view doc/Sniffing-hw-setup @ 37:432d756a21f1

doc/Sniffing-workflow: document written
author Mychaela Falconia <falcon@freecalypso.org>
date Wed, 30 Aug 2023 03:03:04 +0000
parents f1c3dd2173d3
children 1068f9fd41d5
line wrap: on
line source

The hardware setup for SIM sniffing with SIMtrace3 consists of the following
components:

* The same SIMtrace FPC cables (going from a SIM socket to the 6-pin FPC
  connector) that were originally developed for SIMtrace1/2 and are sold by
  Sysmocom;

* An off-the-shelf Lattice Icestick FPGA board (sold by Digi-Key, for example)
  that has been outfitted with header pins: the board ships with empty PTHs
  (plated through holes) at J1, hence a small soldering job is required to
  populate this header;

* Some in-between components described below.

For the in-between components of the last bullet point above, there are 3
possibilities, each described in its own section below.

HW setup version 0
==================

(works today)

The piece between the SIMtrace FPC cable from Sysmocom and the Icestick FPGA
board is the "SIMtrace FPC passive connection" adapter (design files in
boards/sim-fpc-pasv directory) from the fall of 2022.  The electrical connection
from the ME/ID SIM socket to the physical SIM is direct and physically
continuous (no switches, no Heisenbugs), and a trio of FPGA I/O pins (configured
as inputs) are connected directly to this SIM bus with jumper wires.

This hw setup is intended only as a very temporary prototype until we get hw
setup version 1 described below.  The present hw setup version 0 works ONLY if
the ME/ID operates with class B voltage levels: if you try class A (5V), you'll
instantly damage the FPGA by grossly exceeding its Absolute Maximum Ratings
(don't do it!), and if you try class C (1.8V), the high level will fall right
between Vil_max and Vih_min, causing the FPGA to receive garbage.  However, this
otherwise-unusable hw setup was good enough to prove the FPGA logic working,
using an FCDEV3B as the ME/ID, manually forced into class B operation.

HW setup version 1
==================

(coming very soon)

Compared to hw setup version 0, one extra component is added between the
sim-fpc-pasv adapter and the Icestick board: another little adapter board called
"SIMtrace-ice multivolt sniffer", design files in boards/mv-sniffer directory.
The only active component on the mv-sniffer board is a Nexperia 74LVC4T3144 dual
supply logic voltage level translator IC, powered from SIM_VCC on its A side
and from Icestick board +3.3V rail on its B side.

The mv-sniffer PCB is currently on its way to FreeCalypso HQ from the PCB fab
in China, and once the PCB arrives, assembly will require another trip to
Technotronix.  Once we have this board assembled, we should have a working
SIMtrace3 sniffing path that is fully compatible with all 3 voltage classes,
per the original intent of SIMtrace3 project.

HW setup version 2
==================

(a little more distant, but will be needed before wider spread)

The solution with separate sim-fpc-pasv and mv-sniffer boards is expected to be
quite inconvenient because of the number of pieces required - clutter on the lab
bench - plus poor electrical design with jumper wires between the two boards
extending the electrical length of the SIM bus before the LVC buffer.  In the
fully polished version of SIMtrace3, these two adapter boards will need to be
combined into one.  The final SIMtrace3 sniffer pod is expected to be a single
board (still very simple and low cost) featuring the following components:

1) SIMtrace FPC connector
2) SIM socket
3) 74LVC4T3144 buffer IC
4) SIM bus solidly connected between components 1, 2 and 3
5) A header for FPGA board connection, wired to the 'B' side of component 3