WO2003075233A2 - Smart card and method for avoiding software bug on such a smart card - Google Patents
Smart card and method for avoiding software bug on such a smart card Download PDFInfo
- Publication number
- WO2003075233A2 WO2003075233A2 PCT/FR2003/000637 FR0300637W WO03075233A2 WO 2003075233 A2 WO2003075233 A2 WO 2003075233A2 FR 0300637 W FR0300637 W FR 0300637W WO 03075233 A2 WO03075233 A2 WO 03075233A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- code
- memory
- data
- addresses
- central unit
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
- G06K19/06—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
- G06K19/067—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
- G06K19/07—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
- G06K19/073—Special arrangements for circuits, e.g. for protecting identification code in memory
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/16—Error detection or correction of the data by redundancy in hardware
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0806—Details of the card
- G07F7/0833—Card having specific functional components
- G07F7/084—Additional components relating to data transfer and storing, e.g. error detection, self-diagnosis
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11C—STATIC STORES
- G11C29/00—Checking stores for correct operation ; Subsequent repair; Testing stores during standby or offline operation
- G11C29/70—Masking faults in memories by using spares or by reconfiguring
- G11C29/78—Masking faults in memories by using spares or by reconfiguring using programmable devices
- G11C29/84—Masking faults in memories by using spares or by reconfiguring using programmable devices with improved access time or stability
- G11C29/846—Masking faults in memories by using spares or by reconfiguring using programmable devices with improved access time or stability by choosing redundant lines at an output stage
Definitions
- the present invention relates to a smart card, and to a method for avoiding logical "software" (or software) flaw on such a smart card.
- a component for a smart card used for example in the field of digital television to control the right of a user to have access to a program, has a memory code part, which cannot be modified once the component has been realized. An error in the code loaded in this memory, due to a non-exhaustive test or a software flaw, cannot therefore be corrected.
- the code provided by the designer is directly embedded in the silicon ("masked code"), for example by using an ionization process.
- masked code the code provided by the designer is directly embedded in the silicon
- a software flaw or "bug”
- the smart cards being with customers, it is very difficult to solve this problem simply. In general there is no other solution than recovering the chip cards and changing them.
- a solution of the known art consists in loading a correction code into a data memory located in the component of the smart card. Such a loading can take place during the personalization of the card, or by remote sending, for example directly to a subscriber to a decoder service.
- the "hidden code" in code memory provides all the places where a problem could potentially exist, for example:
- the correction code must also be large. It can then have a much larger size than necessary. - Intervention in places not provided for in the original code is not possible.
- the invention therefore aims to overcome such drawbacks by making it possible to correct software flaws on the component of a smart card during the operation of this smart card.
- the invention relates to a smart card, the component of which comprises a central processing unit, a code memory in which an original code is stored comprising at least one software flaw which cannot be corrected, a data / code memory in an area of which a substitution code free of software flaws is stored, as well as the addresses of the software flaw (s), a mechanism for intercepting the addresses of the central unit which checks the hardware addresses which execute, characterized in that the address interception mechanism comprises an address interception and substitution block which makes it possible to divert the central unit when it detects an address or a set of address of software flaw and a data multiplexer allowing the central processing unit to take into account either the data in the memory code if there is no diversion, ie the data from the data / code memory.
- the data / code memory can be an E 2 PROM memory, a flash memory or a FeRAM memory.
- the code memory can be a ROM memory or a flash memory.
- the invention also relates to a software flaw avoidance method which cannot be corrected in the code stored in a code memory of the component of a smart card, said component further comprising a central unit, a data / code memory, and a mechanism for intercepting the addresses of the central unit which verifies the hardware addresses which are executed, characterized in that it comprises the following steps: there is at least one software flaw in the code memory of said component,
- the present invention has the following advantages: - diversion locations do not have to be planned in advance,
- the method of the invention makes it possible to correct software flaws during the production process but also during the operation itself of the component, and this without having previously provided for software interceptions in the code.
- This process combining hardware and software also offers real flexibility.
- the single figure illustrates an embodiment of a smart card according to the invention.
- the invention consists, in order to correct one or more logical flaws of a code stored "masked code" in a smart card, to provide a mechanism for intercepting the addresses of the central unit 10 of this smart card, which checks the hardware addresses that run.
- the chip card component thus comprises: - a central unit 10,
- MDC 14 data / code memory
- E 2 PROM Electrically Erasable Programmable Read Only Memory
- flash memory for example an EPROM (EPROM)
- FeRAM memory Feroelectric Random Access Memory
- MC code memory
- ROM type read-only memory
- flash in which the original code is stored
- the mechanism 11 for intercepting the addresses of this central unit 10 which includes a block 12 for intercepting and substituting addresses, and a data multiplexer 13, allowing the central unit to take into account the data of the memory 14 or the data of memory 16,
- the interception mechanism 11 makes it possible to carry out a logical address interception function. In the event of a software fault, this logic function reroutes the central unit 10 to the code for substitution called "Bug Free", that is to say free from logical flaws, previously memorized in memory 14.
- the user finds that the original code of the smart card contains at least one software flaw, he sends a correction code free of logical flaw and the addresses of the software flaw (s), in the case of a signal sent remotely for example, to correct these.
- Address interception is not limited to a single address but can concern a set of contiguous addresses or not.
- the logic flaw avoidance method of the invention therefore comprises the following steps:
- the mechanism 11 for intercepting the addresses of the central unit 10 has the list of addresses to be substituted previously stored, as well as a substitution code in an area 15 of the data / code memory 14, this list being, for example, stored in a substitution table.
- the address interception block 12 analyzes the hardware address which is executed to see if there is no consistency of this with an address of the substitution table:
- correction code is therefore loaded beforehand with one or more diversion addresses in data / code memory 14. Therefore, only information of much smaller size is loaded than in the devices of the prior art.
- code stored in memory 14 is run in a completely transparent manner for the central unit 10.
- the invention therefore consists in loading data into code data 14 of a table and a substitution code, this loading being able to take place remotely, and in carrying out an interception of the addresses of central unit 10, the unfolding the substitution code, in the event of weak logic, then taking place transparently for the central unit 10.
Landscapes
- Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Business, Economics & Management (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Business, Economics & Management (AREA)
- Quality & Reliability (AREA)
- Strategic Management (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Techniques For Improving Reliability Of Storages (AREA)
- Stored Programmes (AREA)
Abstract
Description
Claims
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2003573612A JP2005519403A (en) | 2002-03-01 | 2003-02-27 | Method for avoiding logic bug of smart card and smart card |
KR10-2004-7013516A KR20050007436A (en) | 2002-03-01 | 2003-02-27 | Smart card and method for avoiding software bug on such a smart card |
AU2003224229A AU2003224229A1 (en) | 2002-03-01 | 2003-02-27 | Smart card and method for avoiding software bug on such a smart card |
MXPA04008351A MXPA04008351A (en) | 2002-03-01 | 2003-02-27 | Smart card and method for avoiding software bug on such a smart card. |
EP03720652A EP1485885A2 (en) | 2002-03-01 | 2003-02-27 | Smart card and method for avoiding software bug on such a smart card |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR02/02620 | 2002-03-01 | ||
FR0202620A FR2836736A1 (en) | 2002-03-01 | 2002-03-01 | CHIP CARD AND METHOD FOR AVOIDING FAULTY LOGIC ON SUCH A CHIP CARD |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2003075233A2 true WO2003075233A2 (en) | 2003-09-12 |
WO2003075233A3 WO2003075233A3 (en) | 2004-03-04 |
Family
ID=27741362
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/FR2003/000637 WO2003075233A2 (en) | 2002-03-01 | 2003-02-27 | Smart card and method for avoiding software bug on such a smart card |
Country Status (7)
Country | Link |
---|---|
EP (1) | EP1485885A2 (en) |
JP (1) | JP2005519403A (en) |
KR (1) | KR20050007436A (en) |
AU (1) | AU2003224229A1 (en) |
FR (1) | FR2836736A1 (en) |
MX (1) | MXPA04008351A (en) |
WO (1) | WO2003075233A2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2008025900A1 (en) * | 2006-08-30 | 2008-03-06 | Viaccess | Security processor and recording method and medium for configuring the behaviour of this processor |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2471004A1 (en) * | 1979-11-30 | 1981-06-12 | Dassault Electronique | Control of access to semiconductor memories - uses access controller requiring validating inputs before opening and gate linking address bus and address decoder circuits |
GB2136992A (en) * | 1983-03-18 | 1984-09-26 | Georg V Coza | Method and System of Ensuring Integrity of Data in an Electronic Memory |
US4945535A (en) * | 1987-08-25 | 1990-07-31 | Mitsubishi Denki Kabushiki Kaisha | Information processing unit |
US5353253A (en) * | 1992-10-14 | 1994-10-04 | Mitsubishi Denki Kabushiki Kaisha | Semiconductor memory device |
EP0645714A1 (en) * | 1993-09-20 | 1995-03-29 | STMicroelectronics S.A. | Dynamic redundancy circuit for integrated circuit memory |
US5758056A (en) * | 1996-02-08 | 1998-05-26 | Barr; Robert C. | Memory system having defective address identification and replacement |
US5935258A (en) * | 1997-03-04 | 1999-08-10 | Micron Electronics, Inc. | Apparatus for allowing data transfers with a memory having defective storage locations |
-
2002
- 2002-03-01 FR FR0202620A patent/FR2836736A1/en not_active Withdrawn
-
2003
- 2003-02-27 KR KR10-2004-7013516A patent/KR20050007436A/en not_active Application Discontinuation
- 2003-02-27 WO PCT/FR2003/000637 patent/WO2003075233A2/en not_active Application Discontinuation
- 2003-02-27 EP EP03720652A patent/EP1485885A2/en not_active Withdrawn
- 2003-02-27 MX MXPA04008351A patent/MXPA04008351A/en unknown
- 2003-02-27 AU AU2003224229A patent/AU2003224229A1/en not_active Abandoned
- 2003-02-27 JP JP2003573612A patent/JP2005519403A/en not_active Withdrawn
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2471004A1 (en) * | 1979-11-30 | 1981-06-12 | Dassault Electronique | Control of access to semiconductor memories - uses access controller requiring validating inputs before opening and gate linking address bus and address decoder circuits |
GB2136992A (en) * | 1983-03-18 | 1984-09-26 | Georg V Coza | Method and System of Ensuring Integrity of Data in an Electronic Memory |
US4945535A (en) * | 1987-08-25 | 1990-07-31 | Mitsubishi Denki Kabushiki Kaisha | Information processing unit |
US5353253A (en) * | 1992-10-14 | 1994-10-04 | Mitsubishi Denki Kabushiki Kaisha | Semiconductor memory device |
EP0645714A1 (en) * | 1993-09-20 | 1995-03-29 | STMicroelectronics S.A. | Dynamic redundancy circuit for integrated circuit memory |
US5758056A (en) * | 1996-02-08 | 1998-05-26 | Barr; Robert C. | Memory system having defective address identification and replacement |
US5935258A (en) * | 1997-03-04 | 1999-08-10 | Micron Electronics, Inc. | Apparatus for allowing data transfers with a memory having defective storage locations |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2008025900A1 (en) * | 2006-08-30 | 2008-03-06 | Viaccess | Security processor and recording method and medium for configuring the behaviour of this processor |
FR2905543A1 (en) * | 2006-08-30 | 2008-03-07 | Viaccess Sa | SECURITY PROCESSOR AND METHOD AND RECORDING MEDIUM FOR CONFIGURING THE BEHAVIOR OF THIS PROCESSOR. |
TWI499268B (en) * | 2006-08-30 | 2015-09-01 | Viaccess Sa | Security processor and method and recording medium for configuring the behaviour of this processor |
US9332297B2 (en) | 2006-08-30 | 2016-05-03 | Viaccess | Security processor and recording method and medium for configuring the behaviour of this processor |
Also Published As
Publication number | Publication date |
---|---|
JP2005519403A (en) | 2005-06-30 |
MXPA04008351A (en) | 2004-11-26 |
KR20050007436A (en) | 2005-01-18 |
FR2836736A1 (en) | 2003-09-05 |
WO2003075233A3 (en) | 2004-03-04 |
AU2003224229A1 (en) | 2003-09-16 |
EP1485885A2 (en) | 2004-12-15 |
AU2003224229A8 (en) | 2003-09-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1386230A2 (en) | Method and system for managing shared-library executables | |
EP0272165A1 (en) | Reconfigurable computing arrangement | |
EP1811778A1 (en) | Verfahren für Aktualisierung des microprogramme eines Sicherheitsmoduls | |
FR2596595A1 (en) | DOMINO TYPE MOS LOGIC HOLDER | |
FR2880963A1 (en) | Software breakpoint inserting system for e.g. flash memory, has debugging program that allows to position software breakpoint in non-volatile memory circuit, and management unit that manages breakpoints positioned in circuit | |
EP1955248B1 (en) | Adaptable security module | |
FR2643478A1 (en) | MAP WITH INTEGRATED CIRCUIT | |
FR2670595A1 (en) | Integrated circuit card | |
WO2003075233A2 (en) | Smart card and method for avoiding software bug on such a smart card | |
FR3089322A1 (en) | Management of access restrictions within a system on chip | |
EP2212824A2 (en) | Verification of data read in memory | |
EP1006532B1 (en) | Secure EEPROM with UV erasure detection means | |
EP1141903A1 (en) | Device and method for initialising an applicative programme of an integrated circuit card | |
FR2990533A1 (en) | Program execution monitoring method for smart card, involves performing set of operations, and arranging processing unit to generate interruption of execution of program according to result of set of operations | |
FR2707773A1 (en) | Integrated circuit of the hidden mask microcontroller type containing a generic test program, test station and corresponding manufacturing method. | |
EP3423978A1 (en) | Method for displaying an animation during the starting phase of an electronic device, and associated electronic device | |
EP0112427B1 (en) | Programmable logic controller | |
EP3832469A1 (en) | Secure electronic system comprising a processor and a memory component; associated programmable component | |
EP1005686B1 (en) | Method for detecting fraudulent use of electronic phonecards | |
FR2963455A1 (en) | PROTECTING SECRET KEYS | |
EP3962149A1 (en) | Gateway of information exchanges between processing units, associated devices and method | |
FR3011658A1 (en) | METHOD IN MICROCIRCUIT AND ASSOCIATED DEVICE | |
EP0932303A1 (en) | Consumer electronic equipment provided with fast memory access means | |
WO2009004234A1 (en) | Anomaly detection in service entity traffic in a packet network | |
FR2973150A1 (en) | METHOD OF MASKING A PASSAGE AT THE END OF LIFE OF AN ELECTRONIC DEVICE AND DEVICE COMPRISING A CORRESPONDING CONTROL MODULE |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SC SD SE SG SK SL TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2003720652 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: PA/a/2004/008351 Country of ref document: MX |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2003573612 Country of ref document: JP Ref document number: 1020047013516 Country of ref document: KR Ref document number: 1929/CHENP/2004 Country of ref document: IN |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2003804935X Country of ref document: CN |
|
WWP | Wipo information: published in national office |
Ref document number: 2003720652 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 1020047013516 Country of ref document: KR |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 2003720652 Country of ref document: EP |