annotate README @ 36:f1c3dd2173d3

doc/Sniffing-hw-setup: document written
author Mychaela Falconia <falcon@freecalypso.org>
date Wed, 30 Aug 2023 02:22:44 +0000
parents fbbafa93b52b
children 510bef2b2000
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
0
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
1 Alternative implementation of SIMtrace idea,
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
2 using iCE40 FPGA instead of AT91SAMx
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
3 ============================================
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
4
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
5 Q: What is the principal idea behind SIMtrace, as distinct from the specific
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
6 implementation realized by "standard" Osmocom SIMtrace?
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
7
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
8 A: The two principal objectives of SIMtrace are:
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
9
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
10 1) Passive sniffing of communication between a phone-type device and a SIM,
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
11 ideally as transparent and non-invasive as possible.
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
12
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
13 2) Card emulation: the SIMtrace apparatus presents itself to the phone (or
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
14 modem or other phone-type device) as a SIM, either emulating the entire
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
15 SIM CardOS functionality in software or communicating with a real SIM
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
16 located somewhere remotely, across the Internet.
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
17
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
18 Q: What are the shortcomings of the existing Osmocom SIMtrace implementation of
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
19 the above goals?
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
20
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
21 A: In the opinion of Mother Mychaela of FreeCalypso, the electrical aspects of
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
22 Osmocom SIMtrace implementation are its biggest shortcoming. The following
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
23 problems are most acute currently:
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
24
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
25 * Current SIMtrace v2 hardware is not 5V-tolerant: connecting this apparatus to
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
26 an old phone that puts out 5V (class A) on its SIM socket can damage the
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
27 hardware, as class A SIM voltages exceed the absolute maximum rating spec of
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
28 the AT91SAM3S4B microcontroller on the SIMtrace v2 board, which is connected
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
29 directly to the SIM bus.
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
30
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
31 * One option would be to revive the previous hardware generation as in SIMtrace
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
32 v1, replacing the AT91SAM3S with AT91SAM7S. However, all firmware maintained
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
33 by Osmocom is written for SAM3S only, thus a backport to SAM7S would involve
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
34 significant work. Given that the resulting solution would still be far from
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
35 my idea of perfection, I find it difficult to justify investing in that
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
36 software effort - instead I would rather work on a more philosophically-proper
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
37 solution.
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
38
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
39 * AT91SAMx-based SIMtrace, both v1 and v2, works (most of the time, but not 100%
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
40 reliably) with 1.8V phone-SIM combination (a phone that prefers class C and a
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
41 SIM that supports it) only by accident. The Vih spec (the minimum required
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
42 voltage on a signal line for it to register reliably as a 1) is 2.0 V for
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
43 AT91SAM7S or 2.31 V (0.7 * Vddio, Vddio = 3.3 V) for AT91SAM3S, but the actual
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
44 voltage on SIM interface lines in class C operation will never rise above
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
45 1.8 V. The electrical interface on this hw operates severely out of spec,
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
46 and I find it rather miraculous that it works at all. Not surprisingly,
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
47 reports are starting to trickle in with user experiences of it actually NOT
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
48 working sometimes.
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
49
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
50 * Even if the SIM interface is restricted (by the phone, by the SIM, or by
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
51 SIMtrace MITM function tampering with ATR or file characteristics bytes) to
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
52 operating in class B (3.0 V nominal) only, the existing AT91SAMx SIMtrace
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
53 boards are still electrically unclean. Looking at the schematics, one can see
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
54 that both CLK and I/O lines are pulled up (with resistors) to the SIMtrace
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
55 board's 3.3V rail, which is a higher voltage that what the phone will put out
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
56 (3.0 V or 1.8 V), and in the case of SIMtrace v1 with a 5V phone, that pull-up
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
57 will turn into a pull-midway-down instead.
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
58
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
59 * My philosophy is that the tracing apparatus should be making only a high-
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
60 impedance connection to the SIM bus and nothing more, while the SIM bus itself
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
61 is galvanically connected from the phone to the physical SIM without passing
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
62 through any switches or other potential Heisenbug-inducing artifacts.
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
63
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
64 My first thought was to gently modify the existing AT91SAMx-based SIMtrace
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
65 design for electrically clean multivolt operation:
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
66
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
67 * Replace the electrical switches for SIM VCC (FPF2109) and SIM RST/CLK/IO
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
68 (CB3Q3244) with either a relay (my initial thought, but way too power-hungry)
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
69 or a manually operated 5PDT slide switch;
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
70
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
71 * Insert a Nexperia 74LVC4T3144 dual-supply buffer between the SIM bus and the
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
72 MCU, providing a sniffing path that not only supports all 3 voltage classes,
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
73 but is electrically clean, making only a high-impedance connection to the SIM
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
74 bus as I desire;
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
75
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
76 * Connect a 74LVC1G07 open drain driver (fed with TxD from the MCU) to the SIM
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
77 bus I/O line, providing a signal path for card emulation mode. (In trace mode
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
78 the firmware would be responsible for never turning on this OD driver, keeping
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
79 the tracing apparatus High-Z.)
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
80
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
81 However, as I was reading AT91SAMx datasheets more carefully in preparation for
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
82 embarking on a project to turn the above idea into reality, I saw a big problem:
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
83 when the USART is put into ISO 7816-3 mode, it uses the chip's TxD pin (switched
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
84 to open drain operation) for both Rx and Tx, and there is no option to keep
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
85 separate RxD and TxD pins with an external receiving buffer and an external OD
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
86 driver.
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
87
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
88 It would probably be possible to build an all-voltage SIM interface with
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
89 AT91SAMx, perhaps by using one of those bidirectional level shifter ICs that
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
90 somehow automagically handle driving direction reversals. But I personally am
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
91 not too inclined to trust those automagical bidirectional translators, they
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
92 just don't align with my design philosophy - I would much much rather have
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
93 unidirectional buffers, one for sniffing and another for OD-driving the I/O
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
94 line in card emulation mode. Seeing that AT91SAMx is incompatible with such
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
95 electrical design, I decided to screw AT91SAMx and go for a radically different
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
96 approach.
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
97
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
98 Outline of FPGA-based alternative design
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
99 ========================================
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
100
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
101 My (Mother Mychaela's) idea of alternative SIMtrace implementation consists of
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
102 the following pieces:
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
103
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
104 1) The passive SIMtrace FPC connection board (boards/sim-fpc-pasv) is a trivial
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
105 PCB that electrically interconnects a SIM socket, an FPC connection for
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
106 SIMtrace FPC cables and a set of 2.54 mm header pins bringing out all SIM
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
107 interface signals.
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
108
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
109 2) A second little adapter board (tentatively named mv-sniffer) will feature one
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
110 active component, but will still be just as trivial: it will be a PCB hosting
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
111 a single 74LVC4T3144 IC, with 2.54 mm header pins for the SIM side (SIM VCC
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
112 will go to the buffer IC's VccA) and for the FPGA board side; a power rail
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
113 from the latter board will go to the buffer IC's VccB.
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
114
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
115 3) The FPGA board will be an off-the-shelf item, eliminating the major hurdle
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
116 of having to design and build a custom board of substantial complexity. My
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
117 first attempt will be to use the Icestick board with iCE40HX1K FPGA; if this
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
118 FPGA proves to be too small, I will then look for another suitable board
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
119 with a bigger FPGA.
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
120
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
121 The Icestick board features not only the HX1K FPGA, but also an FT2232H chip
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
122 handling the USB interface. FT2232H channel A is for FPGA programming, but
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
123 channel B is a regular UART, connected with PCB traces to FPGA I/O pins for
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
124 user logic. The logic implemented in the FPGA will use this UART interface to
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
125 communicate with higher-level software, which will be implemented as simple
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
126 userspace programs - thus there is no "firmware" component per se.
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
127
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
128 In terms of FPGA gateware functionality, the passive sniffer function will be
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
129 implemented first; once it works, a different logic design will be implemented
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
130 for card emulation mode.
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
131
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
132 In terms of hardware as in boards, the first prototype version will use separate
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
133 sim-fpc-pasv and mv-sniffer boards, connected with jumper wires between 2.54 mm
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
134 header pins. Because the signals carried by these jumper wires reside on the
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
135 "target" SIM bus side of the buffer, these wires add more than just clutter -
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
136 they also add to the electrical length of the external SIM bus, which is
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
137 obviously bad. Once the basic design is proven good, I plan to spin out another
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
138 simple board that will feature the SIM socket, the SIMtrace FPC connector, the
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
139 74LVC4T3144 buffer and a header for connecting to the FPGA board. Because the
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
140 latter connection resides past the buffer, wire length here does NOT add to the
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
141 SIM bus.
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
142
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
143 All of the just-described hardware config is for tracing only, not for card
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
144 emulation. For the latter function yet another, albeit still very simple,
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
145 adapter board will need to be made. The cardem adapter board will feature the
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
146 SIMtrace FPC connector, two active ICs (74LVC4T3144 receiving buffer and
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
147 74LVC1G07 OD driver) and the header for connecting to the FPGA board. Note the
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
148 absence of a SIM socket - hardware setups for sniffing a phone's communication
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
149 with a real SIM on the one hand and for running with a software-emulated SIM on
fbbafa93b52b starting project with README and sim-fpc-pasv adapter
Mychaela Falconia <falcon@freecalypso.org>
parents:
diff changeset
150 the other hand are different, and it does no good trying to combine them.