JP7009852B2 - Electronic device - Google Patents

Description

The present invention relates to an electronic device.

Patent Document 1 describes a method for managing a version of a module group in an information processing apparatus, and when a certain module (module 1) is updated, the module (module 2 and others) affected by the update of the module 1 are also updated. If so, the version management information database that associates the updated module name with the latest version number of the module and manages these module groups (modules 1, 2, etc.) as a unit, and the other modules of each module. It has an inter-module correspondence table that manages dependency information, and when the module name and the version number of the module are specified, the module is included by referring to the version management information database and the inter-module correspondence table. For modules other than the modules in the module group, a version management method of the module group, characterized in that a newer version of the module is collected within a range that can be matched, is disclosed.

Japanese Unexamined Patent Publication No. 07-302194

In the present invention, as compared with the case where all the program modules constituting the firmware stored in the storage means are read into the main storage device at the time of starting the electronic device, the main storage device area required for starting the electronic device is determined. The purpose is to reduce consumption.

[Electronic device]
The present invention according to claim 1 is a storage means for storing firmware filed for each function, and is a storage means for storing a plurality of different versions of each function unit file constituting the firmware.
A selection means for selecting the version of the functional unit file to be read into the main storage device at startup from a plurality of versions stored in the storage means, and a selection means.
It is an electronic device equipped with.

The present invention according to claim 1 is the electronic according to claim 1, wherein among the functional unit files stored in the storage means, a file that is not an execution format is not deleted from the storage means during the firmware update process. It is a device.

According to the third aspect of the present invention, when the functional unit file constituting the firmware to be installed is not the same as any of the functional unit files stored in the storage means at the time of the firmware update process, the present invention is described. The electronic device according to claim 2, which is additionally stored in the storage means.

According to the fourth aspect of the present invention, when the firmware update process is performed, the functional unit file constituting the firmware to be installed is the same as any of the functional unit files stored in the storage means. 2. The electronic device according to claim 2, which is not additionally stored in the storage means.

The present invention according to claim 5 is the electronic device according to any one of claims 1 to 4, wherein the selection means selects a version of a functional unit file to be read into the main storage device at startup according to an instruction from the outside.

The present invention according to claim 6 is the electronic device according to claim 5, wherein the selection means selects a version of a functional unit file to be read into a main storage device at startup according to an instruction from a user.

The present invention according to claim 7 further includes a receiving means for receiving an instruction from a user as to which version of the functional unit file should be read into the main storage device at startup.
The electronic device according to claim 6, wherein the selection means selects a version of a functional unit file to be read into the main storage device at startup according to an instruction received by the reception means.

The present invention according to claim 8 is the electronic device according to claim 5, wherein the selection means selects a version of a functional unit file to be read into the main storage device at startup according to an instruction from another device.

The present invention according to claim 9 further comprises a receiving means for receiving data transmitted from another device.
The electronic device according to claim 8, wherein the selection means selects a version of the functional unit file to be read into the main storage device at startup according to the data received by the receiving means.

The present invention according to claim 10 is a functional unit in which the selection means is read into the main storage device at startup based on whether or not the history of events occurring in the electronic device meets a predetermined condition. The electronic device according to any one of claims 1 to 4, wherein the version of the file is selected.

According to the eleventh aspect of the present invention, the selection means is a version of a functional unit file read into the main storage device at startup based on whether or not the error history related to a specific function meets a predetermined condition. 10. The electronic device according to claim 10.

According to the twelfth aspect of the present invention, the selection means creates a log for debugging for a function unit file related to a specific function when an error related to the specific function occurs more than a predetermined frequency. The electronic device according to claim 11, wherein a plate having a function is selected as a plate to be read into the main storage device at startup.

According to the thirteenth aspect of the present invention, when the selection means does not cause an error related to a specific function more than a predetermined frequency, a log for debugging is created for a functional unit file related to the specific function. The electronic device according to claim 11, wherein a plate having no function is selected as a plate to be read into the main storage device at startup.

The present invention according to claim 14 comprises a verification means for verifying an electronic signature given to a functional unit file stored in the storage means.
A control means for controlling the activation process of the electronic device according to the verification result by the verification means,
The electronic device according to any one of claims 1 to 13, further comprising.

According to the fifteenth aspect of the present invention, the control means stops the activation process of the electronic device when the electronic signature given to the functional unit file of the version selected by the selection means is not a valid signature. The electronic device according to claim 14, which is controlled.

The present invention according to claim 16 does not stop the activation process of the electronic device when the electronic signature given to the functional unit file of the version selected by the selection means is a valid signature. 14. The electronic device according to claim 14.

The present invention according to claim 17, wherein the control means is a function of the plate selected by the selection means when the electronic signature given to the functional unit file of the plate selected by the selection means is not a valid signature. The electronic device according to claim 14, wherein as an alternative to the unit file, a functional unit file having a version different from the version selected by the selection means is controlled to be read into the main storage device during the startup process of the electronic device. be.

In the present invention according to claim 18, the control means is the version selected by the selection means when the electronic signature given to the functional unit file of the version selected by the selection means is a legitimate signature. The electronic device according to claim 14, wherein the functional unit file is controlled to be read into the main storage device during the activation process of the electronic device.

According to the first aspect of the present invention, for starting the electronic device, as compared with the case where all the program modules constituting the firmware stored in the storage means are read into the main storage device at the time of starting the electronic device. It is possible to reduce the consumption of the required main memory area.

According to the second aspect of the present invention, in addition to the effect of the present invention according to the first aspect, a plurality of versions of the functional unit file stored in the storage means can be obtained by updating the firmware.

According to the third aspect of the present invention, in addition to the effect of the present invention according to the second aspect, the capacity of the storage means required for storing the functional unit files of different versions is set to the same function. It can be reduced as compared with the case where the unit file is stored in a plurality of storage means.

According to the fourth aspect of the present invention, in addition to the effect of the present invention according to the second aspect, the capacity of the storage means required for storing the functional unit files of different versions is set to the same function. It can be reduced as compared with the case where the unit file is stored in a plurality of storage means.

According to the fifth aspect of the present invention, in addition to the effect of the present invention according to any one of claims 1 to 4, the version of the functional unit file to be read into the main storage device at startup can be instructed from the outside. ..

According to the sixth aspect of the present invention, in addition to the effect of the present invention according to the fifth aspect, the version of the functional unit file instructed by the user is read into the main storage device at startup.

According to the seventh aspect of the present invention, in addition to the effect of the present invention according to the sixth aspect, the user can instruct the version of the functional unit file to be read into the main storage device at the time of startup.

According to the eighth aspect of the present invention, in addition to the effect of the present invention according to the fifth aspect, the version of the functional unit file instructed by another device is read into the main storage device at startup.

According to the ninth aspect of the present invention, in addition to the effect of the present invention according to the eighth aspect, the version of the functional unit file read into the main storage device at the time of startup can be instructed via another device. ..

According to the tenth aspect of the present invention, in addition to the effect of the present invention according to any one of claims 1 to 4, the electronic device autonomously selects the version of the functional unit file to be read into the main storage device at startup. become able to.

According to the eleventh aspect of the present invention, in addition to the effect of the present invention according to the tenth aspect, the version of the functional unit file read into the main storage device at startup is selected based on the error history related to a specific function. Become so.

According to the twelfth aspect of the present invention, in addition to the effect of the present invention according to the eleventh aspect, when an error relating to a specific function occurs more than a predetermined frequency, the function unit file relating to the function is provided. , The version with the function to create a log for debugging will be loaded into the main storage device at startup.

According to the thirteenth aspect of the present invention, in addition to the effect of the present invention according to the eleventh aspect, if an error relating to a specific function does not occur more than a predetermined frequency, a function unit file relating to the function. For, the version that does not have the function to create a log for debugging will be read into the main memory at startup.

According to the present invention according to claim 14, in addition to the effect of the present invention according to any one of claims 1 to 13, when there is a possibility that the functional unit file has been tampered with, the activation process of the electronic device is usually performed. Will be able to be controlled differently from.

According to the fifteenth aspect of the present invention, in addition to the effect of the present invention according to the fourteenth aspect, even if the functional unit file which may have been tampered with is selected by the selection means, the tampering is possible. It is possible to prevent the electronic device from starting up with the functional unit file loaded on the main storage device.

According to the 16th aspect of the present invention, in addition to the effect of the present invention according to the 14th aspect, the electronic device is started in a state where the functional unit file having a low possibility of being tampered with is loaded on the main storage device. It becomes possible.

According to the present invention according to claim 17, in addition to the effect of the present invention according to claim 14, even if the functional unit file which may have been tampered with is selected by the selection means, the tampering is possible. It is possible to prevent the electronic device from starting up with the functional unit file loaded on the main storage device.

According to the eighteenth aspect of the present invention, in addition to the effect of the present invention according to the fourteenth aspect, the electronic device is started in a state where the functional unit file having a low possibility of being tampered with is loaded on the main storage device. It becomes possible.

The hardware configuration of the electronic device 100 according to the embodiment of the present invention is shown. It is a conceptual diagram of the structure of the example of the firmware which concerns on embodiment of this invention. The functional configuration of the electronic device 100 is shown. An example of the flow of the firmware update process in the electronic device 100 is shown. An example of the flow in which the version of the entity module is selected based on an external instruction is shown. An example of a screen that accepts a user's specification for the version of the entity module to be used is shown. An example of the state of the version of the entity module stored in the storage unit 12 is shown. An example of the information contained in the file for specifying the version of the actual module to be used sent from other server devices is shown. An example of the information contained in the file for specifying the version of the actual module to be used sent from other server devices is shown. An example of the flow in which the version of the entity module is selected without external instructions is shown. An example of the error history and the total result of the error is shown. An example is shown when the type of algorithm supported by the security module differs depending on the version.

FIG. 1 shows the hardware configuration of the electronic device 100. The electronic device 100 is a communication that transmits and receives data to and from a CPU 1, a memory 2, an auxiliary storage device 3 such as a magnetic storage device and an optical disk (including a drive for reading), and an external device via a network. It has an interface (IF) 4, and these components are connected to each other via a control bus 5.

The CPU 1 controls the operation of the electronic device 100 (especially in terms of hardware) by executing the firmware stored in the ROM area of the memory 2 which is the main storage device and the auxiliary storage device 3. The firmware refers to a software program for controlling the hardware of a computer system, and is read (hereinafter, also referred to as “loaded”) on the RAM area of the memory 2 at startup and executed.

Here, the configuration of the firmware of the electronic device 100 according to the present embodiment will be described.

Firmware, which is a software program for controlling the hardware of an electronic device in which a computer system is incorporated, is generally divided into functional units (functional module units). It is created and implemented as one executable program file consisting of one executable module and multiple entity modules, but the firmware according to this embodiment is divided into program files for each functional module (hereinafter). As conceptually shown in FIG. 2, the firmware 21 is an executable program file 22 (corresponding to the “main module”) and an executable file. It is composed of a library 23 for providing a function to the firmware 23. A library is a collection of a plurality of entity files 24 (corresponding to "entity modules"). Note that FIG. 2 shows an example of firmware when the electronic device 100 is an image forming device having a facsimile function and a copying function. A file is a unit when data is input / output on a storage device in a computer system, and data is input / output with a file as the minimum unit.

In this way, a plurality of functional modules, which are program files for each functional unit, are combined to form one conceptual firmware, but each of them is called by the main module (loaded on the RAM area of the memory 2). There is no difference from general firmware in that the actual module provides a predetermined function to the main module.

Further, for the main module of the firmware according to this embodiment, refer to a file (hereinafter, also referred to as “path setting file”) for storing the path (root to the directory where the file exists) of each functional module in advance and ( It is configured to create (if the path setting file does not exist), and when the electronic device 100 is started, the main module calls each entity module which is a separate file by referring to the path setting file. Further, when the path setting file is created, a predetermined initial value is set as the path (hereinafter, also referred to as “path setting value”) of each function module.

FIG. 3 shows the functional configuration of the electronic device 100. The electronic device 100 includes a first storage unit 11, a second storage unit 12, a third storage unit 13, and a selection unit 14.

The first storage unit 11 stores the execution module in the firmware. In the present embodiment, the first storage unit 11 is realized by the ROM area of the memory 2.

The second storage unit 12 stores a library, that is, an entity module (group) in the firmware. In the present embodiment, the second storage unit 12 is realized by the auxiliary storage device 3.

The second storage unit 12 is configured to store a plurality of different versions (hereinafter, also referred to as “versions”) for each entity module constituting the firmware library. Specifically, for example, for the entity modules of the same function unit, those with different versions have different file names, or even if they have the same file name, the directories to be stored are different so that they have the same function. Multiple different editions of the entity module are stored.

Further, in the electronic device 100 according to the present embodiment, the actual module stored in the second storage unit 12 is not deleted during the firmware update process. Then, when the substantive module constituting the firmware to be installed is not the same as any of the substantive modules already stored in the second storage unit 12, the substantive module is added to the second storage unit 12 and is added to the second storage unit 12. If it is the same as any of the already stored entity modules, it is not added to the second storage unit 12. Note that installation is a process or action for adding software (here, firmware) to an electronic device in which a computer system is incorporated so that it can be used.

FIG. 4 illustrates the flow of the firmware update process.

Step S1: The main module (executable file) stored in the first storage unit 11 is overwritten and updated with the main module constituting the firmware to be installed (hereinafter, also referred to as “additional firmware”).

Step S2: For each entity module (for each function unit), the version of the entity module that constitutes the additional farm (referred to as "additional module") and the version of the entity module that is already stored in the second storage unit 12 ("existing"). It is compared with "module") to determine if the existing module has the same version as the additional module.

Step S3: If the version of the entity module of the additional farm does not match any of the versions of the entity module already stored in the second storage unit 12 (NO in step S2), the module of the additional farm (if NO). The actual file) is added to the second storage unit 12.

Step S4: If the version of the entity module of the additional farm is the same as any of the versions of the entity module already stored in the second storage unit 12 (YES in step S2), the module of the additional farm is concerned. The (entity file) is not added to the second storage unit 12.

In the above, the example of the case where the additional firmware is assumed to be one (complete) version of the firmware conceptually has been described, but the firmware according to the present embodiment is filed for each actual module. Therefore, the update process may be performed for each file (corresponding to a part of the firmware). For example, when installing the one provided without including the main module, the above step S1 is naturally unnecessary.

In general electronic devices, firmware update means rewriting the firmware, which is one file (including deletion of the old version), and is a specific physical module included in the firmware installed in the past. If you want to use the above, you need to reinstall the version of the firmware that includes the module, that is, update the firmware. On the other hand, in the electronic device 100 according to the present embodiment, since the actual module of the old version is not deleted with the update of the firmware, the firmware update work is unnecessary even in such a case.

The third storage unit 13 stores the path setting file. The third storage unit 13 is realized by, for example, an auxiliary storage device 3.

The selection unit 14 expands (loads) each functional module in which a plurality of different editions are stored in the second storage unit 12 on the memory when the electronic device 100 is started from among the plurality of stored different editions. Select the version to be used. Specifically, the selection unit 14 changes the value of the path setting value of the path setting file stored in the third storage unit 14, that is, the value of the path of each entity module, so that each function module is started at startup. The version to be expanded in memory is selected.

There are two major ways to change the path setting value in the path setting file: one is to change based on direct instructions from the outside (for example, user or other device), and the other is autonomous without external instructions. It is divided into a method of changing (for example, based on a history of events occurring in the electronic device 100).

As an example of the case where the path setting value is changed based on an external instruction, for example, a reception unit that receives an instruction from the user as to which version of the functional unit file should be read into the memory at startup is further provided. It may be possible to receive instructions from the user by making it possible, or it may be provided with a receiving unit for receiving data transmitted from other devices to receive instructions from other server devices and the like. good. Hereinafter, a flow in which a version of the physical module used by the electronic device 100 according to the present embodiment is selected will be described with reference to FIG.

Step S101: Accepts the specification of the version of the functional module to be used from the outside.

If specified by the user, for example, when two security modules, "compatibility-oriented version" and "vulnerable version", are stored in the second storage unit 12, the input screen as shown in FIG. 6 is displayed. Accepts input to specify which version of the module to use, the "compatibility-oriented version" or the "vulnerable version".

Further, in the case of designation from another device, for example, when the version of each entity module is stored in the second storage unit 12 as shown in FIG. 7, from the other server device, FIG. 8 or FIG. 9 By receiving data including information such as the type of the entity module and its version number as illustrated in the above, the specification of the version of each entity module is accepted.

Step S102: The selection unit 14 changes the path setting value for each entity module of the path setting file to the path value of the directory in which the version specified in step S101 exists.

Step S103: In step S101, the electronic device 100 is restarted at an arbitrary timing, and the main module calls each function module based on the path setting value set in the path setting file for each entity module at the time of startup. The specified version of the actual module will be loaded on the memory 2 (RAM area).

When the data illustrated in FIG. 9 is received in the electronic device 100 in which the version of each physical module is stored in the second storage unit 12 as shown in FIG. 7, the physical module selected at startup is selected. Security module: version 2.0, authentication module: version 3.0, scan module: version 1.0, print module: version 3.0.

Here, if the firmware is subsequently updated and the security module: version 3.0 is added to the second storage unit 12, the actual module selected at startup is the security module: version 3.0, the authentication module: Version 3.0, scan module: version 1.0, print module: version 3.0. In this way, the version of the selected entity module is changed even if the content of the instruction from the outside is not changed. In the above example, the latest version of the security module will be selected even if the instructions from the outside are not changed, but the newer version of the security module is provided so that the security strength is higher. If so, the electronic device 100 is automatically selected so as to have high security strength.

Next, an example in which the version of the entity module is selected based on whether or not the history of events (various events such as errors and notifications) occurring in the electronic device 100 meets predetermined conditions will be described. do.

First, an example in which the version of the entity module is selected based on whether or not the error history meets a predetermined condition will be described with reference to the flow chart of FIG. Here, for each entity module, a "debug version" that has a function to create a log for debugging (a history of the processing contents in the electronic device is recorded one by one in order to find defects and problems in the program). Two versions, "normal use version" and "normal use version", are stored in the second storage unit 12 in advance, and an error occurs at a predetermined frequency (here, 7 times in a week) or more. As an example, the debug version is selected for the existing entity module, and the normal use version is selected for the other entity modules.

Step S201: The error history is referred to, and the number of error occurrences for each functional module is counted. This is done periodically (here, every week), and the number of error occurrences is reset each time. FIG. 11 conceptually shows an example of the error history and the total result of the number of errors.

Step S202: The selection unit 14 sets the path setting value for each functional module of the path setting file according to the number of error occurrences counted in step S201. Specifically, for the functional module whose count is 7 times or more in step S201, the path setting value is set to be the path of the debug version directory, and the other functional modules (6 times or less) are not. Is set so that the path setting value is the path of the directory of the normal use version.

Step S203: The electronic device 100 is restarted at an arbitrary timing, and at startup, the main module calls each functional module based on the path setting value set in the path setting file for each functional module, and each functional module is called. It will be loaded on the RAM area of the memory 2.

As described above, when the error history in FIG. 11 is taken as an example, the debug version is selected for the security module, and the normal use version is selected for the other functional modules without direct external instructions. It will be.

Further, as in the example shown below, the version of the entity module may be selected based on the usage history of a specific function.

For example, in the security module that controls the security-related functions of the electronic device 100, the encryption algorithm used for plain text encryption and ciphertext decryption and the hash function algorithm used for detecting data tampering are supported (available). When the function of the algorithm is built in, the algorithm supported by the old version of the security module is not supported by the new version of the module, so the newer module supports fewer types of algorithms. (Illustrated in FIG. 12).

This is because both algorithms generally become obsolete over the years, so it is preferable not to use (cannot) use as much as the old algorithm in order to ensure communication security (confidentiality, integrity, etc.). Based on the idea.

On the other hand, since the algorithms corresponding to each device to be communicated with are naturally different, there is also an idea that it is preferable to be able to use as many algorithms as possible from the viewpoint of convenience. However, the more algorithms available to a module, the more memory it will consume.

Therefore, for example, by referring to the history used for the cryptographic algorithm and the hash function algorithm, a security module of a version that includes all the used algorithms and minimizes the types of supported algorithms is selected. You may try to do so. As a result, the amount of memory consumed for the security module is minimal.

In addition, since the firmware may be provided via the Internet or the installed firmware may be tampered with, in this embodiment, in order to ensure authenticity, each function module has a possibility of being tampered with. The timing of loading into the memory is provided with a verification unit that verifies the digital signature given (that is, on a file-by-file basis) and a control unit that controls the activation process of the electronic device 100 according to the verification result by the verification unit. The authenticity may be confirmed by.

To explain an example of using the private key of the public key encryption method as an electronic signature, each functional module is provided and installed in a state of being encrypted with the private key of the firmware creator in advance. The signature is verified by the verification unit when the electronic device 100 is started, and the module (hereinafter, also referred to as “pirated module”) whose electronic signature is not a valid signature (it cannot be confirmed that the signature was created by the firmware creator) is selected by the selection unit 14. If selected, stop the boot process of the electronic device 100, or as an alternative to the selected module, another version that is not a pirated module (confirmed to have been created by the firmware author). Modules may be loaded in memory.

In the above embodiment, only the executable file, which is the main module of the firmware, is stored in the ROM area of the memory 2, and the library is stored in the auxiliary storage device 3. However, the library is the ROM of the memory 2. The present invention can also be carried out in a mode of being stored in a region.

When the library is stored in the ROM area, the risk of tampering with each file (entity module) of the library is reduced as compared with the mode in which the library is stored in the auxiliary storage device 3.

When the library is stored in the auxiliary storage device 3, the file capacity of each entity module and the number of plates to be stored are not restricted by the capacity of the ROM.

100 Electronic device 1 CPU
2 Memory 3 Auxiliary storage device 4 Communication interface 5 Control bus 11 First storage unit 12 Second storage unit 13 Third storage unit 14 Selection unit 21 Firmware 22 Executable file 23 Library 24 Actual file

Claims (17)

A storage means for storing firmware filed for each function, and a storage means for storing a plurality of different versions of each function unit file constituting the firmware.
An electronic device including a selection means for selecting a version of a functional unit file to be read into the main storage device at startup from a plurality of versions stored in the storage means.
The selection means selects a version of a functional unit file to be read into main memory at boot time, based on whether the history of events occurring in the electronic device meets predetermined conditions.
Electronic device. The electronic device according to claim 1, wherein the library for providing the function to the executable file among the functional unit files stored in the storage means is not deleted from the storage means during the firmware update process. When the function unit file constituting the firmware to be installed is not the same as any of the function unit files stored in the storage means during the firmware update process, the billing is additionally stored in the storage means. Item 2. The electronic device according to item 2. If the functional unit file constituting the firmware to be installed is the same as any of the functional unit files stored in the storage means during the firmware update process, the functional unit file is not additionally stored in the storage means. The electronic device according to claim 2. The electronic device according to any one of claims 1 to 4, wherein the selection means selects a version of the functional unit file to be read into the main storage device at startup according to an instruction from the outside. The electronic device according to claim 5, wherein the selection means selects a version of the functional unit file to be read into the main storage device at startup according to an instruction from the user. Further equipped with a reception means for receiving instructions from the user as to which version of the functional unit file should be read into the main memory at startup.
The electronic device according to claim 6, wherein the selection means selects a version of a functional unit file to be read into the main storage device at startup according to an instruction received by the reception means. The electronic device according to claim 5, wherein the selection means selects a version of the functional unit file to be read into the main storage device at startup according to an instruction from another device. Further equipped with a receiving means for receiving data transmitted from other devices,
The electronic device according to claim 8, wherein the selection means selects a version of the functional unit file to be read into the main storage device at startup according to the data received by the receiving means. 13. Electronic device. When an error related to a specific function occurs more than a predetermined frequency, the selection means mainly stores a version having a function of creating a log for debugging for a function unit file related to the specific function at startup. 10. The electronic device of claim 10, which is selected as the version to be loaded into the device. The selection means starts a version that does not have a function to create a log for debugging for a function unit file related to a specific function when an error related to the specific function does not occur more than a predetermined frequency. 11. The electronic device of claim 11, which is sometimes selected as a plate to be read into main storage. A verification means for verifying the electronic signature given to the functional unit file stored in the storage means, and a verification means.
A control means for controlling the activation process of the electronic device according to the verification result by the verification means,
The electronic device according to any one of claims 1 to 12, further comprising. 13. The electronic signature according to claim 13, wherein the control means controls to stop the activation process of the electronic device when the electronic signature given to the functional unit file of the version selected by the selection means is not a valid signature. Device. 13. The thirteenth aspect of the present invention, wherein the control means controls not to stop the activation process of the electronic device when the electronic signature given to the functional unit file of the version selected by the selection means is a legitimate signature. Electronic device. A storage means for storing firmware filed for each function, and a storage means for storing a plurality of different versions of each function unit file constituting the firmware.
A selection means for selecting the version of the functional unit file to be read into the main storage device at startup from a plurality of versions stored in the storage means, and a selection means.
A verification means for verifying the electronic signature given to the functional unit file stored in the storage means, and a verification means.
An electronic device including a control means for controlling the activation process according to the verification result by the verification means.
When the electronic signature given to the functional unit file of the version selected by the selection means is not a valid signature, the control means is an alternative to the functional unit file of the version selected by the selection means. Controls that a functional unit file of a version different from the version selected by is read into the main memory during the startup process of the electronic device.
Electronic device. In the control means, when the electronic signature given to the functional unit file of the version selected by the selection means is a valid signature, the functional unit file of the version selected by the selection means activates the electronic device. 16. The electronic device of claim 16, which is controlled to be read into the main storage device during processing.

Images