FreeCalypso > hg > fc-sim-sniff

annotate doc/Sniffer-FPGA-design @ 48:1068f9fd41d5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
doc: project rename
author Mychaela Falconia <falcon@freecalypso.org>
date Thu, 21 Sep 2023 06:31:34 +0000
parents 695ca51e1564
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
48
1068f9fd41d5 doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents: 35
diff changeset
1 FPGA component of FreeCalypso SIMsniff
1068f9fd41d5 doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents: 35
diff changeset
2 ======================================
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
3
48
1068f9fd41d5 doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents: 35
diff changeset
4 The present FreeCalypso solution for SIM interface sniffing consists of a
1068f9fd41d5 doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents: 35
diff changeset
5 sniffer pod (hardware adapter with level shifters) and a Lattice Icestick FPGA
1068f9fd41d5 doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents: 35
diff changeset
6 board, loaded with the appropriate gateware image from the present project.
1068f9fd41d5 doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents: 35
diff changeset
7 This document describes the design and operation of the FPGA component of
1068f9fd41d5 doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents: 35
diff changeset
8 FC SIMsniff.
17
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
9
25
c03a882cc49e doc/Sniffer-FPGA-design: update for working status
Mychaela Falconia <falcon@freecalypso.org>
parents: 17
diff changeset
10 Hardware architecture and FPGA design principle
c03a882cc49e doc/Sniffer-FPGA-design: update for working status
Mychaela Falconia <falcon@freecalypso.org>
parents: 17
diff changeset
11 ===============================================
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
12
17
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
13 The two principal components of the Icestick board are an iCE40HX1K FPGA and an
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
14 FT2232H-based USB host interface. Our sniffer logic function in the FPGA
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
15 operates principally as a byte forwarder from the ISO 7816-3 sniffer block to
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
16 the FT2232H UART: every time the bus sniffer block captures a character (in ISO
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
17 7816-3 terminology) being passed on the SIM electrical interface in either
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
18 direction (the two directions of transmission are indistinguishable to a tap
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
19 sniffer that does not actively participate in the protocol), the FPGA forwards
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
20 this character to the connected host computer (by way of FT2232H UART) for
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
21 further processing in software. The UART data line going from the FPGA to the
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
22 FT2232H is the sole functional output from this FPGA, aside from some
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
23 non-essential LED outputs: right now the green LED shows the current state of
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
24 SIM RST line, and we might add another LED showing if SIM CLK is running or
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
25 stopped. The other UART data line going the opposite direction (output from
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
26 FT2232H) remains unused in this application, i.e., the host software application
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
27 will only read/receive from the ttyUSBx FPGA device and won't send anything to
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
28 it. All modem control lines on this UART interface likewise remain unused.
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
29
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
30 Serial interface format
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
31 =======================
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
32
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
33 For every ISO 7816-3 character captured by the sniffer, two back-to-back UART
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
34 bytes are transferred from the FPGA to the host computer; more generally, the
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
35 FPGA can only transmit pairs of back-to-back bytes on this UART and no
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
36 singletons or other arrangements - thus the host receiver can always recover
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
37 synchronization by dropping any partially received two-byte message (the first
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
38 byte of an expected pair) during prolonged pauses. The FPGA transmits the two
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
39 back-to-back UART bytes as a single shift-out of 20 bits, conveying two bytes
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
40 in 8N1 framing.
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
41
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
42 Why are we turning every captured ISO 7816-3 character into a pair of bytes on
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
43 our internal UART interface, why not simply forward it as a single byte? The
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
44 reason is that we need to pass some additional bits beyond the 8 that comprise
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
45 the ISO 7816-3 character payload; the additional bits which we need to pass are
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
46 as follows:
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
47
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
48 - the received parity bit;
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
49 - a flag indicating whether or not an error signal (ISO 7816-3 section 7.3)
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
50 was seen;
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
51 - additional flag bits communicating SIM RST assertion and negation events,
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
52 as distinct from ISO 7816-3 characters;
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
53 - additional flags indicating actions of the integrated PPS catcher state
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
54 machine, to be described later in this document.
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
55
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
56 Assertion or negation of SIM RST is the only other possible event (besides ISO
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
57 7816-3 character capture, with or without attendant PPS catcher state machine
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
58 action) that can cause the FPGA to send a byte-pair UART message to the host
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
59 computer. One bit in the 16-bit message will distinguish between characters
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
60 and RST events, another bit will indicate the state of RST at the time of the
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
61 event (new RST for transitions, 1 for characters), and all other bits are
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
62 meaningful only for characters.
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
63
17
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
64 Detailed serial interface format
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
65 --------------------------------
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
66
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
67 Treating the two transmitted bytes as a single 16-bit word, with the least
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
68 significant 8 bits transmitted first (matching the transmission order of bits
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
69 within a byte, see IEN 137), the 16 bits of this word are assigned as follows:
17
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
70
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
71 Bit 15: set to 0 if this message signals ISO 7816-3 character reception or 1 if
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
72 it signals a change of state in the RST line.
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
73
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
74 Bit 14: new state of RST in the case of RST state change messages; should always
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
75 be 1 in character Rx messages.
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
76
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
77 The remaining bits are valid only in character Rx messages:
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
78
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
79 Bit 13: set to 0 if this character was captured in F/D=372 mode or 1 if it was
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
80 captured in one of the supported speed enhancement modes (F=512, D=8/16/32/64).
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
81
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
82 Bit 12: set to 1 in the byte position that is expected to be the final PCK byte
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
83 of the card's PPS response in the case of supported speed enhancement modes,
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
84 0 otherwise.
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
85
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
86 Bit 11: set to 1 in the byte position that is expected to be the PPS1 byte of
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
87 the card's PPS response, 0 otherwise.
17
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
88
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
89 Bit 10: set to 1 if the error signal of ISO 7816-3 section 7.3 was detected,
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
90 0 otherwise.
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
91
17
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
92 Bit 9: sampled line value at the midpoint of the start bit, should be 0 in a
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
93 properly working system.
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
94
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
95 Bit 8: received parity bit;
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
96
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
97 Bits [7:0]: payload bits of the received character.
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
98
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
99 UART baud rate
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
100 ==============
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
101
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
102 The baud rate on the UART interface between the FPGA and the FT2232H converter
17
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
103 is 3000000 bps. This high (and very non-RS232-standard) UART baud rate was
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
104 chosen for the following reasons:
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
105
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
106 * Our UART interface is totally private, going nowhere but the on-board FT2232H,
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
107 thus it doesn't matter if the baud rate is standard-ish or totally
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
108 non-standard.
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
109
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
110 * No cables of any kind are used, instead the UART interface is confined to
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
111 short PCB traces running between the FPGA and the FTDI chip on the same board
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
112 - hence high baud rates are not a problem.
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
113
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
114 * Our UART baud rate needs to be high enough to provide good margin, despite
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
115 our 2x expansion, at the highest possible effective bps rate on the SIM
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
116 interface, meaning the highest possible SIM CLK frequency and the most
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
117 aggressive F/D ratio. The combination of SIM CLK at 5 MHz, F=512 and D=64
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
118 corresponds to 625000 bps effective on the SIM interface; running our UART at
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
119 3 Mbps provides sufficient margin.
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
120
17
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
121 Clocking design
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
122 ===============
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
123
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
124 The FPGA on the Icestick board receives a 12 MHz clock input. Our original
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
125 plan was to use the FPGA's on-chip PLL to multiply this clock by 4, producing a
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
126 48 MHz system clock - however, this plan has been shelved for now, and our
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
127 current sniffer design uses the 12 MHz clock directly as its system clock.
17
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
128
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
129 The 3 inputs to the FPGA coming from the SIM electrical sniffer (buffered and
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
130 level-shifted SIM RST, CLK and I/O lines) pass through two cascaded DFFs,
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
131 bringing them into our internal clock domain. The delay added by these cascaded
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
132 DFFs is not a concern: we are a passive sniffer without any output back to the
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
133 SIM interface, and all 3 signal inputs will be subject to the same delay.
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
134
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
135 As stated in the previous section, the baud rate on the UART interface between
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
136 the FPGA and the FT2232H converter is 3000000 bps. The UART output block in
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
137 the FPGA uses a simple /4 divider from CLK12 (board-level 12 MHz clock input)
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
138 to time its output bits; the original intent was to use a /16 divider from
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
139 48 MHz SYSCLK.
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
140
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
141 ISO 7816-3 sniffer block
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
142 ========================
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
143
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
144 Our ISO 7816-3 receiver triggers on the falling edge of the I/O line. Once it
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
145 detects a high-to-low transition on the SYSCLK-synchronized SIM_IO input, it
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
146 starts counting SIM CLK cycles - we are arbitrarily choosing low-to-high
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
147 transition of SYSCLK-synchronized SIM_CLK input as the trigger point. (This
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
148 choice is arbitrary because per the spec there is no defined phase relation
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
149 between SIM CLK and SIM I/O transitions.)
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
150
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
151 Our ISO 7816-3 receiver needs to know how many SIM CLK cycles constitute one
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
152 etu - or more precisely, our sniffing receiver needs to know how many SIM CLK
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
153 cycles constitute 0.5 etu, 1 etu and 1.5 etu, in order to locate various needed
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
154 sampling points relative to the instant at which SIM_IO was initially sampled
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
155 low. Our sniffer-pps FPGA supports the following combinations:
17
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
156
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
157 F=372, D=1: 372 clocks per etu
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
158 F=512, D=8: 64 clocks per etu
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
159 F=512, D=16: 32 clocks per etu
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
160 F=512, D=32: 16 clocks per etu
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
161 F=512, D=64: 8 clocks per etu
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
162
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
163 Our sniffing Rx is held down in reset (won't receive anything) while SIM RST is
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
164 low; as we come out of reset upon SIM RST line going high, our sniffing Rx is in
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
165 F/D=372 mode and the PPS catcher state machine is set to its initial state. As
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
166 ISO 7816-3 characters captured in this F/D=372 mode are received, our PPS
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
167 catcher state machine follows the spec-defined structure of ATR to locate its
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
168 end. If the end of ATR is followed by a PPS request which is then followed by
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
169 a PPS response, and if the PPS response from the card includes a PPS1 byte that
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
170 invokes one of our supported speed enhancement modes listed above, the sniffing
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
171 receiver's notion of etu length is switched at the correct point in time:
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
172 immediately after finishing RX of the PCK byte that concludes the card's PPS
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
173 response.
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
174
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
175 Direct and inverse coding conventions
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
176 =====================================
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
177
17
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
178 Only the card and not the interface device (ISO 7816-3 terminology) determines
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
179 which coding convention is used, direct or inverse. So far we (FreeCalypso)
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
180 have not yet encountered a real-life SIM that uses the inverse convention, only
48
1068f9fd41d5 doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents: 35
diff changeset
181 the direct convention kind. The approach taken in FC SIMsniff is that the FPGA
1068f9fd41d5 doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents: 35
diff changeset
182 is mostly (except for the integrated PPS catcher) oblivious to the coding
1068f9fd41d5 doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents: 35
diff changeset
183 convention: it passes the 9 received bits (8 data bits and 1 parity bit) to the
1068f9fd41d5 doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents: 35
diff changeset
184 16-bit UART message as-is, without inverting or reordering them. The coding
1068f9fd41d5 doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents: 35
diff changeset
185 convention and the parity check are then handled in simsniff-dec host
1068f9fd41d5 doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents: 35
diff changeset
186 application.
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
187
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
188 Integrated PPS catcher
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
189 ======================
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
190
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
191 Our sniffer FPGA logic was developed incrementally. The first version,
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
192 preserved in fpga/sniffer-basic in case we ever need to revisit it, uses an ISO
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
193 7816-3 sniffing Rx block with fixed F/D ratio of 372. That simple version is
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
194 sufficient for sniffing exchanges between a GSM ME and a SIM *if* the etu-
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
195 defining F/D ratio is never switched from the basic default of 372, either
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
196 because the SIM does not support speed enhancement or because the ME does not
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
197 support such. However, such no-speed-enhancement scenarios are rare:
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
198
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
199 * All commercial operators' SIMs in the present era do support speed
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
200 enhancement, and so do our own FCSIM1 cards. More specifically, our FCSIM1
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
201 model supports F=512 D=8, while most commercial operators' SIMs that have
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
202 passed through Mother's hands (plus sysmoUSIM-SJS1 and sysmoISIM-SJA2)
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
203 support F=512 D=32.
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
204
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
205 * F=512 D=8 is a speed enhancement mode endorsed by the most classic GSM 11.11
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
206 spec, and it is supported by classic GSM ME implementations including our dear
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
207 Calypso.
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
208
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
209 As a result of the above two factors, most real-life GSM ME to SIM sessions
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
210 which we will need to sniff and trace in the course of Vintage Mobile Phone
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
211 debugging and support will include a PPS exchange switching from F/D=372 to a
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
212 smaller number of SIM CLK cycles per etu, specifically one of F=512 D=8/16/32/64
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
213 modes.
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
214
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
215 The main difficulty with capturing SIM interface sessions that use speed
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
216 enhancement is as follows: in order for the session capture to be complete,
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
217 without any lost bits, the sniffing receiver's knowledge of how many SIM CLK
17
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
218 cycles constitute an etu needs to change to the new value at exactly the
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
219 correct moment in time, which is the moment immediately after the last byte
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
220 (PCK) of the SIM's PPS response passes across the wire. If we were to rely on
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
221 host software to decode all byte exchanges up to this point (ATR from the SIM,
17
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
222 PPS request from ME/ID, then PPS response) and command the FPGA (UART in the
41e6026e5d1a doc/Sniffer-FPGA-design: update for first implementation
Mychaela Falconia <falcon@freecalypso.org>
parents: 4
diff changeset
223 other direction, or a modem control line) to switch the etu counters (the
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
224 0.5 etu, 1 etu and 1.5 etu counters mentioned earlier in this document), we
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
225 stand very little chance of getting this command to the FPGA in time, before
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
226 ME/ID starts transmitting its next command to the SIM using the new etu
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
227 definition.
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
228
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
229 Designs that incorporate a local CPU core immediately adjacent to the ISO 7816-3
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
230 receiver block, such as original Osmocom SIMtrace in which the local CPU core
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
231 and the ISO 7816-3 receiver sit in the same AT91SAMx chip, don't suffer from
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
232 this problem: with a local (dedicated, embedded) CPU so close, the firmware can
48
1068f9fd41d5 doc: project rename
Mychaela Falconia <falcon@freecalypso.org>
parents: 35
diff changeset
233 react and intervene in time. However, in the case of FC SIMsniff, the nearest
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
234 CPU is the host computer separated by UART and USB links - not closely coupled
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
235 enough to provide the degree of real-time response that is needed here. Someone
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
236 could say that we should stick a soft CPU core with firmware into our FPGA - but
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
237 we've implemented a different solution: we have a specialized PPS catcher state
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
238 machine instead. This gateware FSM follows the spec-defined structure of ATR,
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
239 PPS request and PPS response, and locates the two key items of interest to us:
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
240
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
241 * The PPS1 byte in the card's PPS response, which we check for a supported speed
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
242 enhancement mode (the upper 6 bits need to match 0x94) and from which we
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
243 extract the two lsbs selecting among D=8/16/32/64;
4
b275c69c1b80 doc: describe proposed FPGA design
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
244
35
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
245 * The PCK byte that concludes the card's PPS response - the point where we throw
695ca51e1564 doc/Sniffer-FPGA-design: update for finished work
Mychaela Falconia <falcon@freecalypso.org>
parents: 25
diff changeset
246 the switch to sniffing with the new F/D ratio.