unit 201 can be used. By using the program data recorded in the ROM 212 of the main control unit 201, it is possible to detect unauthorized rewriting of the program code, unauthorized replacement of the ROM 212 of the main control unit 201, and the like.

  For example, 12 data (0x01 to 0x09, 0x0A to 0x0C) are stored in the program data storage unit 1100 shown in FIG. When the division number is 3, the program data storage unit 1100 can be divided into, for example, a first block 1100a including four data, a second block 1100b including three data, and a third block 1100c including five data. The main control unit 201 performs a semi-group operation on the data stored in each of these blocks to calculate an individual test value. The number of data in the block described above is an example. The number of data in the divided blocks may be a fixed value or may be determined randomly.

  For example, if the method of using addition as the semi-group operation is method A, the four pieces of data 0x01, 0x02, 0x03, and 0x04 stored in the first block 1100a are added to obtain the first inspection value 0x0A. Similarly, the three data 0x05, 0x06, 0x07 stored in the second block 1100b are added to obtain the second check value 0x12 as the five data 0x08, 0x09, 0x0A, 0x0B, 0x0C stored in the third block 1100c. Are added to obtain the third inspection value 0x32.

  Further, for example, if the method using the exclusive OR operation as the semi-group operation is method B, the exclusive OR operation is performed on the four data 0x01, 0x02, 0x03, and 0x04 stored in the first block 1100a. An inspection value of 0x04 is obtained. Similarly, exclusive OR operation is performed on the three pieces of data 0x05, 0x06, and 0x07 stored in the second block 1100b, and the second check value 0x04 is stored in the five pieces of data 0x08, 0x09, and 0x0A stored in the third block 1100c. , 0x0B, 0x0C are subjected to exclusive OR operation to obtain third check values 0x0C, respectively.

  Then, encryption processing is performed on the obtained individual test value to obtain individual authentication data 1003. In this encryption process, as described above, the encryption process may be performed including the control command data 1001, the accompanying data 1002, and the synchronization code 1004. At this time, these data may be used as they are, or values obtained by performing operations such as operations using a hash function, parity check, cyclic redundancy check (CRC), and checksum on these data. May be used.

  On the other hand, the peripheral part as the authenticator holds the value obtained by performing the semi-group operation on the entire data stored in the program data storage part 1100 as an expected value. For example, the expected value in the case of method A is 0x4E, which is the sum of 0x01 to 0x0C. In addition, the expected value in the case of method B is 0x0C, which is an exclusive OR of 0x01 to 0x0C. In the peripheral portion, the same number of expected values as the number of inspection value generation methods by the main control unit 201 is held.

  The peripheral part extracts the individual test value from the received control signal with authentication data 1020 and collates the value obtained by performing the semigroup operation on the individual test value with the individual expected value. Since individual test values are generated using half-group operations, if the same half-group operation is performed on all of the individual test values generated from the divided program data, the half-group operation is performed on the entire program data. Should match the expected value for individual authentication. When the individual value obtained by performing the half-group operation on the individual test value matches the expected value, the peripheral unit authenticates the main control unit 201.

  The semi-group calculation process in the peripheral portion corresponds to the process of combining the individual test values generated from the divided data, and is called “combination process”. In addition, the number of individual test values used for the combining process when authentication is established is referred to as “number of connections”. The number of connections in the peripheral part and the number of divisions in the main control unit 201 are the same.

(Synchronization code generation method)
Next, a method for generating the synchronization code 1004 will be described. The synchronization code 1004 is packet information itself output with transmission of a control command, or data obtained by performing a predetermined calculation on the packet information. The predetermined calculation is, for example, a calculation using a hash function, a parity check, a cyclic redundancy check, a checksum, or the like.

  The main control unit 201 changes the type of packet information used to generate the synchronization code 1004 based on the number of divisions. In addition, the peripheral unit switches the synchronization code authentication method using the number of connections. For example, when the number of divisions and the number of connections are odd numbers, the type of packet information (continuous packet information or intermittent packet information) used to generate the synchronization code 1004 is switched. On the other hand, when the number of divisions and the number of combinations are even, the type of packet information used for generating the synchronization code 1004 is not changed and is continued as it is.

  The number of divisions is a value that only the main control unit 201 knows, and the peripheral part can know the value as the number of connections only when authentication is established. Therefore, the fraud analyst cannot know the number of divisions and the number of connections, and cannot know that the type of packet information used for generating the synchronization code has been changed. Thereby, it is possible to prevent the unauthorized code from being generated illegally by the unauthorized analyst.

  Returning to the description of FIG. 10, the arrangement of the control command data 1001, the accompanying data 1002, the individual authentication data 1003, and the synchronization code 1004 is not limited to the order shown in FIG. 10, and for example, the individual authentication data 1003 or the synchronization code 1004 is used as the control signal. The individual authentication data 1003 or the synchronization code 1004 may be inserted between the control command data 1001 and the accompanying data 1002.

  Further, the individual authentication data 1003 and the synchronization code 1004 may be added to different control command data 1001 instead of being added to the same control command data 1001. For example, in the control signal 1030 with individual authentication data in FIG. 10, only the individual authentication data 1003 is added to the control command data 1001. Further, in the control signal with synchronization code 1040, only the synchronization code 1004 is added to the control command data 1001.

  The timing at which the main control unit 201 outputs the control signal with authentication data 1020 (or the control signal with individual authentication data 1030 and the control signal with synchronization code 1040, and so on) is arbitrary. For example, the control signal with authentication data 1020 may be output every predetermined time, or the control signal with authentication data 1020 may be always output. For example, when the control command data 1001 in the control signal is a specific type of command, the control signal with authentication data 1020 may be added.

  However, when the individual authentication data 1003 and the synchronization code 1004 are transmitted separately (when the control signal with authentication data 1030 and the control signal with synchronization code 1040 are transmitted), the individual authentication data 1003 is generated using the synchronization code 1004. If it is, the synchronization code 1004 needs to be transmitted before authentication using the individual authentication data 1003 is performed. Similarly, when the synchronization code 1004 is generated using the individual authentication data 1003, it is necessary to transmit the individual authentication data 1003 before authentication using the synchronization code 1004 is performed.

(Control signal transmission / reception processing)
Subsequently, a control signal transmission / reception process performed between the main control unit 201 and the peripheral unit will be described. FIG. 12 is a flowchart illustrating a procedure of control signal transmission processing by the main control unit 201. The main control unit 201 waits until the control command transmission timing is reached (step S1201: No), and when the control command transmission timing is reached (step S1201: Yes), determines the number of program data divisions (step S1202). . The method for determining the number of divisions is arbitrary. The number of divisions may be determined before the transmission timing of the control command.

  Next, the main control unit 201 divides the program data by the determined number of divisions, performs a semi-group operation on each of them to calculate individual test values (step S1203), and encrypts the individual test values. To generate individual authentication data (step S1204). By this process, the individual test values and the individual authentication data for the number of divisions are generated. Subsequently, the main control unit 201 acquires packet information that is output along with the transmission of the control command (step S1205), performs a predetermined calculation on the packet information, and generates a synchronization code (step S1206). .

  Next, the main control unit 201 adds the generated authentication data (individual authentication data and synchronization code) to the control command data (step S1207), and transmits a control signal with authentication data to the peripheral part (step S1208). The control signal with authentication data may be transmitted continuously, or may be mixed with a normal control signal and transmitted. Further, the transmission order of the authentication data is also arbitrary. Although there are a plurality of individual authentication data, two or more individual authentication data may be added to one control command.

  After transmitting all the authentication data, the main control unit 201 determines whether or not the number of divisions determined in step S1202 is a predetermined value (step S1209). The predetermined value is, for example, an odd number (or even number). When the division number is a predetermined value (step S1209: Yes), the main control unit 201 changes the type of packet information used for generating the synchronization code (step S1210), and ends the process according to this flowchart. On the other hand, if the number of divisions is not a predetermined value (step S1209: No), the processing according to this flowchart is terminated without changing the type of packet information.

  Next, an authentication process of the main control unit 201 by the peripheral unit will be described. FIG. 13 is a flowchart showing a procedure of authentication processing of the main control unit by the peripheral unit. In the flowchart of FIG. 13, the peripheral unit first waits until receiving a control signal with authentication data from the main control unit 201 (step S1301: No loop). When the control signal with authentication data is received from the main control unit 201 (step S1301: Yes), the peripheral unit authenticates the individual of the main control unit 201 using the individual authentication data included in the received control signal with authentication data. (Step S1302). Details of the individual authentication processing by the peripheral part will be described in detail with reference to FIG.

  When the authentication of the main control unit 201 is established for the individual (step S1303: Yes), the peripheral unit authenticates the operation order of the main control unit 201 using the synchronization code (step S1304). Specifically, the peripheral unit authenticates the operation order of the main control unit 201 based on whether or not a difference between packet information included in the synchronization code has a predetermined correlation.

  When authentication with respect to the operation sequence of the main control unit 201 is established (step S1305: Yes), the peripheral unit authenticates that the received control signal is a correct signal (step S1306), and performs processing based on the control command (step S1307). ). Further, the peripheral unit determines whether or not the number of individual test values (number of connections) subjected to the half group calculation (see FIG. 14) when the authentication of the individual of the main control unit 201 is established is a predetermined value. (Step S1308). When the number of combinations is a predetermined value (step S1308: Yes), the type of packet information included in the synchronization code is changed. (Relationship) is switched (step S1309), and the processing according to this flowchart ends. On the other hand, if the number of connections is not a predetermined value (step S1308: No), the processing according to this flowchart is terminated as it is.

  On the other hand, when the authentication with respect to the operation sequence of the main control unit 201 is not established (step S1305: No), or when the authentication with respect to the individual is not established (step S1303: No), the peripheral unit invalidates the received control signal. As a control signal (step S1310), and the process according to this flowchart is terminated.

  Next, the individual authentication process (step S1302 in FIG. 13) by the peripheral part will be described. FIG. 14 is a flowchart showing the procedure of the individual authentication process by the peripheral part. In the flowchart of FIG. 14, the peripheral unit waits until receiving individual authentication data (a control signal including individual authentication data) (step S1401: No loop) and receives individual authentication data (step S1401: Yes). The individual authentication data is decrypted to obtain the individual test value (step S1402).

  The peripheral unit stores the acquired individual test values in the individual test value memory (step S1403), and performs a semi-group operation (joining process) on all the individual test values in the individual test value memory (step S1403). S1404). If there is one test value in the individual test value memory, the process proceeds to step S1405 without performing the combining process.

  Then, the peripheral unit compares the calculation result (combination result) with the held expected value for individual authentication, and determines whether or not the combined result matches the expected value for individual authentication (step S1405). . When the combined result matches the expected value for individual authentication (step S1405: Yes), the peripheral unit establishes authentication for the individual of the main control unit 201 (step S1406). Then, the data in the individual test value memory is erased (step S1407), and the processing according to this flowchart ends.

  On the other hand, in step S1405, if the combined result and the expected value for individual authentication do not match (step S1405: No), the peripheral unit proceeds to step S1401 until a predetermined number or more of individual authentication data is received (step S1408: No). Return and repeat the process of receiving and combining the individual authentication data. When a predetermined number or more of individual authentication data is received (step S1408: Yes), the peripheral unit determines that authentication with respect to the main control unit 201 is not established (step S1409), and ends the processing according to this flowchart. Although the predetermined number is an arbitrary number, for example, it can be the number of data that can be stored in the program data storage unit 1100 (maximum number of divisions).

(Specific example of packet information change processing)
Next, a specific example of a process for changing the packet information used for generating the synchronization code among the processes shown in FIGS. 12 to 14 will be described. FIG. 15 is a sequence diagram illustrating an example of a data flow between control units. In FIG. 15, when the number of divisions (number of connections) is an odd number, the type of packet information (continuous packet information and intermittent packet information) used to generate the synchronization code is switched. In addition, packet information used as default is continuous packet information.

  First, the main control unit 201 determines the number of divisions used for the current authentication process by an arbitrary method. For example, if the current number of divisions = 3 (step S1501), the main control unit 201 divides the data stored in the program data storage unit 1100 into three blocks, and uses the data contained in each block to produce 3 One individual test value is calculated, and further predetermined calculation is performed to generate individual authentication data (step S1502).

  The main control unit 201 acquires continuous packet information as packet information (step S1503) and generates a synchronization code (step S1504). The main control unit 201 transmits an authentication data-added control signal including the individual authentication data and the synchronization code to the peripheral unit (step S1505).

  Thereafter, the main control unit 201 switches the type of packet information used for generating the synchronization code because the current number of divisions is an odd number (step S1506). Specifically, the packet information used for generating the synchronization code is switched from continuous packet information to intermittent packet information.

  Next, processing in the peripheral part will be described. The peripheral unit receives the control signal with authentication data transmitted from the main control unit 201 (step S1507). Then, the individual authentication data is extracted from the control signal with the authentication data, decrypted to obtain the individual test value, the obtained individual test value is combined (step S1508), and the combined result is used for the individual authentication. Check against the expected value. When the combined result matches the expected value for individual authentication, the peripheral unit establishes authentication of the main control unit 201 for the individual (step S1509). In this case, when the combination process is performed using the three individual test values, it should match the expected value for individual authentication (number of connections = 3).

  Further, the peripheral part extracts a synchronization code from the control signal with authentication data, and collates whether or not the difference between the packet information satisfies the correlation corresponding to the continuous packet information (step S1510). When the difference between the packet information satisfies the correlation corresponding to the continuous packet information, the peripheral unit establishes authentication for the operation sequence of the main control unit 201 (step S1511). Since the number of couplings this time is an odd number, the peripheral unit switches the synchronization code authentication method (correlation between differences in packet information) (step S1512). Specifically, the correlation corresponding to the continuous packet information is switched to the correlation corresponding to the intermittent packet information. This is the flow of a series of switching processes.

  Turning to the description of the second process, the main control unit 201 again determines the number of divisions by an arbitrary method. For example, assuming that the current number of divisions = 4 (step S1513), the main control unit 201 divides the data stored in the program data storage unit 1100 into four blocks, and uses the data included in each block to obtain four. One individual test value is calculated, and further calculation is performed to generate individual authentication data (step S1514).

  Further, the main control unit 201 acquires intermittent packet information as packet information (step S1515) and generates a synchronization code (step S1516). Then, the main control unit 201 transmits a control signal with authentication data including the individual authentication data and the synchronization code to the peripheral unit (step S1517). Thereafter, since the current number of divisions is an even number, the main control unit 201 continues the intermittent packet information without switching the type of packet information used for generating the synchronization code (step S1518).

  Subsequently, the peripheral unit receives the control signal with authentication data transmitted from the main control unit 201 (step S1519), acquires the individual test value from the individual authentication data, and performs a binding process on the acquired individual test value. Is performed (step S1520). If the combined result matches the expected value for individual authentication, the peripheral unit establishes authentication of the main control unit 201 for the individual (step S1521). In this case, when the combination process is performed using the four individual test values, it should match the expected value (number of connections = 4).

  Further, the peripheral part extracts a synchronization code from the control signal with authentication data, and collates whether or not the difference between the packet information satisfies the correlation corresponding to the intermittent packet information (step S1522). When the difference between the packet information satisfies a predetermined correlation, the peripheral unit establishes authentication for the operation sequence of the main control unit 201 (step S1523). Since the number of connections this time is an even number in the peripheral portion, the synchronization code authentication method (correlation between differences in packet information) is continued without switching (step S1524).

  In the above-described embodiment, a single encryption method is used for encrypting the inspection value. However, a plurality of encryption methods may be switched based on the number of divisions. Thereby, possibility that authentication data will be analyzed by a fraud analyst can be reduced.

  As described above, the pachinko gaming machine according to the present embodiment changes the type of packet information used for generating the synchronization code based on the number of divisions. Since the number of divisions is a value that only the main control unit 201 knows, the unauthorized analyst cannot know that the type of packet information used for generating the synchronization code has been changed. Thereby, when an unauthorized control unit is inserted between the main control unit 201 and the peripheral unit, it is possible to detect the unauthorized operation by collating the synchronization code.

  In addition, the pachinko gaming machine according to the present embodiment is only when individual authentication data for authenticating the individual of the main control unit 201 and a synchronization code for authenticating the operation order of the main control unit 201 are respectively authenticated. The control command transmitted from the main control unit 201 is authenticated. In this way, by performing authentication processing twice, it is possible to improve the strength of authentication and prevent unauthorized processing due to unauthorized control commands from being executed.

  In addition, the pachinko gaming machine according to the present embodiment authenticates the operation order of the main control unit 201 using a synchronization code in the peripheral part. When an unauthorized control unit is equipped with a signal switching circuit or the like, the continuity of operation of the main control unit 201 is lost, and authentication of the operation sequence is not established. For this reason, according to the pachinko gaming machine according to the present embodiment, it is possible to detect an unauthorized control unit equipped with a signal switching circuit or the like.

  The control method for the main control unit and the peripheral units described in the present embodiment can be realized by executing a program prepared in advance on a computer such as a personal computer or a workstation. This program is recorded on a computer-readable recording medium such as a hard disk, a flexible disk, a CD-ROM, an MO, and a DVD, and is executed by being read from the recording medium by the computer. The program may be a transmission medium that can be distributed via a network such as the Internet.

  As described above, the present invention is useful for an electronic device in which fraud to the control unit is concerned and a control board mounted on the electronic device, and in particular, a pachinko gaming machine, a slot gaming machine, and other various gaming machines. Suitable for

310 Main Control Board 311 Data Storage Unit 312 Determination Unit 313 Individual Authentication Value Generation Unit 314 Synchronization Code Generation Unit 315 Encryption Unit 316 Transmission Unit 320 Peripheral Board 321 Reception Unit 322 Decoding Unit 323 Individual Authentication Unit 324 Operation Authentication Unit 325 Command Authentication Part

Claims (16)

An electronic device comprising: a main control unit; and a peripheral unit that performs a predetermined process based on a control command transmitted by the main control unit,
The main control unit
Data storage means for storing predetermined data;
Determining means for determining the number of divisions of the data stored in the data storage means (hereinafter referred to as “division number”);
Individual authentication for authenticating an individual of the main control unit by dividing the data in the data storage means into the number of divisions and performing a binary operation satisfying a coupling law on each of the divided data Individual authentication value generating means for generating values for the number of divisions;
As an operation authentication value for authenticating the operation order of the main control unit, a synchronization code generating means for generating a synchronization code including packet information output with transmission of the control command;
Transmitting means for transmitting the individual authentication value and the synchronization code for the number of divisions to the peripheral part,
The peripheral portion is
Receiving means for receiving the individual authentication value and the synchronization code for the number of divisions;
Based on whether the calculation result obtained by performing the two-term calculation on the individual authentication values for the number of divisions matches the expected value of the calculation result (hereinafter referred to as “individual authentication expected value”). Individual authentication means for authenticating the individual of the main control unit;
Operation authentication means for authenticating the operation order of the main control unit using the difference of the packet information included in the synchronization code;
Command authentication means for authenticating a control command transmitted by the main control unit when both authentication by the individual authentication means and authentication by the action authentication means are established,
The expected value for individual authentication is a value obtained by performing the binary operation on all the data in the data storage means,
The electronic device according to claim 1, wherein the synchronization code generation unit changes a type of the packet information used for generating the synchronization code based on the division number.   The synchronization code generation means is any one of the packet information that is output continuously with transmission of the control command and the packet information that is output at predetermined intervals with transmission of the control command. The electronic device according to claim 1, wherein the synchronization code is generated by using a computer. The synchronization code generating means generates the synchronization code using a part or all of the individual authentication value and the packet information,
The electronic device according to claim 1, wherein the operation authentication unit authenticates the operation of the main control unit using a part or all of the individual authentication value and the packet information. The individual authentication value generating means generates an individual authentication value using a part or all of the synchronization code and the divided data,
The individual authentication means is the expected value for individual authentication generated using a part or all of the synchronization code and a value obtained by performing the binary operation on all the data in the data storage means. The electronic device according to claim 1, wherein an individual of the main control unit is authenticated using the electronic device.   5. The electronic device according to claim 1, wherein the transmission unit adds at least one of the individual authentication value and the synchronization code to the control command and transmits the control command to the peripheral part. 6. .   6. The electronic apparatus according to claim 5, wherein the individual authentication value generating unit generates the individual authentication value using the control command to which the individual authentication value is added.   The electronic device according to claim 5, wherein the synchronization code generation unit generates the synchronization code using the control command to which the synchronization code is added. The main control unit
An encryption unit for encrypting the individual authentication value and the synchronization code by a predetermined encryption method;
The transmission means transmits the individual authentication value and the synchronization code encrypted by the predetermined encryption method,
The peripheral portion is
Decrypting means for decrypting the individual authentication value and the synchronization code encrypted by the predetermined encryption method by a decryption method corresponding to the encryption method;
8. The individual authentication unit and the operation authentication unit perform authentication using the individual authentication value and the synchronization code decrypted by the decryption unit. The electronic device described. The encryption means changes the encryption method based on the division number,
The decryption unit changes the decryption method of the individual authentication value based on the number of the individual authentication values subjected to the binary operation when the individual authentication unit is authenticated by the individual authentication unit. 9. The electronic apparatus according to claim 8, wherein   The electronic device according to claim 1, wherein the data storage unit stores program data used in the main control unit.   The electronic apparatus according to claim 1, wherein the binary operation is addition or exclusive OR operation.   A gaming machine comprising the electronic device according to claim 1, wherein the main control unit is a main control board, and the peripheral portion is a peripheral board. A main control board that is mounted on an electronic device and transmits a control command to perform a predetermined process on a peripheral board,
Data storage means for storing predetermined data;
Determining means for determining the number of divisions of the data stored in the data storage means (hereinafter referred to as “division number”);
Individual authentication for authenticating an individual of the main control board by dividing the data in the data storage means into the number of divisions and performing a binary operation satisfying a coupling law on each of the divided data Individual authentication value generating means for generating values for the number of divisions;
As an operation authentication value for authenticating the operation sequence of the main control board, a synchronization code generating means for generating a synchronization code including packet information output along with transmission of the control command;
Transmitting means for transmitting the individual authentication value for the number of divisions and the synchronization code to the peripheral board,
The main control board, wherein the synchronization code generation means changes the type of the packet information used for generating the synchronization code based on the division number. A peripheral board that is mounted on an electronic device and performs a predetermined process based on a control command transmitted by the main control board,
A plurality of individual authentication values for authenticating the individual of the main control board transmitted by the main control board; and receiving means for receiving a synchronization code for authenticating the operation of the main control board;
The main control is based on whether or not an operation result obtained by performing the binary operation on the plurality of individual authentication values matches an expected value of the operation result (hereinafter referred to as an “individual authentication expected value”). An individual authentication means for authenticating an individual of the substrate;
Operation authentication means for authenticating the operation sequence of the main control board using the difference of the packet information included in the synchronization code;
When both authentication by the individual authentication unit and authentication by the operation authentication unit are established, a command authentication unit that authenticates a control command transmitted by the main control board,
4. The peripheral board according to claim 1, wherein the expected value for individual authentication is a value obtained by performing the binary operation on all the data in the data storage means. An authentication method in an electronic device comprising a main control unit and a peripheral unit that performs predetermined processing based on a control command transmitted by the main control unit,
In the main control unit,
A determining step of determining a number (hereinafter referred to as a “number of divisions”) for dividing the data stored in the data storage means for storing predetermined data;
Individual authentication for authenticating an individual of the main control unit by dividing the data in the data storage means into the number of divisions and performing a binary operation satisfying a coupling law on each of the divided data An individual authentication value generation step of generating values for the number of divisions;
As an operation authentication value for authenticating the operation order of the main control unit, a synchronization code generating step for generating a synchronization code including packet information output with transmission of the control command;
Transmitting the individual authentication value for the number of divisions and the synchronization code to the peripheral part, and
In the periphery,
Receiving the individual authentication value and the synchronization code for the number of divisions; and
Based on whether the calculation result obtained by performing the two-term calculation on the individual authentication values for the number of divisions matches the expected value of the calculation result (hereinafter referred to as “individual authentication expected value”). An individual authentication step of authenticating the individual of the main control unit;
An operation authentication step of authenticating the operation order of the main control unit using the difference of the packet information included in the synchronization code;
A command authentication step of authenticating a control command transmitted by the main control unit when both authentication in the individual authentication step and authentication in the operation authentication step are established,
The expected value for individual authentication is a value obtained by performing the binary operation on all the data in the data storage means,
In the synchronization code generating step, the type of packet information used for generating the synchronization code is changed based on the number of divisions.   An authentication program for causing a computer to execute the authentication method according to claim 15.

Images