Hi all,
unfortunately the number of hardware bugs is quite numerous. for those interested in the details, feel free to read the ticket list in trac.
None of the bugs that I've found so far is too serious for a manual re-work of the prototype. My device is now already enumerating its SAM-BA loader on the USB. JTAG is working, too: I can set the red/green LED via JTAG.
I'll do some further testing (SPI, SIM card interface) as soon as I find time...
Hi,
On 15.06.2011 01:27, Harald Welte wrote:
Hi all,
unfortunately the number of hardware bugs is quite numerous. for those interested in the details, feel free to read the ticket list in trac.
I'm happy to correct them today. Ticketing system is perfect for that.
Kevin
Hi all,
I've done a lot of work on the SIMtrace prototype over the last couple of days. A number of bugs were easy to re-work, or are at least known and can be improved in the second revision.
However, I think there's one pretty serious problem in the hardware design: The bus switch has something like at least 5 (rather 16Ohms) of internal 'on' resistance between the sim card and the phone. While this _might_ still work for I/O, nRST and CLK lines, it definitely doesn't fly for the supply voltage (VCC).
I think there is little that can be done, except:
a) finding a better alternative analog / bus switch component this might be an option for the second prototype, but is not easy to fix in the existing board. I'd love to see something that has milli-ohms internal resistance, not ohms. Advantage: Also removes the couple-of-ohms from the IO,RST,CLK
b) permanently connecting VCC_PHONE with VCC_SIM this sort-of violates our idea of splitting the SIM card and the phone side for MITM.
c) always supplying VCC_SIM by the SIMTRACE board, ignoring VCC_PHONE This would make a lot of sense, if we'd also provide VCC_PHONE to an IRQ-capable GPIO of the SAM7. We could then detect VCC_PHONE changes in software and switch the VCC_SIM from the IRQ handler. This introduces some delay, but I doubt that it is more than what would happen in case there was some uF-range capacitor for VCC stabilization in the hardware.
I will try solution 'c' as a work-around, it simply means cutting one trace and adding one wire.
Hi,
On 17.06.2011 10:23, Harald Welte wrote:
However, I think there's one pretty serious problem in the hardware design: The bus switch has something like at least 5 (rather 16Ohms) of internal 'on' resistance between the sim card and the phone. While this _might_ still work for I/O, nRST and CLK lines, it definitely doesn't fly for the supply voltage (VCC).
how about using SN74CB3Q3244 or equivalent ? it has max 9 Omhs Ron.
Regards, Kevin
Hi Kevin,
On Sun, Jun 19, 2011 at 03:39:42PM +0200, Kevin Redon wrote:
However, I think there's one pretty serious problem in the hardware design: The bus switch has something like at least 5 (rather 16Ohms) of internal 'on' resistance between the sim card and the phone. While this _might_ still work for I/O, nRST and CLK lines, it definitely doesn't fly for the supply voltage (VCC).
how about using SN74CB3Q3244 or equivalent ? it has max 9 Omhs Ron.
Even 9 Ohms can be a lot. We're not switching some unidirectional bus lines here, but everything including the Vcc power line.
I guess it would be good if you could continue to debug why it is not working, even with my rework where Vcc supplied directly by the SAM7. Let's discuss this tomorrow when you're visiting.
Regards, Harald
However, I think there's one pretty serious problem in the hardware design: The bus switch has something like at least 5 (rather 16Ohms) of internal 'on' resistance between the sim card and the phone. While this _might_ still work for I/O, nRST and CLK lines, it definitely doesn't fly for the supply voltage (VCC).
Why not just keep the bus switch IC for the signals. ( ~ 20 ohms won't be a problem for sure ).
And use any PMOS with a pullup for the VCC switching ? Or you can even get fancy and use a dedicated load switch like the TPS22960 .
Cheers,
Sylvain
Hi Sylvain,
On Sun, Jun 19, 2011 at 06:54:35PM +0200, Sylvain Munaut wrote:
However, I think there's one pretty serious problem in the hardware design: The bus switch has something like at least 5 (rather 16Ohms) of internal 'on' resistance between the sim card and the phone. While this _might_ still work for I/O, nRST and CLK lines, it definitely doesn't fly for the supply voltage (VCC).
Why not just keep the bus switch IC for the signals. ( ~ 20 ohms won't be a problem for sure ).
well, if you're sure the ~20 ohms is not a problem, then I think we can indeed stop searching for a proper switch. The big question is though: Why does it not work yet?
The nRST, CLK and I/O are still routed via the switch. The switch is in the correct position, as I can apply 3.3V with a 10kOhm resistor to any of the three lines on the 'phone' side, and I can see the corresponding signal changing on the SIM card side. However, the high-voltage is only about 2.5V on the SIM card side.
Vcc is supplied permanently from the SAM7 to the SIM card socket.
Still, no communication between phone (or smart card reader that I use instead of a phone) and the SIM card is possible at this time.
Hopefully Kevin has some ideas tomorrow (he'll be visiting me to help debugging).
Regards, Harald
Hi,
well, if you're sure the ~20 ohms is not a problem, then I think we can indeed stop searching for a proper switch. The big question is though: Why does it not work yet?
Well, my 20 ohm statement is based on a fixed resistor. In this case I suspect what you measured (probably with a multimeter I guess ?) might not be valid due to high non-linearity effects (see below and in the datasheet).
The nRST, CLK and I/O are still routed via the switch. The switch is in the correct position, as I can apply 3.3V with a 10kOhm resistor to any of the three lines on the 'phone' side, and I can see the corresponding signal changing on the SIM card side. However, the high-voltage is only about 2.5V on the SIM card side.
And what's the voltage on the 'phone side', (after the pullup) ? If there 0.8v voltage drop across 10k + 20 ohm, most of it must should due to the 10k ...
But now that I look at the QS3244 datasheet, the Ron is highly non-linear. At Vcc=5V and Vin=3.3V, it's even outside of the graph ... so at Vcc=3.3v you can only imagine.
Vp (Voltage pass) is speced at 4V with Vin=Vcc=5V ... so 1V drop min in that case. Here we're in a much less ideal case of Vin=Vcc=3.3V ...
I still think a bus switch is appropriate ... just not that one. (or try powering it from 5V). The SN74CB3Q3244 mentioned by Kevin seems to have much better specs at Vcc=3.3v and low voltage inputs.
Cheers,
Sylvain
-
Harald Welte -
Kevin Redon -
Sylvain Munaut