Logic Analysers Technical Articles | South Africa
Debugging Smartcards using a Logic Analyser with ISO7816 Protocol Interpreter
This article was published online in the Dataweek of 12 June 2013.
Introduction to Smartcards
A smart card, chip card, or integrated circuit (ICC) card, is any pocket-sized card with embedded integrated circuits which can process data. This implies that it can receive input which is processed - by way of the ICC applications - and delivered as an output. There are two broad categories of ICCs. Memory cards contain only non-volatile memory storage components, and perhaps some specific security logic. Microprocessor cards contain volatile memory and microprocessor components. The card is made of plastic, generally PVC, but sometimes ABS. The card may embed a hologram to avoid counterfeiting. Using smartcards is also a form of strong security authentication for single sign-on within large companies and organizations.
Figure 1: Different Smart cards
Table 1 is about the description of contacts of Smart Cards, and Figure 2 is about the slot diagram of the Smart Card Reader which is sold on the market. Users can clearly understand the position of each contact according to the entity picture marking.
- C1 Vcc Power connection through which operating power is supplied to the microprocessor chip in the card.
- C2 RST Reset line through which the IFD can signal to the smart card's microprocessor chip to initiate its reset sequence of instructions.
- C3 CLK Clock signal line through which a clock signal can be provided to the microprocessor chip.
- This line controls the operation speed and provides a common framework for data communication between the IFD and the ICC.
- C4 RFU Reserved for future use.
- C5 GND Ground line providing common electrical ground between the IFD and the ICC.
- C6 Vpp Programming power connection used to program EEPROM of first generation ICCs.
- C7 I/I Input/output line that provides a half-duplex communication channel between the reader and the smart card.
- C8 RFU Reserved for future use.
Table 1: Smartcard connections
Measurement of actual signals of ISO7816 with a Zeroplus Logic Analyser
There are eight contacts on the Smart Card in total. It only needs connecting 3 of them (clock, ground and I/O) to the Zeroplus Logic Analyzer when measuring.
Figure 2: Connections to a smartcard reader
All Zeroplus' logic analysers come with 30 to 60 free protocol interpreters. One of these is the ISO7816 protocol for communicating with smartcards. The captured waveform on a Zeroplus LA is displayed below.
Figure 3: Protocol interpreter for smartcard ISO7816 protocol.
The signal structure of the ISO7816 is similar to that of the RS-232C, and the difference is that the ISO7816 needs relying on the CLOCK to judge the data; the RS-232C uses the baud rate in its signal to judge the data. The ISO7816 takes the 16bits of clock as one unit to start sampling data, see Figure 4.
Figure 4: Analyse the clock start bit and preamble.
According to Figure 5, after the clock signal after the start bit generated 16 cycles (1 ETU), it is time to look for the data; the data packet is analysed in the same way.
Figure 5: Analyse the whole ISO7816 packet
The format of the Signal Packet consists of the START (1bit), DATA (8bits), PARITY CHECK (1bit) and STOP (2bits). Each bit on the DATA Line needs appearing 16 periods (1 ETU) clock on the CLOCK Line, and the Transmission Direction of DATA is fixed, which is LSB to MSB.
Setting up any protocol interpreters for the Zeroplus LA is made very simple by an intuitive user interface and context-specific menus. Only 4 properties need to be specified:
Pin Assignment: Setting channel DATA and CLK.
Protocol Analyzer Property: Set the periods of clock as 1bit in the signal of ISO7816. The default is 16 Periods, and the Max. can be set as 2048 Periods.
Below is a screenshot of how to configure the ISO7816 protocol.
Figure 6: Setting up the Protocol Analyzer for ISO7816 UART in the Zeroplus Logic Analyzer.
The bottom line for the engineer or the engineering manager is this: Using a logic analyser with a built-in protocol interpreter for the specific serial bus you are working on, like the Zeroplus logic analysers, will save you a LOT of time, very quickly paying for the cost of the Logic Analyser.
Gone are the days when an engineer can afford to sit for hours decoding digital busses on an oscilloscope. That is just simply unproductive when there are logic analysers that can do the job in seconds and are affordable even for the individual and small company. It simply doesn't make financial sense to debug today's complex serial busses using yesterday's methods.
As with all our products here at K Measure, we tell our new customers to bring back the test equipment, for a no-questions-asked refund, if the tools they buy does not safe them time or cannot do what they expected. We have not had a single customer using that privilege in the 5 years we have been selling Zeroplus' logic analysers.
K Measure has a range of 4 Zeroplus logic analysers in stock, ranging from the low-cost 16-channel LAP-16032C, the mid-range LAP-16128C and the 32-channel LAP-32128C, to the 70-channel LAP-702000X for the serious digital engineer. Zeroplus' logic analysers come standard with from 30 to 60+ protocols included.