| Linux ported to secure POS SoC |
Sep. 27, 2005
 A French fabless chip house has ported Linux to its flagship SoC (system-on-chip) for secure smartcard readers and PIN-entry pads used in point-of-sale (POS) applications. Innova-Card's MIPS32-based USIP Professional IC features on-chip memory, storage, and cypto, and is available with a Linux-based software stack, reference designs, and professional services. This SoC is packed with peripheral interfaces.
(Click for larger view of USIP development kit)
Innova is a three-year-old startup that has brought in 1.6M and 3.5M Euros, respectively, in its first two rounds of financing. The company was founded with the mission of creating chips for secure payment applications.
Innova-Card calls its USIP chip "the most secure and integrated SoC for smart card devices." The SoC is based on a MIPS32 4KSd CPU core clocked at 96MHz, and said to deliver 1.35 MIPS/MHz. The processor supports the Smart MIPS crytographic instruction set, and has 8KB each of instruction and data cache, a 5-stage pipeline, and 16-bit code compression via the MIPS16e ASE (application-specific extension).
The USIP integrates on-chip memory with lots of I/O
On-chip memory resources include 128KB of SRAM, 128KB of ROM meant for a HAL (hardware abstraction layer) and secure AES-authenticated bootloader, 256KB of Flash with "locked features," and 256KB of OTP (one-time programmable) storage. The USIP additionally supports 1.8V and 3.3V external memory, including up to four 32MB SRAM or Flash chips, plus up to 32MB of SDRAM. Data bound for external memory storage are encrypted on the fly using NIST FIPS-197 AES, Innova-Card says.
On-chip peripheral interfaces include three smart-card controllers, three channels of F/2F decoding for magnetic stripe readers, a thermal printer interface, battery-backed RTC (real-time clock), 12 x 12 matrix keyboard controller, an LCD interface, and a DMA controller. Additional I/O interfaces include USB OTG 2.0, UARTs, IrDA/UART, SPI master/slave, I2C master/slave, a parallel port, and a PS/2 keyboard/mouse port. The chip also provides 32 general purpose digital I/O lines, and has 2 PWMs (pulse-width modulators), four times/counters, six ADC inputs with 10-bit resolution, and a watchdog timer.
Innova-Card lists other security features in the USIP as follows:- Secure MMU (memory management unit)
- Unique chip serial number (USN)
- Firewall for USB access
- Protected storage area
- Physical countermeasures
- tamper protection
- internal sensors (voltage, frequency, temperature, active metal shield)
- external sensors
- True RNG (random number generator)
- AES crypto processor
- Secure bootloader
Innova-Card offers a development kit for its USIP chip (pictured at top-of-page) that includes MIPS's free SDE Lite IDE, along with a development board, HAL, and JTAG debugger. An application stack (diagram) that runs on "Linux, eCos, and a wide range of commercial RTOSes" is also available, as is a crypto library licensed under NDA. The company also offers reference designs and development services for EFT (electronic funds transfer) POS devices (diagram), PIN pads (diagram), and FINREAD devices (diagram) based on the USIP chip.
An editorial yesterday in CIO Insight highlights a growing need for more stringent security in POS devices, which are increasingly complex and interconnected (for example, check out this Linux-based multimedia POS device).
Related Stories:
(Click here for further information)
|
|
|
FUEL Database on MontaVista Linux
Whether building a mobile handset, a car navigation system, a package tracking device, or a home entertainment console, developers need capable software systems, including an operating system, development tools, and supporting libraries, to gain maximum benefit from their hardware platform and to meet aggressive time-to-market goals.
Breaking New Ground: The Evolution of Linux Clustering
With a platform comprising a complete Linux distribution, enhanced for clustering, and tailored for HPC, Penguin Computing¿s Scyld Software provides the building blocks for organizations from enterprises to workgroups to deploy, manage, and maintain Linux clusters, regardless of their size.
Data Monitoring with NightStar LX
Unlike ordinary debuggers, NightStar LX doesn¿t leave you stranded in the dark. It¿s more than just a debugger, it¿s a whole suite of integrated diagnostic tools designed for time-critical Linux applications to reduce test time, increase productivity and lower costs. You can debug, monitor, analyze and tune with minimal intrusion, so you see real execution behavior. And that¿s positively illuminating.
Virtualizing Service Provider Networks with Vyatta
This paper highlights Vyatta's unique ability to virtualize networking functions using Vyatta's secure routing software in service provider environments.
High Availability Messaging Solution Using AXIGEN, Heartbeat and DRBD
This white paper discusses a high-availability messaging solution relying on the AXIGEN Mail Server, Heartbeat and DRBD. Solution architecture and implementation, as well as benefits of using AXIGEN for this setup are all presented in detail.
Understanding the Financial Benefits of Open Source
Will open source pay off? Open source is becoming standard within enterprises, often because of cost savings. Find out how much of a financial impact it can have on your organization. Get this methodology and calculator now, compliments of JBoss.
Embedded Hardware and OS Technology Empower PC-Based Platforms
The modern embedded computer is the jack of all trades appearing in many forms.
Data Management for Real-Time Distributed Systems
This paper provides an overview of the network-centric computing model, data distribution services, and distributed data management. It then describes how the SkyBoard integration and synchronization service, coupled with an implementation of the OMG¿s Data Distribution Service (DDS) standard, can be used to create an efficient data distribution, storage, and retrieval system.
7 Advantages of D2D Backup
For decades, tape has been the backup medium of choice. But, now, disk-to-disk (D2D) backup is gaining in favor. Learn why you should make the move in this whitepaper.
|
|
|
|
|
news feed