|
Smart Card
Systems Short Survey
|
|
This page is published to provide basic items, references and links to access the smart card technologies and concepts. This survey focuses on dedicated hardware proposed by manufacturers, on embedded operating system whether there are open source or proprietary. It is designed to be the more exhaustive sources as possible for all these points. Nevertheless send an email to deville@lifl.fr or grimaud@lifl.fr to relate some interesting missing references.
Summary :
I.1 - Microprocessors ;
I.2 - Memories ;
I.3 - I/O ;
I.4 - Hardware& devices links.
II. Smart card Operating Systems & basics software
II.1 - Smart card software history ;
II.2 - Current OS status ;
II.3 - Software examples ;
II.4 - Software (open source) links.
III. Usual smart card soft wares
III.1 - Minimalist pieces of software for smart cards ;
III.2 - Conventional "ISO7816-like" operating system architectures ;
III.3 - ;
| I. Dedicated Hardware |
Dedicated Hardware Smart card industry is known for not publishing detailed information about chipsets they use in their products. This choice is driven by security issues (as well industrial concurrency). Initially, public informations were limited to frequency bus size and memories footprint. Todays chipset manufacturers publish the coreship data sheets. Nevertheless SmartCard manufacturers buy customized version of their microcontrolers. The Figure 1 shows physical connectors and a core view of a typical smartcard microcontroler.
 |
 |
Figure 1: SmartCard connector (left) and microcontroler (right).
|
A wide class of microprocessors are used from
old 8-bit CISC micro chip (4.44 Mhz) to powerful 32-bit RISC (100
to 200 Mhz). The type of CPU used for smart card is highly influenced
by the ISO[9] constraints linked to the card. For example, as the
card is a portable device that is stored in a wallet, it must meet
standards related to torsion and bending capacity. Table 1
gives an overview of some processors commonly used in smart cards.
Historically, smart card manufacturers used 8-bit processors because
operating systems and applications code are known to be more compact.
But smart cards now need to be more efficient and new embedded applications
require more and more computing power. So card designers now choose
32-bit RISC processors (or 8/16 bits CISC).
Table 1: Characteristics of common smart card microprocessors. Computing performance of a smart card is not a significant problem for operating systems and applications. Cryptographic co-processor usually solve specific smart card computing needs. What is really the limiting factor is the very small amount of memory, and some annoying hardware-specific problems. |
|
Different types of memory exist on the card.
The first one is the RAM (Random Access Memory); there is also some
ROM (Read Only Memory); and finally EEPROM (Electric Erasable Programmable
Read Only Memory) or FLASHRAM that are writable persistent memories.
Because smart card silicon is supposed to be limited to 20 mm²,
the physical space needed for storing 1 bit is an important factor.
Each kind of memories used is of different size concerning this
point; the smallest is the ROM. Table 2 gives
an overview of the amount of memory present on board, and also present
the ``memory cell'' which is the size for 1 byte of memory on the
micro module.
Table 2: Card memory Characteristics. Persistent memory has a major drawback, linked to its electronic properties. Its writing delay is up to 10000 times slower than RAM one. Furthermore, writing in persistent memory may damage the memory cells (the stress problem occurs when using the erase operation: making a bit going from 0 to 1). EEPROM provides 4 primitive operations:
Erase is a stressing operation, it can provoke
a lapse of the memory cell. It is also 38% slower than a write.
Table 3 illustrates this characteristic. This
characteristic is also true for FLASHRAM.
Table 3: Differences between the two writing operations in a typical EEPROM usage.
|
||||||||||||||||||||||||||||||||||||
|
Smart card industries have provided ISO normalization, defining I/O protocols. The wired normalization is called ISO 7816 and is declined in "T=x" protocols. The wireless normalization (for contact less smart card) is defined in ISO SC17 14443. Nevertheless some Smart Card prototypes have used more conventional protocols and physical links. The Table 4 summarizes some of them.
Table 4: Published SmartCard IOs. TODO : some words about ISO7816 usage. |
|||||||||||||||||||||||||||||||||||||||||||||
|
Main smart card manufacturers :
Microcontroler manufacturer :
Usual smartcard chip datasheet :
|
| II. Smart card operating systems |
Smart card softwares until now
|
Basically there are four parties involved during a smart card life cycle :
The burning phase consist in production of silicon including
ROM state. Smart card softwares generations can be classified with regard to this embedding dates. The table 5 shows the proposed classification. The first generation the software was exclusively embedded on the ship by the microchip manufacturer, as a ROM state. The Smart card manufacturer initialize the software with confidential datas (its called smart card personalization). The second generation appears to reduce the time-to-market. The main part of the smart card software was burned in ROM, but some part of the application softwares (called "filters") can be loaded in EEPROM by the Smart card manufacturers. Datas are structured in a file-system or a databased representation and so there can be created and managed by everyone in the smart card life-cycle. The third generation allows applications downloading as well as datas of the second generation. Clearly it a way to improve software reactivity (according to markets evolutions). Ensuring smart cards safety while loading untrusted code is extraordinary more complex than ensuring smart cards safety while loading datas.
Table 5 : Smart card software generations depending to their deployment actor. Today, each one of this software generations are sold by smart card manufacturers. Public phone and banking smart card are products of the first generation. Generic ISO7816-4 and ISO7816-7 smart cards, Health cards, are examples of the second generation. Generic multos and javacard as used in JavaSim modules for the GSM are examples of the third generation. |
|
The third generation allows applications downloading as well as datas of the second generation. Clearly it a way to improve software reactivity (according to markets evolutions). Ensuring smart cards safety while loading untrusted code is extraordinary more complex than ensuring smart cards safety while loading datas.
|
|
Smart card softwares of the first generation : The first example is a typical PIC smart card
OS-Application. 1. Hardware routines
2. Communication protocol management
3. Services automate :
NB: In this context, smart card software expertise consist in the ability to implement safe, tamper-resistant, and low-cost software (in a co-design process with the hardware). The shown example do not present any of this kind of expertises in it implementation (and the public PIC smart card sold does not contain appropriate hardware). It clearly a non public expertise that's make the core-business of the smart card manufacturers.
Smart card software of the second generation : This second software example is extracted from the SOSE OpenSource project. If you are interested by this project, take a look to www.opensc.org. 1. Hardware routines (equivalent to the first generation)
2. Communication protocol management (integrated APDU)
3. Operating system services :
Smart card software of the third generation : Smartcard enabling post issuance capabilities (i.e. applications code can by uploaded while the smartcard is used by the end-user). examples of comment our Camille
OpenSource OS - To be
continue - |
|
Open source development for smart card :
SmartCard Interface APIs : Smartcard standards : "Third gen" Smartcards OS :
|