Anti-misfire circuit and device

By introducing a hardware voting mechanism with dual signal verification and dual trigger conditions in the decryption operation, the problem of accidental triggering of communication equipment during the decryption process is solved, thus achieving the accuracy of the decryption operation and the protection of the equipment.

CN122263014APending Publication Date: 2026-06-23BEIJING INST OF RADIO METROLOGY & MEASUREMENT

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
BEIJING INST OF RADIO METROLOGY & MEASUREMENT
Filing Date
2026-03-24
Publication Date
2026-06-23

AI Technical Summary

Technical Problem

Existing communication equipment is prone to accidental triggering during data destruction operations due to factors such as human error, key bounce, software debugging errors, or processor misdetection, resulting in unintended damage to the equipment and interruption of system communication.

Method used

The system employs dual-signal verification of the key destruction button signal and the processor key destruction signal, along with dual triggering conditions of the valid voting result and the key destruction enable signal. By using a hardware voting module, it prevents accidental triggering and ensures the accuracy of the key destruction operation.

Benefits of technology

It effectively prevents false triggering, improves the accuracy of the circuit, and avoids unintentional damage to equipment and interruption of system communication.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122263014A_ABST
    Figure CN122263014A_ABST
Patent Text Reader

Abstract

The application discloses a false trigger prevention circuit and device, a destruction module is electrically connected with a hardware voting module and a processor module, and a destruction key signal output by the destruction module is transmitted to the processor module and the hardware voting module; the processor module is electrically connected with the hardware voting module and a destruction action module, and a processor destruction signal output by the processor module based on the destruction key signal is transmitted to the hardware voting module; the hardware voting module is electrically connected with the destruction action module and the processor module, a voting result output by the hardware voting module based on the destruction key signal and the processor destruction signal is transmitted to the processor module and the destruction action module; the processor module judges whether to enable and output a destruction enable signal to the destruction action module based on the voting result, and the destruction action module performs corresponding operations on an external executed unit based on the destruction enable signal and the voting result. The application improves the accuracy of the false trigger prevention circuit.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of communication technology, and in particular to a circuit and device for preventing accidental triggering. Background Technology

[0002] With the completion of the BeiDou-3 global satellite navigation system in my country, military and civilian navigation and communication products, as well as time and frequency products, have experienced explosive growth. Decryption functionality, as a common requirement, is widely used in various navigation, communication, and time and frequency products. Currently, the decryption method used in the industry typically involves the processor detecting the closure of a decryption button and then controlling the hardware and software to execute the decryption action. This method of detection and control is simplistic, and factors such as accidental touches, button bounce, software debugging errors, and processor misdetections frequently lead to false triggering of decryption, causing unintended damage to equipment and system communication interruptions. Summary of the Invention

[0003] One objective of this application is to provide a circuit to prevent accidental triggering. This solution achieves protection against accidental triggering by using dual signal verification of the key destruction button signal and the processor key destruction signal, and dual triggering conditions of the valid voting result and the key destruction enable signal, thereby improving the accuracy of the circuit. Another objective of this application is to provide a device to prevent accidental triggering.

[0004] To achieve the above objectives, this application discloses an anti-false triggering circuit, including a password destruction module, a processor module, a hardware voting module, and a password destruction action module: The password destruction module is electrically connected to the hardware voting module and the processor module, and the password destruction module outputs a password destruction button signal to the processor module and the hardware voting module; The processor module is electrically connected to the hardware voting module and the decryption action module respectively. The processor module outputs a processor decryption signal to the hardware voting module based on the decryption button signal. The hardware voting module is electrically connected to the decryption action module and the processor module respectively. The hardware voting module outputs the voting result based on the decryption button signal and the processor decryption signal, and transmits the voting result to the processor module and the decryption action module at the same time. The processor module determines whether to enable based on the voting result and outputs a decryption enable signal to the decryption action module. The decryption action module performs corresponding operations on the external executed unit based on the decryption enable signal and the voting result.

[0005] Optionally, the password destruction module generates a password destruction button signal in the form of a continuous level after being triggered.

[0006] Optionally, the processor module outputs a processor decryption signal to the hardware voting module based on the decryption button signal, including: After synchronously detecting the key destruction button signal, the processor module outputs a processor key destruction signal synchronized with the key destruction button signal to the hardware voting module.

[0007] Optionally, the hardware voting module outputs the voting result based on the decryption button signal and the processor decryption signal, including: Determine whether the two input signals are the same and both are decryption signals. If so, output a voting result indicating that the decryption is valid; otherwise, output a voting result indicating that the decryption is invalid. The voting result is a signal in continuous level form.

[0008] Optionally, the processor module determines whether to enable based on the voting result by including: The processor module detects the duration during which the voting result indicates that the password destruction is effective, and determines whether to enable the password destruction action module based on whether the duration reaches a preset duration.

[0009] Optionally, the processor module determines whether to enable the encryption action module based on whether the duration has reached a preset duration, including: If the duration of the voting result indicating that the decryption is valid reaches a preset duration, the processor module outputs a decryption enable signal to the decryption action module to enable it. If the duration of the voting result indicating that the decryption is effective does not reach the preset duration, the processor module outputs a shutdown signal to the decryption action module to disable its enable.

[0010] Optionally, the decryption action module performs corresponding operations on the external executed unit based on the decryption enable signal and the voting result, including: If the decryption action module is enabled and the received voting result is valid, the decryption action module performs a decryption operation on the external execution unit. If the decryption action module is not enabled or the received voting result is invalid, the decryption action module will not perform the decryption operation on the external executed unit.

[0011] Optionally, the processor module is also used to actively disable the enable control of the decryption action module during the software debugging phase, so that the decryption action module does not perform any decryption operation during the entire debugging process.

[0012] Optionally, the hardware voting module is composed of logic devices, which are one or more combinations of AND gates, NAND gates, OR gates, NOR gates, and NOT gates.

[0013] Another aspect of this application discloses an anti-false triggering device, including an anti-false triggering circuit and an execution unit as described above.

[0014] The beneficial effects of this application are as follows: In the anti-false triggering circuit disclosed in this application, the key destruction button signal and the processor key destruction signal output by the processor must be verified by the hardware voting module to be consistent before a valid voting result is output. Secondly, the execution of the key destruction action module must simultaneously satisfy the valid voting result of the hardware voting module and the key destruction enable signal output by the processor module to avoid misjudgment. Through the dual signal verification of the key destruction button signal and the processor key destruction signal and the dual triggering conditions of the valid voting result and the key destruction enable signal, the protection against false triggering is achieved, thereby improving the accuracy of the circuit. Attached Figure Description

[0015] To more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are only some embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort. In the drawings: Figure 1 This diagram shows the structure of the anti-false triggering circuit according to an embodiment of this application; Figure 2 A schematic diagram of the structure of a computer programmable logic device used to implement embodiments of the present invention is shown.

[0016] 100. Decryption module; 200. Hardware voting module; 300. Decryption action module; 400. Execution unit; 500. Processor module. Detailed Implementation

[0017] The technical solutions in the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. The word "and / or" in the text is merely a description of the relationship between related objects, indicating that three relationships can exist. For example, A and / or B can represent: A existing alone, A and B existing simultaneously, or B existing alone. Furthermore, in the description of the embodiments of this application, "multiple" refers to two or more than two.

[0018] It should be understood that the terms "first," "second," etc., in the specification, claims, and drawings of this application are used to distinguish different objects, not to describe a specific order. Furthermore, the terms "comprising" and "having," and any variations thereof, are intended to cover non-exclusive inclusion. For example, a process, method, system, product, or apparatus that includes a series of steps or units is not limited to the listed steps or units, but may optionally include steps or units not listed, or may optionally include other steps or units inherent to these processes, methods, products, or apparatuses.

[0019] In this application, the reference to "embodiment" means that a specific feature, structure, or characteristic described in connection with an embodiment may be included in at least one embodiment of this application. The appearance of this phrase in various places throughout the specification does not necessarily refer to the same embodiment, nor is it a mutually exclusive, independent, or alternative embodiment. It will be explicitly and implicitly understood by those skilled in the art that the embodiments described in this application can be combined with other embodiments.

[0020] In order to solve at least one of the problems existing in the prior art, according to one aspect of this application, such as Figure 1 As shown, this embodiment discloses an anti-accidental triggering circuit, including a key destruction module 100, a processor module 500, a hardware voting module 200, and a key destruction action module 300. The key destruction module 100 is electrically connected to the hardware voting module 200 and the processor module 500, and outputs a key destruction button signal to the processor module 500 and the hardware voting module 200. The processor module 500 is electrically connected to both the hardware voting module 200 and the key destruction action module 300, and outputs a processor key destruction signal to the hardware voting module based on the key destruction button signal. Module 200; The hardware voting module 200 is electrically connected to the decryption action module 300 and the processor module 500 respectively. The hardware voting module 200 outputs the voting result based on the decryption button signal and the processor decryption signal, and transmits the voting result to both the processor module 500 and the decryption action module 300. The processor module 500 determines whether to enable the decryption based on the voting result and outputs a decryption enable signal to the decryption action module 300. The decryption action module 300 performs corresponding operations on the external executed unit 400 based on the decryption enable signal and the voting result.

[0021] Specifically, the password destruction module 100 is the initial trigger source of the password destruction signal. When the user needs to perform the password destruction operation, it generates a stable and identifiable password destruction button signal and transmits it synchronously to the processor module 500 and the hardware voting module 200 to provide an input source for subsequent signal verification.

[0022] It should be noted that the key destruction button signal mentioned in this application refers to the continuous level electrical signal generated after the key destruction module 100 is triggered. This signal has the characteristics of being continuous and stable, easy to detect, and having strong anti-interference ability, and can effectively distinguish it from invalid signals generated by key bounce or momentary accidental touch.

[0023] In an optional implementation, the decryption module 100 generates a decryption button signal in the form of a continuous level after being triggered.

[0024] In this embodiment, the decryption module 100 uses a mechanical button as the trigger element, specifically a push-button switch or a micro switch. These switches have advantages such as simple structure, high reliability, low cost, and strong resistance to harsh environments, making them suitable for applications such as military equipment and outdoor communication equipment. The button's casing is designed to be waterproof, dustproof, and vibration-proof, enabling it to operate normally in harsh environments such as high temperature, high humidity, vibration, and dust, avoiding false triggering or trigger failure caused by environmental factors. In a specific example, one end of the decryption module 100 is connected to the product's power bus via a pull-up resistor, and the other end is grounded. A signal line is also led out from the signal output terminal of the decryption module 100 and connected to the signal input terminals of the processor module 500 and the hardware voting module 200, respectively. When the button of the decryption module 100 is not pressed, the pull-up resistor keeps the signal output terminal at a high level. When the button is pressed, the circuit is turned on, and the signal output terminal is pulled down to a low level, forming a continuous low-level decryption button signal. When the button is released, the circuit is disconnected, and the signal output terminal returns to a high level.

[0025] It should be noted that the level definition in this application can be adjusted according to the actual application scenario. For example, a pull-down resistor design can be used so that the level is low when the button is not pressed and high when it is pressed. As long as the level definition of the two signal transmission links is consistent, signal verification can be achieved.

[0026] In an optional implementation, the processor module 500 outputs a processor decryption signal to the hardware voting module 200 based on the decryption button signal, which includes: after the processor module 500 performs synchronous detection on the decryption button signal, it outputs a processor decryption signal synchronized with the decryption button signal to the hardware voting module 200.

[0027] Specifically, the processor module 500 described in this application synchronously outputs the detected password destruction button signal to the hardware voting circuit. It should be noted that in this application, synchronization means that the level state of the processor's password destruction signal and the level state of the password destruction button signal are kept consistent in real time. That is, when the password destruction button signal is high, the processor's password destruction signal is also high; when the password destruction button signal is low, the processor's password destruction signal is also low. The hardware voting module 200 judges the consistency of the two signals.

[0028] In specific examples, the processor module 500 described in this application can be equipped independently or share existing devices in the product. Generally, it is selected as a SOC (System-on-a-Chip), MCU (Microcontroller Unit), or FPGA (Field-Programmable Gate Array), which can realize real-time detection and fast response of signals, while having good compatibility and scalability, and can be adapted to different types of hardware voting modules 200 and password destruction action modules 300.

[0029] In an optional implementation, the hardware voting module 200 outputs a voting result based on the key destruction button signal and the processor key destruction signal, including: determining whether the two input signals are the same and both are key destruction signals; if so, outputting a valid key destruction voting result; otherwise, outputting an invalid key destruction voting result; the voting result is a continuous level signal.

[0030] In an optional implementation, the processor module 500 determines whether to enable based on the voting result by: the processor module 500 detecting the duration for which the voting result is valid for decryption, and determining whether to enable the decryption action module 300 based on whether the duration reaches a preset duration.

[0031] In an optional implementation, the processor module 500 determines whether to enable the encryption destruction module 300 based on whether the duration reaches a preset duration, including: if the duration when the voting result indicates that encryption destruction is valid reaches the preset duration, the processor module 500 outputs an encryption destruction enable signal to the encryption destruction module 300 to enable it; if the duration when the voting result indicates that encryption destruction is valid does not reach the preset duration, the processor module 500 outputs a shutdown signal to the encryption destruction module 300 to disable its enable.

[0032] Specifically, the processor module 500 receives the voting result output by the hardware voting module 200. This voting result is a continuous level signal, where a high level indicates valid password destruction and a low level indicates invalid password destruction. The processor module 500 detects the duration of the valid password destruction result and determines whether to enable the password destruction action module 300 based on whether the duration reaches a preset duration.

[0033] It should be noted that the preset duration is a threshold set based on actual application scenarios, and those skilled in the art can set it according to actual needs. This application does not limit it in this regard.

[0034] In this embodiment, the specific value of the preset duration can be adjusted. The processor module 500 uses an internal timer to time the duration for which the voting result is valid for decryption. In a specific example, when the voting result changes from invalid to valid, the timer is started. During the timing process, if the voting result remains valid for decryption, the timer continues to time; if the voting result changes to invalid, the timer stops and the timing value is reset to zero. When the timing value reaches the preset duration, it is determined to be a valid trigger; otherwise, it is determined to be an invalid trigger. Those skilled in the art will understand that the timing accuracy of the timer directly affects the accuracy of the duration detection; therefore, the timer of the processor module 500 must have sufficient timing accuracy.

[0035] In an optional implementation, the decryption action module 300 performs corresponding operations on the external execution unit 400 based on the decryption enable signal and the voting result, including: if the decryption action module 300 is enabled and the received voting result is valid decryption, the decryption action module 300 performs a decryption operation on the external execution unit 400; if the decryption action module 300 is not enabled or the received voting result is invalid decryption, the decryption action module 300 does not perform a decryption operation on the external execution unit 400.

[0036] The processor module 500 determines the password destruction enable signal based on the duration of the voting result and outputs it to the password destruction action module 300, thereby controlling the switching of the password destruction action module 300. It should be noted that the password destruction enable signal controls whether the password destruction action module 300 has the capability to perform the password destruction operation. The password destruction operation will only be performed when the password destruction action module 300 receives a valid password destruction enable signal and simultaneously receives a valid password destruction voting result output by the hardware voting module 200, thus forming a dual control logic.

[0037] In this embodiment, the password destruction enable signal is designed to be active high. When the voting result is that the password destruction is effective and the duration reaches the preset duration, the processor module 500 outputs a high-level password destruction enable signal to enable the password destruction action module 300. When the voting result is that the password destruction is invalid, the duration does not reach the preset duration, or the software is in the debugging stage, the processor module 500 outputs a low-level shutdown signal to disable the enabled state of the password destruction action module 300.

[0038] In an optional implementation, the processor module 500 is further configured to actively disable the enable control of the decryption action module 300 during the software debugging phase, so that the decryption action module 300 does not perform any decryption operation during the entire debugging process.

[0039] Specifically, the processor module 500 also possesses special control logic for the software debugging phase, enabling it to actively disable the enable control of the decryption module 300, ensuring that the decryption module 300 does not perform any decryption operations throughout the debugging process. During software debugging, the operator sends a debugging command to the processor module 500. Upon receiving the command, the processor module 500 forcibly sets the decryption enable signal to a low level and locks it in this state until debugging is complete and an unlock command is received, at which point it resumes normal enable control logic. This effectively prevents erroneous output of decryption signals or decryption enable signals due to code errors, improper parameter configurations, or other factors during software debugging, protecting the equipment from accidental decryption during the debugging process.

[0040] In an optional implementation, the hardware voting module 200 is composed of logic devices, which are one or more combinations of AND gates, NAND gates, OR gates, NOR gates, and NOT gates.

[0041] The hardware voting module 200 is composed of logic devices, which are one or more combinations of AND gates, NAND gates, OR gates, NOR gates, and NOT gates. The specific logic device selected depends on the level definition of the decryption button signal and the processor's decryption signal, as well as the voting logic. It should be noted that the selection of logic devices must meet the product's technical requirements such as operating voltage, operating temperature, and response speed.

[0042] In a specific example, when the decryption module 100 is not triggered, the decryption button signal is high. Upon detecting this signal, the processor module 500 outputs a high-level decryption signal. Both high-level signals are input to a NAND gate, which outputs a low level. The NOT gate then inverts the signal and outputs a high-level voting result. This result is synchronously transmitted to both the processor module 500 and the decryption action module 300. The processor module 500 detects the invalid decryption result and outputs a low-level shutdown signal. The decryption action module 300 performs no operation.

[0043] When the password destruction module 100 is triggered and the signal is valid, the password destruction button signal goes low. Upon detecting this signal, the processor module 500 also outputs a low-level processor password destruction signal. Two low-level signals are input to a NAND gate. The NAND gate outputs a high level, and the NOT gate inverts to output a low-level voting result. This result is synchronously transmitted to both the processor module 500 and the password destruction action module 300. After detecting a valid password destruction result, the processor module 500 starts a timer. When the duration reaches a preset time, it outputs a high-level password destruction enable signal. Upon receiving the valid voting result and the enable signal, the password destruction action module 300 performs the password destruction operation. However, if the processor misinterprets the password destruction button signal—for example, if the processor module 500, due to a software error or hardware malfunction, misjudges an unpressed button signal as a password destruction signal and outputs a low-level processor password destruction signal—the password destruction module 100 will not be triggered, and the password destruction button signal will remain high. Two signals are input to a NAND gate. The NAND gate outputs a low level, and the NOT gate inverts the signal to output a high level, indicating the voting result. Even if the processor module 500 mistakenly outputs a password destruction enable signal, the password destruction module 300 will not perform the password destruction operation because it has not received a valid voting result, thus avoiding false triggering. When the hardware voting module 200 misidentifies a signal, for example, due to electromagnetic interference, the hardware voting module 200 may mistakenly identify an untriggered signal as valid password destruction. However, in this case, the password destruction button signal detected by the processor module 500 is invalid, and the output processor password destruction signal is also invalid. The two signals are inconsistent, and the hardware voting module 200 will ultimately output an invalid password destruction result. The processor module 500 will not output an enable signal, and similarly, the password destruction operation will not be triggered. When a software debugging error occurs and a password destruction signal is mistakenly output, for example, during debugging, the processor module 500 outputs a low-level processor password destruction signal due to a code error, but the password destruction module 100 is not triggered, and the password destruction button signal is high-level, the two signals are inconsistent, the hardware voting module 200 outputs an invalid password destruction result, and the password destruction action module 300 does not perform the operation; if a high-level password destruction enable signal is mistakenly output during debugging, since the hardware voting module 200 outputs an invalid password destruction result, the password destruction action module 300 will not perform the password destruction operation either.

[0044] Through the above working mechanism, the hardware voting module 200 can achieve effective signal verification under various abnormal conditions. Only when the decryption module 100 is effectively triggered and the processor module 500 detects correctly will it output a valid decryption result.

[0045] The decryption module 300 will only perform the decryption operation on the executed unit 400 when both conditions are met simultaneously: receiving a valid decryption vote result output by the hardware voting module 200 and receiving a high-level decryption enable signal output by the processor module 500. If either condition is not met, no operation will be performed.

[0046] When the decryption module 300 is not enabled, regardless of whether the voting result output by the hardware voting module 200 indicates valid decryption, the trigger does not latch the voting result, the drive circuit is cut off, and the actuator does not work, avoiding false triggering due to misjudgment of the voting result. When the decryption module 300 is enabled but the hardware voting module 200 outputs an invalid decryption result, the trigger latches the invalid decryption result, the drive circuit is cut off, and the actuator does not work, avoiding false triggering due to erroneous output of the enable signal. When the decryption module 300 is enabled and the hardware voting module 200 outputs a valid decryption result, the trigger latches the valid decryption result, the drive circuit is turned on, and the actuator performs the decryption operation on the executed unit 400 according to the preset decryption method until the decryption is completed or a stop signal is received. During the execution of the decryption operation, if the voting result becomes invalid or the enable signal is turned off, the trigger immediately updates the output state, the drive circuit is cut off, and the actuator stops working, avoiding erroneous or excessive execution of the decryption operation. During the software debugging phase, the processor module 500 actively disables the key destruction enable by outputting a low-level shutdown signal. The trigger of the key destruction action module 300 remains in an invalid state, and the drive circuit is cut off regardless of the voting result. The actuator does not perform any key destruction operation throughout the debugging process, protecting the equipment from accidental key destruction. Furthermore, the key destruction action module 300 also has a self-diagnostic function, capable of monitoring its own operating status in real time, such as the output status of the trigger, the conduction status of the drive circuit, and the feedback signal of the actuator. If a fault is detected, it outputs a fault alarm signal to the processor module 500. Upon receiving the alarm signal, the processor module 500 can choose to retry the key destruction operation or stop the operation, and records the fault information.

[0047] Another aspect of this application discloses an anti-false triggering device, including an anti-false triggering circuit and an execution unit as described above.

[0048] Since the principle by which this device solves the problem is similar to that of the circuit described above, the implementation of this device can be found in the circuit implementation, and will not be repeated here.

[0049] In a typical example, a computer programmable logic device specifically includes a memory, a processor, and a computer program stored in the memory and executable on the processor. When the processor executes the program, it implements the method executed by the client as described above, or the method executed by the server as described above.

[0050] The following is for reference. Figure 2 It shows a schematic diagram of the structure of a computer programmable logic device 600 suitable for implementing embodiments of the present application.

[0051] like Figure 2As shown, the computer programmable logic device 600 includes a central processing unit (CPU) 601, which can perform various appropriate tasks and processes according to a program stored in a read-only memory (ROM) 602 or a program loaded from a storage section 608 into a random access memory (RAM) 603. The RAM 603 also stores various programs and data required for the operation of the computer programmable logic device 600. The CPU 601, ROM 602, and RAM 603 are interconnected via a bus 604. An input / output (I / O) interface 605 is also connected to the bus 604.

[0052] The following components are connected to I / O interface 605: an input section 606 including a keyboard, mouse, etc.; an output section 607 including a cathode ray tube (CRT), liquid crystal feedback (LCD), etc., and speakers, etc.; a storage section 608 including a hard disk, etc.; and a communication section 609 including a network interface card such as a LAN card, modem, etc. The communication section 609 performs communication processing via a network such as the Internet. A drive 610 is also connected to I / O interface 605 as needed. A removable medium 611, such as a disk, optical disk, magneto-optical disk, semiconductor memory, etc., is installed on drive 610 as needed so that computer programs read from it can be installed in storage section 608 as needed.

[0053] In particular, according to embodiments of this application, the processes described above with reference to the flowcharts can be implemented as computer software programs. For example, embodiments of this application include a computer program product comprising a computer program tangibly embodied on a machine-readable medium, the computer program including program code for performing the methods shown in the flowcharts. In such embodiments, the computer program can be downloaded and installed from a network via communication section 609, and / or installed from removable medium 611.

[0054] Computer-readable media include both permanent and non-permanent, removable and non-removable media that can store information by any method or technology. Information can be computer-readable instructions, data structures, modules of programs, or other data. Examples of computer storage media include, but are not limited to, phase-change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technologies, CD-ROM, digital versatile optical disc (DVD) or other optical storage, magnetic tape, magnetic disk storage or other magnetic storage, programmable logic devices, or any other non-transferable media that can be used to store information accessible by a computer programmable logic device. As defined herein, computer-readable media does not include transient computer-readable media, such as modulated data signals and carrier waves.

[0055] For ease of description, the above devices are described separately by function as various units. Of course, in implementing this application, the functions of each unit can be implemented in one or more software and / or hardware.

[0056] This application is described with reference to flowchart illustrations and / or block diagrams of methods, programmable logic devices (systems), and computer program products according to embodiments of this application. It will be understood that each block of the flowchart illustrations and / or block diagrams, and combinations of blocks in the flowchart illustrations and / or block diagrams, can be implemented by computer program instructions. These computer program instructions can be provided to a processor of a general-purpose computer, special-purpose computer, embedded processor, or other programmable data processing programmable logic device to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing programmable logic device, generate instructions for implementing the flowchart... Figure 1 One or more processes and / or boxes Figure 1 A device that provides the functions specified in one or more boxes.

[0057] The above description is merely an embodiment of this application and is not intended to limit the scope of this application. Various modifications and variations can be made to this application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of this application should be included within the scope of the claims of this application.

Claims

1. A circuit for preventing accidental triggering, characterized in that, It includes a password destruction module, a processor module, a hardware voting module, and a password destruction action module; The password destruction module is electrically connected to the hardware voting module and the processor module respectively, and the password destruction module outputs a password destruction button signal and transmits it to the processor module and the hardware voting module; The processor module is electrically connected to the hardware voting module and the decryption action module respectively. The processor module outputs a processor decryption signal to the hardware voting module based on the decryption button signal. The hardware voting module is electrically connected to the decryption action module and the processor module respectively. The hardware voting module outputs the voting result based on the decryption button signal and the processor decryption signal, and transmits the voting result to the processor module and the decryption action module at the same time. The processor module determines whether to enable based on the voting result and outputs a decryption enable signal to the decryption action module. The decryption action module performs corresponding operations on the external executed unit based on the decryption enable signal and the voting result.

2. The anti-false triggering circuit according to claim 1, characterized in that, When the password destruction module is triggered, it generates a password destruction button signal in the form of a continuous level.

3. The anti-false triggering circuit according to claim 1, characterized in that, The processor module outputs a processor decryption signal to the hardware voting module based on the decryption button signal, including: After synchronously detecting the key destruction button signal, the processor module outputs a processor key destruction signal synchronized with the key destruction button signal to the hardware voting module.

4. The anti-false triggering circuit according to claim 1, characterized in that, The hardware voting module outputs voting results based on the decryption button signal and the processor decryption signal, including: Determine whether the two input signals are the same and both are decryption signals. If so, output a voting result indicating that the decryption is valid; otherwise, output a voting result indicating that the decryption is invalid. The voting result is a signal in continuous level form.

5. The anti-false triggering circuit according to claim 1, characterized in that, The processor module determines whether to enable based on the voting result, including: The processor module detects the duration during which the voting result indicates that the password destruction is effective, and determines whether to enable the password destruction action module based on whether the duration reaches a preset duration.

6. The anti-false triggering circuit according to claim 5, characterized in that, The processor module determines whether to enable the data destruction module based on whether the duration has reached a preset duration, including: If the duration of the voting result indicating that the decryption is valid reaches a preset duration, the processor module outputs a decryption enable signal to the decryption action module to enable it. If the duration of the voting result indicating that the decryption is effective does not reach the preset duration, the processor module outputs a shutdown signal to the decryption action module to disable its enable.

7. The anti-false triggering circuit according to claim 1, characterized in that, The decryption action module performs corresponding operations on the external executed unit based on the decryption enable signal and the voting result, including: If the decryption action module is enabled and the received voting result is valid, the decryption action module performs a decryption operation on the external execution unit. If the decryption action module is not enabled or the received voting result is invalid, the decryption action module will not perform the decryption operation on the external executed unit.

8. The anti-false triggering circuit according to claim 1, characterized in that, The processor module is also used to actively disable the enable control of the decryption action module during the software debugging phase, so that the decryption action module does not perform any decryption operation during the entire debugging process.

9. The anti-false triggering circuit according to claim 1, characterized in that, The hardware voting module is composed of logic devices, which are one or more combinations of AND gates, NAND gates, OR gates, NOR gates, and NOT gates.

10. A device for preventing accidental triggering, characterized in that, It includes the anti-false triggering circuit and the executed unit as described in claims 1-9.