JP5200686B2 - Information processing apparatus, normal processing determination method, and information processing program - Google Patents

Description

  The present invention relates to a technical field for detecting alteration of a processing flow by an attacker in a security device such as an IC card or a memory card.

  When executing a program on a security device, there is a case where there is a critical process that must be executed. Here, the critical processing refers to a processing process necessary for maintaining the security level secured by the security device, such as authentication of PIN and biometric information.

  On the other hand, there is DFA (Differential Fault Attack) such as laser attack as an attack to make a security device perform an illegal operation. By this DFA, the processing flow on the security device is altered and critical processing is executed. By not doing so, an attack that reduces the security strength of the security device is known. When such an attack that alters the processing flow is successful, execution of critical processing intended by the software designer or implementer can be skipped.

As a countermeasure against such processing flow alteration, Patent Document 1 proposes a method of verifying internal data related to branching after branching processing. In this method, when branch processing is executed, route information is recorded at the branch destination, and after returning from the branch, the correctness of the branch route information is confirmed to verify whether the branch has been executed normally. doing.
JP 2002-334317 A

  However, the method disclosed in Patent Document 1 is intended only for branch processing, and does not provide a verification method for verification of normal execution and loop processing.

  Therefore, the present invention has been made in view of such points and the like, and is an information processing apparatus capable of checking whether normal execution and processing including loop processing have been performed normally, and normal processing It is an object to provide a determination method and an information processing program.

In order to solve the above-mentioned problem, the invention according to claim 1 is a program storage means for storing a program composed of a plurality of instructions executed in a series of processes, and a specific instruction is stored among the plurality of instructions. Address storage means for storing in advance a first value related to the address of the storage area being executed before the execution of the instruction, and a CPU for executing the instruction, wherein the first value is the specific instruction Is a value obtained by performing a predetermined operation on the value indicating the address of the storage area in which the CPU is stored, and when the CPU executes the specific instruction, the CPU stores the address of the storage area in which the instruction is stored. A second value obtained by temporarily storing the indicated value and then performing a predetermined operation on the stored value, and the first value stored in advance in the address storage means. Match The processing by comparing determines whether is characterized in that to determine whether or not successful.

The invention according to claim 2 relates to program storage means for storing a program composed of a plurality of instructions executed in a series of processing, and an address of a storage area in which a specific instruction is stored among the plurality of instructions. Address storage means for storing a first value in advance before execution of the instruction, and a CPU for executing the instruction, wherein the first value is a storage area in which the specific instruction is stored A value obtained by performing a predetermined operation on a value indicating an address. When the CPU executes the specific instruction, the CPU performs a predetermined operation on a value indicating an address of a storage area in which the instruction is stored. be stored temporarily a value subjected to a second value, whether followed and the stored value, said first value which is previously stored in the address storage means, match Compare and discriminate Characterized in that to determine whether the process was successful by.

A third aspect of the present invention is the information processing apparatus according to the first or second aspect , wherein there are a plurality of the specific instructions, and addresses of storage areas in which the specific instructions are stored are different from each other. To do.

The invention according to claim 4 relates to program storage means for storing a program composed of a plurality of instructions executed in a series of processing, and an address of a storage area in which a specific instruction is stored among the plurality of instructions. An address storage means for storing the first value in advance before execution of the instruction, and a CPU for executing the instruction , a plurality of the specific instructions, and a storage area in which each of the instructions is stored Are different from each other, and the first value is a value obtained by degenerating each value indicating the address of each storage area in which each specific instruction is stored by a predetermined operation. If the instruction is executed may be stored temporarily a value that indicates the address of the storage area in which the instructions are stored, degenerated then the stored value by the computation, first and the degenerate Features of the values, said first value which is previously stored in the address storage means, to determine whether the process was successful by comparing determines whether or not the match And

According to a fifth aspect of the present invention, in the information processing apparatus according to the fourth aspect , the calculation is hash calculation or XOR calculation.

The invention of claim 6 is the information processing apparatus according to any one of claims 1 to 5, the value indicating the address, characterized in that the value of the program counter.

A seventh aspect of the present invention is the information processing apparatus according to any one of the first to sixth aspects, wherein the CPU temporarily stores the number of times when the specific instruction is executed a plurality of times. The product of the stored number of times and the second value matches the product of the stored number of times and the first value stored in advance in the address storage means. It is characterized in that it is determined whether or not the processing has been normally performed by comparing and determining whether or not there is.

According to an eighth aspect of the present invention, in the information processing apparatus according to any one of the first to seventh aspects, the specific instruction is necessary for maintaining a security level included in the series of processes. It is executed in critical processing.

The invention according to claim 9 relates to program storage means for storing a program composed of a plurality of instructions executed in a series of processing, and an address of a storage area in which a specific instruction is stored among the plurality of instructions. A normal processing determination method using address storage means for storing a first value in advance before execution of the instruction and a CPU for executing the instruction, wherein the first value is the specific instruction Is a value obtained by performing a predetermined operation on the value indicating the address of the storage area in which the CPU is stored, and when the CPU executes the specific instruction, the address of the storage area in which the instruction is stored is A second value obtained by temporarily storing the indicated value and then performing a predetermined operation on the stored value, and the first value stored in advance in the address storage means. Match The processing by comparing determines whether is characterized in that to determine whether or not successful. The invention according to claim 10 relates to program storage means for storing a program comprising a plurality of instructions executed in a series of processes, and an address of a storage area in which a specific instruction is stored among the plurality of instructions. A normal processing determination method using address storage means for storing a first value in advance before execution of the instruction and a CPU for executing the instruction, wherein the first value is the specific instruction Is a value obtained by performing a predetermined operation on the value indicating the address of the storage area in which the CPU is stored, and when the CPU executes the specific instruction, the address of the storage area in which the instruction is stored is A value obtained by performing a predetermined operation on the indicated value is temporarily stored as a second value, and then the stored second value and the first value stored in advance in the address storage means And the value of There wherein the determining whether the process was successful by comparing determines whether they match.

The invention according to claim 11 relates to program storage means for storing a program composed of a plurality of instructions executed in a series of processing, and an address of a storage area in which a specific instruction is stored among the plurality of instructions. The specific instruction among the instructions executed by the CPU in the information processing apparatus that includes an address storage unit that stores the first value in advance before execution of the instruction and a CPU that executes the instruction. The process is normally performed by comparing and determining whether or not the second value relating to the address of the storage area stored matches the first value stored in advance in the address storage means. an information processing program for causing a function to determine whether or not made, the first value is a value indicating the address of a storage area in which the particular instruction is stored When the CPU executes the specific instruction, the information processing program temporarily stores a value indicating the address of the storage area in which the instruction is stored. Then, whether or not the second value obtained by performing a predetermined operation on the stored value and the first value stored in advance in the address storage means match. It is made to function so that it may be discriminate | determined whether the said process was performed normally by comparing and discriminating . The invention according to claim 12 relates to program storage means for storing a program composed of a plurality of instructions executed in a series of processes, and an address of a storage area in which a specific instruction among the plurality of instructions is stored. The specific instruction among the instructions executed by the CPU in the information processing apparatus that includes an address storage unit that stores the first value in advance before execution of the instruction and a CPU that executes the instruction. The process is normally performed by comparing and determining whether or not the second value relating to the address of the storage area stored matches the first value stored in advance in the address storage means. An information processing program that functions to determine whether or not an operation has been performed, wherein the first value is a value indicating an address of a storage area in which the specific instruction is stored When the CPU executes the specific instruction, the information processing program executes a predetermined operation on a value indicating an address of a storage area in which the instruction is stored. Whether the calculated value is temporarily stored as the second value, and then the stored value matches the first value stored in advance in the address storage means It is made to function so as to determine whether or not the processing has been normally performed by comparing and determining whether or not.

  According to the present invention, as a countermeasure against processing flow tampering, a value related to the address of a storage area in which a specific instruction is stored is used instead of a mere flag, so that processing including normal execution and loop processing is also included. It is possible to check whether or not the operation has been normally performed, and thus the security level can be improved.

  Hereinafter, the best embodiment of the present invention will be described in detail with reference to the drawings. The embodiment described below is an embodiment when the present invention is applied to an IC chip mounted (embedded) in an IC card.

[1. IC chip configuration and functions]
First, the configuration and functions of an IC chip according to an embodiment of the present invention will be described with reference to FIG.

  FIG. 1 is a diagram illustrating a hardware configuration example of an IC chip according to the present embodiment.

  As shown in FIG. 1, an IC chip 1 includes a CPU (Central Processing Unit) 11 having an arithmetic function, a ROM (Read Only Memory) 12 as an example of a program storage unit, and a nonvolatile memory (an example of an address storage unit). For example, an EEPROM (Electrically Erasable and Programmable Read Only Memory) 13, a RAM (Random Access Memory) 14, an I / O circuit 15 for data communication with an external device, and the like are configured. Note that data communication with an external device via the I / O circuit 15 may be either a contact method or a non-contact method.

  The ROM 12 stores a program composed of a plurality of instructions (instructions expressed in machine language) executed in a series of command processing. Such command processing includes, for example, critical processing (processing important for security) necessary for maintaining the security level secured by the IC card. Examples of the critical process include security processes such as PIN and biometric information authentication.

  Information for processing flow verification is stored in advance in the non-volatile memory 13 (before execution of processing by the CPU 11). Specifically, among the plurality of instructions, an address of a storage area where a specific instruction executed in the critical process is stored (arranged) (a logical address or a physical address, which is different for each instruction) A value (first value) is stored. For example, when a provider of an IC card compiles a program with a compiler and writes it on the ROM 12, the emulator retrieves which instruction is stored in which address, and then sets a value related to the address in the nonvolatile memory 13. Store in a predetermined area.

  A RAM (volatile memory) 14 temporarily stores (stores) a value (second value) related to the address of the storage area in which the specific instruction executed by the CPU 11 is stored.

  Here, examples of the value related to the address include a value indicating the address or a value obtained by performing a predetermined operation on the value indicating the address. The value indicating the address is, for example, a value of a program counter (a register indicating an address on the ROM 12 in which an instruction to be executed is stored) mounted on the CPU 11 (hereinafter referred to as “PC value”).

  FIG. 2 is a schematic diagram of a memory map in the IC chip. As shown in FIG. 2, the pre-PC value holding area provided in the non-volatile memory 13 has a PC value or a value obtained by performing a predetermined operation on the PC value in advance as information for processing flow verification ( (Hereinafter referred to as “PC value, etc.”) is stored and held, and the PC value etc. in-execution holding area provided in the RAM 14 stores and holds the PC value and the like when a specific instruction is executed in the command processing. .

  When the CPU 11 executes the specific instruction in the command processing, the CPU 11 temporarily stores in the RAM 14 a PC value or the like (an example of a value related to the address of the storage area in which the instruction is stored) corresponding to the instruction. After that, the stored value is compared with the PC value or the like stored in advance in the non-volatile memory 13 (that is, stored in the holding area of the executing PC value or the like in the RAM 14). By comparing the value and the value stored in the pre-PC value holding area of the non-volatile memory 13, it is determined whether or not the above processing has been performed normally.

  FIG. 3 is a flowchart illustrating an example of command processing in the CPU 11. When the command processing shown in FIG. 3 is started, the CPU 11 performs normal processing (processing other than critical processing) (step S1), and then performs critical processing (step S2). In this critical processing, security processing is first performed (step S21). In the example of FIG. 3, the security process is composed of five specific instructions from instructions A to E, and is executed in order from the top. After the security processing, the CPU 11 stores the PC value or the like corresponding to the executed specific instruction in the execution value holding area of the RAM 14 (step S22).

  Here, in the example of the security processing shown in FIG. 3, five specific instructions A to E are executed, and the PC values and the like corresponding to all these instructions are stored. However, in order to make effective use of the storage area, it is desirable to store PC values corresponding to some of these instructions. For example, if only the PC value corresponding to the last instruction E among the five instructions A to E executed in the security processing is stored, for example, after the first instruction A is executed, the subsequent instructions are skipped by the DFA Even in this case, the skip can be detected later.

  In step S3, the CPU 11 stores the PC value stored in the PC value storage area during execution of the RAM 14, the PC value stored in advance in the storage area of the pre-PC value of the nonvolatile memory 13, and the like. Are compared (normal / error determination). If the two match (step S3: YES), it is determined that the command processing has been executed normally (normal determination). Then, normal processing (for example, outputting data to the outside) is performed (step S4). If the two do not match (step S3: NO), it is determined that the command processing is not executed normally (error) Then, error processing at the time of DFA detection (for example, the operation of the IC card is stopped assuming that there is a high possibility of receiving DFA) is performed (step S5).

[2. Specific Example of Values Stored in Pre-PC Value Retention Area and Running PC Value Retention Area]
Here, specific examples of values stored in the pre-PC value etc. holding area and the in-execution PC value etc. holding area will be described.

(2.1 PC value (PC immediate value))
If there is only one critical process in the entire program (command process), it is sufficient to store one PC value corresponding to a specific instruction, but if there are multiple critical processes, each critical process All the PC values corresponding to a specific instruction executed in the are stored.

  FIG. 4A is a diagram illustrating an example of a pre-PC value etc. holding area that stores PC values.

  For example, when multiple critical processes pass through a command process, a specific instruction (in this case, assuming that there is one specific instruction for each critical process) is stored. When the values indicating the addresses of the stored storage areas are “0x003522”, “0x005678”, and “0x006788”, as shown in FIG. 4A, all of these are stored in the pre-PC value etc. holding area. .

  Then, when executing a specific instruction at each address of “0x003522”, “0x005678”, and “0x006788” when executing the command processing, the CPU 11 is executing all the PC values corresponding to the specific instruction. When the value stored in the PC value etc. holding area is stored in the PC value etc. holding area (immediate value) and then the value stored in the PC value etc. holding area during execution is compared with the value stored in the previous PC value etc. holding area, both Is compared with an immediate value to perform the above-described normal / error determination.

(2.2 In the case of a value obtained by performing a predetermined calculation on the PC value)
As in 2.1 above, when there are a plurality of critical processes, all values obtained by performing a predetermined operation on the PC value corresponding to a specific instruction executed in each critical process are stored. Here, the value obtained by performing a predetermined calculation is, for example, a value obtained by adding, subtracting, or dividing a PC value by an indefinite value such as a fixed value or a random number.

  FIG. 4B is a diagram illustrating an example of a pre-PC value etc. holding area in which a value obtained by performing a predetermined calculation on the PC value is stored.

  For example, as in 2.1 above, when the value indicating the address of the storage area in which a specific instruction executed in each passing critical process is stored is “0x003522”, “0x005678”, “0x006788”, A predetermined calculation is performed on the value indicating the address, and a value different from the immediate value is stored in the pre-PC value holding area. As an example, when a value obtained by adding a fixed value “0x112233” to a value indicating each address is stored, the result is as shown in FIG.

  Then, when executing a specific instruction at each address of “0x003522”, “0x005678”, and “0x006788” when executing the command processing, the CPU 11 is executing all the PC values corresponding to the specific instruction. Stored in the PC value etc. holding area (stored as an immediate value), and then a value obtained by performing the above calculation on each PC value stored in the PC value etc. holding area during execution (that is, calculation at the time of comparison) The normal / error determination is performed by comparing the values stored in the pre-PC value holding area.

  Alternatively, when executing a specific instruction at each address of “0x003522”, “0x005678”, and “0x006788” during execution of command processing, the CPU 11 performs the above processing for each PC value corresponding to the specific instruction. Store the calculated value in the PC value holding area during execution, and then compare the value stored in the PC value holding area during execution with the value stored in the pre PC value holding area Thus, the above-described normal / error determination is performed.

(2.3 When multiple PC values are degenerated)
As in 2.1 above, when there are multiple critical processes, PC values corresponding to all specific instructions or values obtained by performing a predetermined operation on PC values are stored in the pre-PC value holding area. It is not economical because it takes a lot of storage space. Therefore, a value obtained by reducing (decreasing the amount of data) the plurality of PC values by a predetermined operation (for example, hash calculation or XOR (exclusive OR) calculation) is smaller. Store degenerate) in the data.

  FIG. 5A is a diagram illustrating an example in which a plurality of PC values are concatenated and degenerated by hash calculation. In this case, as shown in FIG. 5A, the value indicating the address of the storage area in which a specific instruction executed in each passing critical process is stored is “0x003522”, “0x005678”, “0x006788”. In the case of..., The values indicating the respective addresses are concatenated, hash calculation is performed using a hash function (for example, SHA-1), and the result (hash value) is stored in a pre-PC value storage area.

  FIG. 5B is a diagram illustrating an example of degeneration by XOR calculation of a plurality of PC values. In this case, as shown in FIG. 5B, the value indicating the address of the storage area in which a specific instruction executed in each passing critical process is stored is “0x003522”, “0x005678”, “0x006788”. At the time of..., XOR calculation of values indicating each address is performed, and the result is stored in a pre-PC value etc. holding area.

  When executing the command processing, the CPU 11 executes all the PC values corresponding to the specific instruction when executing the specific instruction at the addresses “0x003522”, “0x005678”, “0x006788”. Is stored in the PC value etc. holding area during execution (stored as an immediate value), and then the stored value is reduced by the above operation (for example, hash calculation or XOR calculation), and the reduced value is stored in advance. The normal / error determination described above is performed by comparing the values stored in the PC value etc. holding area.

[3. Example of command processing]
Next, an example of command processing in the IC chip according to the present embodiment will be described with reference to FIG.

  FIG. 6 is a flowchart showing an example of command processing including branching and looping. The command processing shown in FIG. 6 has three critical processes and three branch processes. Further, it is assumed by design that the branch process 03 loops at least once and at most once and the critical process 02 is executed twice at maximum.

  In addition, in the pre-PC value holding area, an added value obtained by adding a value indicating the address of the storage area in which a specific instruction executed in each passing critical process is stored is stored. It is assumed that all the added values after passing through each assumed path are stored in the pre-PC value holding area.

  FIG. 7 is a diagram illustrating an example of a pre-PC value holding area in which the addition value in each path is stored in association with each path.

  When a specific instruction is executed in each critical process, the PC value corresponding to the specific instruction is stored in the holding area of the executing PC value and the like.

  The verification when the command processing is normally executed and when the command processing is not normally executed under the above preconditions will be described below.

  First, verification when command processing is executed normally will be described.

  In FIG. 6, for example, when the processing is executed in the order of normal processing 01 → branching processing 01 → critical processing 01 → branching processing 02 → critical processing 02 → branching processing 03 → critical processing 02 → branching processing 03, the executing PC In the value holding area, as shown in FIG. 8A, the PC value corresponding to each specific instruction is stored. Then, the CPU 11 adds each PC value (“0x003253”, “0x003469”, “0x003469” shown in FIG. 8A)) stored in the holding area for the executing PC value etc. in the normal / error determination, It is compared and determined whether or not a value matching the added value (0x009B25) is stored in the pre-PC value etc. holding area. In the pre-PC value holding area shown in FIG. 7, since the addition values of No. 3 match, it can be verified that the processing is normally performed.

  Next, verification when command processing is not executed normally will be described.

  In FIG. 6, for example, in the flow of normal processing 01 → branch processing 01 → critical processing 01 → branching processing 02 → critical processing 02 → branching processing 03 → critical processing 02 → branching processing 03, processing flow alteration in branch processing 02 When the execution of the critical process 02 is skipped as follows: normal process 01 → branch process 01 → critical process 01 → branch process 02 → branch process 03 → critical process 02 → branch process 03 In the holding area, as shown in FIG. 8B, a PC value corresponding to each specific instruction is stored. Then, the CPU 11 adds the PC values (“0x003253” and “0x003469” shown in FIG. 8B) stored in the holding area for PC values etc. during execution in normal / error determination, and adds the added value ( 0x0066CC) is compared to determine whether or not a value matching the pre-PC value etc. holding area is stored. Since the pre-PC value holding area shown in FIG. 7 does not match any value, it can be detected that the processing flow has been tampered with.

  As described above, according to the above embodiment, when a specific instruction is executed in command processing, the PC value corresponding to the instruction is temporarily stored in the pre-PC value etc. holding area, and then It is determined whether or not the command processing is normally performed by comparing and determining whether or not the stored value and the PC value or the like stored in advance in the holding area for the PC value or the like during execution match. As a countermeasure against processing flow tampering, it is configured to use a PC value, etc., not just a flag, so check whether normal execution and processing including loop processing have also been performed normally. Therefore, the security level can be improved.

  In addition, according to the above-described embodiment, it is possible to prevent flow tampering for a computer that does not have a special security mechanism, and it is possible to scale from a local countermeasure to a countermeasure for the entire process.

  Further, it is possible to support an assembly level countermeasure closest to the hardware and a countermeasure in a high-level language.

  As shown in FIG. 6 above, for command processing having a plurality of paths such as conditional branching, PC values and the like (for example, addition values) are calculated and stored for all possible paths. In addition to the configuration in which the comparison is performed in any path, for example, the PC value or the like is calculated and stored only for a specific path (for example, a normal system), and other paths ( For example, for an abnormal system), a PC value or the like may not be calculated and stored. According to this configuration, the storage area can be used more effectively.

  Here, the normal system means a case in which it is determined in the program that the user has operated and operated normally. Specific examples thereof include the following (i) to (iii).

  (I) Since the correct password was entered on the login screen of the personal computer, it was possible to log in and the functions of the personal computer could be used thereafter.

  (Ii) Since the correct PIN was entered on the mobile phone, a call became possible.

  (Iii) Since a file having a size that can be stored in the memory was copied to the USB memory, the file was correctly copied in the memory.

  On the other hand, an abnormal system means a case where it is determined that a user performs an illegal (not permitted) operation or an erroneous operation in the program. Specific examples thereof include the following (iv) to (vi).

  (Iv) Login was rejected because an incorrect password was entered on the personal computer logon screen.

  (V) The user cannot make a call because the input value of the PIN is wrong on the mobile phone.

  (Vi) When attempting to copy a file of a size that cannot be stored in the USB memory, a message indicating that the file cannot be copied was displayed.

  In FIG. 6, it is apparent from the design that the critical process 02 is executed at most twice, but it is not clear how many times the same specific instruction is executed (for example, an IC card) In the case of installing the application at the service provider). In such a case, the CPU 11 temporarily stores the number of times of executing a specific instruction (n times) together with the PC value or the like in the pre-PC value holding area, and the stored number of times and the PC value or the like. The command processing is executed normally by comparing whether or not the product of the stored number and the product of the number of times stored and the PC value stored in advance in the execution value holding area are the same. If it is configured to discriminate whether or not it has been received, it is possible to cope with the case where it is not clear how many times the same specific instruction is executed.

  In the above-described embodiment, the IC card has been described as an example. However, other security devices such as a memory card, for example, a CPU that holds a PC value is mounted, and high security strength is required. The present invention can be applied to a computer having

It is a figure which shows the hardware structural example of the IC chip which concerns on this embodiment. It is the schematic of the memory map in IC chip. It is a flowchart which shows an example of the command processing in CPU11. (A) is a diagram showing an example of a pre-PC value etc. holding area in which PC values are stored, and (B) is a pre-PC value etc. holding area in which values obtained by performing a predetermined operation on PC values are stored. It is a figure which shows an example. (A) is a figure which shows the example which concatenates several PC value and degenerates by hash calculation, (B) is a figure which shows the example reduced by XOR calculation of several PC value. It is a flowchart which shows an example of the command processing containing a branch and a loop. It is a figure which shows an example of holding | maintenance area | regions, such as a prior | preceding PC value which stored the addition value in each path | pass in association with each path | pass. It is a figure which shows an example of holding area | regions, such as a PC value in execution which stored PC value.

Explanation of symbols

1 IC chip 11 CPU
12 ROM
13 Nonvolatile memory 14 RAM
15 I / O circuit

Claims (12)

Program storage means for storing a program comprising a plurality of instructions executed in a series of processes;
Address storage means for storing a first value related to an address of a storage area in which a specific instruction is stored among the plurality of instructions in advance before execution of the instruction;
A CPU for executing the instructions;
With
The first value is a value obtained by performing a predetermined operation on a value indicating an address of a storage area in which the specific instruction is stored;
When the CPU executes the specific instruction, the CPU temporarily stores a value indicating the address of the storage area in which the instruction is stored, and then performs a predetermined operation on the stored value. It is determined whether or not the processing has been normally performed by comparing and determining whether or not the second value thus obtained and the first value stored in advance in the address storage means match. An information processing apparatus characterized by that. Program storage means for storing a program comprising a plurality of instructions executed in a series of processes;
Address storage means for storing a first value related to an address of a storage area in which a specific instruction is stored among the plurality of instructions in advance before execution of the instruction;
A CPU for executing the instructions;
With
The first value is a value obtained by performing a predetermined operation on a value indicating an address of a storage area in which the specific instruction is stored;
When the CPU executes the specific instruction, the CPU temporarily stores a value obtained by performing a predetermined operation on the value indicating the address of the storage area in which the instruction is stored as a second value. Then, whether or not the processing has been normally performed by comparing whether or not the stored second value matches the first value stored in advance in the address storage means. An information processing apparatus for determining whether or not . The information processing apparatus according to claim 1 or 2 ,
2. An information processing apparatus according to claim 1 , wherein there are a plurality of specific instructions, and addresses of storage areas in which the instructions are stored are different from each other . Program storage means for storing a program comprising a plurality of instructions executed in a series of processes;
Address storage means for storing a first value related to an address of a storage area in which a specific instruction is stored among the plurality of instructions in advance before execution of the instruction;
A CPU for executing the instructions;
With
There are a plurality of the specific instructions, and the addresses of the storage areas where the respective instructions are stored are different from each other.
The first value is a value obtained by degenerating each value indicating an address of each storage area in which each specific instruction is stored by a predetermined operation,
When the CPU executes the specific instruction, the CPU temporarily stores a value indicating an address of a storage area in which the instruction is stored, and then degenerates the stored value by the calculation, It is determined whether or not the processing has been normally performed by comparing and determining whether or not the degenerated second value matches the first value stored in advance in the address storage unit. An information processing apparatus characterized by: The information processing apparatus according to claim 4 ,
The information processing apparatus is characterized in that the calculation is hash calculation or XOR calculation . The information processing apparatus according to any one of claims 1 to 5 ,
The value indicating the address is a value of a program counter . The information processing apparatus according to any one of claims 1 to 6 ,
When the CPU executes the specific instruction a plurality of times, the CPU also temporarily stores the number of times, the product of the stored number and the second value, the stored number of times, It is determined whether or not the processing has been normally performed by comparing and determining whether or not the product of the first value stored in advance in the address storage means matches. Information processing device. The information processing apparatus according to any one of claims 1 to 7,
The information processing apparatus is characterized in that the specific instruction is executed in a critical process necessary for maintaining a security level included in the series of processes . Program storage means for storing a program comprising a plurality of instructions executed in a series of processes;
Address storage means for storing a first value related to an address of a storage area in which a specific instruction is stored among the plurality of instructions in advance before execution of the instruction;
A CPU for executing the instructions;
A normal processing discrimination method using
The first value is a value obtained by performing a predetermined operation on a value indicating an address of a storage area in which the specific instruction is stored;
When the CPU executes the specific instruction, it temporarily stores a value indicating the address of the storage area in which the instruction is stored, and then performs a predetermined operation on the stored value. It is determined whether or not the processing has been normally performed by comparing and determining whether or not the second value thus obtained and the first value stored in advance in the address storage means match. A normal processing discrimination method characterized by the above . Program storage means for storing a program comprising a plurality of instructions executed in a series of processes;
Address storage means for storing a first value related to an address of a storage area in which a specific instruction is stored among the plurality of instructions in advance before execution of the instruction;
A CPU for executing the instructions;
A normal processing discrimination method using
The first value is a value obtained by performing a predetermined operation on a value indicating an address of a storage area in which the specific instruction is stored;
When the CPU executes the specific instruction, a value obtained by performing a predetermined operation on the value indicating the address of the storage area in which the instruction is stored is temporarily stored as a second value. Then, whether or not the processing has been normally performed by comparing whether or not the stored second value matches the first value stored in advance in the address storage means. A normal processing determination method characterized by determining whether or not . Program storage means for storing a program comprising a plurality of instructions executed in a series of processes;
Address storage means for storing a first value related to an address of a storage area in which a specific instruction is stored among the plurality of instructions in advance before execution of the instruction;
A CPU for executing the instructions;
The CPU in the information processing apparatus comprising: the second value related to the address of the storage area in which the specific command is stored among the executed commands; and the first value stored in advance in the address storage unit An information processing program that functions to determine whether or not the process has been normally performed by comparing and determining whether or not the value of
The first value is a value obtained by performing a predetermined operation on a value indicating an address of a storage area in which the specific instruction is stored;
When the CPU executes the specific instruction, the information processing program temporarily stores a value indicating an address of a storage area in which the instruction is stored, and then stores the value for the stored value. The processing is normally performed by comparing and determining whether or not the second value that has been subjected to the predetermined calculation matches the first value stored in advance in the address storage means. An information processing program that functions to determine whether or not an error has occurred . Program storage means for storing a program comprising a plurality of instructions executed in a series of processes;
Address storage means for storing a first value related to an address of a storage area in which a specific instruction is stored among the plurality of instructions in advance before execution of the instruction;
A CPU for executing the instructions;
The CPU in the information processing apparatus comprising: the second value related to the address of the storage area in which the specific command is stored among the executed commands; and the first value stored in advance in the address storage unit An information processing program that functions to determine whether or not the process has been normally performed by comparing and determining whether or not the value of
The first value is a value obtained by performing a predetermined operation on a value indicating an address of a storage area in which the specific instruction is stored;
When the CPU executes the specific instruction, the information processing program sets, as the second value, a value obtained by performing a predetermined operation on a value indicating an address of a storage area in which the instruction is stored. The processing is normal by temporarily storing and then comparing and determining whether or not the stored value matches the first value stored in advance in the address storage means. An information processing program that functions to determine whether or not the operation has been performed .

Images