"Proving" code in the stamp?
Archiver
Posts: 46,084
Ok, a little while back I posted to the list for help in building a race
timer for a pinewood derby (well actually Raingutter Regatta) and I got
some great help in code that would allow some very accurate detection of
the winner of the race.
It occurred to me that I might make a printout of the source code
available to some of the other Dads (we're all a bunch of tech heads!) in
the pack, so they could see how well the code could detect the winner.
But then it occurred to me, how would they *know* the code running in the
stamp is the code of which I had a printout? This answer could have some
other real-world applications in that Balloting and electronic voting
consoles require only "certified" software be used. So, to the question:
If I were to make a stamp-based project that required "certified" code,
is it possible to "verify" the content of the stamp, and if so how?
Vern
PS: It occurs to me that you could just Dload the code to the stamp in
front of a witness of some sort, but what's to stop me from dloading
"tampered" code after the witness left?
--
Vern Graner CNE/CNA/SSE | "If the network is down, then you're
Senior Systems Engineer | obviously incompetent so why are we
Texas Information Services | paying you? Of course, if the network
http://www.txis.com | is up, then we obviously don't need
Austin Office 512 328-8947 | you, so why are we paying you?" VLG
timer for a pinewood derby (well actually Raingutter Regatta) and I got
some great help in code that would allow some very accurate detection of
the winner of the race.
It occurred to me that I might make a printout of the source code
available to some of the other Dads (we're all a bunch of tech heads!) in
the pack, so they could see how well the code could detect the winner.
But then it occurred to me, how would they *know* the code running in the
stamp is the code of which I had a printout? This answer could have some
other real-world applications in that Balloting and electronic voting
consoles require only "certified" software be used. So, to the question:
If I were to make a stamp-based project that required "certified" code,
is it possible to "verify" the content of the stamp, and if so how?
Vern
PS: It occurs to me that you could just Dload the code to the stamp in
front of a witness of some sort, but what's to stop me from dloading
"tampered" code after the witness left?
--
Vern Graner CNE/CNA/SSE | "If the network is down, then you're
Senior Systems Engineer | obviously incompetent so why are we
Texas Information Services | paying you? Of course, if the network
http://www.txis.com | is up, then we obviously don't need
Austin Office 512 328-8947 | you, so why are we paying you?" VLG
Comments
A few thoughts come to mind-
1. Add a checksum/cyclic redundancy check routine to your Stamp
program which, upon startup or program termination, reads the program
EEPROM and shows the result or compares against a target value and
gives a pass/fail indication.
2. SEROUT program memory from start to finish as an option within
your program. This will allow the output to be captured and compared
to a target file.
3. Program EEPROM contents can be read externally for verification
purposes. (http://home.earthlink.net/~parkiss/recovery.txt)
Regards,
Steve
On 10 Nov 03 at 17:19, Vernon Graner wrote:
> ...If I were to make a stamp-based project that required
> "certified" code, is it possible to "verify" the content of the
> stamp, and if so how?