SWP Reader Evolution

I’ve been working on my SWP reader for about a year now, so I think it’s a good time to dump some photos and show how the project evolved:

The first “proof of concept” prototype:

final-highres-webFor this prototype I decided to stay with plain old through-hole packages and build the analog part in a modular way. The restriction to through-hole packages had a great influence of what parts I could use because most of the good stuff is in SMD these days.

On the top I’ve used a XuLA-200 FPGA board. A really nice breakout for the Spartan 3A FPGA family. The analog part consists of (left to right): LT1227 current feedback OpAmp as the main SWP transceiver, good old LM311 as a one-bit A/D converter (to slow for high-speed SWP, but good enough up to 400 kbit/s). On the right there is a local power supply based around the LT1054 to generate the supply voltages for the OpAmp.

This prototype worked right away and was great to do the first data exchanges between the SIM and my PC. In the end I decided to abandon the FPGA in favor for a microprocessor with better connectivity to the PC side.

Entering Prototype 2:

proto1The FPGA is gone and has been replaced by a Cortex-M3 CPU. The blue board is a mbed LPC1768 which is quite nice and easy to work with (and no, mbed doesn’t force you into their online-compiler anymore). The red board below is a Xilinx CoolRunner-II CPLD breakout from Dangerous Prototypes which I use to translate the data-stream from SPI to SWP and vice versa. Going from 200k FPGA gates down to 64 gates was not a big deal because most of the complex stuff is now running in software on the Cortex-M3. I even have plenty of gates and flip-flops available, so I can add some more Shenanigans if I want to.

Finally all the analog stuff is now in SMD package on the black board. The circuit is almost the same as the first prototype except that I’ve upgraded the comparator from LM311. Since I had to order samples from linear anyway, so I thought: “Let’s get one of the finest comparators as well”. This turned out to be a mistake because the chip was *way* to fast for my needs so I had to slow it down with some external circuitry. In one of the next revisions I’ll change that chip to something cheaper and more sane.

Along with the stuff already seen I’ve also added a voltage tracker to power the SIM and a PWM to DC converter to set the comparator threshold voltage (both based on a good old and trusty LM358).

Here is another shot of the same board with USB connectors attached. Most of the wiring between boards is on the backside:

 

swp

I was really happy how the prototype 2 turned out. It was working fine, however due to all the long connections running on the backside of the board the signal quality was questionable:

nullbits-webThese are SWP zero-bits transmitted at around 1.7Mhz, taken at the opamp output. You can clearly see how the clocks from the CPU and from the CPLD leak into the received signal. The signal was good enough not to cause any transmission errors though.

Nonetheless I decided to bring everything on one board. The end result is this:

The Single Board Prototype:

swp-rev2-webThis was the first board I’ve designed with KiCad and it turned out pretty good. Due to a bug in the version of KiCad I was using I missed two unrouted wires so I had to patch the board. Nonetheless it’s working great. The micro-controller has been changed from LPC1768 to the low pin count version LPC1758. The analog circuit is still almost the same except that there is no PWM to DC converter anymore. The LM358 is still there but working as a voltage tracker for SIM supply exclusively.

I’ve also added the ISO7816 interface, so the board is feature complete.

The Ethernet interface has not been assembled and probably never will. Due to the two air-wires I’ll do another revision of this board anyway, and I’ll change the Ethernet PHY chip from the QFN package (not shown, it’s on the back of the board) to something in LQFP package for easier hand assembly.

The next version will also get a new (cheaper) analog part. The chips from Linear are really nice and all, but they are so damn expensive. I’ll probably change the OpAmp to a TSH82 dual opamp, one half for the SWP transceive job, and the other to power the SIM. The comparator could be a TS3011. These parts are much cheaper and will still be more than fast enough. I’ll also get rid of the buck-boost converter LT1054 as well because no other supply than 5V will be needed anymore.

So, that’s it so far. Right now I’m working on the software side of things. I’m busy porting the mbed based C++ code to C and the new micro-controller. I’ll probably do a FreeRTOS port as well but I haven’t decided on this yet.

This entry was posted in Uncategorized. Bookmark the permalink.

5 Responses to SWP Reader Evolution

  1. nanobugHH says:

    C++ -> C, NOOOOOOOOOOO!!!!!!!!!!!

  2. Nils says:

    Don’t worry, Norbert. I made up my mind. Code remains in C++ 🙂

  3. Pingback: Snooping on SIM Cards | Hackaday

  4. Pingback: Snooping on SIM Cards | KnowNaija

  5. Pingback: Snooping on SIM Cards | Life Hacking

Leave a Reply

Your email address will not be published. Required fields are marked *