Project

General

Profile

Actions

Wiki » History » Revision 11

« Previous | Revision 11/44 (diff) | Next »
tsaitgaist, 07/10/2018 04:11 PM
flashing moved to separate page


Osmocom SIMtrace 2

Osmocom SIMtrace 2 is a software, firmware and hardware system for passively tracing SIM-ME communication between the SIM card and the mobile phone, and remote SIM operation.
While it was designed for SIM-ME communication, it supports all ISO 7816 smart-cards using the T=0 protocol (the most common case).

It is a followup of the SIMtrace, providing more functionalities (e.g. remote SIM operation) and supporting multiple boards (e.g. SIMtrace with SAM3S, sysmoQMOD).

Hardware

The SIMtrace 2 firmware supports several boards.
The firmware is written for an ATSAM3S4B micro-controller.

Note: The SAM3S is meanwhile labelled as not recommended for new designs by Atmel. However, there are plenty of hardware and software compatible upgrade options, including SAM4S, in the future.

SIMtrace 2

The main purpose of this board is to sniff the communication between a phone and a SIM card (or any card reader and smart-card).

This is the same board as the previous SIMtrace 1, with the exception that the ATSAM3S4B micro-controller replaces the old AT91SAM7S64. Since the SAM3S is pin compatible with the SAM7S, any SIMtrace 1 board can be converted into a SIMtrace 2 board simply by replacing the micro-controller.

Note: This hardware is open source.

sysmoQMOD

The SAM3S micro-controller with SIMtrace 2 firmware is also used on the sysmoQMOD board to provide remote SIM operation capabilities.

Note: This hardware is not open source.

Firmware

The SIMtrace 2 firmware source code is available in git.
It is currently under active development and we recommend to flash the new firmware images to profit from the latest bug fixes and added functionalities.

The SIMtrace 2 firmware is a complete rewrite and can only be flashed on hardware with SAM3S ARM Cortex-M3-based micro-controllers.
The SIMtrace 2 firmware is not compatible with the older SIMtrace 1 using SAM7S ARM7TDMI-based micro-controllers.

sniffer

The sniffer firmware allow to sniff the communication between a phone and a SIM card (or any card reader and smart-card).
It is intended for the SIMtrace 2 hardware and its function is analog to the SIMtrace 1.

The application firmware to be flashed using DFU is attachment:simtrace-trace-dfu.bin.
It corresponds to the trace app in the source code.

Flashing

The firmware images can be flashed as described here.

Development

To compile the firmware using the source code, or participate in the development, please refer to the instructions provided in the README .

Host PC Software

TODO

Files (5)
sysmoqmod.png View sysmoqmod.png 731 KB tsaitgaist, 07/09/2018 03:03 PM
simtrace-board-mini.jpg View simtrace-board-mini.jpg 314 KB tsaitgaist, 07/09/2018 04:41 PM
simtrace_and_phone.jpg View simtrace_and_phone.jpg 573 KB tsaitgaist, 07/10/2018 03:09 PM
wireshark-sim.png View wireshark-sim.png 68.4 KB tsaitgaist, 07/10/2018 07:12 PM
ngff-cardem.jpg View ngff-cardem.jpg 422 KB laforge, 04/28/2022 01:07 PM

Updated by tsaitgaist over 5 years ago · 11 revisions

Add picture from clipboard (Maximum size: 48.8 MB)