JP6455236B2 - Electronic equipment - Google Patents

Description

  The present invention relates to an electronic device, for example, a device that does not lose a security key for encrypting or decrypting information recorded in a data storage device during maintenance work of the electronic device that can be connected to a data storage device such as a hard disk drive. About.

  In recent years, in an electronic device such as a personal computer or a mobile personal computer, when a case is illegally opened or a data storage device connected to the electronic device is illegally removed, the information recorded in the data storage device is encrypted or Data protection techniques that perform tamper-proof processing such as erasing a security key for decryption are widely known. This data protection technique can prevent information stored in the data storage device from leaking outside.

  On the other hand, with this data protection technology, when replacing a main board or the like housed in an electronic device for maintenance work of the electronic device, tamper-proof processing is performed and the security key is erased. It was.

  On the other hand, for the maintenance work of the electronic device, a process of temporarily disabling the tamper resistance process during replacement of the main board or the like, or a process of writing the security key again after the tamper resistance process has been performed. .

  For example, Patent Document 1 and Patent Document 2 also disclose techniques related to the present invention.

JP 2010-191816 A JP 2010-86366 A

  However, in the process of temporarily disabling the tamper resistant process during replacement of the main board or the like for maintenance work of the electronic device, the board having the security key (tamper resistant board) is replaced with another electronic device during the process. Can be relocated to the device. For this reason, in the unlikely event that the tamper-resistant substrate whose function is temporarily disabled is stolen, the security key may leak out.

  Further, in the process of writing the security key again after the tamper resistance process for maintenance work of the electronic device, the maintenance worker has to carry the tool again to write the security key on the tamper substrate. For this reason, the process of writing the security key again involves the risk of the security key being leaked.

  The present invention has been made in view of such circumstances, and an object of the present invention is to safely hold a security key and perform maintenance work smoothly when performing maintenance work on an electronic device. It is to provide an electronic device or the like.

  An electronic device according to the present invention includes a volatile memory that records a security key for encrypting or decrypting information recorded in a data storage device, a mode setting unit that can be set in a normal mode and a first maintenance mode, An identification information acquisition unit that acquires identification information of a data storage device, an encryption key generation unit that generates an encryption key based on the identification information acquired by the identification information acquisition unit, and the volatile memory An encryption unit that encrypts the security key with the encryption key generated by the encryption key generation unit to generate encrypted data, and a non-volatile memory that records the encrypted data generated by the encryption unit And a detection unit for detecting a predetermined operation, and decrypting the encrypted data recorded in the nonvolatile memory with the encryption key generated by the encryption key generation unit. A decoding unit that generates encoded data; and a control unit that erases the security key stored in the volatile memory based on a detection result of the detection unit, the control unit including the mode setting unit When the first maintenance mode is switched to, the identification information acquisition unit acquires the identification information, the encryption key generation unit generates the encryption key, and the previous encryption unit The encrypted data is generated, the encrypted data is recorded in the nonvolatile memory, and when the mode setting unit switches from the first maintenance mode to the normal mode, the identification information acquisition unit Acquiring the identification information, causing the encryption key generation unit to generate the encryption key, and causing the decryption unit to switch to the normal mode, and then using the encryption key generated after switching to the normal mode. The encrypted data recorded in the decryption data is decrypted to generate the decrypted data, the security key is extracted from the decrypted data generated by the decryption unit, and the extracted security key is used as the volatile data. Record in memory.

  According to the electronic device or the like according to the present invention, when performing maintenance work on the electronic device, the security key can be safely held and the maintenance work can be performed smoothly.

It is a block diagram which shows the structure of the electronic device in the 1st Embodiment of this invention. It is a figure which shows the operation | movement flow of the electronic device in the 1st Embodiment of this invention. It is a figure which shows the operation | movement flow of the electronic device in the 1st Embodiment of this invention. It is a figure for demonstrating the operation | movement flow of the electronic device in the 1st Embodiment of this invention. It is a figure for demonstrating the operation | movement flow of the electronic device in the 1st Embodiment of this invention. It is a figure for demonstrating the operation | movement flow of the electronic device in the 1st Embodiment of this invention. It is a figure for demonstrating the operation | movement flow of the electronic device in the 1st Embodiment of this invention. It is a figure for demonstrating the operation | movement flow of the electronic device in the 2nd Embodiment of this invention. It is a figure for demonstrating the operation | movement flow of the electronic device in the 2nd Embodiment of this invention. It is a figure for demonstrating the operation | movement flow of the electronic device in the 2nd Embodiment of this invention.

<First Embodiment>
A configuration of the electronic device 100 according to the first embodiment of the present invention will be described. FIG. 1 is a block diagram illustrating a configuration of the electronic device 100.

  As shown in FIG. 1, the electronic device 100 includes a volatile memory 110, a first controller 120, a second controller 130, a nonvolatile memory 140, a backup battery 150, a main controller 160, a mode A setting unit 170, a detection unit 180, a power supply unit 190, connectors 210 to 230, and first to third HDDs (Hard Disc Drives) 810 to 830 are provided. The first controller 120 and the second controller 130 correspond to the control unit of the present invention. The first to third HDDs 810 to 830 correspond to the data storage device of the present invention.

  As shown in FIG. 1, the volatile memory 110, the first controller 120, the second controller 130, the nonvolatile memory 140, the backup battery 150, and the main control unit 160 are provided on the tamper resistant substrate 500. Note that the “tamper resistant substrate” is a substrate that is applied so that analysis of the internal structure and stored data becomes difficult. The main control unit 160, the mode setting unit 170, and the detection unit 180 are provided on the main board 600.

  The tamper resistant substrate 500, the main substrate 600, the power supply unit 190, the connectors 210 to 230, and the first to third HDDs 810 to 830 are housed in the housing 700. The first to third HDDs 810 to 830 may not be housed in the housing 700 but may be connected to the main board 600 externally.

  As shown in FIG. 1, the volatile memory 110 is provided on a tamper resistant substrate 500. The volatile memory 110 is connected to the first controller 120, the second controller 130, and the backup battery 150. The volatile memory 110 records a security key. The security key is a key for encrypting or decrypting information recorded in HDDs (first to third HDDs 810 to 830 in FIG. 1) connected to the connectors 210 to 230.

  As shown in FIG. 1, the first controller 120 is provided on a tamper resistant substrate 500. The first controller 120 is connected to the volatile memory 110, the second controller 130, and the backup battery 150. The first controller 120 exchanges information with the main board 600, the volatile memory 110, and the second controller 130. The detailed function of the first controller 120 will be described in the operation description described later.

  As shown in FIG. 1, the first controller 120 includes an identification information acquisition unit 121.

  The identification information acquisition unit 121 acquires identification information (for example, a serial number) of the HDDs (first to third HDDs 810 to 830 in FIG. 1) connected to the connectors 210 to 230.

  As shown in FIG. 1, the second controller 130 is provided on the tamper resistant substrate 500. The second controller 130 is connected to the volatile memory 110, the nonvolatile memory 140, and the first controller 120. The second controller 130 exchanges information with the main board 600, the volatile memory 110, the nonvolatile memory 140, and the first controller 120. For example, the second controller 130 erases the security key stored in the volatile memory 110 based on the detection result of the detection unit 180. The detailed function of the second controller 130 will be described in the operation description described later. The second controller 130 corresponds to the control unit of the present invention.

  As shown in FIG. 1, the second controller 130 includes an encryption key generation unit 131, an encryption unit 132, a decryption unit 133, and a second controller memory 134.

  The encryption key generation unit 131 generates an encryption key based on the identification information acquired by the identification information acquisition unit 121. The specific operation of the encryption key generation unit 131 will be described in detail in the operation description described later.

  The encryption unit 132 encrypts the security key stored in the volatile memory 110 with the encryption key generated by the encryption key generation unit 131 to generate encrypted data. The specific operation of the encryption unit 132 will be described in detail in the operation description described later.

  The decryption unit 133 decrypts the encrypted data recorded in the nonvolatile memory 140 with the encryption key generated by the encryption key generation unit 131 to generate decrypted data. The specific operation of the decoding unit 133 will be described in detail in the operation description described later.

  The second controller memory 134 temporarily records various information used in processing performed in the second controller 130. A specific operation of the second controller memory 134 will be described in detail in an operation description to be described later.

  As shown in FIG. 1, the nonvolatile memory 140 is provided on a tamper resistant substrate 500. The nonvolatile memory 140 is connected to the second controller 130. The non-volatile memory 140 records a security key. Note that the information recorded in the nonvolatile memory 140 is retained even when power is not supplied.

  As shown in FIG. 1, the backup battery 150 is provided on a tamper resistant substrate 500. The backup battery 150 is connected to the volatile memory 110 and the first controller 120. The backup battery 150 supplies power to the volatile memory 110 and the first controller 120. Even when the power supply unit 190 cannot supply power to the tamper resistant substrate 500, the backup battery 150 can supply power to the volatile memory 110 and the first controller 120.

  As shown in FIG. 1, the main controller 160 is provided on the main board 600. The main control unit 160 controls the entire electronic device 100 and controls each component housed in the housing 700.

  The mode setting unit 170 is provided on the main board 600. The mode setting unit 170 sets the normal mode, the first maintenance mode, or the second maintenance mode. The normal mode refers to a mode that is set to a state in which the electronic device 100 is normally operating, and is a mode that is set particularly when maintenance of the electronic device 100 is not performed. The first maintenance mode is a mode that is set when the maintenance operation of the electronic apparatus 100 is performed. In particular, the HDDs connected to the connectors 210 to 230 (in FIG. 1, the first to third HDDs 810 to 830). ) Is a mode that makes it difficult for a third party to analyze the information stored in the memory. Similar to the first maintenance mode, the second maintenance mode is a mode that is set when the maintenance operation of the electronic apparatus 100 is performed. However, the second maintenance mode is different from the first maintenance mode, such as information stored in HDDs connected to the connectors 210 to 230 (first to third HDDs 810 to 830 in FIG. 1). This is not a mode that makes analysis difficult for third parties.

  The detection unit 180 is provided on the main board 600. The detection unit 180 detects a predetermined operation. For example, the detection unit 180 detects that the housing 700 is opened as a predetermined operation. In this case, for example, a physical switch is installed in an opening / closing door portion of the housing 700 or the like. The detection unit 180 detects that the housing 700 has been opened as a predetermined operation based on a switching state of a physical switch installed in an opening / closing door portion or the like of the housing 700. The detection unit 180 operates in the normal mode and the first maintenance mode, but is controlled by the main control unit 160 so as not to operate in the second maintenance mode.

  As shown in FIG. 1, the power supply unit 190 is connected to the tamper resistant substrate 500 and the main substrate 600. The power supply unit 190 supplies power to the tamper resistant substrate 500 and the main substrate 600. The power supply unit 190 supplies power to the HDDs (first to third HDDs 810 to 830 in FIG. 1) connected to the connectors 210 to 230 via the main board 600.

Connectors 210 to 230 are connected to main board 600. HDDs are connected to these connectors 210-230. 1 illustrates an example in which the first to third HDDs 810 to 830 are connected to the connectors 210 to 230.
As shown in FIG. 1, the first to third HDDs 810 to 830 are connected to the main board 600 via connectors 210 to 230. The HDD including the first to third HDDs 810 to 830 corresponds to the data storage device of the present invention.

  The configuration of the electronic device 100 has been described above.

  Next, the operation of the electronic device 100 will be described. 2 and 3 are diagrams showing an operation flow of the electronic device 100. FIG.

  As shown in FIG. 2, first, the main control unit 160 determines whether or not the normal mode is set by the mode setting unit 170 (step (Step: hereinafter simply referred to as S) 101).

  If the main control unit 160 determines that the normal mode is set (S101, YES), the electronic device 100 operates in the normal mode (S102). The main control unit 160 notifies the first controller 120 and the second controller 130 that it operates in the normal mode.

  On the other hand, when the main control unit 160 determines that the normal mode is not set (S101, NO), the electronic device 100 performs the processing from S201 onward.

  Next, the main control unit 160 determines whether or not the opening of the housing 700 is detected as a predetermined operation by the detection unit 180 (S103).

  When the predetermined operation is detected by the detection unit 180 (S103, YES), the second controller 130 deletes the security key stored in the volatile memory 110. Thereby, the act of the third party who tries to illegally access the information stored in the first to third HDDs 810 to 830 can be suppressed in advance.

  Here, the detection unit 180 detects that the housing 700 is opened as a predetermined operation. However, the detection unit 180 may detect, for example, an operation of removing the first to third HDDs 810 to 830 from the connectors 210 to 230 or an operation of removing the tamper substrate 500 from the main substrate 600 as a predetermined operation. Good. In addition, the detection unit 180 performs, for example, an operation of removing the backup battery 150 mounted on the tamper substrate 500 or an operation of opening a tamper substrate housing (not shown) that houses the tamper substrate 500 in a predetermined manner. It may be detected as an operation.

  The operation after S201 in FIG. 2 will be described.

  As shown in FIG. 2, the main control unit 160 determines whether or not the mode setting unit 170 has set the first maintenance mode (S201).

  When the main control unit 160 determines that the first maintenance mode is set (S201, YES), the electronic device 100 operates in the first maintenance mode (S202). As described above, the first maintenance mode is a mode that is set when the maintenance operation of the electronic apparatus 100 is performed, and in particular, HDDs connected to the connectors 210 to 230 (in FIG. In this mode, it is difficult for a third party to analyze information stored in the HDDs 810 to 830).

  The main control unit 160 notifies the first controller 120 and the second controller 130 that it operates in the first maintenance mode. The setting of the first maintenance mode is performed by an administrator of the electronic apparatus 100 or the like during maintenance work (for example, repair or replacement of the main board 700, the power supply unit 190, etc.). When the first maintenance mode is set, the power supply of the electronic device 100 is turned off. That is, power supply by the power supply unit 190 is stopped.

  On the other hand, when the main control unit 160 determines that the first maintenance mode is not set (S201, NO), the electronic device 100 performs the processing from S301 onward.

  Next, as illustrated in FIG. 3, the identification information acquisition unit 121 of the first controller 120 acquires identification information of the first to third HDDs 810 to 830 connected to the connectors 210 to 230 (S203). ). Specifically, the first controller 120 first outputs an instruction to the identification information acquisition unit 121 to acquire the identification information of the first to third HDDs 810 to 830 connected to the connectors 210 to 230. To do. The identification information acquisition unit 121 acquires the identification information of the first to third HDDs 810 to 830 via the main board 600 according to the instruction of the first controller 120. Then, the first controller 120 temporarily records the identification information of the first to third HDDs 810 to 830 acquired by the identification information acquisition unit 121 in the volatile memory 110.

  Next, as shown in FIG. 3, the encryption key generation unit 131 of the second controller 130 generates an encryption key (S204). Specifically, the second controller 130 outputs an instruction to generate an encryption key to the encryption key generation unit 131. The encryption key generation unit 131 generates an encryption key based on the identification information acquired by the identification information acquisition unit 121 according to the instruction of the second controller 130. At this time, the second controller 130 recognizes that the first maintenance mode is set as described above. On the other hand, at this time, the fact that the first controller 120 is set to the first maintenance mode can be transmitted to the second controller 130.

  FIG. 4 is a diagram for explaining the operation flow of the electronic apparatus 100, and particularly for explaining the process of S204.

  The encryption key generation unit 131 reads the identification information SN1, SN2, and SN3 of the first to third HDDs 810 to 830 from the volatile memory 110, and generates three encryption keys KEY1, KEY2, and KEY3. Here, as shown in FIG. 4, the encryption key generation unit 131 generates an encryption key KEY1 (for example, ABCD) from the identification information SN1 and the identification information SN2. The encryption key generation unit 131 generates an encryption key KEY2 (for example, BCDE) from the identification information SN2 and the identification information SN3. The encryption key generation unit 131 generates an encryption key KEY3 (for example, CDEF) from the identification information SN3 and the identification information SN1.

  The second controller 130 temporarily records the three encryption keys KEY 1, KEY 2, and KEY 3 generated by the encryption key generation unit 131 in the second controller memory 134. Then, the second controller 130 erases the identification information SN1, SN2, and SN3 of the first to third HDDs 810 to 830 recorded in the volatile memory 110.

  Returning to FIG. 3, next, the encryption unit 132 of the second controller 130 generates encrypted data (S205). Specifically, the second controller 130 outputs an instruction for generating encrypted data to the encryption unit 132. The encryption unit 132 encrypts the security key stored in the volatile memory 110 with the encryption keys KEY1, KEY2, and KEY3 recorded in the second controller memory 134 according to the instruction of the second controller 130. Generate encrypted data.

  FIG. 5 is a diagram for explaining the operation flow of the electronic apparatus 100, and particularly for explaining the processing of S205.

  As illustrated in FIG. 5, the encryption unit 132 encrypts the security key (for example, 1234) with the encryption key KEY1 (for example, ABCD) generated by the encryption key generation unit 131, and encrypts the encrypted data (EN1 [1234). ]). Similarly, the encryption unit 132 encrypts a security key (for example, 1234) with KEY2 (for example, BCDE) generated by the encryption key generation unit 131, and generates encrypted data (EN2 [1234]). Similarly, the encryption unit 132 encrypts a security key (for example, 1234) with KEY3 (for example, CDEF) generated by the encryption key generation unit 131, and generates encrypted data (EN3 [1234]).

  Note that EN means the result of encoding 1234 in parentheses. The number after EN is just a serial number.

  Returning to FIG. 3, next, the second controller 130 records the encrypted data in the nonvolatile memory 140 (S206). Specifically, the second controller 130 records the three encrypted data (EN1 [1234], EN2 [1234], EN3 [1234]) generated by the encryption unit 132 in the nonvolatile memory 140. As described above, by encrypting one type of security key with three types of encryption keys, three types of encrypted data are generated. These encrypted data are held in the nonvolatile memory 140 that is not erased even when power is not supplied.

  Next, it is assumed that the administrator of the electronic device 100 opens the casing 700 of the electronic device 100 and starts maintenance work. At this time, the detection unit 180 detects that the housing 700 has been opened.

  Here, the power supply of the electronic device 100 is turned off by an administrator of the power supply electronic device 100 or the like. That is, the power supply unit 190 supplies power to the main board 600, the tamper-resistant board 500, and the HDDs (first to third HDDs 810 to 830 in FIG. 1) connected to the connectors 210 to 230. To stop. Even if the power supply by the power supply unit 190 is stopped, power is supplied to the first controller 120 and the volatile memory 110 by the backup battery 150. Therefore, at this time, the security key recorded in the volatile memory 110 is not erased and remains recorded.

  Next, as illustrated in FIG. 3, the detection unit 180 detects that the housing 700 has been opened as a predetermined operation (S207).

  When the predetermined operation is detected by the detection unit 180 (S207, YES), the second controller 130 deletes the security key stored in the volatile memory 110 (S208). Thereby, the act of the third party who tries to illegally access the information stored in the first to third HDDs 810 to 830 can be suppressed in advance.

  On the other hand, when the predetermined operation is not detected by the detection unit 180 (S207, NO), the electronic apparatus 100 repeats the process of S207.

  Next, it is assumed that the administrator or the like of the electronic device 100 finishes the maintenance work of the electronic device 100 and closes the housing 700.

  Here, the power source of the electronic device 100 is turned on by an administrator of the electronic device 100 or the like. That is, the power supply unit 190 supplies power to the main board 600, the tamper-resistant board 500, and the HDDs (first to third HDDs 810 to 830 in FIG. 1) connected to the connectors 210 to 230. To start.

  Next, the main control unit 160 determines whether or not the mode setting unit 170 has switched from the first maintenance mode to the normal mode (S208).

  When the administrator of the electronic device 100 uses the mode setting unit 170 to switch from the first maintenance mode to the normal mode, the main control unit 160 recognizes that the switch has been switched from the first maintenance mode to the normal mode. To do.

  As shown in FIG. 3, when the setting is switched from the first maintenance mode to the normal mode (S209, YES), the identification information acquisition unit 121 of the first controller 120 performs the process of S203 in the same way as the connector. Identification information of HDDs connected to 210 to 230 is acquired (S210).

  Here, it is assumed that the third HDD 830 is replaced with the fourth HDD 840 among the first to third HDDs 810 to 830 connected to the connectors 210 to 230.

  Specifically, first, the first controller 120 sends the identification information of the first, second, and fourth HDDs 810, 820, and 840 connected to the connectors 210 to 230 to the identification information acquisition unit 121. Output the instruction to be acquired. The identification information acquisition unit 121 acquires the identification information of the first, second, and fourth HDDs 810, 820, 840 via the main board 600 according to the instruction of the first controller 120. Then, the first controller 120 temporarily records the identification information of the first, second, and fourth HDDs 810, 820, 840 acquired by the identification information acquisition unit 121 in the volatile memory 110.

  When the setting is switched from the first maintenance mode to the normal mode, the main control unit 160 notifies the first controller 120 and the second controller 130 that the mode has been switched to the normal mode. Then, the second controller 130 reads the three encrypted data from the nonvolatile memory 140 into the second controller 130.

  On the other hand, when the setting cannot be switched from the first maintenance mode to the normal mode (S209, NO), the main control unit 160 continues to monitor the operation for switching from the first maintenance mode to the normal mode (S209).

  Next, as shown in FIG. 3, the encryption key generation unit 131 of the second controller 130 generates an encryption key (S211). Specifically, as in S204, the second controller 130 outputs an instruction to generate an encryption key to the encryption key generation unit 131. The encryption key generation unit 131 generates an encryption key based on the identification information acquired by the identification information acquisition unit 121 according to the instruction of the second controller 130.

  FIG. 6 is a diagram for explaining the operation flow of the electronic apparatus 100, and particularly for explaining the processing of S211.

  The encryption key generation unit 131 converts the identification information SN1, SN2, and SN4 of the first, second, and fourth HDDs 810, 820, and 840 acquired by the identification information acquisition unit 121 after switching to the normal mode into the volatile memory 110. The three encryption keys KEY1a, KEY2a, and KEY3a are generated.

  Here, as shown in FIG. 6, the encryption key generation unit 131 generates an encryption key KEY1a (referred to as ABCD) from the identification information SN1 and the identification information SN2. The encryption key generation unit 131 generates the encryption key KEY2a (DEFG) from the identification information SN2 and the identification information SN4. The encryption key generation unit 131 generates an encryption key KEY3a (referred to as EFGH) from the identification information SN4 and the identification information SN1.

  Here, at the time of the process of S204, the identification information of the three HDDs is SN1, SN2, and SN3. In contrast, in S211, the identification information of the three HDDs is SN1, SN2, and SN4. That is, in the processes of S204 and S211, SN1 and SN2 are common among the three pieces of identification information.

  As described above, the encryption key generation unit 131 selects two of the three pieces of identification information and generates three types of encryption keys. Therefore, at least one common encryption key (KEY1 = KEY1a = ABCD) can be obtained from the encryption keys obtained by the processing of S204 and the processing of S211.

  Next, the decryption unit 133 decrypts the encrypted data to generate decrypted data (S212). At this time, the second controller 130 reads the three encrypted data from the nonvolatile memory 140. Then, the decryption unit 133 decrypts the three encrypted data read by the second controller 130 with the three encryption keys generated after switching to the normal mode, and generates decrypted data.

  FIG. 7 is a diagram for explaining the operation flow of the electronic apparatus 100, and particularly for explaining the processing of S212.

  As shown in FIG. 7, the decryption unit 133 sets the three encrypted data (EN1 [1234], EN2 [1234], EN3 [1234]) read by the second controller 130 to the normal mode. Decryption is performed with the three encryption keys (KEY1a, KEY2a, and KEY3a) generated after switching to generate decrypted data.

  That is, the decryption unit 133 attempts to decrypt the encrypted data (EN1 [1234]) with the three encryption keys (KEY1a, KEY2a, and KEY3a). Similarly, the decryption unit 133 attempts to decrypt the encrypted data (EN2 [1234]) with the three encryption keys (KEY1a, KEY2a, and KEY3a). Further, similarly, the decryption unit 133 attempts to decrypt the encrypted data (EN3 [1234]) with three encryption keys (KEY1a, KEY2a, and KEY3a). In this way, the decryption unit 133 converts the three encrypted data (EN1 [1234], EN2 [1234], EN3 [1234]) into nine encryption keys (KEY1a, KEY2a, and KEY3a). Attempt to decrypt.

  On the other hand, as shown in FIGS. 5 and 7, the encrypted data EN1 [1234] was encrypted with the encryption key (KEY1 = ABCD). The encrypted data EN2 [1234] was encrypted with the encryption key (KEY2 = BCDE). The encrypted data EN3 [1234] was encrypted with the encryption key (KEY3 = CDEF).

  As described above, the encryption keys KEY1a, KEY2a, and KEY3a generated in S211 after switching to the normal mode, and the encryption keys KEY1, KEY2, and KEY3 generated in S204 after switching to the first maintenance mode In contrast, the common encryption key is one of ABCD (= KEY1 = KEY1a).

  Therefore, as a result of attempting to perform the above-described nine types of decryption, the decryption unit 133 can decrypt only the encrypted data EN1 [1234] using only the encryption key ABCD (= KEY1 = KEY1a). Thereby, the decoding unit 133 can obtain 1234 as the decoded data.

  Returning to FIG. 3, next, the second controller 130 determines the security key (1234, in this case, the decrypted data itself is the security key) from the decrypted data (1234) generated by the decryption unit 133. And the extracted security key (1234) is recorded in the volatile memory 110 (S213). As a result, the main controller 160 uses the security key (1234) newly recorded in the volatile memory 110 to connect the HDDs connected to the connectors 210 to 230 (after switching to the normal mode, the first and second And the information recorded in the fourth HDD 810, 820, 840) can be encrypted or decrypted.

  Returning to FIG. 2, if the main control unit 160 determines that the first maintenance mode is not set (S201, NO), the electronic device 100 operates in the second maintenance mode (S301).

  As described above, the second maintenance mode is a mode that is set when the maintenance operation of the electronic apparatus 100 is performed, similarly to the first maintenance mode. However, the second maintenance mode is different from the first maintenance mode, such as information stored in HDDs connected to the connectors 210 to 230 (first to third HDDs 810 to 830 in FIG. 1). This is not a mode that makes analysis difficult for third parties.

  Next, the main control unit 160 causes the detection unit 180 to stop detecting that the housing 700 has been opened as a predetermined operation (S302). Thereby, the detection unit 180 does not detect that the housing 700 is opened as a predetermined operation. As a result, the second controller 130 does not erase the security key stored in the volatile memory 110.

  Accordingly, the main control unit 160 is connected to the connectors 210 to 230 using the security key (1234) recorded in the volatile memory 110 without requiring a process for newly recording the security key. Information recorded on the HDD can be encrypted or decrypted.

  On the other hand, in the second maintenance mode, unlike the first maintenance mode, the act of a third party who tries to illegally access information stored in the first to third HDDs 810 to 830 is suppressed in advance. I can't.

  The operation of the electronic device 100 has been described above.

  As described above, the electronic device 100 according to the first embodiment of the present invention includes the volatile memory 110, the mode setting unit 170, the identification information acquisition unit 121, the encryption key generation unit 131, the encryption unit 132, A nonvolatile memory 140, a detection unit 180, a decryption unit 133, and a control unit (first controller 120, second controller 130) are provided.

  The volatile memory 110 records a security key (for example, 1234) for encrypting or decrypting information recorded in the data storage device (HDD). The mode setting unit 170 can set the normal mode and the first maintenance mode. The identification information acquisition unit 121 acquires identification information (for example, SN1, SN2, SN3) of the data storage device. The encryption key generation unit 131 generates an encryption key (for example, KEY1, KEY2, KEY3) based on the identification information acquired by the identification information acquisition unit 121.

  The encryption unit 132 encrypts the security key stored in the volatile memory 110 with the encryption key generated by the encryption key generation unit 131, and generates encrypted data (for example, EN1 [1234], EN2 [1234], EN3 [1234]). The nonvolatile memory 140 records the encrypted data generated by the encryption unit 132. The detection unit 180 detects a predetermined operation. The decryption unit 133 decrypts the encrypted data recorded in the nonvolatile memory 140 with the encryption key generated by the encryption key generation unit 132 to generate decrypted data. The control units (the first controller 120 and the second controller 130) erase the security key stored in the volatile memory 110 based on the detection result of the detection unit 180.

  When the mode setting unit 170 switches to the first maintenance mode, the control unit causes the identification information acquisition unit 121 to acquire identification information (for example, SN1, SN2, SN3), and causes the encryption key generation unit 131 to acquire the identification information. On the other hand, an encryption key (for example, KEY1, KEY2, KEY3) is generated. Further, the control unit causes the encryption unit 132 to generate encrypted data (for example, EN1 [1234], EN2 [1234], EN3 [1234]), and records the encrypted data in the nonvolatile memory 140.

  When the mode setting unit 170 switches from the first maintenance mode to the normal mode, the control unit causes the identification information acquisition unit 121 to acquire identification information (for example, SN1, SN2, SN4) and generate an encryption key. The encryption key (for example, KEY1a, KEY2a, KEY3a) is generated by the unit 131. Further, the control unit encrypts data (for example, EN1 [1234]) recorded in the nonvolatile memory 140 with an encryption key (for example, KEY1a, KEY2a, KEY3a) generated after the decryption unit 133 is switched to the normal mode. , EN2 [1234], EN3 [1234]) to generate decoded data. Then, the control unit extracts a security key (for example, 1234) from the decrypted data (for example, 1234) generated by the decryption unit 133, and records the extracted security key in the volatile memory 110.

  In this way, when the mode setting unit 170 switches to the first maintenance mode, the encryption key generation unit 131 generates an encryption key based on the identification information in accordance with an instruction from the control unit. Thereby, the encryption key based on the identification information of the data storage device can be easily generated. Further, the encryption unit 132 encrypts the security key stored in the volatile memory 110 with the encryption key in accordance with an instruction from the control unit, and generates encrypted data. Thereby, the security key can be included in the encrypted data that cannot be analyzed by a third party. The control unit records the encrypted data in the nonvolatile memory 140. Thereby, the security key can be held in the nonvolatile memory 140 in an encrypted state. As a result, it is possible to prevent the security key from being easily analyzed by a third party while securely holding the security key in the encrypted data during maintenance work.

  When the mode setting unit 170 switches from the first maintenance mode to the normal mode, the encryption key generation unit 131 generates an encryption key based on the identification information in accordance with an instruction from the control unit. Thereby, the encryption key based on the identification information of the data storage device can be easily generated. Further, the decryption unit 133 generates decrypted data by decrypting the encrypted data recorded in the nonvolatile memory 140 with the encryption key generated after switching to the normal mode in accordance with an instruction from the control unit. Accordingly, the encrypted data can be decrypted using the encryption key that can be easily generated based on the identification information of the data storage device. Further, the control unit extracts a security key from the decrypted data generated by the decryption unit 133 and records the extracted security key in the volatile memory 110. Thus, the electronic device 100 can encrypt or decrypt information recorded in the HDD using the security key newly recorded in the volatile memory 110.

  Therefore, according to the electronic device 100, when performing maintenance work of the electronic device, the security key can be safely held and the maintenance work can be performed smoothly.

  Here, as described in the section of the problem to be solved by the invention, in the process of temporarily disabling the tamper resistant process while replacing the main board or the like for the maintenance work of the electronic device, In addition, a substrate having a security key (tamper resistant substrate) can be transferred to another electronic device. For this reason, in the unlikely event that the tamper-resistant substrate whose function is temporarily disabled is stolen, the security key may leak out.

  On the other hand, in the electronic device 100 according to the embodiment of the present invention, if the detection unit 180 detects that the housing 700 is opened as a predetermined operation in the first maintenance mode, the second controller 130 deletes the security key recorded in the volatile memory 110. Therefore, even if the tamper resistant substrate 500 in the electronic device 100 is stolen, there is no possibility that the security key will leak to the outside.

  Further, as described in the section of the problem to be solved by the invention, in the process of writing the security key again after the tamper-proof process for the maintenance work of the electronic device, the maintenance worker again uses the tamper substrate for the security key. I had to carry a tool around to write. For this reason, the process of writing the security key again involves the risk of the security key being leaked.

  On the other hand, in electronic device 100 according to the embodiment of the present invention, encrypted data obtained by encrypting a security key with an encryption key generated based on HDD identification information is recorded in nonvolatile memory 140 and volatilized. The security key recorded in the memory 110 is deleted during maintenance work. In the electronic device 100, after the maintenance work, the encrypted data recorded in the nonvolatile memory 140 is decrypted with the encryption key generated based on the HDD identification information, and the security key is extracted from the decrypted data. ing. Therefore, it is not necessary for the maintenance worker to carry the security key. For this reason, the process of writing the security key again is eliminated, and the risk of the security key being leaked can be reduced.

  In addition, the electronic device 100 according to the first embodiment of the present invention includes a housing 700. The housing 700 houses at least the volatile memory 110 and the nonvolatile memory 140. The detection unit 180 detects that the housing 700 is opened as a predetermined operation.

  As a result, the control unit deletes the security key recorded in the volatile memory 110 when the detection unit 180 detects that the housing 700 is opened as a predetermined operation. Therefore, since there is no security key in the electronic device 100, a third party cannot encrypt or decrypt information illegally recorded on the HDD.

  In electronic device 100 according to the first embodiment of the present invention, mode setting unit 170 sets any one of the normal mode, the first maintenance mode, and the second maintenance mode. In the second maintenance mode, the control unit causes the detection unit 180 to stop detecting a predetermined operation. As a result, in the second maintenance mode, the electronic device 100 is recorded in the HDD using the security key recorded in the volatile memory 110 without requiring a process for newly recording the security key. Information can be encrypted or decrypted.

<Second Embodiment>
The electronic device according to the second embodiment of the present invention has the same configuration as that of the electronic device 100 according to the first embodiment.

  However, the function of the encryption unit 132 is different from that of the first embodiment. In other words, in the second embodiment, the encryption unit 132 converts a data string composed of the security key stored in the volatile memory 100 and the encryption key generated by the encryption key generation unit 131 into an encryption key. It encrypts with the encryption key produced | generated by the production | generation part 131, and produces | generates encryption data. The specific operation of the decoding unit 133 will be described in detail in the operation description described later.

  In the first embodiment, the encryption unit 132 encrypts the security key stored in the volatile memory 110 with the encryption key generated by the encryption key generation unit 131 to generate encrypted data. It was.

  When the function of the encryption unit 132 is different from that of the first embodiment, the specific function of the decryption unit 133 is also different from that of the first embodiment. That is, the decryption unit 133 decrypts the encrypted data recorded in the nonvolatile memory 140 with the encryption key generated by the encryption key generation unit 131, and generates decrypted data. This point is the same as the first embodiment, but differs from the first embodiment in a specific operation. The specific operation of the decoding unit 133 will be described in detail in the operation description described later.

  Next, the operation of the electronic device according to the second embodiment will be described.

  The operation of the electronic device according to the second embodiment is basically the same as that of the electronic device 100 according to the first embodiment.

  However, the specific processing differs in the processing of S205 and S212 in FIG. Note that the operations in the normal mode and the second maintenance mode are the same as those in the first embodiment, and thus description thereof is omitted.

  The operation in the first maintenance mode of the electronic device in the second embodiment will be specifically described below. In addition, about the content which overlaps with 1st Embodiment, description is simplified or description is abbreviate | omitted.

  As shown in FIG. 2, the main control unit 160 determines whether or not the mode setting unit 170 has set the first maintenance mode (S201). The specific process is the same as that of the first embodiment.

  On the other hand, when the main control unit 160 determines that the first maintenance mode is not set (S201, NO), the electronic device 100 performs the processing from S301 onward.

  Next, as illustrated in FIG. 3, the identification information acquisition unit 121 of the first controller 120 acquires identification information of the first to third HDDs 810 to 830 connected to the connectors 210 to 230 (S203). ). The specific process is the same as that of the first embodiment.

  Next, as shown in FIG. 3, the encryption key generation unit 131 of the second controller 130 generates an encryption key (S204). The specific process is the same as that of the first embodiment.

  Returning to FIG. 3, next, the encryption unit 132 of the second controller 130 generates encrypted data (S205). Specifically, the second controller 130 outputs an instruction for generating encrypted data to the encryption unit 132. The encryption unit 132 is a data string composed of a security key stored in the volatile memory 110 and the encryption keys KEY1, KEY2, and KEY3 generated by the encryption key generation unit 131 in accordance with an instruction from the second controller 130. Is generated. Then, the encryption unit 132 encrypts the data string with the encryption keys KEY1, KEY2, and KEY3 generated by the encryption key generation unit 131, and generates encrypted data.

  FIG. 8 is a diagram for explaining the operation flow of the electronic device according to the second embodiment, and particularly for explaining the processing of S205.

  As shown in FIG. 8, the encryption unit 132 generates a data string (for example, 1234ABCD) composed of a security key (for example, 1234) and the encryption key KEY1 (for example, ABCD) generated by the encryption key generation unit 131. To do. Similarly, the encryption unit 132 generates a data string (for example, 1234BCDE) composed of a security key (for example, 1234) and the encryption key KEY2 (for example, BCDE) generated by the encryption key generation unit 131. Similarly, the encryption unit 132 generates a data string (for example, 1234CDEF) composed of a security key (for example, 1234) and the encryption key KEY3 (for example, CDEF) generated by the encryption key generation unit 131.

  Then, the encryption unit 132 encrypts the data string (1234ABCD) with KEY1 (for example, ABCD) generated by the encryption key generation unit 131, and generates encrypted data (EN1 [1234ABCD]). Similarly, the encryption unit 132 encrypts the data string (1234BCDE) with KEY2 (for example, BCDE) generated by the encryption key generation unit 131, and generates encrypted data (EN2 [1234BCDE]). Similarly, the encryption unit 132 encrypts the data string (1234CDEF) with KEY3 (for example, CDEF) generated by the encryption key generation unit 131, and generates encrypted data (EN2 [1234CDEF]).

  Returning to FIG. 3, next, the second controller 130 records the encrypted data in the nonvolatile memory 140 (S206). Specifically, the second controller 130 records the three encrypted data (EN1 [1234ABCD], EN2 [1234BCDE], EN3 [1234CDEF]) generated by the encryption unit 132 in the nonvolatile memory 140. In this way, three types of encrypted data are generated by encrypting one type of data string with three types of encryption keys. These encrypted data are held in the nonvolatile memory 140 that is not erased even when power is not supplied.

  Next, it is assumed that the administrator of the electronic device 100 opens the casing 700 of the electronic device 100 and starts maintenance work. At this time, the detection unit 180 detects that the housing 700 has been opened.

  Here, the power supply of the electronic device 100 is turned off by an administrator of the power supply electronic device 100 or the like. That is, the power supply unit 190 supplies power to the main board 600, the tamper-resistant board 500, and the HDDs (first to third HDDs 810 to 830 in FIG. 1) connected to the connectors 210 to 230. To stop. Even if the power supply by the power supply unit 190 is stopped, power is supplied to the first controller 120 and the volatile memory 110 by the backup battery 150. Therefore, at this time, the security key recorded in the volatile memory 110 is not erased and remains recorded.

  Next, the detection unit 180 detects that the housing 700 has been opened as a predetermined operation (S207).

  When the predetermined operation is detected by the detection unit 180 (S207, YES), the second controller 130 deletes the security key stored in the volatile memory 110 (S208). Thereby, the act of the third party who tries to illegally access the information stored in the first to third HDDs 810 to 830 can be suppressed in advance.

  On the other hand, when the predetermined operation is not detected by the detection unit 180 (S207, NO), the electronic apparatus 100 repeats the process of S207.

  Next, it is assumed that the administrator or the like of the electronic device 100 finishes the maintenance work of the electronic device 100 and closes the housing 700.

  Here, the power source of the electronic device 100 is turned on by an administrator of the electronic device 100 or the like. That is, the power supply unit 190 supplies power to the main board 600, the tamper-resistant board 500, and the HDDs (first to third HDDs 810 to 830 in FIG. 1) connected to the connectors 210 to 230. To start.

  Next, the main control unit 160 determines whether or not the mode setting unit 170 has switched from the first maintenance mode to the normal mode (S208).

  When the administrator of the electronic device 100 uses the mode setting unit 170 to switch from the first maintenance mode to the normal mode, the main control unit 160 recognizes that the switch has been switched from the first maintenance mode to the normal mode. To do.

  As shown in FIG. 3, when the setting is switched from the first maintenance mode to the normal mode (S209, YES), the identification information acquisition unit 121 of the first controller 120 is connected to the connector in the same manner as in S203. Identification information of HDDs connected to 210 to 230 is acquired (S210).

  Here, it is assumed that the third HDD 830 is replaced with the fourth HDD 840 among the first to third HDDs 810 to 830 connected to the connectors 210 to 230.

  Specifically, first, the first controller 120 sends the identification information of the first, second, and fourth HDDs 810, 820, and 840 connected to the connectors 210 to 230 to the identification information acquisition unit 121. Output the instruction to be acquired. The identification information acquisition unit 121 acquires the identification information of the first, second, and fourth HDDs 810, 820, 840 via the main board 600 according to the instruction of the first controller 120. Then, the first controller 120 temporarily records the identification information of the first, second, and fourth HDDs 810, 820, 840 acquired by the identification information acquisition unit 121 in the volatile memory 110.

  When the setting is switched from the first maintenance mode to the normal mode, the main control unit 160 notifies the first controller 120 and the second controller 130 that the mode has been switched to the normal mode. Then, the second controller 130 reads the three encrypted data from the nonvolatile memory 140 into the second controller 130.

  On the other hand, when the setting cannot be switched from the first maintenance mode to the normal mode (S209, NO), the main control unit 160 continues to monitor the operation for switching from the first maintenance mode to the normal mode (S209).

  Next, as shown in FIG. 3, the encryption key generation unit 131 of the second controller 130 generates an encryption key (S211). The specific process is the same as that of the first embodiment.

  Then, the encryption key generation unit 131 selects two of the three pieces of identification information and generates three types of encryption keys. Therefore, at least one common encryption key (KEY1 = KEY1a = ABCD) can be obtained from the encryption keys obtained by the processing of S204 and the processing of S211.

  Next, the decryption unit 133 decrypts the encrypted data to generate decrypted data (S212). At this time, the second controller 130 reads the three encrypted data from the nonvolatile memory 140. Then, the decryption unit 133 decrypts the three encrypted data read by the second controller 130 with the three encryption keys generated after switching to the normal mode, and generates decrypted data.

  FIG. 9 is a diagram for explaining the operation flow of the electronic device according to the second embodiment, and particularly for explaining the processing of S212.

  As shown in FIG. 9, the decryption unit 133 sets the three encrypted data (EN1 [1234ABCD], EN2 [1234BCDE], EN3 [1234CDEF]) read by the second controller 130 to the normal mode. Decryption is performed with the three encryption keys (KEY1a, KEY2a, and KEY3a) generated after switching to generate decrypted data.

  That is, the decryption unit 133 attempts to decrypt the encrypted data (EN1 [1234ABCD]) with the three encryption keys (KEY1a, KEY2a, and KEY3a). Similarly, the decryption unit 133 attempts to decrypt the encrypted data (EN2 [1234BCDE]) with the three encryption keys (KEY1a, KEY2a, and KEY3a). Similarly, the decryption unit 133 attempts to decrypt the encrypted data (EN3 [1234CDEF]) with the three encryption keys (KEY1a, KEY2a, and KEY3a). In this way, the decryption unit 133 converts the three encrypted data (EN1 [1234ABCD], EN2 [1234BCDE], EN3 [1234CDEF]) into nine encryption keys (KEY1a, KEY2a, KEY3a) and nine patterns. Attempt to decrypt.

  On the other hand, as shown in FIGS. 8 and 9, the encrypted data EN1 [1234ABCD] is encrypted with the encryption key (KEY1 = ABCD). The encrypted data EN2 [1234BCDE] was encrypted with the encryption key (KEY2 = BCDE). The encrypted data EN3 [1234CDEF] was encrypted with the encryption key (KEY3 = CDEF).

  As described above, the encryption keys KEY1a, KEY2a, and KEY3a generated in S211 after switching to the normal mode, and the encryption keys KEY1, KEY2, and KEY3 generated in S204 after switching to the first maintenance mode In contrast, the common encryption key is one of ABCD (= KEY1 = KEY1a).

  Therefore, as a result of trying to perform the above-described nine types of decryption, the decryption unit 133 can decrypt only the encrypted data EN1 [1234ABCD] using only the encryption key ABCD (= KEY1 = KEY1a). Thereby, the decoding unit 133 can obtain 1234ABCD as the decoded data.

  Returning to FIG. 3, next, the second controller 130 extracts the security key from the decrypted data, and records the extracted security key in the volatile memory 110 (S213).

  FIG. 10 is a diagram for explaining the operation flow of the electronic device according to the second embodiment, and particularly for explaining the processing of S213.

  As illustrated in FIG. 10, the second controller 130 extracts the security key (1234) by deleting the encryption key (ABCD) from the decrypted data (1234ABCD) generated by the decryption unit 133. Then, the second controller 130 records the extracted security key (1234) in the volatile memory 110.

  As a result, the main controller 160 uses the security key (1234) newly recorded in the volatile memory 110 to connect the HDDs connected to the connectors 210 to 230 (after switching to the normal mode, the first and second And the information recorded in the fourth HDD 810, 820, 840) can be encrypted or decrypted.

  The operation of the electronic device in the second embodiment has been described above.

  As described above, in the electronic device according to the second embodiment of the present invention, the encryption unit 132 includes the security key stored in the volatile memory 110 and the encryption key generated by the encryption key generation unit 131. The data string to be encrypted is encrypted with the encryption key generated by the encryption key generation unit 131 to generate encrypted data.

  In this manner, the encryption unit 132 generates information obtained by encrypting the security key and the data string of the encryption key as encrypted data. For this reason, the analysis of the security key can be made more difficult as compared with the encrypted data obtained by simply encrypting the security key. That is, in this case, even if the decryption of the encrypted data is successful, the obtained decrypted data is not a security key itself but a data string combining a security key and an encryption key. Therefore, it is necessary to further extract a security key from the data string, so that the analysis of the security key can be made more difficult.

  In the invention described in Patent Document 1, an HMAC of a character string obtained by combining the acquired HDD serial number, wrap encryption key, and counter is calculated, and the serial number, wrap encryption key and counter, and the HMAC are used as secure data. Are stored in the flash ROM (particularly, paragraphs [0123] and [0124]). If it is determined that the calculated HMAC matches the HMAC read from the flash ROM, the wrap encryption key in the read secure data is decrypted with the generated secret key kw to obtain the content encryption key khdd. (Particularly, paragraphs [0133] and [0135]). However, in the technique described in Patent Document 1, the wrap encryption key is not generated based on the serial number of the HDD. On the other hand, in the present invention, the encryption key generation unit 131 generates an encryption key based on the identification information (corresponding to the serial number of the HDD) acquired by the identification information acquisition unit 121. Therefore, the present invention is different from the invention described in Patent Document 1.

  The present invention has been described above based on the embodiment. The embodiment is an exemplification, and various modifications, increases / decreases, and combinations may be added to the above-described embodiments without departing from the gist of the present invention. It will be understood by those skilled in the art that modifications to which these changes, increases / decreases, and combinations are also within the scope of the present invention.

DESCRIPTION OF SYMBOLS 100 Electronic device 110 Volatile memory 120 1st controller 121 Identification information acquisition part 130 2nd controller 131 Encryption key generation part 132 Encryption part 133 Decryption part 134 Second controller memory 140 Non-volatile memory 150 Backup battery 160 Main Control unit 170 Mode setting unit 180 Detection unit 190 Power supply unit 210 to 230 Connector 500 Tamper resistant substrate 600 Main substrate 700 Case 810 First HDD
820 Second HDD
830 Third HDD
840 Fourth HDD

Claims (4)

A volatile memory for recording a security key for encrypting or decrypting information recorded in the data storage device;
A mode setting unit capable of setting the normal mode and the first maintenance mode;
An identification information acquisition unit for acquiring identification information of the data storage device;
An encryption key generation unit that generates an encryption key based on the identification information acquired by the identification information acquisition unit;
An encryption unit that encrypts the security key stored in the volatile memory with the encryption key generated by the encryption key generation unit to generate encrypted data;
A nonvolatile memory that records the encrypted data generated by the encryption unit;
A detection unit for detecting a predetermined operation;
A decryption unit that decrypts the encrypted data recorded in the nonvolatile memory with the encryption key generated by the encryption key generation unit and generates decrypted data;
A controller that erases the security key stored in the volatile memory based on the detection result of the detector;
The controller is
When the mode setting unit switches to the first maintenance mode, the identification information acquisition unit acquires the identification information, the encryption key generation unit generates the encryption key, and the previous encryption Generating the encrypted data, and recording the encrypted data in the nonvolatile memory,
When the mode setting unit switches from the first maintenance mode to the normal mode, the identification information acquisition unit acquires the identification information, and the encryption key generation unit generates the encryption key. The decryption unit generates the decrypted data by decrypting the encrypted data recorded in the nonvolatile memory with an encryption key generated after switching to the normal mode, and the decryption unit An electronic device that extracts the security key from the decrypted data generated by the step and records the extracted security key in the volatile memory.   The encryption unit is configured to generate a data string including the security key stored in the volatile memory and the encryption key generated by the encryption key generation unit. The electronic apparatus according to claim 1, wherein the encrypted data is generated by encryption with an encryption key. A housing for housing at least the volatile memory and the nonvolatile memory;
The electronic device according to claim 1, wherein the detection unit detects that the casing is opened as the predetermined operation. The mode setting unit sets any one of the normal mode, the first maintenance mode, and the second maintenance mode,
The electronic device according to claim 1, wherein, in the second maintenance mode, the control unit causes the detection unit to stop detecting the predetermined operation.

Images