ISO7816-compliant “asynchronous” smart cards consist primarily of nonvolatile memory (ROM, EPROM, and/or EEPROM), managed by an embedded 8-bit microcontroller. Usually, this microcontroller derives from a very popular processor family such as the 68HC705, TMS370, or 8051.
The behavior of the card (including most of its security features) is programmed into an “operating system” (OS) that’s mask-programmed into the ROM section of the chip. It can’t be altered by the end user.
It is, however, possible to write a smart card OS for virtually any known processor, in order to make it emulate a card with more exotic features. Most microcontrollers with a sufficiently small die could be embedded into a true smart card, but even DIP versions can easily be mounted on a 0.8- mm-thick ISO7816-sized pc board with contacts etched in the ISO position.
The Microchip PIC16C84 RISC microcontroller lends itself well to such applications, obviously extending to various types of secured “portable memory devices” using the same communication protocol as smart cards. Therefore, it’s able to utilize off-the-shelf reading and writing equipment and software.
Besides optional features such as cryptographic routines, the very core of a smart card OS is quite a simple matter: The OS merely generates an ISO-compliant ATR (Answer To Reset) when required, then it receives and sends bytes through a specific serial protocol (9600 bits/s for a clock frequency of 3.58 MHz). Special functions such as PIN (personal identification number) checking are simply a combination of these basic routines.
A minimal OS for the PIC16C84 can fit in just 81 words of its 1024 x 14 bits of program EEPROM. It assumes that the chip is connected to the ISO contacts of the card (Fig. 1). No other component of any kind is required, since VDD, RESET, and CLOCK signals all come from the card reader.
Figure 2 suggests a layout for a 8/10 mm epoxy smart card, designed to accommodate the 18-pin DIP version of the PIC. The OS itself is supplied here as an Intel HEX dump COSPIC.HEX (Listing 1). It should be merged with a specific application software before being programmed into the PIC.
- send a valid "answer to reset" response each time the ISO2 contact is activated;
- wait for the presentation of a PIN (5678h) at the address 1234h;
- answer 8765h (only once!) when exactly 2 bytes are read from address 4321h;
- lock the card until the next reset.
Any PIN or address error, or other illegal operation, will lock the card until its next reset: this is a very basic smart card security feature.
Of course, much more complex applications can be programmed into the PIC, and it would be worth considering some kind of byte exchange with its 64 x 8 data EEPROM (for example, a nonvolatile “error counter” that could invalidate the card forever after, say, three successive presentations of a false PIN).
Basically, seven entry points will be used to activate the OS:
LISTEN (13h): sets I/O line (ISO 7) to input mode
TALK (0Fh): sets I/O line (ISO 7) to output mode
BIT (4Bh): waits for the duration of bit on the I/O line (104 ms at 3.58 MHz clock frequency), used as a general purpose timer
EVEN (38h): transmission of a byte with an even parity
ODD (3Eh): transmission of a byte with an odd parity
RECV (27h): waits for a byte on the I/O line (ISO 7)
LOCK (50h): locks the card in a silent” mode until next reset.
Of course, the ISO 7816-3 standard will be essential reading before any attempt to develop even the simplest smart card application software.