Escolar Documentos
Profissional Documentos
Cultura Documentos
UIC Confidential
Revision History
Revision
Date
Remarks
A.1
Initial release
A.2
Page 2
UIC Confidential
Disclaimer
This information could include technical inaccuracies or typographical errors. Changes are periodically
made to the information herein; these changes will be incorporated in new editions of the publication. The
manufacturer may make improvements and/or changes to the product(s) and/or the program(s) described
in this publication at any time without notice.
Page 3
UIC Confidential
Table of Contents
Introduction .................................................................................................................................................. 7
General Functions ......................................................................................................................................... 8
TS890 Hardware Specification ...................................................................................................................... 9
Terminal front view................................................................................................................................... 9
Terminal IO port view ............................................................................................................................. 10
TS890 Specifications ................................................................................................................................... 11
System Foundation ..................................................................................................................................... 12
Hardware Block Diagram ........................................................................................................................ 12
Flash Memory Map ................................................................................................................................. 13
Software Architecture ............................................................................................................................. 14
Software and Firmware components ................................................................................................. 15
BootROM: the system manager.................................................................................................................. 16
BootROM Background ............................................................................................................................ 16
RunAppl ................................................................................................................................................... 17
Program................................................................................................................................................... 17
Load..................................................................................................................................................... 18
Remote Sync ....................................................................................................................................... 18
Erase IPP.............................................................................................................................................. 20
Upgrade............................................................................................................................................... 21
USB Disk Setup .................................................................................................................................... 23
Page 4
UIC Confidential
Page 5
UIC Confidential
Page 6
UIC Confidential
Introduction
This document provides operating information of TS890 as well as how to set up a development
environment. It starts with the specification of the terminal. Then it follows a chapter introducing
the terminals hardware and software architecture, and a chapter regarding how to operate the
terminals system manager BootROM. Then there is one whole chapter regarding how to set up
the development environment and how to write, build, and install user applications to TS890.
Finally is a chapter describing the security functions, and including how to inject clear-text
master/session keys or DUKPT keys.
This document is intended for both system integrators and programmers. For more information
about API and SDK, please refer to TS890 Programmers manual.
Page 7
UIC Confidential
General Functions
TS890 is ideal for any level of merchant across multiple industries. It is designed for handling
transactions ranging from credit and debit card transactions, smart card transactions to
customer loyalty programs. TS890 is currently at the forefront of POS terminal distribution by
providing an access to the global smart card solutions.
Features
Page 8
UIC Confidential
<Down> in BootROM
<Up> in BootROM
<Menu> in BootROM
Keyboard
Magstripe reader
Page 9
UIC Confidential
Modem port
Power input
Ethernet port
USB Host/Device
RS232 ports
SIM socket
SAM Sockets
Page 10
UIC Confidential
TS890 Specifications
Processor
Memory System
LCD Display
Keypad
0~9 Numeric Keys 4 Navigation Keys Enter, Clear and Cancel Keys
Magnetic Card
SAM
PIN Pad
Built-in with PCI 3.0 Certified for On-line & Off-line PIN
Security
(option)
(option)
RTC
Communication
Two 232 Ports that can run at 115200bps simultaneously. One port
supports hardware flow control. All 2 ports provide 9.0 Vdc power to adapt
any contactless Card Reader/External PIN Pad/ECR easily
Dual USB 2.0 Ports (Host + slave)
Ethernet - 10/100MB Fast Ethernet
GPRS (option)
Modem 14,400bps; Optional up to 56Kbps. Support SDLC, async and PPP
Dimensions
Power Requirements
Environment
Page 11
UIC Confidential
System Foundation
Hardware Block Diagram
Page 12
UIC Confidential
Page 13
UIC Confidential
Software Architecture
TS890 consists of two processors. One is an ARM7-cored security chip, and a non-OS firmware
IPP is running on it. IPP handles all security-related functions. The other processor is an ARM9
SOC with embedded Linux as the operating system. User application is running on this Linux
platform.
Theoretically the user application can control hardware devices and communicate with IPP
directly. However, due to security concerns and the purpose to minimize the development effort,
Copyright 2011 All rights reserved.
Page 14
UIC Confidential
UIC wraps these hardware details into an API: the oslib. User application statically links to this
library and thus accesses the underlying hardware devices and security functions in a managed
way. Although it is possible for the user application to call standard Linux APIs directly, this is
not encouraged and is even prohibited. The reason is that the Linux kernel and/or the runtime
environment might be changed (e.g., due to some security breach found in the future), and the
direct link between user application and Linux library might be broken then.
Software and Firmware components
There are four major components provided by UIC:
Page 15
UIC Confidential
BootROM selftest
* will appear on screen as you enter access code. Enter the BootROM access code (Default is
896345). The following menu will display. Press <Up> and <Down> key to scroll through the
menu.
Page 16
UIC Confidential
RunAppl
Press 1 on the keypad to run the user applications (i.e., /home/usr1/appl.out). If the TS890
contains an application when choosing this option, BootROM will check the authenticity of this
user application and run it.
If the application has not been downloaded to TS890, the screen below will display.
The word Production in the message above means this terminal is of Production mode
instead of Development mode. A development mode terminal is a terminal which uses a
temporary certification for authenticating user applications. Such a development mode terminal
is supposed to serve as a development platform only.
If the application signature verification fails, the screen below will display.
IPP=P means this terminal is of Production mode. If this terminal is of Development mode, it
would be IPP=D in the message. The following APP=Error 2 means the user application
does not pass the authentication test and the error code (reason) is 2.
Program
This menu is used for downloading application(s) and updating OS/RootFS. Press 2 on the
keypad to enter Program menu. When selected, the screen will display. Press the up or down
button to switch menus.
Page 17
UIC Confidential
Note: If an error message appears (see below), in most cases it is because the Linux VMWare
tftp server is not available or the "ServerIP" is not set properly in the TS890. Or, the setting
does not match the server IP.
Remote Sync
Besides using TFTP to download from the developer's VM, the TS890 is equipped with an FTP
client that can retrieve applications from an existing FTP server.
Note 1: The network parameters of TS890 must be properly set up, including "Server IP",
"Gateway", "NetMask" in BootROM's menu 4 - Setting. "Server IP" should be pointed to the FTP
server.
Copyright 2011 All rights reserved.
Page 18
UIC Confidential
Note 2: It is also necessary to tell the BootROM where to download by setting up "Bank ID",
"Appl ID" and "Version ID" in BootROM's menu 4 Setting.
Input FTP user password or just press <Enter> () to use default password "ts890"
It will immediately start FTP task. In the example below, the server IP is set to 192.168.0.102
If the FTP server can not be reached, the TS890 will display the following.
USB Sync
USB Sync is used for upgrading the developers application by USK disk. Be sure the "Bank ID",
"Appl ID", and "Version ID" have been setup and USB disk has inserted. This function is in
single control and it is needed to input one access codes, the default load access code is
"896345".
Page 19
UIC Confidential
Searching for
USB storage
Copying
Completed!!
Erase Appl
Erase Appl is used for erasing all files in the application slot. This function is in single control
and it is needed to input one access code, the default load access code is "896345.
App erased!!
Page 20
UIC Confidential
Erasing the IPP only takes 2s and you will see this screen very soon. Now you need to reboot
the EDC.
After reboot, you can start the PC side after you see this screen. Contact UIC to get the
download utility at PC side.
Upgrade
Upgrade is used for updating the Linux root file system (ROOTFS), including the /bin /etc /usr
/etc /lib. It is for enhancing the original Linux capability such as adding new Linux tools and
configuration files.
The root file system patch is in the form of a tar ball named "appl.tar.gz" and each is assigned a
version number. The application already loaded will not be erased or impacted by the upgrade.
After the system upgrade, the original application can be executed normally.
To upgrade the root file system, insert a USB Flash drive to plug into the USB host port of
TS890 first. A specific file path of the file system is needed for the system upgrade. Refer to
USB Disk Setup section for more information.
Then input two access codes, Input default "24652011" and 66085202 for the access
code.
Page 21
UIC Confidential
TS890 will now load the USB module and detect the USB Flash drive. This normally takes 5-8
seconds.
If the USB has a problem and cannot be mounted in 15 seconds, screen will display this
message.
If the USB driver mount is successful, the TS890 will prompt to press "0" to proceed.
Writing the ROOTFS may takes 20-30 seconds. Important, please do not power off the
terminal until the update successful message displays.
Page 22
UIC Confidential
After the password being accepted, the terminal will erase the key and wait for the new key
loading.
Copyright 2011 All rights reserved.
Page 23
UIC Confidential
Then start the key injection tool to load the key. If the loading process is successful, the display
will prompt Successful message. Otherwise, it shows failed message. Note. The dual control
to access key loading process is needed in the production version. For the detail operation,
please contact UIC Sales or tech support.
Page 24
UIC Confidential
After the password being accepted, the terminal will wait for the new key loading.
Loading key
Press CAN to exit
or wait for time out
User can use Key Injection Tool to load M/S Keys to terminal. If user want to exit this function,
Start Downldr
This function is for firmware purpose. Press 9 will enable download RFS IPP or User APP to
terminal by FTP.
UIC Downloader 1.0
SELECT TYPE
1=RFS
2=IPP
3=User APP
Page 25
UIC Confidential
Setting
This menu is used for setting up system-wide parameters and environmental variables for the
application to read later. When selected, the following screen will display. Use the up or down
buttons to scroll through the menu. The network setup is critical because application downloads
during the development phase rely extensively on TCP/IP.
Press <Enter> (), <Clear> () to enable/disable DHCP or <Up> / <Down> to next setting.
Page 26
UIC Confidential
Press <Enter> (), <Clear> () to enable/disable Console or <Up> / <Down> to next setting.
Version
This menu is used for displaying application and system modules versions. Also it can display
tamper status and application certification details.
Selftest
This menu is used for system diagnostics. Press <Up> / <Down> to scroll the menu, and press
the corresponding number to perform the test.
Page 27
UIC Confidential
Page 28
UIC Confidential
or
If you insert a card into Reader#1, this screen will show the analysis of ATR. This is useful when
you want to get ATR info from any card. Press the number of the card slot. For example, press
<1> would get this prompt:
File System
This screen shows all files under user application's folder - /home/usr1. It provides useful
trouble-shooting for checking file availability and file size in case the application programmer
cannot access the debug console. Here are the function keys:
<F1> will delete all files in cfg/. Useful for testing partial downloads.
Page 29
UIC Confidential
Development Environment
Usually, to set up a development environment for embedded devices involves installing crosscompile tool chains on a build host and setting up tools for downloading software/firmware to the
target devices. In order to simplify this procedure, UIC decides to leverage the virtual machine
technology. UIC builds a VMWare Linux virtual machine (VM) with cross-compile tool chains
and necessary tools installed. Developers can immediately start programming without installing
a Linux and tools from scratch.
System Requirement
First install VMWare Player. Then copy the Linux VM image to the hard disk.
Launch VMWare Player application, click Open a Virtual Machine from the right panel, then
choose the VM image from the file dialog box. Double-click TS890_STD at the left panel of
VMWare Player window.
Page 30
UIC Confidential
To share a folder between Windows and Linux, click Virtual Machine then Virtual Machine
Settings on the top menu, then choose the tab page Options, and then Shared Folders item
at the left panel. Configure the shared folder with Add, Remove, and Properties at the right
panel.
In Linux VM, the share folder will be mounted to /mnt/hgfs/share-folder-name
Note: Since Windows does not support file attributes like user/group/others permissions, and since
Windows does not recognize symbolic link either, it is recommended that you only use shared folders to
exchange source codes and zip/tar files.
To share and configure the network interface, click Virtual Machine then Virtual Machine
Settings on the top menu, then choose Hardware tab page, and then click Network Adaptor
item at the left panel.
Page 31
UIC Confidential
Note: If your LAN has DHCP server, and if you want to have your PC, Linux VM, and TS890 terminal all in
the same LAN, it is recommended that you choose bridge mode for Linux VM.
To share removable devices, click Virtual Machine then Removable Devices on the top menu.
Then choose the removable device to be shared.
To know more details about using VMWare Player, please refer to the help document of VMware Player,
or visit http://www.vmware.com.
Copyright 2011 All rights reserved.
Page 32
UIC Confidential
User accounts
There are two user accounts created in TS890 Linux VM:
You should always log in and do development as ts890, not as root. The root account is just for you to
do administrative jobs like starting services, change passwords, adding other user accounts, installing or
removing software packages, etc.
Eclipse: the IDE
UIC installs and customizes a version of Eclipse as the IDE (Integrated Development Environment). After
logging into Linux VM as ts890, you would see a icon UIC-Eclipse on the desktop.
Page 33
UIC Confidential
Double-click the UIC-Eclipse icon, and click Ok when prompting asking the workspace. A demo
project called CartesParis will be opened.
Now you can edit, build, and clean the project using Eclipse.
Important Directories in Linux VM
Directory and files
/home/ts890
/home/ts890/host_tools
/home/ts890/workspace
/opt/eldk
/usr/share/uicdev-s/
/usr/share/uicdev-s/current
/mnt/hgfs
Description
The home directory of user ts890.
Containing two script files: instdist to install SDK, and setver to
change to a specific version of SDK.
The default workspace of Eclipse, and contains the demo project
CartesParis.
The cross-compile tool chains, Linux system libraries, and header
files.
Containing UIC SDK (header files and libraries).
A symbolic link pointing to the current effective version of SDK.
VMWare share folder locations.
Page 34
UIC Confidential
Network Services
Several network services are quite handy or even necessary at the development stage, especially when
downloading programs from Linux VM to TS890.
NFS: TS890 has necessary drivers to mount a nfs share. Developers can transfer files easily via nfs.
TFTP: Download user application to TS890.
FTP: Download user application to TS890.
From the service dialog box, enable the service you need.
Page 35
UIC Confidential
)to exit.
Step2: Connect a download cable to 232B of TS890 with your PC. Run a terminal
emulator program (e.g. teraterm or putty) with the following serial port setting: 115200
bps, 8 data-bit, 1 stop bit, no parity, no hardware handshake.
Page 36
UIC Confidential
Step3: Reboot TS890 to make it effective. If you kernel boot message after 8s, you did
correctly in above steps.
Step4: Press [MENU] in BootROM's main menu and you will get the shell. The shell will
not be activated unless you press <Enter> in the console. Enter root in the user name,
and press enter.
Meaning
Contains executable programs that are required for system repair, for instance, tar, grep, kill,
ps..etc
/dev
/etc
The configuration files for the Linux system. Most of these files are text files and can be edited
by hand.
/home
Page 37
/lib
/mnt
/proc
/sbin
/sys
/tmp
UIC Confidential
Contains shared object library files that are necessary to boot the system as well as containing
files required by various programs. This directory also contains modules (located in
/lib/modules) which can be loaded into the kernel.
Used for mounting temporary file systems. USB storage will be mounted at /mnt/usb. NFS
share will be mounted at /mnt/nfs.
Provides information about running processes and the kernel. A directory is provided for each
running process. Useful system information such as the amount of memory available on the
system as well as CPU speed can be found within the /proc directory.
Similar to /bin, this directory contains executable programs needed to boot the system,
however the programs within /sbin are executed by the root user. Contains system
maintenance programs, for example, ifconfig
This directory is used for temporary storage space. Files within this directory are often cleaned
out at boot time. By using /tmp directory, the user can be assured the files will be wiped off the
system the next time the machine reboots.
/usr/bin - Executable programs that are not required for booting or repairing the system.
/usr
/usr/local This directory contains files of variable file storage. Files in /var are dynamic and are constantly
being written to or changed. Some directories located within /var include:
/var
Page 38
UIC Confidential
Page 39
UIC Confidential
the VM and is always ready for download request. The download directory is set to Linux VM's
/tftpboot.
Every time when an application is built, the resulting executable package appl.tar.gz will be
copied to Linux VMs /tftpboot automatically. If you set the Server IP to Linux VM correctly, you
can operate TS890 BootROM/Programs/Load to update the application.
USB Sync
USB Sync uses TS890's USB HOST to update applications. The application should be in the
form of appl.gar.gz and should be put in a well-structured directory in a USB flash drive. As
each PackageKit is around 200-300K, a 2G USB Flash can hold 5,000+ applications.
USB Disk Setup
Example: If the flash drive is at F:/. The path mush be F:/applpool/ <Bank ID> / <Appl ID> / <Version ID>
/appl.tar.gz
Note that <BankID>, <ApplID>, <VersionID> should not contain lower case letters
Applpool
CTB
CPC
20051122
appl.tar.gz
20051123
appl.tar.gz
EMV
20080101
CUB
Copyright 2011 All rights reserved.
Page 40
UIC Confidential
applpool
CTB
CPC
20051122
appl.tar.gz
20051123
Copyright 2011 All rights reserved.
Page 41
UIC Confidential
appl.tar.gz
EMV
20080101
CUB
Setup the network including "Server IP", "Gateway", "NetMask" in BootROM's 4.Setting
Setup "Bank ID", "Appl ID" and "Version ID"
Go to 2.Program -> 2.Remote Synch. Input password or just press <Enter> ( ) to use
default password "ts890".
Done.
Page 42
UIC Confidential
Security Management
IPP Security
This chapter will describe the operation of the internal PIN Pad.
TS890 has a built in PIN Pad, which runs on a dedicated ARM7 SOC to provide maximum
sensitive data separation and protection. All the security related functions and sensitive data are
located on this SOC and are invoked via remote procedure call.
The erasure is always activated even when powered down and can not be disabled by software.
Self-test
The IPP will carry out following the integrity tests:
At chip reset, the boot loader of ARM7 SOC will check the integrity of the IPP (internal PIN
pad) firmware before activating it. If the integrity check fails, the boot loader will not pass the
control to IPP firmware, and will erase the IPP firmware. In this case, the PED will prompt
"IPP Download Needed" and halt. The PED needs to be returned to the manufacturer for
repair and re-install IPP fimrware.
Copyright 2011 All rights reserved.
Page 43
UIC Confidential
When the IPP is running, it will automatically check the self-integrity every hour. The
checking algorithm is same as that of the boot loader of ARM7 SOC. If the integrity check
fails, the IPP will erase the "Key storage key" and generate a tamper event. The PED will
prompt "System Tampered" "System Halted" immediately and halt. If the PED is restarted,
self-test mentioned in previous paragraph will be executed. The PED needs to be returned
to the manufacturer for repair.
When the IPP is running, it will also check key array integrity every hour. If the integrity
check fails, the IPP will erase the "Key storage key" and generate a tamper event. The PED
will prompt "System Tampered (K) System halt" immediately and halt.
Key array integrity check is also performed every time the key array is accessed, such as
during MAC/Pin Block calculation or restore keys. If the integrity check fails, the IPP will
erase the "Key storage key" and generate a tamper event. The PED will prompt "System
Tampered System halted" immediately and halt.
The BootROM contains a certificate at the end of the whole binary image. The certificate is
the same format as the application certificate which contains BootROMs SHA-1s checksum
and is signed by vendors private key. Any illegal modification of the BootROM content,
either the download image or Flash chip content will cause a mismatch of the SHA1
checksum.
Timeout control
The BootROM implements two types of timeout controls: 1 minute inactive timeout and 10
minute session timeout.
The inactive timeout defaults to 1 minute. If the BootROM is inside any sensitive functions such
as:
"(1) Load application",
"(8) Load File,"
"(3) Load Dukpt Key", and Load M/S Key
Page 44
UIC Confidential
Without any data being sent from the PC com port over a period of 1 minute, the inactive timer
will exit the BootROM. System Mode, Access code? will be display on the screen. If the
access code is correct, BootROM will be re-entered.
If the BootROM is inside a non-sensitive function, and is idle 1 minute without any key press, it
will quit the current function and BootROM will go to one upper menu.
There is also a 10 minute session timeout for BootROM. TS890 will deliberately exit the
BootROM and bring the user to the access code entry prompt after this timeout.
Tamper Recovery
Upon tamper, the terminal is disabled and will not accept any keystroke. All peripherals are
closed. In order to recover it:
Page 45
UIC Confidential
Page 46