simtrac hw

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at

Peter Stuge peter at
Mon Nov 22 02:49:09 UTC 2010

Harald Welte wrote:
> > > - the AT91SAM7SXXX
> > 
> > I'd use a more modern chip
> no, no, no, no ;)

After seeing the schematic I tend to agree.

> There is working firmware (drivers, T=0 sniffing, ...) for the
> AT91SAM7 now, I put quite a bit of effort into making this work.
> Furthermore, the AT91SAM7 USART has the unique property that you
> can use it in T=0 mode but still operate as clock slave, i.e. run
> as sniffer or card mode, not behaving like a card reader.

I think every sync serial peripheral that I've seen can operate in
slave mode like that, and I agree that it's important.

> We really do not need any external logic, simply connect the SIM
> card to the right pins of the SAM7, load the (gpl licensed, of
> course) firmware that I wrote and run the equally free software
> 'simtrace' host program + wireshark.
> Porting this to a different microcontroller will again require
> significant development on the software side, which I don't think
> is what we need...

I disagree that significant effort would be required. It should be
straightforward to use another controller, but since the schematic
wouldn't really be much simpler there may not be much point to it.

But one thing that I think matters is that it's very easy and cheap
to get hold of a really simple (e.g.) LPC1343 development board in
neat size that people could use instead of having to build their own
hardware. I think that wall clock time would be about same for
porting the software and producing a board.

ml at wrote:
> I could not login/register on the osmocom trac wiki to put the files
> there.

Hopefully someone will fix that.

> Here the current version :

Thanks for uploading it!

> I added the JTAG and debug connectors. I hope it will not use more
> then 2 layers in the end, so normal people can build the pcb at home.

Since the crystal is around 18 MHz this might even work OK as a
single layer board, maybe with a solid ground plane on the back for
the ambitious.

> - the user has to tell the program
> - or by detecting the presence of a card (provided by the id-1
>   socket, but some tricks have to be used for the id-000 socket)
> - or by having a switch with 3 modes (sniff,emulation,MiM) (my
>   favorite solution)

It would be really nice to not have to deal with switches, and just
let the host software tell the hardware which mode to use. A USB
device control request could do the trick easily.


More information about the baseband-devel mailing list