JP2020088793A - Information processing device, information processing method, and program - Google Patents

Abstract

To provide an information processing device, an information processing method and a program, which can quickly start an execution program.SOLUTION: Multifunctional equipment 100 includes: a communication unit 110 to be connected to a network; a flash ROM 130 which stores an execution program 131; and a main CPU 101 which executes a signature check program 136 to determine the existence or non-existence of an abnormality in the execution program 131. In response to the reception of a startup instruction, the main CPU 101 executes the processing of: determining whether or not the communication unit 110 has been connected to a network in a period from the previous startup to the previous shutdown of the multifunctional equipment 100; and on determining to be negative by the determination processing, initiating the execution program 131 without performing the signature check program 136.SELECTED DRAWING: Figure 1

Description

The present invention relates to an information processing device, an information processing method, and a program for performing a security check such as tampering judgment of an execution program when the device is activated.

Conventionally, various technologies regarding an information processing apparatus that performs a security check such as alteration determination of an execution program when the apparatus is started have been proposed.

For example, the computer system with a falsification detection function described in Patent Document 1 checks whether or not the OS, OS loader, and other files to be inspected have been falsified at the time of starting the computer, and after confirming safety, the OS, the OS loader, and the application are checked. I'm trying to start.

JP, 10-333902, A

However, in the above-described conventional computer system with the tampering detection function, the security check of the OS, OS loader, and other files to be inspected, that is, the execution program is always performed when the computer is started, so that the startup of the execution program is delayed.

Therefore, it is an object of the present invention to provide an information processing device, an information processing method, and a program capable of speeding up the startup of an execution program.

In order to achieve the above object, an information processing apparatus of the invention is a control unit that executes a first abnormality determination process for determining whether or not there is an abnormality in an execution program, a storage unit that stores an execution program, and a communication unit that is connected to a network. And a control unit, in response to receiving a start instruction, determines whether the communication unit is network-connected within the period from the previous startup to the previous shutdown of the information processing device. And a first start-up process for starting the execution program without performing the first abnormality judgment process when the negative judgment is made by the first judgment process. ..

According to the present invention, it is possible to speed up the start of the execution program.

It is a block diagram which shows the control structure of the compound machine to which the information processing apparatus which concerns on one embodiment of this invention is applied. FIG. 2 is a diagram showing a case where the multifunction peripheral of FIG. 1 can or cannot omit signature check or encryption circuit check. 3 is a flowchart showing a procedure of a startup process executed by the multifunction peripheral of FIG. 1, particularly a CPU. 4 is a flowchart showing a detailed procedure of self-test processing included in the startup processing of FIG. 3. 5 is a flowchart showing a procedure following the self-test processing shown in FIG. 4. 3 is a flowchart showing a procedure of in-operation processing executed by the multifunction peripheral of FIG. 1, particularly a CPU. 7 is a flowchart showing a procedure following the operation process of FIG. 6;

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

FIG. 1 shows a control configuration of a multifunction peripheral (MFP) 100 to which an information processing device according to an embodiment of the present invention is applied. The multifunction device 100 includes a copy function, a printer function, a scanner function, and It is equipped with a fax function.

As shown in FIG. 1, the multifunction peripheral 100 includes a main CPU (central processing unit) 101 and a sub CPU 102. The main CPU 101 controls the operation of the entire multifunction peripheral 100. The sub CPU 102 executes control processing of the multifunction peripheral 100 in parallel with the main CPU 101. When the main CPU 101 and the sub CPU 102 execute processes in parallel, the process executed by the main CPU 101 and the process executed by the sub CPU 102 are predetermined, or when the main CPU 101 is likely to be in a busy state. In addition, a configuration in which the sub CPU 102 executes a part of the processing of the main CPU 101 instead of the above may be considered. In the present embodiment, the latter configuration is adopted, and it is assumed that the processes of FIGS. 3 to 7 are all executed by the main CPU 101. Therefore, hereinafter, the “main” is taken from the main CPU 101 and abbreviated as the CPU 101.

The multifunction device 100 also includes a reading unit 103, a printing unit 104, and a power supply unit 105. The reading unit 103 realizes the above-described scanner function and reads an image on a document to generate image data. The printing unit 104 realizes the printer function, and prints on paper based on print data including image data. The copy function is realized by the reading unit 103 and the printing unit 104. Specifically, the copy function is realized by reading an image on a document by the reading unit 103 and printing the read data on a sheet by the printing unit 104. As the printing method of the printing unit 104, any method such as an inkjet method or an electrophotographic method may be adopted. The power supply unit 105 supplies electric power to the electric system of the multifunction peripheral 100.

The multi-function peripheral 100 further includes a touch panel 108 and hard keys 109. Various screens are displayed on the touch panel 108 according to the state of the multifunction peripheral 100. The user can perform an input operation by pressing the input button on the screen. The hard key 109 is a key formed by hardware. Typical examples thereof include a power switch and a reset switch (both not shown).

The multifunction peripheral 100 also includes a random access memory (RAM) 120, a flash (read only memory) 130, and an electrically erasable programmable read-only memory (EEPROM) 140. In the flash ROM 130, an execution program 131 for the CPU 101 to control various operations including image formation control of the multifunction peripheral 100, a digital signature 133, and a boot that the CPU 101 first executes when the multifunction peripheral 100 receives a boot instruction. A program 134 and the like are stored. Various flags 141 and the like are stored in the EEPROM 140. The RAM 120 is used as a storage area for temporarily storing data, signals and the like used when the CPU 101 executes the program, or as a work area for data processing.

Furthermore, the multi-function device 100 includes a communication unit 110. The communication unit 110 includes a FAXIF (facsimile interface) 111, a LAN IF (local area network interface) 112, and a WLAN IF (wireless LAN interface) 113. The FAX IF 111 realizes the above-mentioned fax function and sends and receives a fax. The LANIF 112 connects the multifunction peripheral 100 to a wired LAN line. The WLAN IF 113 connects the multifunction peripheral 100 to a wireless LAN line.

The multifunction device 100 also includes an encryption circuit 106 and a random number generation circuit 107. The encryption circuit 106 encrypts data transmitted via a wired LAN line or wireless LAN line and decrypts received data. The random number generation circuit 107 generates a random number used for the encryption and decryption.

Hereinafter, the control process executed by the multi-function peripheral 100 configured as described above will be described in detail with reference to FIGS.

When the power switch included in the hard key 109 is pressed and the power of the multifunction peripheral 100 is turned on (ON), an activation request is issued, and when the CPU 101 receives the activation request, the CPU 101 starts the activation process shown in FIG. To do.

In the main startup process, the CPU 101 first starts the boot program 134 (step (hereinafter abbreviated as “S”) 1) and starts the self-test process (S2). 4 and 5 show the detailed procedure of the self-test process.

In this self-test process, the CPU 101 first determines whether or not the test result NG is the start (S21). This judgment is made by judging whether the test result OK flag, which is one of the various flags 141, is in the set state (=1) or the reset state (=0). When at least one of a hard test NG flag and a signature check NG flag described later is set to the NG state (set state), the CPU 101 sets the test result OK flag to the NG state (reset state) accordingly. Further, when both the hard test NG flag and the signature check NG flag described later are in the OK state (reset state), the CPU 101 sets the test result OK flag in the OK state (set state) accordingly.

If the result of determination in S21 is that the test result is NG, that is, if the test result OK flag is in the reset state, the CPU 101 carries out a signature check (S22). The signature check is to check whether the execution program 131 has been tampered with. The signature check program 136 (see FIG. 1) included in the boot program 134 is activated to check the validity of the digital signature 133.

As a premise of signature check, the digital signature 133 has a hash value calculated using a predetermined hash function based on the execution program 131, and the hash value is encrypted with the private key of the creator of the execution program 131. Is.

Under this assumption, the CPU 101 first calculates a hash value using the predetermined hash function based on the execution program 131. Next, the CPU 101 decrypts the hash value encrypted with the private key of the creator of the execution program 131 with the public key of the creator. Then, the CPU 101 compares the hash value calculated by itself and the hash value decrypted by itself, and if they match, determines that the signature check has passed (= test result OK), and both match. If not, it is determined that the signature check fails.

In subsequent S23, the CPU 101 determines whether or not the test result is OK, that is, whether or not the signature check has passed. If the test result is OK, the CPU 101 carries out a hardware test (S24). The hardware test is for inspecting whether or not there is an abnormality in the encryption circuit 106, and is performed by activating the encryption circuit check program 135 (see FIG. 1) included in the boot program 134.

Specifically, the hardware test is performed as follows. That is, the CPU 101 first gives a predetermined plaintext and a private key to the encryption circuit 106. Next, the CPU 101 obtains a ciphertext obtained by encrypting a predetermined plaintext by the encryption circuit 106. Further, the CPU 101 gives the ciphertext and the private key to the cipher circuit 106. Then, the CPU 101 acquires the plaintext obtained by decrypting the ciphertext by the encryption circuit 106, and compares the plaintext before encryption with the plaintext after decryption. If the two match as a result of the comparison, the CPU 101 determines that the hardware test has passed (= test result OK), and if the two do not match, the CPU 101 determines that the hardware test has failed.

In subsequent S25, the CPU 101 determines whether or not the test result is OK, that is, whether or not the hardware test is passed. If the test result is OK, the CPU 101 sets the test result OK flag (S26), and then executes the self-test. The process ends. On the other hand, as a result of the determination in S25, if the test result is not OK, the CPU 101 sets the hard test NG flag, which is one of the various flags 141 (S28), and then ends the self-test process.

On the other hand, as a result of the determination in S23, if the test result is not OK, that is, if the signature check fails, the CPU 101 sets the signature check NG flag, which is one of the various flags 141 (S27), This self-test process ends.

On the other hand, as a result of the determination in S21, if it is not the activation by the test result NG, that is, if the test result OK flag is in the set state, the CPU 101 determines whether the activation is by the firmware update (S29). If the result of this determination is that the firmware update has started, the CPU 101 carries out a signature check in the same manner as in S22 above (S30).

In subsequent S31, similarly to S23, the CPU 101 determines whether the test result is OK, that is, whether the signature check has passed. If the test result is OK, the CPU 101 advances the process to S34 in FIG. If the test result is not OK, the CPU 101 sets the signature check NG flag (S32) in the same manner as in S27 above, and then ends this self-test process.

On the other hand, as a result of the determination in S29, if the startup is not the firmware update, the CPU 101 determines whether there is a network connection during the operation of the multifunction peripheral 100 before the startup (S33 in FIG. 5). This determination is made based on the state of the network connection flag, which is one of the various flags 141. The network connection flag is a flag that is set when the multifunction peripheral 100 is operating and is connected to the network via the LAN IF 112 or the WLAN IF 113 (see S42 in FIG. 6 described later).

As a result of the determination in S33, when the multifunction peripheral 100 is connected to the network before the startup, that is, when the network connection flag is in the set state, the CPU 101 advances the process to S30 in FIG. While continuing the subsequent processing, when there is no network connection during the operation of the multifunction peripheral 100 before activation, the CPU 101 advances the processing to the next step S34.

In S34, the CPU 101 determines whether or not there is a network connection when the multifunction peripheral 100 is started. If the result of this determination is that there is a network connection when the multifunction peripheral 100 is started up, the CPU 101 carries out a hardware test in the same manner as in S24 above (S35).

In subsequent S36, the CPU 101 determines whether the test result is OK, that is, whether the hardware test has passed, in the same manner as in S25. If the test result is OK, the CPU 101 performs the test result in the same manner as in S26. After the OK flag is set (S38), this self-test process ends. On the other hand, if the result of determination in S36 is that the test result is not OK, the CPU 101 sets the hard test NG flag (S37) in the same manner as in S28 above, and then ends this self-test process.

On the other hand, as a result of the determination in S34, if there is no network connection when the multifunction peripheral 100 is started up, the CPU 101 advances the process to 38.

Returning to FIG. 3, when the self-test process of S2 ends, the CPU 101 determines whether the test result OK flag is set (S3). As a result of this determination, if the test result OK flag is set, that is, if both the signature check and the hardware test have passed as a result of the self-test processing, the CPU 101 determines that the main program included in the execution program 131 is the main program. Is started (S4), and the multifunction peripheral 100 (machine) is set to the usable state (S5).

On the other hand, if the test result OK flag is not set as a result of the determination in S3, the CPU 101 determines whether the signature check NG flag is set (S6). As a result of this determination, if the signature check NG flag is set, the CPU 101 displays a signature NG error display on the touch panel 108 (S7), stops all functions (OFF) (S8), and After the error flag, which is one of the various flags 141, is set (S9), the main startup process is terminated.

On the other hand, as a result of the determination in S6, if the signature check NG flag is not set, the hard test NG flag is always set at this time, so the CPU 101 displays the hard NG error display on the touch panel 108. After that (S10), the function of the encrypted communication is stopped (OFF) (S11), the process proceeds to S9.

In the self-test process executed at startup, the multi-function peripheral 100, particularly the CPU 101, omits either or both of the signature check and the hardware test (circuit check of the encryption circuit 106 in this embodiment), The main program (encryption program 132) is activated. FIG. 2 shows a case where the multifunction peripheral 100 can or cannot omit the signature check or the hardware test. Note that, as shown in FIG. 2A, the multifunction peripheral 100 is assumed to have been activated (previously activated) and shutdown (previously shutdown) before being activated this time.

If the multi-function peripheral 100 is connected to the network between the last startup and the previous shutdown (YES in S33 of FIG. 5), the CPU 101 always operates, that is, regardless of whether or not the multi-function peripheral 100 is network-connected at the present startup. , Signature check is performed (see S30 of FIG. 4 and the second column in the table shown in FIG. 2B). This is because even if there is no network connection at the time of starting the multifunction device 100 this time, the execution program 131 may be tampered with if it is connected to the network before the starting.

On the other hand, when the multifunction peripheral 100 is connected to the network between the last startup and the previous shutdown, the hardware test (circuit check of the encryption circuit 106) is performed if the multifunction peripheral 100 is connected to the network at the current startup. On the other hand, it is executed unless it is connected to the network (see S34 of FIG. 5 and the second column in the table shown in FIG. 2B). This is because if the multi-function peripheral 100 was connected to the network between the last startup and the previous shutdown, there is no abnormality in the encryption circuit 106 during that period, and it is considered that the hardware encryption was performed without any problem. Is. However, this does not guarantee that there is no abnormality in the encryption circuit 106 at the time of starting this time.

On the other hand, if the multi-function peripheral 100 is not connected to the network between the last startup and the last shutdown (NO in S33), the CPU 101 always, that is, regardless of whether or not the multi-function peripheral 100 is connected to the network at the current start-up, No signature check is performed (see the third column in the table shown in FIG. 2B). This is because there is no possibility that the execution program 131 will be tampered with if the multifunction peripheral 100 is not connected to the network between the last startup and the previous shutdown.

On the other hand, if the multifunction peripheral 100 is not connected to the network between the last startup and the previous shutdown, the circuit check of the encryption circuit 106 is executed if the multifunction peripheral 100 is connected to the network at the current startup. It is not executed unless it is connected to the network (see S34 in FIG. 5 and the third column in the table shown in FIG. 2B). This is because if the multifunction peripheral 100 is not connected to the network between the last startup and the previous shutdown, the encryption has not been executed within that period, so it is unknown whether the encryption circuit 106 has any abnormality at this startup. Because it is.

Next, the in-operation process executed by the CPU 101 will be described in detail with reference to FIGS. 6 and 7. The process during actual operation is executed after the main program is started in S4 of FIG. 3 and the multifunction peripheral 100 is available in S5.

In the process during actual operation, the CPU 101 first determines whether a network connection has been detected (S41). Here, the network connection may be a network connection via either the LAN IF 112 or the WLAN IF 113.

When the network connection is detected as a result of the determination in S41, the CPU 101 sets the network connection flag (S42) and determines whether or not the hardware test has been performed (S43). This determination is made based on the state of the hard test completion flag, which is one of the various flags 141. The hard test completion flag is a flag that is set when the CPU 101 executes a hardware test. Therefore, the CPU 101 sets the hard test completion flag together with the hardware test in S24 of FIG. 4 and S35 of FIG. Further, the CPU 101 sets the network connection flag to the reset state in response to the completion of the startup process of FIG.

If the result of the determination in S43 is that the hardware test has been executed, that is, if the hardware test completion flag is set, the CPU 101 ends the process during actual operation, while if the hardware test has not been executed yet. , CPU 101 performs a hardware test in the same manner as S24 (S44).

In subsequent S45, the CPU 101 determines whether or not the test result is OK, that is, whether or not the hardware test has passed. If the test result is OK, the CPU 101 ends the process during actual operation. On the other hand, as a result of the determination in S45, if the test result is not OK, the CPU 101 displays the error display for hard NG on the touch panel 108 (S46) in the same manner as in S10 of FIG. Similarly, the cryptographic communication function is stopped (OFF) (S47), the error flag is set (S48) in the same manner as in S9 of FIG. 3, and then the process during actual operation ends.

On the other hand, as a result of the determination in S41, if the network connection is not detected, the CPU 101 determines whether there is a firmware update execution request (S49). If the result of this determination is that there is a firmware update execution request, the CPU 101 executes firmware update (S50), issues a restart instruction (S51), and then ends the in-work process.

On the other hand, if the result of determination in S49 above is that there is no firmware update execution request, the CPU 101 advances the process to S52 in FIG.

In S52, the CPU 101 determines whether or not there is a data encryption request. If the result of this determination is that there is a data encryption request, the CPU 101 determines whether or not the above error flag is set (S53). If the result of this determination is that the error flag has not been set, the encryption circuit 106 is operating normally, so the CPU 101 ends encryption during hardware (S54), and then ends the in-operation process. To do.

On the other hand, if the result of the determination at S53 is that the error flag is set, the encryption circuit 106 is abnormal, so the CPU 101 activates the encryption program 132 included in the execution program 131 to perform encryption by software. After performing (S55), the in-working process ends.

On the other hand, as a result of the determination in S52, if there is no data encryption request, the CPU 101 returns to S41 in FIG. 6 and continues the processing from S41.

As described above, the multifunction peripheral 100 according to the present embodiment includes the communication unit 110 connected to the network, the flash ROM 130 that stores the execution program 131, and the signature check program 136 that determines whether the execution program 131 is abnormal. And a main CPU 101 to execute.

In response to receiving the activation instruction, the main CPU 101 executes the processing of S33 that determines whether the communication unit 110 is network-connected within the period from the previous activation of the multifunction peripheral 100 to the previous shutdown, and the processing of S33. When a negative determination is made, the signature check program 136 is not performed, and the processing of S4 of activating the execution program 131 is executed.

As described above, in the multi-function peripheral 100 of the present embodiment, when the determination in S33 is negative, the execution program 131 is started without executing the signature check program 136, so that the execution program is started quickly. It becomes possible to do.

By the way, in the present embodiment, the multifunction peripheral 100 is an example of an “information processing device”. The flash ROM 130 is an example of a “storage unit”. The signature check program 136 is an example of “first abnormality determination processing”. The main CPU 101 is an example of a “control unit”. The process of S33 is an example of “first determination process”. The process of S4 is an example of the “first activation process”.

The multifunction peripheral 100 further includes an encryption circuit 106 that encrypts communication data transmitted from the communication unit 110, and the main CPU 101 executes an encryption circuit check program 135 that determines whether or not there is an abnormality in the encryption circuit 106. It is configured. Then, the main CPU 101 further executes the process of S34 for determining whether the communication unit 110 is in the network connection state, and the execution program without executing the cryptographic circuit check program 135 when a negative determination is made in the process of S34. The processing of S4 for activating 131 is executed.

As described above, in the multi-function peripheral 100 of the present embodiment, when the negative determination is made in the process of S34, the execution program 131 is activated without executing the cryptographic circuit check program 135, so that the execution program is activated. It will be possible to speed up.

Incidentally, the cryptographic circuit check program 135 is an example of “second abnormality determination processing”. The process of S34 is an example of the "second determination process". The process of S4 is an example of the “second activation process”.

In response to the activation instruction, the main CPU 101 further executes both the signature check program 136 and the cryptographic circuit check program 135 in the case of making a positive determination in both the determination processing of S33 and the processing of S34. Then, the process of S4 for activating the execution program 131 is executed.

This makes it possible to ensure security.

Incidentally, the process of S4 is an example of the “third activation process”.

When the main CPU 101 further makes an affirmative decision in S33 and a negative decision in S34 in response to receiving the activation instruction, the signature check program of the signature check program 136 and the cryptographic circuit check program 135 is checked. After executing only the program 136, the process of S4 for starting the execution program 131 is executed.

As a result, of the signature check program 136 and the encryption circuit check program 135, only the signature check program 136 is executed and then the execution program 131 is activated, so that the activation of the execution program can be accelerated.

Incidentally, the process of S4 is an example of the “fourth activation process”.

When the main CPU 101 further makes a negative determination in the process of S33 and an affirmative determination in the process of S34 in response to receiving the activation instruction, it selects one of the signature check program 136 and the encryption circuit check program 135 from the encryption circuit. After executing only the check program 135, the process of S4 for activating the execution program 131 is executed.

As a result, of the signature check program 136 and the cryptographic circuit check program 135, only the cryptographic circuit check program 135 is executed and then the execution program 131 is activated, so that the activation of the execution program can be accelerated.

Incidentally, the process of S4 is an example of the “fifth activation process”.

The main CPU 101 further executes the process of S41 for determining whether the communication unit 110 is connected to the network while the multifunction peripheral 100 is operating, and the main CPU 101 performs the process of S41 in response to the activation instruction. When the affirmative determination is made by the above and the negative determination is made by the processing of S34, the cryptographic circuit check program 135 is executed and then the processing of S4 for activating the execution program 131 is executed.

This makes it possible to ensure security.

Incidentally, the processing of S41 is an example of the “third determination processing”. The process of S4 is an example of the “sixth activation process”.

The start instruction includes a restart instruction (S50) after the execution program 131 is updated after the start instruction.

It should be noted that the present invention is not limited to the above embodiment, and various modifications can be made without departing from the spirit of the present invention.

(1) In the above embodiment, the multi-function peripheral 100 is adopted as the information processing device, but the present invention is not limited to this, and a single copy machine, printer, scanner or the like may be adopted. However, even in this case, it is necessary to have a communication unit capable of network connection and be configured to be capable of encrypted communication with an external device. Further, not limited to the image forming apparatus, a smartphone, a tablet terminal, a PC (personal computer), a PDA (personal digital assistant), or the like may be adopted.

(2) In the above embodiment, as long as there is no abnormality in the encryption circuit 106, the encryption circuit 106 is used to perform hardware encryption. However, the present invention is not limited to this, and a part of encryption may be performed by software. You can

(3) In the above embodiment, the target of the hardware test is limited to the encryption circuit 106, but in addition to this, the random number generation circuit 107 may be the target. Specifically, the hardware test on the random number generation circuit 107 checks whether or not a specific random number is generated from the random number generation circuit 107 when the condition given to the random number generation circuit 107 is specified. Although the random number generation circuit 107 is configured by hardware in the above embodiment, the random number generation circuit 107 is not limited to this and may be configured by software.

(4) In the above embodiment, the alteration check of the execution program 131 is performed by software by the signature check program 136, but the invention is not limited to this, and may be performed by hardware. Similarly, in the above embodiment, the abnormality check of the encryption circuit 106 is also performed by software by the encryption circuit check program 135, but the invention is not limited to this and may be performed by hardware.

100 MFP 101 Main CPU
102 sub CPU
106 encryption circuit 107 random number generation circuit 108 touch panel 109 hard key 110 communication unit 112 LAN IF
113 WLAN IF
120 RAM
130 Flash ROM
131 Execution Program 132 Encryption Program 133 Digital Signature 134 Boot Program 135 Cryptographic Circuit Check Program 136 Signature Check Program 140 EEPROM
141 Various flags

Claims (9)

A communication unit connected to the network,
A storage unit that stores an execution program,
An information processing apparatus comprising: a control unit that executes a first abnormality determination process for determining whether or not there is an abnormality in the execution program,
The control unit receives a start instruction,
A first determination process of determining whether or not the communication unit is network-connected within a period from the last startup of the information processing device to the last shutdown;
If a negative determination is made by the first determination processing, a first startup processing for starting the execution program without performing the first abnormality determination processing,
An information processing device, characterized in that Further comprising an encryption circuit for encrypting communication data transmitted from the communication unit,
The control unit is configured to execute a second abnormality determination process for determining whether or not there is an abnormality in the encryption circuit,
The control unit is further responsive to receiving the activation instruction,
A second determination process for determining whether or not the communication unit is connected to the network;
When a negative determination is made by the second determination processing, a second startup processing for starting the execution program without performing the second abnormality determination processing,
The information processing apparatus according to claim 1, wherein the information processing apparatus executes. The control unit is further responsive to receiving the activation instruction,
When an affirmative determination is made by both of the first determination processing and the second determination processing, both the first abnormality determination processing and the second abnormality determination processing are performed, and then the execution program is started. The information processing apparatus according to claim 2, wherein the information processing apparatus executes a third activation process. The control unit is further responsive to receiving the activation instruction,
When the positive judgment is made by the first judgment processing and the negative judgment is made by the second judgment processing, only the first abnormality judgment processing is executed among the first abnormality judgment processing and the second abnormality judgment processing. The information processing apparatus according to claim 2, further comprising: a fourth activation process for activating the execution program. The control unit is further responsive to receiving the activation instruction,
When the negative judgment is made by the first judgment processing and the positive judgment is made by the second judgment processing, only the second abnormality judgment processing is executed among the first abnormality judgment processing and the second abnormality judgment processing. The information processing apparatus according to any one of claims 2 to 4, further comprising: executing a fifth activation process of activating the execution program. The control unit further includes
Executing a third determination process of determining whether the communication unit is network-connected while the information processing apparatus is in operation;
The control unit, in response to receiving the activation instruction,
When the affirmative judgment is made by the third judgment processing and the negative judgment is made by the second judgment processing, the sixth start processing for starting the execution program is executed after executing the second abnormality judgment processing. The information processing apparatus according to any one of claims 2 to 5, characterized in that: 7. The information processing apparatus according to claim 1, wherein the start instruction includes a restart instruction after the update of the execution program is executed after the start instruction. An abnormality determination step of determining whether or not there is an abnormality in the execution program stored in the storage unit of the information processing device,
A determination step of determining whether or not the communication unit connected to the network is network-connected within the period from the previous startup to the previous shutdown of the information processing device, in response to the startup instruction of the information processing device. When,
If a negative determination is made in the determination step, a starting step of starting the execution program without performing the abnormality determination step,
An information processing method comprising: In an information processing device including a communication unit connected to a network and a storage unit that stores an execution program,
An abnormality determination process for determining whether there is an abnormality in the execution program,
A determination process of determining whether or not the communication unit is network-connected within a period from the previous startup to the previous shutdown of the information processing device in response to the information processing device receiving a startup instruction,
When a negative determination is made by the determination processing, a startup processing for starting the execution program without performing the abnormality determination processing,
A program to execute.

Images