Conventionally, in, for example, a brushless motor type turbo actuator, data provided as a control content is stored in a storage unit, such as a microcomputer ROM or EEPROM, and a brushless motor is controlled optimally in accordance with the data, thereby providing an improvement in the fuel efficiency, and a reduction in the amount of toxic substances in exhaust gases. Therefore, when there is a change or there occurs an abnormality in the data stored in the storage unit, the change or abnormality has an influence on the fuel efficiency, elements contained in exhaust gases, etc.
Further, there is a possibility that a change or abnormality in the data stored in the storage unit causes a control operation which is not originally intended to be carried out, and this results in a deterioration of the fuel efficiency and an increase in the amount of toxic substances in exhaust gases. As a result, there is a possibility that a bad influence is exerted upon the engine.
Therefore, there is a demand that vehicles support HD OBD (On-Board Diagnostic System Requirements for 2010 and Subsequent Model-Year Heavy-Duty Engines) of CARE (California Air Resources Board).
One of the HD OBD requirements is to support a CVN (Calibration Verification Number). The CVN is a number used for verifying that “all vehicles must use an arithmetic operation algorithm of computing an independent CVN to check the integrity of an on-board computer which is mounted in each self-diagnostics unit or a unit having an important influence upon emission in which an electrically-rewritable microcomputer or memory is mounted” (however, in accordance with the newest system requirements by CARE, there is a demand to support the CVN regardless of whether or not the microcomputer or memory is electrically rewritable).
More specifically, there is a demand to compute a specific value which is a CVN and read this value from outside each self-diagnostics unit or the like. Although each parts maker needs to examine this arithmetic operation algorithm and obtain approval from CARE, it is fundamentally supposed that what can be guessed easily, such as a checksum, is not approved.
There is a possibility that in a product having a device, such as a flash microcomputer or an EEPROM, in which data can be rewritten, data are changed due to illegal rewriting of the descriptions of the data or a failure occurring in the device after shipment.
Conventionally, in order to prevent such a change in the data, for example, there is a method of setting up a password at a time of rewriting a flash microcomputer, computing a checksum on a program, and checking the check sum value at a time of booting up the flash microcomputer. Further, data stored in an EEPROM is also checked by using a checksum when a microcomputer reads the data.
However, once the password is known, the conventional method is not useful as a measure against falsification of data. Further, a problem with the checksum is that partially rewriting of the data with an evil intention of causing the check sum value not to change can be carried out relatively easily.
As a measure against these problems, an algorithm of computing a specific value which is very difficult to keep constant with respect to a partial change in the data, and which also makes it difficult to guess the computed result from the data, and checking to see whether or not the data is normal by determining whether the specific value changes is effective.
For example, in accordance with “a method of ensuring the integrity of data in a program area of a microcomputer” which is a prior art disclosed by patent reference 1, as a concrete conventional example, a memory is divided into parts in accordance with data blocks and sum check data and an error correcting code are stored together for each of the data blocks in such a way that the detection of an abnormality and restoration can be carried out for each of the data blocks.