Elements of Smart Card Architecture
Smart Cards are thin cards with an embedded chip, and this automatically poses its own unique challenges of architectural design. However, it turns out that the solutions tend to be a scaling down of conventional chips rather than inventing an all-new chip.
Central Processing Unit
Traditionally this is an 8-bit microcontroller but increasingly more powerful
16 and 32-bit chips are being used. However, none have multi-threading
and other powerful features that are common in standard computers. Smart
Card CPUs execute machine instructions at a speed of approximately 1 MIPS.
A coprocessor is often included to improve the speed of encryption computations.
Memory System
There are three main types of memory on cards:
-
RAM. 1K. This is needed for fast computation and response. Only a tiny
amount is available.
-
EEPROM (Electrically Erasable PROM). Between 1 to 24K. Unlike RAM, its
contents are not lost when power is. Applications can run off and write
to it, but it is very slow and one can only read/write to it so many (100
000) times.
-
ROM. Between 8 to 24K. The Operating System and other basic software like
encryption algorithms are stored here.
Input/Output
This is via a single I/O port that is controlled by the processor to ensure
that communications are standardized, in the form of APDUs (A Protocol
Data Unit).
Interface Devices (IFDs)
Smart Cards need power and a clock signal to run programs, but carry neither.
Instead, these are supplied by the Interface Device - usually a Smart Card
Reader - in contact with the card. This obviously means that a Smart Card
is nothing more than a storage device while being warmed in your pocket.
In addition to providing the power and clock signals, the reader is
responsible for opening a communication channel between application software
on the computer and the operating system on the card. Nearly all Smart
Card readers are actually reader/writers, that is, they allow an application
to write to the card as well as read from it.
The communication channel to a Smart Card is half-duplex. This means
that data can either flow from the IFD to the card or from the card to
the IFD but data cannot flow in both directions at the same time. The receiver
is required to sample the signal on the serial line at the same rate as
the transmitter sends it in order for the correct data to be received.
This rate is known as the bit rate or baud rate. Data received by and transmitted
from a Smart Card is stored in a buffer in the Smart Card's RAM. As there
isn't very much RAM, relatively small packets (10 - 100 bytes) of data
are moved in each message.
Here is a selection of parameters from some of the smart cards on the
market today. They are neither the biggest nor the fastest; that is reserved
for Java cards. The reason for this is
price --- smart cards like these are programmed in assembly language and
do not need much in the way of resources. To keep down costs, they don't
get resources.
| Smart Card |
Word size |
ROM |
EEPROM |
RAM |
Voltage |
Clock |
Write/erase cycles |
Transmission rate |
| Infineon SLE 44C10S |
8-bit |
9K |
1K |
256b |
2.7 - 5.5V |
5 MHz |
500 000 |
9600 baud |
| Orga ICC4 |
8-bit |
6K |
3K |
128b |
4.7 - 5.3V |
|
10 000 |
|
| GemCombi |
8-bit |
|
5K |
|
4.5 - 5.5V |
13.6 MHz |
100 000 |
106 kbaud |
| DNP Risona |
8-bit |
|
1K |
|
5V |
3.5 MHz |
|
9600 baud |
| AmaTech Contactless |
8-bit |
|
1K |
|
5V |
13.6 MHz |
100 000 cycles |
|
| Schlumberger Cyberflex |
8/16-bit |
8K |
16K |
256b |
5V |
1-5 MHz |
100 000 cycles |
9600 baud |
Operating Systems
The operating system found on the majority of Smart Cards implements a
standard set of commands (usually 20 - 30) to which the Smart Card responds.
Smart Card standards such as ISO 7816 and CEN 726 describe a range of commands
that Smart Cards can implement. Most Smart Card manufacturers offer cards
with operating systems that implement some or all of these standard commands
(and possibly extensions and additions). The relationship between the Smart
Card reader and the Smart Card is a master/slave relationship. The reader
sends a command to the Smart Card, the card executes the command and returns
the result (if any) to the reader and waits for another command.
Microsoft released a miniaturized version of Windows for Smart Cards
in late 1998, and early versions of a Gnu O/S have been released.
File Systems
Most operating systems also support a simple file system based on the ISO
7816 standard. A Smart Card file is actually just a contiguous block. Files
are organized in a hierarchical tree format. Once a file is allocated,
it cannot be extended and so files must be created to be the maximum size
that they are expected to be. Each file has a list of which parties are
authorized to perform which operations on it. There are different types
of files: linear, cyclic, transparent, SIM, etc. The usual create, delete,
read, write and update file operations can be performed on all of them.
Certain other operations are supported only on particular types of files.
| Type |
Special Operations |
Example |
| Linear |
seek |
credit card account table |
| Cyclic |
read next, read previous |
transaction log |
| Transparent |
read and write binary |
picture |
| SIM file |
encrypt, decrypt |
cellular telephone |
Software
Smart Cards are either Soft-Mask or Hard-Mask, depending on whether most
of the application is in EEPROM or ROM. Hard-Mask cards are more expensive.
Some application-specific data/instructions always needs to be stored on
EEPROM. Cards do not as a rule run anything off RAM.
When programming a Smart Card, it is standard practice to get the program
running on a simulator first for debugging, since EEPROM can only be written
to a finite number of times in its lifetime.
Test-running also happens on a different level: banks commonly use a
soft mask card for pilot testing new applications and then to move on to
more customer-resistant hard mask cards for larger deployments. However,
some applications have limited deployments that are never taken to hard
mask, as hard masking is expensive in both time and money. Hard masks also
may not be justified for some applications, such as an employee identification
card for small companies.
Programming Languages
Most SmartCards are currently programmed in low-level languages based on
proprietary SmartCard operating systems. Some of the programming has been
done in the chip's native instruction set (generally Motorola 6805, Intel
8051, or Hitachi H8). Not many programmers are capable of this.
In 1998- 2000, a new type of card has shown up, sometimes called a re-configurable
card. These have a more robust operating system that permits the addition
or deletion of application code after the card is issued. Such cards are
generally programmed in Java and are therefore called Java
Cards. Other relatively popular languages relate to Windows for SmartCards
or MEL (the Multos programming language) or even Basic.
Although memory-efficient programming will still be essential, this greatly
increases the pool of programmers capable of creating software for Smart
Cards.
References