This invention relates to embedded devices, for example, which comprise a computer processor, at least one element operated by the computer processor, and a memory storing computer readable program code for operating the computer processor. More particularly, the present invention relates to the provision of upgrades for an embedded device.
Computer processor control in embedded devices allows a level of flexibility to the embedded devices which can reduce costs while improving product quality. Examples of embedded systems which provide a unique function or service and which contain at least one microprocessor may comprise modems, answering machines, automobile controls, data storage disk drives, data storage tape drives, digital cameras, medical drug infusion systems, storage automation products, etc.
Upgrades for embedded devices offer the possibility of generating revenue for the supplier, and more functionality and product longevity for the customer. In many instances, the upgrades are provided by an upgrade to the computer readable program code for operating the computer processor, often called xe2x80x9cfirmwarexe2x80x9d, and do not require any change or addition to the hardware to implement. For example, after the popular 56K modem technology was introduced, any modem manufacturers provided firmware updates to existing customers. The updates allowed some existing modems to support the new technology for increased communication speeds. As another example, the IBM 3584 Ultra Scalable Tape Library was provided with a plurality of embedded devices of a system, and enhancements have been made, such as a web interface. With many systems, customers have an expectation that their systems can be updated for many years into the future. Additionally, customers may wish to start at an initial level of operation of an embedded device, with the possibility of upgrading in the future.
With purchased products, control is required to insure that updates and upgrades (herein both are called xe2x80x9cupgradesxe2x80x9d) are provided only to those machines for which the upgrade has been paid for. Upgrades may additionally comprise fixes to problems with the machine or system. A maintenance agreement may be used to supply fixes for compensation. If the upgrade is provided to the user in the form of an update, it may be possible for the user to pay for one upgrade and load the upgrade file into a number of machines. One approach to counter this involves a special firmware update file for each machine to be upgraded, for example, by identifying the serial number of the machine to be upgraded. This approach becomes complicated if separate update files are required for hundreds or thousands of machines. In addition, circumventing this check may be possible by hacking a change in the machine serial number. Another approach is to use a product registration key which is entered at a user interface. This approach is common for a PC software installation. However, embedded devices often do not have the necessary user interface to implement this solution effectively, and the user may inappropriately install the software in additional machines.
The present invention comprises an embedded device, a method, and a computer program product for an embedded device. The embedded device comprises a computer processor, at least one element operated by the computer processor, and a memory storing computer readable program code for operating the computer processor. The memory may comprise a part of or be separate from, the computer processor, and may comprise one or a plurality of memories.
In one embodiment, computer readable program code authenticates an upgrade to the computer readable program code of the target embedded device. The computer readable program code causes the computer processor to access an unique machine identifier; causes the computer processor to access an identifier key associated with the upgrade; causes the computer processor to process the identifier key and/or the unique machine identifier; causes the computer processor to compare the processed identifier key with the processed unique machine identifier in the same process space; and causes the computer processor, if the processed identifier key matches the processed unique machine identifier, to enable the upgrade; else, to fail the upgrade. In one example, an encrypted identifier key is processed by decrypting, and the comparison conducted in the same unencrypted process space. In another example, the unique machine identifier is processed by encrypting, and compared to an encrypted identifier in the same encrypted process space.
Thus, the target embedded device self-authenticates the upgrade, providing self-security for the upgrade.
In a further embodiment, the computer readable program code enables the upgrade, causing the computer processor to set an enabling flag for the upgrade.
In another embodiment, wherein the computer processor is responsive to a power-on and/or reset to initiate the upgrade authentication, the computer readable program code enables the upgrade, causing the computer processor, if the processed identifier key matches the processed unique machine identifier, to initialize the embedded device normally with the upgrade enabled; else, to initialize the embedded device in degraded form.
In still another embodiment, wherein the embedded device comprises an input, the computer readable program code additionally causes the computer processor to respond to an upgrade command received at the input, and initiate the upgrade authentication.
In a further embodiment, the computer readable code additionally causes the computer processor, if the processed identifier key fails to match the processed unique machine identifier, to conduct at least one error recovery procedure on the unique machine identifier and/or identifier key; to again compare the processed identifier key with the processed unique machine identifier; and, if the processed identifier key matches the processed unique machine identifier, to enable the upgrade; else, to fail the upgrade.
In another embodiment, the computer processor accesses an upgrade key associated with an identified upgrade. Computer readable program code causes the computer processor to process the upgrade key; to compare the processed upgrade key with the processed unique machine identifier; and causes the computer processor, if the processed upgrade key matches the processed unique machine identifier, to enable the identified upgrade; else, to fail the identified upgrade.
Further, in another embodiment, wherein the upgrade key comprises a code key and a machine identifier, the computer readable program code causes the computer processor to process the code key; and causes the computer processor to compare the processed code key with the machine identifier and/or with the processed unique machine identifier.
In still another embodiment, wherein the upgrade key comprises a plurality of upgrade machine identifiers, the computer readable program code causes the computer processor to process the plurality of upgrade machine identifiers; and causes the computer processor to compare the processed plurality of upgrade machine identifiers with the processed unique machine identifier, the comparison indicated as matched if the processed unique machine identifier is within a range between the processed plurality of upgrade machine identifiers.
Where the embodiment of the upgrade key comprises an upgrade machine identifier and a count, the computer readable program code causes the computer processor to process the upgrade machine identifier and the count; and causes the computer processor to compare the processed upgrade machine identifier and the count with the processed unique machine identifier, the comparison indicated as matched if the processed unique machine identifier is within a range between the processed upgrade machine identifier and a sum of the processed upgrade machine identifier and the count.
In a further embodiment, wherein the upgrade key comprises an upgrade machine identifier and a qualifier, the computer readable program code causes the computer processor to process the upgrade machine identifier and the qualifier; and causes the computer processor to compare the processed upgrade machine identifier and the qualifier with the processed unique machine identifier, the comparison-indicated as matched if the processed unique machine identifier matches the processed upgrade machine identifier combined with the qualifier.
For a fuller understanding of the present invention, reference should be made to the following detailed description taken in conjunction with the accompanying drawings.