JP7361382B2 - non-volatile storage - Google Patents

Description

The present invention relates to a nonvolatile storage device equipped with a nonvolatile memory in which data can be written and read, and in particular, the present invention relates to a nonvolatile storage device that includes a nonvolatile memory in which data can be written and read. The present invention relates to a nonvolatile storage device that can switch output format.

In order to enhance the entertainment value of gaming machines such as pachinko and pachislot, a large amount of video data, audio data, etc. are used to perform various effects. The video and audio data used in these productions may include images of singers, songs, etc., and may be implemented in gaming machines with copyright permission. Considerable care must be taken in managing this data. There is.
In recent years, the reuse of equipment used in gaming machines has become popular, and memory devices installed in gaming machines that store video and audio data, etc., can also be reused and are outside the control of gaming machine manufacturers. There is also a possibility that it will be placed in For this reason, for example, obfuscated (encrypted) video data and audio data are stored in a memory device installed in a gaming machine, and the VDP (Video Display Processor) that processes this video data and audio data is obfuscated. By providing a release function, the configuration is such that even if data is read illegally from the memory device, raw video and audio data protected by copyright cannot be obtained. In particular, with the spread of the Internet and SNS (Social Networking Services), we are now in an environment where data is easily distributed and disseminated, so we are taking precautions to ensure that video and audio used in gaming machines are not used for illicit purposes. It is necessary to
On the other hand, there are cases in which no special measures are taken to prevent data leakage, even for video and audio installed in gaming machines. For example, the data itself has little commercial value for videos with rotating numbers (there is little motivation to leak the data for fraudulent purposes), so the raw data is stored in a memory device and the video is processed using a VDP that does not have a deobfuscation function. It may also process audio. Game machine manufacturers use VDPs that have a deobfuscation function and VDPs that do not have a deobfuscation function, and even when using a VDP that does not have a deobfuscation function, there are differences depending on the content used in the game machine. There is a desire to manage data. In such cases, encrypted data is written to a memory device, and the read data is decrypted and used when the data is processed by VDP while the gaming machine is operating. Encryption processing of a USB (Universal Serial Bus) memory, etc., which is currently available, can be used.

Patent Document 1 below discloses that data and programs stored in an external memory device are encrypted, and a microprocessor and a program that are read out from the external memory device are decrypted when processed by the microprocessor itself. , a microprocessor that encrypts address information for writing data and programs to an external memory device.
Furthermore, Patent Document 2 below describes that when writing data to an external memory, an address is encrypted to generate a write address, the write data is encrypted to generate write encrypted data, and when data is read from an external memory, , a processor device is described that encrypts an address to generate a read address and decrypts the encrypted data read from the external memory to generate plaintext data.

Japanese Patent Application Publication No. 2003-203013 Japanese Patent Application Publication No. 2009-163284

However, in a configuration such as Patent Documents 1 and 2, in which encrypted data is stored in an external memory device to ensure security, encryption processing is required when writing data to the external memory device, resulting in a decrease in write performance. Moreover, there is a problem that decoding processing is required even when reading, and reading performance also deteriorates.
The present invention has been made in view of the above-mentioned circumstances, and an object of the present invention is to provide a nonvolatile storage device that does not cause a decrease in write performance or read performance while ensuring data security.

In order to solve this problem, the invention according to claim 1 includes a storage unit configured of a nonvolatile memory in which data can be written and read, and an obfuscation process is applied to the raw data stored in the storage unit. an obfuscation unit that converts the raw data into obfuscated data in a different format from the raw data; a data output unit that outputs the data stored in the storage unit in the output format of the raw data or the obfuscated data; A command receiving unit that accepts a status setting command including output data selection information that specifies an output format of either the input raw data or the obfuscated data, and a nonvolatile memory that stores the obfuscated data selection information. A state storage unit, a temporary state storage unit configured with a volatile memory that stores raw data selection information, and a state control unit that controls the state storage unit and the temporary state storage unit, the state control unit: Based on the output data selection information stored in the state storage unit and the temporary state storage unit, the data format read from the storage unit and output from the data output unit is set as the raw data or the obfuscated data. It is characterized in that it is a controlled non-volatile storage device.

The invention according to claim 2 further comprises, in addition to the configuration described in claim 1, a command string composed of a character string containing any of letters, numbers, or symbols, which is associated with the command string. The state control unit includes a command conversion unit that converts the state setting command, and when the command character string received by the command reception unit is supplied to the command conversion unit and converted to the state setting command, the state control unit converts the command character string to the state setting command. The output data selection information is stored in the state storage section and the temporary state storage section based on the state setting command, and the output data selection information is read from the storage section and the data format output from the data output section is set to the raw data or the data output section. The present invention is characterized in that it is a non-volatile storage device that is controlled to obfuscate data.

The invention according to claim 3 includes, in addition to the configuration according to claim 1, a command conversion unit that decrypts the encrypted status setting command, and the status setting command received by the command reception unit is When supplied to the command conversion unit and decoded, the state control unit stores the output data selection information in the state storage unit and the temporary state storage unit based on the decoded state setting command, and stores the output data selection information in the storage unit and the temporary state storage unit. The non-volatile storage device controls the data format read from the data output section and output from the data output section to be the raw data or the obfuscated data.

According to the invention according to claim 1, it is possible to select either a raw data format or an obfuscated data format in which raw data is subjected to obfuscation processing as the output format of the data stored in the storage unit. It has become. When outputting in the raw data format, the data can be used as is without any processing, so no deterioration in read performance occurs.
On the other hand, when outputting in the form of obfuscated data, it is necessary to perform deobfuscation processing to return it to raw data, and the outputted data cannot be used in its original form. Therefore, the security of the data stored in the storage unit can be ensured.
Furthermore, since raw data can be written in the storage section, there is no need to perform any processing on the written data, and no deterioration in writing performance occurs.

According to the invention according to claim 2, receiving a command string composed of a character string containing any one of letters, numbers, or symbols, and converting it into a status setting command associated with this command string, The data format to be output is selected based on this converted status setting command. The command string associated with the status setting command can be assigned a different character string depending on the sales destination of the nonvolatile storage device or the content of data stored in the storage unit, so it is possible to assign a different string to the command string associated with the status setting command. The range can be limited. As a result, the security of data stored in the storage unit is improved, and it is possible to prevent unauthorized acquisition and use of the nonvolatile storage device.

According to the invention according to claim 3, the encrypted status setting command is decrypted, and the data format to be output is selected based on the decrypted status setting command. Since unencrypted status setting commands cannot be read from outside, data stored in the storage unit cannot be read out illegally, improving data security and preventing unauthorized access to non-volatile storage devices. It can be prevented from being obtained and used.

FIG. 1 is a functional block diagram for explaining the configuration of an information processing device according to a first embodiment of the present invention. FIG. 3 is a diagram illustrating the state transition of the auxiliary storage device according to the first embodiment, in which (a) is a diagram showing the transition relationship of all states, and (b) is a diagram showing a trigger for state transition and the states before and after the transition. It is a diagram. FIG. 2 is a block diagram showing the functional configuration of an auxiliary storage device and a ROM writer according to the first embodiment. It is a flowchart which shows an example of the procedure for outputting data from the auxiliary storage device based on the same first embodiment. 12 is a flowchart illustrating an example of a state setting procedure when the auxiliary storage device according to the first embodiment is powered on or reset. 12 is a flowchart illustrating an example of a state setting procedure when receiving a state setting command for the auxiliary storage device according to the first embodiment. FIG. 2 is a flowchart showing an example of a data output procedure when receiving a data output request command for the auxiliary storage device according to the first embodiment; FIG. FIG. 2 is a functional block diagram for explaining the configuration of an information processing device according to a second embodiment of the present invention. FIG. 7 is a diagram illustrating an example of a status setting command for an auxiliary storage device and a command character string associated with the status setting command according to the second embodiment. FIG. 2 is a functional block diagram for explaining the configuration of an information processing device according to a third embodiment of the present invention.

The present invention will be explained in detail below using the embodiments shown in FIGS. 1 to 10. However, unless there is a specific description, the components, types, combinations, shapes, relative arrangements thereof, etc. described in this embodiment are merely illustrative examples and do not limit the scope of this invention. .
Embodiments of the present invention will be described in detail below.

[First embodiment]
<Information processing device>
The configuration of an information processing device according to a first embodiment of the present invention will be described. FIG. 1 is a functional block diagram for explaining the configuration of an information processing apparatus according to a first embodiment of the present invention.
The information processing device 1 includes a data processing processor 10 and an auxiliary storage device 40 that is a "nonvolatile storage device."
The host CPU 2 shown in FIG. 1 is a CPU placed above the information processing device 1 that constitutes a gaming machine or the like.

<<Data processing processor>>
The data processor 10 is a processor that processes data such as images, sounds, and light emission, and includes a CPU 12, a RAM 13, an image processing section 14, a display output section 16, a sound processing section 18, a sound output section 20, a light emission processing section 22, It includes a light emission output section 24, a data bus 26, a register bus 28, and an I/F control section 35.

The CPU 12 controls the data processor 10 as a whole.
The RAM 13 is a volatile storage medium in which information can be read and written at high speed, and can be used as a work memory.
The image processing unit 14 processes images to be displayed, and generates image data by acquiring data stored in the auxiliary storage device 40 via the data bus 26 and drawing it as an image.
The display output unit 16 outputs the image data generated by the image processing unit 14 to a display unit such as the display 30. The display 30 is a display device such as an LCD.

The sound processing unit 18 processes audio signals to be output, acquires data stored in the auxiliary storage device 40 via the data bus 26, and generates sound data.
The sound output unit 20 outputs an audio signal to the speaker 32 or the like based on the generated sound data.
The light emission processing unit 22 acquires data stored in the auxiliary storage device 40 via the data bus 26 based on the effect, and generates data for driving light emitters such as the LED 34.
The light emission output section 24 drives a light emitting body such as an LED based on the data generated by the light emission processing section.
The LED (light emitting diode) 34 is a semiconductor element that emits light when a voltage is applied in the forward direction, and is an example of a light emitting body.
The I/F control unit 35 controls the interface with the auxiliary storage device 40.

<<Auxiliary storage device>>
The auxiliary storage device 40 stores content data, which is data for gaming content (videos, still images, audio, etc.), in the form of raw data without any processing. When outputting this content data from the auxiliary storage device 40 to the outside, it may be output as is in the raw data format, or it may be obfuscated on the raw data and output in an obfuscated data format that is different from the raw data. You can select which one to output.
This auxiliary storage device 40 includes a storage section (flash memory) 42 which is a "nonvolatile memory" in which data can be written and read, a temporary storage section (DRAM) 44, a temporary state storage section 47, a state storage section 45, and an obfuscated 62, a memory controller 46, and a bus 48.

The auxiliary storage device 40 is an SSD (Solid State Drive) including a so-called NAND flash memory. However, in a normal SSD, the temporary storage section 44 is used as a cache memory for writing, but in the SSD used in the present invention, the firmware of the SSD is changed and the temporary storage section 44 is used as a cache memory for reading. Note that instead of changing the writing DRAM to the reading DRAM, a separate DRAM may be prepared for the reading.

The storage unit 42 is, for example, a nonvolatile memory consisting of a NAND flash memory array. Content data is stored in the storage unit 42 in the form of raw data.
The temporary storage unit 44 is a volatile memory made of, for example, DDR DRAM, and caches read data.

The temporary state storage unit 47 is configured of a part of the DDR DRAM for data cache or a volatile memory configured separately from the DDR DRAM, and stores data stored in the storage unit 42 in the auxiliary storage device 40. When raw data is selected, state setting data including "Raw data selection information" indicating the state is temporarily stored as the format of data outputted to the outside.

The state storage unit 45 is composed of a small-capacity nonvolatile memory such as an SPI ROM (Serial Peripheral Interface ROM), for example. This state storage unit 45 stores the output format of the data stored in the storage unit 42 as obfuscated data when an Enable Read Scramble command, which will be described later, is input to the auxiliary storage device 40 from the host CPU 2 or data processing processor 10. Status setting data including "obfuscated data selection information" which is a flag for
Note that the Raw data selection information stored in the temporary state storage section 47 and the obfuscated data selection information stored in the state storage section 45 are referred to as output data selection information.

The obfuscation unit 62 performs obfuscation processing on the Raw data and converts it into an obfuscated data format. The obfuscation process may be performed by encrypting using key data, or by applying a predetermined scrambling process to Raw data.

The memory controller 46 performs operations such as storing data input from outside the auxiliary storage device 40 in the storage section 42 and reading data stored in the storage section 42 and outputting it to the outside of the auxiliary storage device 40. Control etc.
The memory controller 46 includes an overall control section 50, a sequence control section 52, an ECC (Error Check and Correct) control section 54, a host I/F control section 56, a memory I/F control section 58, and a state control section 60. Controls the auxiliary storage device 40.

The overall control unit 50 includes a built-in RAM, ROM, etc. (not shown), and controls the entire auxiliary storage device 40 by controlling the entire memory controller 46 . The overall control unit 50 also functions as a data writing unit (data writing unit) that writes data to the storage unit 42 and a data reading unit (data reading unit) that reads data from the storage unit 42.

The sequence control unit 52 controls the operation of the storage unit 42 based on an internal command signal given to the storage unit 42 from the memory controller 46.
The ECC control unit 54 detects errors included in the read data based on the error correction code added to the read data, and corrects the error in the data when an error is detected.

The host I/F control unit 56 controls an interface with a host (data processing processor 10, etc.). This host I/F control unit 56 is a “command reception unit” that receives a status setting command that holds output format information that specifies the output format of either raw data or obfuscated data that is input from outside the auxiliary storage device 40. ”. Further, the host I/F control unit 56 functions as a “data output unit” that outputs the data stored in the storage unit 42 in the output format of raw data or obfuscated data to the outside.
The memory I/F control section 58 controls the interface with the NAND array that is the storage section 42, the DRAM that is the temporary storage section 44, and the like.

The state control section 60 writes state setting data to the state storage section 45 and temporary state storage section 47 and rewrites the contents of the state setting data based on the control of the overall control section 50. In order to obtain output data selection information, the state control unit 60 checks “obfuscated data selection information” stored in the state storage unit 45 and “Raw data selection information” stored in the temporary state storage unit 47. , (1) If no selection information is stored, raw data is output; (2) If "Raw data selection information" is stored in the temporary state storage section 47 (it is not stored in the state storage section 45); (3) "Raw data selection information" is not stored in the temporary state storage section 47, and "obfuscated data selection information" is stored in the state storage section 45. control to output obfuscated data when "information" is stored. The overall control section 50 controls the state control section 60 based on commands input from the host CPU 2 or the data processing processor 10. Note that the control by the state control unit 60 is performed by checking the “obfuscated data selection information” stored in the state storage unit 45 and the “Raw data selection information” stored in the temporary state storage unit 47, and (1) If "Raw data selection information" is not stored in the temporary state storage section 47 and "obfuscated data selection information" is stored in the state storage section 45, the obfuscated data is output, (2) above In the case of other conditions, control may be performed to output Raw data.

Each configuration of the memory controller 46 is realized by a microprocessor of the memory controller 46.
Furthermore, the data bus 26 and the bus 48 can be connected using a serial high-speed communication bus, PCIe (PCI Express), or the like.

<<<Auxiliary storage device state transition>>>
FIG. 2(a) shows a diagram explaining the state transition of the auxiliary storage device 40, and FIG. 2(b) shows a diagram explaining the trigger for transitioning to each state and the states before and after the transition. has been done.
As shown in FIG. 2A, the auxiliary storage device 40 can take three states: a raw data output state 100, an obfuscated data output state 102, and a temporary raw data output state 104.

The raw data output state 100 is the state of the auxiliary storage device 40 when a game machine manufacturer develops or manufactures a game machine, for example, and the data stored in the storage unit 42 is the state of the raw data. output in the format.

The obfuscated data output state 102 is, for example, the state of the auxiliary storage device 40 when the auxiliary storage device 40 according to the present invention is incorporated into a gaming machine and the gaming machine is shipped from the gaming machine manufacturer. The stored data is output in the form of obfuscated data. Therefore, although it is possible to connect the processor 10 having the deobfuscation function to this auxiliary storage device 40 and convert the output obfuscated data into raw data before using the data, the deobfuscation function Even if the data is read by connecting to a processor 10 that does not have a processor 10, the output data cannot be used as is. Furthermore, even if the auxiliary storage device 40 is connected to a computer and the data is read out for the purpose of reading content that is subject to copyright protection stored in the auxiliary storage device 40, the output data cannot be used as is. , data security is ensured.

The temporary raw data output state 104 is a state of the auxiliary storage device 40 when, for example, a processor 10 that does not have an obfuscation release function is connected to this auxiliary storage device 40, and the data processing processor 10 is Since the data output from the auxiliary storage device 40 can be used as is, no deterioration in read performance occurs. Further, during the development stage of the gaming machine, data written to the auxiliary storage device 40 after the gaming machine is supplied to the market, that is, after the output of the auxiliary storage device 40 has been changed to the obfuscated data output state 102. This is the state of the auxiliary storage device 40 used when comparing data supplied to the data processing processor 10 and the like.

As shown in FIG. 2(b), the state transition between the Raw data output state 100 and the obfuscated data output state 102 and the state transition from the obfuscated data output state 102 to the temporary Raw data output state 104 are This is performed by a command input from the CPU 2 or the data processor 10 to the auxiliary storage device 40.

The Enable Read Scramble command is a command for transitioning from the Raw data output state 100 to the obfuscated data output state 102. This Enable Read Scramble command is a state setting command that sets a flag for output data selection information that specifies obfuscated data as the output format. Therefore, when the host I/F control unit 56, which is a command reception unit, receives an Enable Read Scramble command in the Raw data output state 100, the overall control unit 50 stores the Enable Read Scramble flag in the state storage unit 45. The state control unit 60 outputs the data read out based on the Enable Read Scramble flag stored in the state storage unit 45 via the obfuscation unit 62.
As described above, the state control unit 60 checks the “obfuscated data selection information” stored in the state storage unit 45 and the “Raw data selection information” stored in the temporary state storage unit 47, and determines the output data format. Therefore, when the power is turned on or reset after the state transitions to the obfuscated data output state 102 (hereinafter referred to as power-on, etc.), the temporary state storage section 47 composed of volatile memory stores the "Raw" data. "Data selection information" is not stored, but obfuscated data is output from the auxiliary storage device 40 based on "obfuscated data selection information" stored in the state storage section 45 configured with non-volatile memory. . In this way, the auxiliary storage device 40 starts up as the obfuscated data output state 102.

The Release Read Scramble command is a command for transitioning from the obfuscated data output state 102 to the temporary raw data output state 104. This Release Read Scramble command is a state setting command that sets a flag for raw data selection information that specifies raw data as the output format. Therefore, when the host I/F control unit 56 receives a Release Read Scramble command in the obfuscated data output state 102, the state control unit 60 converts the data stored in the storage unit 42 into the raw data output format. The host I/F control unit 56 controls the output.
However, this Release Read Scramble command does not rewrite the obfuscated data selection information held in the state storage unit 45. Therefore, even if the host I/F control unit 56 receives the Release Read Scramble command, the obfuscated data selection information stored in the status storage unit 45 is not rewritten, and the data output format at power-on, etc. Obfuscated data remains specified. Therefore, after transitioning to the temporary raw data output state 104 by the Release Read Scramble command, if the power is turned off and then on again, the auxiliary storage device 40 starts up in the obfuscated data output state 102. To express this, in FIG. 2B, the trigger for transitioning from the temporary raw data output state 104 to the obfuscated data output state 102 is described as power-on or reset.

The Disable Read Scramble command is a command for transitioning from the obfuscated data output state 102 to the Raw data output state 100. This Disable Read Scramble command is a state setting command that erases the "obfuscated data selection information" flag and the "Raw data selection information" flag stored in the state storage section 45 and temporary state storage section 47, respectively.
In this way, the Disable Read Scramble command erases the obfuscated data selection information flag held in the state storage unit 45, so if the power is turned off and then on again after transitioning to the Raw data output state 100, the state control In the unit 60, since neither the state storage unit 45 nor the temporary state storage unit 47 holds a data output format flag, the auxiliary storage device 40 starts up in the Raw data output state 100. That is, the content data stored in the storage unit 42 is in an initial state in which no security is applied.

When this auxiliary storage device 40 is shipped to a sales destination such as a gaming machine manufacturer, the raw data output state 100 is set as an initial setting. By doing this, raw data can be written and read while the power is turned on, so that content data development work at the sales destination can be carried out smoothly.

In the first embodiment of the present invention, as shown in FIG. 2, the auxiliary storage device 40 is in three states: a raw data output state 100, an obfuscated data output state 102, and a temporary raw data output state 104. It is designed to transition. However, it is not always necessary to take these three states, and it may be possible to transition between two states: the obfuscated data output state 102 and the temporary raw data output state 104.
Furthermore, in the obfuscated data output state 102, one of the purposes for the auxiliary storage device 40 to output obfuscated data is to ensure the security of the data stored in the storage unit 42; If so, data output may be stopped in the obfuscated data output state 102 unless a Release Read Scramble command or a Disable Read Scramble command is input.

<<ROM writer>>
FIG. 3 is a block diagram showing the functional configuration of the auxiliary storage device 40 and the ROM writer 70. The ROM writer 70 is an example of an external device connected to the auxiliary storage device 40.
The ROM writer 70 is a means for writing game content data into the storage unit 42 of the auxiliary storage device 40. The ROM writer 70 is connected to a storage medium such as an HDD (Hard Disk Drive) 90 in which content data for games to be stored in the storage unit 42 of the auxiliary storage device 40 is stored, and the content data is read from the HDD 90. At the same time, the read content data is output to the auxiliary storage device 40, which is the writing destination.
In this way, in the manufacturing process of the game machine, such as writing content data, obfuscated data is not used for writing or reading data, so writing and reading can be performed at high speed.

The CPU 72 controls the ROM writer 70 as a whole. The ROM 74 is a nonvolatile memory that stores control programs and the like. The RAM 76 is a volatile storage means that functions as a work memory for the CPU 72. The I/F control unit 82 controls the interface with external devices such as the auxiliary storage device 40.
The input circuit 78 receives values, instructions, etc. input from an input device 86 including keys, switches, etc., and outputs them to the CPU 72. The display circuit 80 displays various information on the display device 88 based on instructions from the CPU 72.

In the auxiliary storage device 40, the host I/F control unit 56 receives gaming content data transmitted from the ROM writer 70, and the overall control unit 50 stores the received content data as raw data in the storage unit 42. Make me remember. In this way, raw data can be directly written to the storage unit 42, so there is no need to perform processing such as encryption on the written data, and no deterioration in writing performance occurs.
Note that data can be written to the storage unit 42 even when the auxiliary storage device 40 is in any of the raw data output state 100, the obfuscated data output state 102, and the temporary raw data output state 104. It has become.
After writing data to the storage unit 42, it is preferable to send an Enable Read Scramble command to the auxiliary storage device 40 and set a flag for obfuscated data selection information in the state storage unit 45. By doing so, the auxiliary storage device 40 starts up in the obfuscated data output state 102 when the power is turned on, and data security is ensured.
Note that the normality of the content data stored in the auxiliary storage device 40 may be inspected by using the checksum value of the obfuscated content data. For example, when an inspector inspects a gaming machine, he takes out the auxiliary storage device 40 from the gaming machine and checks the checksum value with a ROM writer (ROM checker) 70. When the gaming machine is turned off and the auxiliary storage device 40 is taken out after this happens, the raw data selection information flag written in the temporary state storage section 47 is erased, and the obfuscated data selection written in the state storage section 45 is erased. Since only the information flag remains, the auxiliary storage device 40 enters the obfuscated data output state 102, and by using the checksum value of the obfuscated content, it can be confirmed that the data has not been altered. I can do it.

<How to use auxiliary storage>
Next, a method for reading data stored in the auxiliary storage device 40 will be described.

FIG. 4 is a flowchart showing an example of a procedure for outputting data from the auxiliary storage device 40.
First, when the auxiliary storage device 40 is connected to the data processing processor 10 and the like and the power is turned on, the auxiliary storage device 40 performs a startup operation when the power is turned on (step S1). The procedure for setting the state of the auxiliary storage device 40 in this startup operation is shown as a flowchart in FIG. 5, which will be described later.
After startup, when a state setting command is input from the data processing processor 10 or the like and accepted by the host I/F control unit 56 of the auxiliary storage device 40, the auxiliary storage device 40 performs a state transition operation based on the received state setting command. (Step S2). The state setting procedure of the auxiliary storage device 40 in this state transition operation is shown as a flowchart in FIG. 6, which will be described later.
Thereafter, when a data output request command is input from the data processing processor 10 or the like and accepted by the host I/F control unit 56, the auxiliary storage device 40 transfers the data stored in the storage unit 42 to the host I/F control unit. A data output operation is performed to output data from 56 (step S3). The data output procedure of the auxiliary storage device 40 in this data output operation is shown as a flowchart in FIG. 7, which will be described later.
However, if a status setting command is not input from the data processing processor 10 or the like, but a data output request command is input, step S2 is skipped and the process proceeds to the next step 3.

FIG. 5 is a flowchart showing an example of a state setting procedure when the auxiliary storage device 40 is powered on or reset.
When the auxiliary storage device 40 is powered on, the state control section 60 reads the output data selection information stored in the state storage section 45 and the temporary state storage section 47 (step S11). Then, if there is no output data selection information in any of the storage units (Yes in step S12), the state control unit 60 controls the raw data output state 100 (step S14). On the other hand, if there is output data selection information in any of the storage units (No in step S12) and raw data selection information is in the temporary state storage unit 47 (Yes in step S13), the temporary raw data output state 104 (step S15). Further, if there is output data selection information in any of the storage units (No in step S12) and there is no Raw data selection information in the temporary state storage unit 47 (No in step S13), the obfuscated data output state 102 is control (step S16).

FIG. 6 is a flowchart showing an example of a state setting procedure when the auxiliary storage device 40 receives a state setting command.
As mentioned above, the state setting commands are the Enable Read Scramble (ERS) command, Disable Read Scramble (DRS) command, and Release Read Scramble (RRS) command, and these commands are used to read raw data or obfuscated data. Determine output data selection information that specifies one of the output formats.

When the host I/F control unit 56 of the auxiliary storage device 40 receives the status setting command (step S20), the status control unit 60 outputs the output data selection information stored in the status storage unit 45 and the temporary status storage unit 47. The relevant flag is checked (step S21).

When the state control unit 60 determines that the data selection information flag is present in the state storage unit 45 (Yes in step S22), it determines whether the received state setting command is a Release Read Scramble (RRS) command, and the received state setting command is If it is an RRS command (Yes in step S23), a flag for raw data selection information is set in the temporary state storage unit 47 (step S24), and the process transitions to the temporary raw data output state 104 (step S25).
On the other hand, if the received status setting command is not a Release Read Scramble (RRS) command (No in step S23), it is determined whether the accepted command is a Disable Read Scramble (DRS) command (step S26), and the received status setting command If is a DRS command (Yes in step S26), the flags related to the output data selection information in the state storage unit 45 and temporary state storage unit 47 are erased (step S27), and the state transitions to the raw data output state 100 (step S28).
Further, in step S26, if the received command is not a DRS command (No in step S26), no state transition is performed and the obfuscated data output state 102 is maintained (step S29).
That is, if the state storage unit 45 has a flag for output data selection information, the auxiliary storage device 40 is in the obfuscated data output state 102, and the state changes from the obfuscated data output state 102 only by an RRS command or a DRS command. Even if an ERS command is input, the obfuscated data output state 102 is maintained.
Further, in step S22, if there is no flag of output data selection information in the status storage unit 45 (No in step S22), it is determined whether the received status setting command is an ERS command (step S30), and if it is an ERS command, (Yes in step S30), sets a flag for obfuscated data selection information in the state storage unit 45 (step S31), and transitions to obfuscated data output state 102 (step S29). Note that if it is determined in step S30 that the received command is other than the ERS command (No in step S30), the process ends without performing any state transition. For example, even if an RRS command or a DRS command is erroneously input in a state where there is no flag of output data selection information in the state storage unit 45, no state transition is performed.

FIG. 7 is a flowchart showing an example of a data output procedure when the auxiliary storage device 40 receives a data output request command.
When the data output request command is accepted by the host I/F control unit 56 of the auxiliary storage device 40 (step S41), the overall control unit 50 determines whether the command is valid (step S42), and if it is invalid, The host I/F control unit outputs an invalid notification to the outside (step S43). On the other hand, if the accepted command is valid (Yes in step S42), obfuscated data or raw data is output according to the output data selection information of the auxiliary storage device (step S44).
<Effects of the first embodiment>
As described above, according to the first embodiment, the output format of the data stored in the storage unit 42 is the raw data format and the obfuscated data format in which the raw data is subjected to obfuscation processing. You can choose. When outputting in the raw data format, the data processing processor 10 and the like can use the data as is without performing any processing, so no deterioration in read performance occurs. Further, since the raw data stored in the storage section 42 is read out and output as is, the data written in the storage section 42 and the data read out completely match. For this reason, there is no possibility that data defects such as data stored in the storage unit 42 and decoded data do not completely match, which may occur due to decoding processing, for example.
On the other hand, when outputting in the form of obfuscated data, it is necessary to perform deobfuscation processing to return to raw data, and the outputted data cannot be used in its original form. Therefore, the security of the data stored in the storage unit 42 can be ensured.
Further, since raw data can be written to the storage unit 42, there is no need to perform any processing on the written data, and no deterioration in writing performance occurs.
Furthermore, the data can be output by switching between the obfuscated data output state and the raw data output state using a state setting command input from the outside, and the data output format can be easily changed by sending a command. can.

The storage unit 42 that stores game content data is subject to a test conducted to ensure the soundness of the game. In the verification, the normality of the content data stored in the storage section 42 is tested using a checksum value covering the entire area of the storage section 42 . By outputting the data stored in the storage unit 42 in the form of obfuscated data, data security can be ensured in case of unauthorized use, and the checksum value of the obfuscated data can be used for inspection. can be passed.

Further, according to the first embodiment, when the power is turned on, etc., the auxiliary storage device 40 is set to the Raw data output state 100 or It rises as one of the obfuscated data output states 102. Therefore, the output format of the auxiliary storage device 40 can be reliably set when the power is turned on. When the output format of the auxiliary storage device 40 is raw data when the power is turned on, etc., the raw data can be written to the storage section 42 and the raw data stored in the storage section 42 can be read out as is, so it can be used as a normal external memory device. can do. Further, if the output format at power-on, etc. is Raw data, when developing content data to be stored in the storage unit 42, the Raw data under development is written to the storage unit 42, and the Raw data stored in the storage unit 42 is Data can be read out as is and evaluated and inspected, improving development efficiency.
On the other hand, if the output format at power-on is obfuscated data, even if the auxiliary storage device 40 in which data is stored in the storage unit 42 is obtained illegally, the output data will be obfuscated. , the read data cannot be used as is. Therefore, the security of the data stored in the storage unit 42 is ensured. Furthermore, if the output format at power-on is obfuscated data, even if you try to use the illegally obtained auxiliary storage device 40 as a normal external memory device, the output data will be obfuscated. It cannot be used as a normal external memory device. Therefore, unauthorized distribution of the auxiliary storage device 40 can be prevented.

Further, according to the first embodiment, the output format of the auxiliary storage device 40 can be set to either raw data or obfuscated data when the power is turned on, etc. using a status setting command input from the outside. This makes it possible to easily set the data output format when power is turned on, etc. by sending commands.

[Second embodiment]
Next, an information processing apparatus according to a second embodiment of the present invention will be described using FIG. 8 and the like. The configuration of the information processing apparatus according to the second embodiment is almost the same as the configuration of the above-described first embodiment shown in FIG.
The difference between the second embodiment and the first embodiment is that the auxiliary storage device 40 includes a command converter 66 and the communication between the upper CPU 2 or the data processor 10 and the auxiliary storage device 40 is The difference lies in the commands. In the first embodiment, the status setting commands of the Enable Read Scramble command, Disable Read Scramble command, and Release Read Scramble command are used as they are for communication. On the other hand, in the second embodiment, the status setting command is not used for communication, and the command string is composed of a character string containing any of letters, numbers, or symbols that are in one-to-one correspondence with the status setting command. is used for communication.

When the auxiliary storage device 40 receives an input command string input from the outside, it supplies the input command string to the command converter 66, and converts the input command string into a preset command. Here, the input command character string is a character string that is input to the auxiliary storage device 40 as a command from an external device such as the host CPU 2 or the data processing processor 10.
Then, in the auxiliary storage device 40, if the input command character string is a command to be converted, it is determined that the input command string is converted into a predetermined command and the status setting command is accepted. After that, based on this status setting command, the same operation as the auxiliary storage device 40 according to the first embodiment described above is performed.

<Command string>
FIG. 9 shows an example of a status setting command for the auxiliary storage device 40 and a command character string that is associated one-to-one with the status setting command. For example, the Enable Read Scramble command, which is a status setting command, can have a one-to-one correspondence with the character string A_Company_Enable as a command character string. Similarly, the command character string A_Company_Disable can be associated with the Disable Read Scramble command, and the command character string A_Company_Release can be associated with the Release Read Scramble command, respectively. In this way, without directly using the ERS, DRS, and RRS commands, by providing a function to convert any command string into a predetermined status setting command, commands that control the output status of the auxiliary storage can be stored in the auxiliary storage. It becomes possible to change the output of the auxiliary storage device without disclosing it to the user of the device.
Furthermore, the combination of letters, numbers, symbols, etc. that make up the command string can be assigned to different combinations for each sales destination of the auxiliary storage device 40 or for each content data to be stored in the storage section 42. By doing so, command strings can be managed in detail, and the scope of use of the auxiliary storage device 40 can be set or restricted in detail. As a result, the auxiliary storage device 40 cannot be used by anyone other than a specific user or for a specific purpose, so the command string functions as a password.
For example, command strings such as A_Company_Enable, A_Company_Disable, and A_Company_Release can be set for company A, which is a sales destination, and command strings such as B_Company_Enable, B_Company_Disable, and B_Company_Release can be set for company B. With this setting, even if Company B illegally obtains the auxiliary storage device 40 sold to Company A, it will not be able to understand the command string intended for Company A, thereby preventing unauthorized use of the auxiliary storage device 40. I can do it.
Furthermore, command strings such as Content1_Enable, Content1_Disable, and Content1_Release can be set for a certain content data 1, and command strings such as Content2_Enable, Content2_Disable, and Content2_Release can be set for another content data 2. With this setting, if the auxiliary storage device 40 for content data 1 is mistakenly connected to the data processing processor 10 or the like for content data 2, it will not operate normally, so the misuse can be immediately noticed.

<Command converter of auxiliary storage device>
In order to use a command character string in place of the status setting command for communication between the data processing processor 10 etc. and the auxiliary storage device 40, the command conversion unit 66 of the auxiliary storage device 40 includes the command character string as well as the status setting command. Columns are pre-memorized.
When the auxiliary storage device 40 receives an input command string input from the outside, the overall control section 50 supplies this input command string to the command conversion section 66. The command conversion unit 66 compares a pre-stored command string with an input command string and extracts a command string that matches the input command string. Then, the command conversion unit 66 determines that the status setting command associated with this matched command character string has been accepted, and outputs this status setting command to the overall control unit 50. Thereafter, the state control unit 60 is controlled based on this state setting command, and the output format of raw data or obfuscated data is selected.

Note that the command character string converted by the command conversion unit 66 may be changed arbitrarily by the sales place of the auxiliary storage device 40 or the like. To do this, prepare a predetermined command to rewrite the command string, and send this predetermined command from the host CPU 2 or data processor 10 to the auxiliary storage device 40 at the sales place. Then, the command character string held in the command converter 66 may be rewritten.

<Effects of the second embodiment>
According to this second embodiment, effects similar to those of the first embodiment described above are produced.
In addition, according to the second embodiment, the auxiliary storage device 40 determines, based on the received input command string, that the status setting command associated with the command string has been accepted. Since a different command string can be assigned to each sales destination of the auxiliary storage device 40 or to each content of data to be stored in the auxiliary storage device 40, the settings of the command string can be managed in detail. As a result, the security of the data stored in the storage unit 42 is improved, and unauthorized use of the auxiliary storage device 40 can be prevented.

[Third embodiment]
Next, an information processing apparatus according to a third embodiment of the present invention will be described.
FIG. 10 is a functional block diagram showing the configuration of an information processing apparatus according to the third embodiment. This auxiliary storage device 40 has a configuration in which a command converter 66 having a decoding function is added to the configuration of the above-described first embodiment shown in FIG. Furthermore, the host CPU 2 or data processor 10 has a configuration in which a command encryption unit 25 for encrypting commands is added to the configuration of the first embodiment shown in FIG. 1. The other configuration of the information processing device 1 is almost the same as the configuration of the first embodiment.
The difference between the third embodiment and the first embodiment is that the status setting command sent from the host CPU 2 or data processor 10 to the auxiliary storage device 40 is encrypted.

In the data processing processor 10 and the like, the command encryption unit 25 encrypts the command used for communication with the auxiliary storage device 40 using a predetermined encryption key, and then transmits the command. Then, the command conversion unit (decryption unit) 66 of the auxiliary storage device 40 decrypts the received command using a predetermined decryption key. After that, the same operation as the auxiliary storage device 40 according to the first embodiment described above is performed based on the decoded command.

According to this third embodiment, effects similar to those of the first embodiment described above are produced.
In addition, according to the third embodiment, the encrypted status setting command is decrypted, and the auxiliary storage device 40 is controlled based on the decrypted status setting command. Since unencrypted status setting commands cannot be read from outside, the data stored in the storage unit 42 cannot be read out illegally, improving data security and preventing unauthorized access to the auxiliary storage device 40. Use can be prevented.

DESCRIPTION OF SYMBOLS 1... Information processing device, 10... Data processing processor, 40... Auxiliary storage device (nonvolatile storage device), 42... Storage part (nonvolatile memory), 45... State storage part, 46... Memory controller, 47... Temporary state storage Part, 50... Overall control unit, 56... Host I/F control unit (command reception unit, data output unit), 60... State control unit, 62... Obfuscation unit, 66... Command conversion unit (decoding unit), 70... ROM writer, 100...Raw data output state, 102...Obfuscated data output state, 104...Temporary Raw data output state

Claims (3)

A storage section configured with non-volatile memory in which data can be written and read;
an obfuscation unit that performs obfuscation processing on the raw data stored in the storage unit and converts it into obfuscated data in a format different from the raw data;
a data output unit that outputs the data stored in the storage unit in an output format of the raw data or the obfuscated data;
a command reception unit that receives a status setting command including output data selection information specifying an output format of either the raw data or the obfuscated data input from the outside;
a state storage unit configured with a nonvolatile memory that stores obfuscated data selection information;
a temporary state storage unit configured with a volatile memory that stores raw data selection information;
comprising a state control unit that controls the state storage unit and the temporary state storage unit,
The state control section reads out the data from the storage section based on the output data selection information stored in the state storage section and the temporary state storage section, and converts the data format output from the data output section into the raw data or the difficult-to-read data format. 1. A non-volatile storage device characterized by being controlled so as to store converted data. comprising a command conversion unit that converts a command string consisting of a character string containing any of letters, numbers, or symbols into the state setting command associated with the command string;
When the command string received by the command reception unit is supplied to the command conversion unit and converted into the state setting command,
The state control section stores the output data selection information in the state storage section and the temporary state storage section based on the converted state setting command, and reads the output data selection information from the storage section and outputs the data from the data output section. 2. The nonvolatile storage device according to claim 1, wherein the format is controlled to be the raw data or the obfuscated data. comprising a command conversion unit that decrypts the encrypted state setting command;
When the state setting command received by the command reception unit is supplied to the command conversion unit and decoded,
The state control section stores the output data selection information in the state storage section and the temporary state storage section based on the decoded state setting command, and reads the output data selection information from the storage section and outputs the data from the data output section. 2. The nonvolatile storage device according to claim 1, wherein the format is controlled to be the raw data or the obfuscated data.

Images