Stafford Kobetron NAGRA presentation 06.28.10 · GSA Protocol Standards System-To-System (S2S) The standard provides the communication link for the casino to link their various …

Gaming Devices:

Technical Developments inSoftware Verification

“Testing Tomorrow's Technology Today"

Copyright © 2010

Game Design• 3 reel 1 line, line up 3 red cherry to win bonus• Line up any 2 cherry to win $10,000• Code

class paytable{ int returnWin(int reelStop, int symbol) { int payWin; if(reelStop ==2 && symbol=RED) { payWin=2xNetBet+BONUS; } return payWin; }

• Binary Equivalent• 1001 0011 1110 1010

• Signature Equivalent• HAP7


Copyright © 2010

The Past Technology

- Electro Mechanical- Micro Controller

Devices- EPROMs

Procedures- Level 1

Industry Standards- Nevada- New Jersey- Kobetron 3rd Party


Copyright © 2010

The Present Technology

- Micro Processors- Computer Architecture

Devices- EPROM, SIMM, HD- CD, Compact Flash- Memory Sticks

Procedures- Level 1 & Level 2

Industry Standards- GLI - Testing- GSA - Protocols- Kobetron - Verification


Copyright © 2010

The Future Technology

- Bios Chips- Embedded Firmware- “Trusted Party”

Devices- Flash Cards- Thumb Drives (USB)

Procedures- Level 1, 2 and 3

Industry Standards- GLI Testing- GSA Protocols- Kobetron Verification/Validation


Copyright © 2010

Gaming Industry Standards

Testing Standard• GLI• Jurisdictional

Protocol Standard• GSA - G2S (BOB)• IGT - Super SAS (SAS)• Bally - SDS

Verification and Validation Standards• Kobetron (3rd Party Proprietary)• SHA-1 (Public)


Copyright © 2010

GSA Protocol StandardsSystem-To-System (S2S)

The standard provides the communication link for the casino to link their variousdatabase systems, and hospitality / POS Systems.

Game-To-System (G2S)

The standard is merged from the BOB and SuperSAS protocols, based on provencomputer industry standard technologies, such as Ethernet, TCP/IP and XML.This will allow the industry to migrate to downloadable games such as client / servergames, Intranet and Internet environments, while still maintaining the games oftoday, well into the future.

Gaming Device (GDS)

Gaming Device Standard controls the flow of information between a slot machine andthe array of peripheral devices operating inside, including Bill Validators, CardReaders and Ticket Printers utilizing Universal Serial Bus (USB) standards protocol.

Gaming Authentication Terminal (GAT)This communication link allows for authenticating game programs residing in the

machine, based on manufacturer’s self-verification.


Copyright © 2010

Industry Standards

• Gaming Laboratories International (GLI)

– Software Verification: “The device shall have the ability to allow for anindependent integrity check of the device’s software from an outsidesource and is required for all control programs that may affect theintegrity of the game. This must be accomplished by beingauthenticated by a third-party device, which may be embedded withinthe game software or by having an interface port for a third-party deviceto authenticate the media.”

(Source: GLI Standards 11 (4.19), 18 (3.6), and 21 (6.19).)


Copyright © 2010

Industry Standards(continued)

• Gaming Standards Association (GSA)– Certification – The procedure by which a 3rd party gives written assurance that

a product conforms to specific requirements.

(Source: GSA Las Vegas Operator’s Forum, 5/19/09)

• Nevada Gaming Control Board’s Minimum Internal Control Standards– B32. Slots MICS #91 – Does a Kobetron need to be used to test the EPROMS

for slot machines which have an “audit” function available to be used?

• The slot machine’s “audit” function does not satisfy the requirement of thisMICS. This method relies on the game itself to tell you if it containedapproved software or not. The intent of this MICS is to externally verify theprograms using a device or mechanism independent of the slot machine.This can be done by removing the EPROM or other game storage mediaand comparing the signature of the image contained on that device to theknown image signature approved by the Board.

(Source: Frequently Asked Questions, posted 7/27/09)


Copyright © 2010

Process Should Be 3rd PartyIndependent Verification & Validation

Independent Verification: Essential Actionto Assure Integrity in the Voting Process

byRoy G. Saltman

Consultant and Author on Voting [email protected]

submitted toNational Institute of Standards and Technology

Gaithersburg, MD 20899under

Order No. SB134106W0703August 22, 2006


Copyright © 2010

Independent Verification &Validation Definitions

• Kobetron’s definition of a independent third-party verification toolis a device that can produce multiple signatures based on both publicand proprietary algorithms. This offers regulators a double check to“self-verification” public algorithms.

• Verification: Certifying that the software was accurately loaded and isnot corrupt by verifying that the signature of the data matches thepublished signature for that data.

• Validation: Ensuring that the software residing in the game isappropriate and authorized. This is done by verifying that thesoftware is approved for use in the jurisdiction.


Copyright © 2010

Why Is An IndependentThird Party Important?

• The independent third-party verification tool provides the sameassurance as independent accounting firms such as Price Waterhouseauditing (verifying) a Fortune 500 Company’s financial information pergovernment regulations.

• The mission of a regulator has always been to maintain the integrity ofgaming devices in the Industry by using all necessary means to assurea “Fair Game of Chance.”

• An independent third-party verification tool is an essential ingredient inachieving the gaming regulator’s mission, which is to provide a checkand balance system similar to our government (judicial, executive andlegislative branches).


Copyright © 2010

Three Levels of Verification


Copyright © 2010

Verification & Validation Process• Critical Program Storage Media (CPSM)

– BIOS Chips– EPROM’s– SIMM’s– Files– Folders– CD ROM– Compact Flash– Hard Drives– USB Thumb Drives

• Hardware- and software-based testing methods

– Signature testing method required depends on type of media

• When is IV&V required?

– Initial set-up

– Casino changes game software

– Manufacturer sends game software updates

– New machine is added to the floor

– Required internal audits

– External audits

– Player disputes

– Jackpot verifications


Copyright © 2010

GLI Manual Examples


Copyright © 2010

GLI Manual Examples


Copyright © 2010

GLI Manual Examples (con’t.)


Copyright © 2010

GLI Manual Examples (con’t.)


Copyright © 2010

IVVM Menu


Copyright © 2010

Server Based Game Download Systems

Common Examples of Server Based Gaming

Video Lottery Terminals (VLTs) – VLTs are connected to a central system thatcan control the functionality of the terminal.

Bingo and Keno Systems – These systems are predicated on a server basedarchitecture that will send results to terminals are handheld devices.

Finite - Scratch Ticket Systems – Finite Scratch Ticket systems use a serverbased architecture to send the ‘ticket’ to the gaming device.

Downloadable Games – Downloadable Games constitutes the transfer of game‘packages’ to player terminals stationed on the gaming floor.


Copyright © 2010

Methods of Downloading

• Non-System Based

• System Based

This method utilizes a server, which has the ability todownload games directly to gaming terminal on the casinofloor.

The ability to download directly at the gaming device using acommunication port of some kind.

Server Based Game Download Systems


Copyright © 2010

Download Server Report Server

In this example, theentire game kit isdownloaded to theplayer terminal, andall gaming functionsare run at the playerterminal.

Server Based Game DownloadSystems Topology


Copyright © 2010

Central Server

Report Server

In this configuration, seed values are sent tothe gaming terminals with each press of theplay button. The random outcome is thendetermined at the gaming device.

Seed Values

Seed Values



Copyright © 2010

Bonus Server

In this scenario, the gameshave their own internalRNG, yet they share abonus server. The bonusserver will usually be calledupon, during certain eventslike the triggering of abonus game. The bonusserver will then generatethe random event used inthe bonus.



Copyright © 2010

Houston, we have a problem…

…We’ve lost control !!!“Testing Tomorrow's Technology Today"

Copyright © 2010

Have We Lost Control?

• S2000 Platform

• AVP Platform


Copyright © 2010

Verification Requirements AreManufacturer Driven, But Should Be

Regulator Driven

New Verification Methods Evolve In Three Ways:

1) Manufacturer requests a method to independently verify and validate theCPSM.

2) Laboratory is examining product and requests 3rd Party or internallydevelops method to verify.

3) Regulatory body requests an independent, 3rd party verification method.


Copyright © 2010

Need For Regulator To Take Control

Prevent The “Runaway Train On A Circular Track” Syndrome


Copyright © 2010

Regulator’s Mission

Mind the Store

- Game Regulations

Fair Game of Chance

- Device Verification and Validation

Chart the Course

- Control Mechanism


Copyright © 2010

Key Ingredients for Success• Expanded Levels of Verification

• Internal/External Device Verification

• Third-Party Verification & Validation


Copyright © 2010

“Charting the Course”


Copyright © 2010

THANK YOU,THIS CONCLUDES OUR

PRESENTATION

Questions?


Copyright © 2010

Documents

Stafford Kobetron NAGRA presentation 06.28.10 · GSA Protocol Standards System-To-System (S2S) The standard provides the communication link for the casino to link their various …