This invention relates to a class of devices commonly known as smart cards and, in particular, to an application development system and method for smart cards.
Today there is increasing use of xe2x80x9csmart cardsxe2x80x9d in place of, or in addition to, conventional magnetic stripe cards (xe2x80x9cmag cardsxe2x80x9d). A xe2x80x9csmart cardxe2x80x9d is a thin card embedded with a memory device (volatile and/or non-volatile) and associated programmable or non-programmable logic. Unlike the mag card that merely stores xe2x80x9cstaticxe2x80x9d information (e.g., a credit card account number), a smart card can add, delete and otherwise manipulate information stored on the card. Accordingly, smart cards are capable of storing and executing applications to carry out one or more functions within a smart card.
While the physical dimensions and processing features of the smart card give rise to potentially limitless applications, the reality is that smart card applications are only being developed for large scale markets, e.g., banking, security and transportation applications. One reason for this limited growth lies in the cost associated with smart card application development. There are several reasons why smart card application development is a costly undertaking, not the least of which is the xe2x80x9cclosedxe2x80x9d nature of the smart card and the limited processing, memory and input/output resources of the smart card.
A smart card is often referred to as a xe2x80x9cclosedxe2x80x9d system because, for security purposes, a smart card is purposefully designed to not expose its memory, intermediate system states or data and address bus information to external devices. To do so would render it susceptible to unauthorized access (hacking) and fraud. While its closed nature is useful for secure applications such as banking transactions, it makes it difficult to utilize prior art smart cards for development purposes. It is to be appreciated that application development often requires access to memory or bus values, or system state information during intermediate processing steps, access that has been specifically designed out of the smart card.
Another encumbrance to the smart card application designer is the limited resources of the smart card. That is, due to the physical and processing constraints placed on the smart card, prior art smart cards do not enjoy any dedicated debug facilities. Aside from the limited processing and memory attributes of a smart card, a smart card typically has but a single, bi-directional input/output (I/O) port. The communication bandwidth of this single I/O port is typically consumed to support execution of the smart card application itself, leaving little to no communication bandwidth to support debug features. Thus, application development using a smart card itself is virtually impossible. Consequently the development of applications for a smart card currently requires the use of an in-circuit emulator (ICE) and an associated, often proprietary software development application.
An ICE system is typically comprised of a printed circuit card coupled to a computer system executing a proprietary software development application associated with the printed circuit card (emulator). The printed circuit card is designed to emulate the functionality of the smart card, while providing additional debug facilities (e.g., I/O ports, memory buffers, address and data lines and the like), thereby providing the developer with the necessary access to adequately debug their applications in development. One limitation of such smart card development systems is that the ICE and proprietary development application are chip-specific. Thus, an emulator for smart card employing a Siemens processor will not work with an emulator employing a Philips or Motorola processor without significant hardware modification. Moreover, the software development application executing on the computer system is also chip-specific, with an associated chip-specific compiler, linker and debugger, and often require that a developer learn the xe2x80x9cprogramming languagexe2x80x9d of the development tool. Consequently, an application developed on one ICE system cannot be utilized (or directly ported to) a smart card employing a different processor without costly modification.
These emulators work with special versions of the smart card processors called xe2x80x98bondoutsxe2x80x99xe2x80x94these are the same processors as in the smart card but they expose their memory, data bus, etc to facilitate debugging. Since these special processors behave exactly like the processor in the smart card, many smart card processor manufacturers consider them to be a high risk items that may allow hackers to learn the smart card processor""s deficiencies. To prevent this they screen recipients and make them sign restrictive agreements before these bondouts can be supplied. This model of working is totally unsuitable for the large scale acceptance and use by existing PC developer community.
As a result of each of the foregoing limitations, smart card application development is a costly undertaking, typically performed by the large corporations that stand to profit from the sale of millions of smart cards. History has shown that in order for a new technology to blossom, xe2x80x9cgrass rootsxe2x80x9d application development is required. That is, a technology will not truly become a pervasive technology unless and until it is infused with the vitality and creativity of individual programmers and small development companies.
Thus, an improved application development environment is required for smart card applications that is unencumbered by the limitations commonly associated with the prior art. One such solution is presented below.
This invention concerns an integrated circuit (IC) card, such as a smart card and, more particularly, an improved application development system for smart card applications. In accordance with a first aspect of the invention, a smart card includes a smart card development interface (SCDI) to receive remote procedure calls from a computer system to application program interface (API) features of the smart card operating system, to invoke the API called in the received RPC, and to respond to the computer system as appropriate.
According to another aspect of the invention, a computer system includes an innovative client development interface (CDI), to marshal and issue a remote procedure call to an associated API of the operating system of the smart card, and to receive and present a response from the smart card for presentation to a calling application, as appropriate.
It is to be appreciated that combination of the foregoing aspects of the present invention gives rise to a smart card application development system comprising a computer system endowed with the client development interface (CDI), and a smart card incorporating the smart card development interface, wherein the computer system is executing a common development application that issues commands to smart card API""s, whereupon the CDI intercepts the remote procedure calls, marshals the parameters associated with the command and issues the command to the smart card. The development interface of the smart card receives and un-marshals the command and invokes an API called by the RPC, marshaling and issuing a response to the computer system as appropriate. A development system incorporating these innovative aspects facilitates smart card development without the need for an ICE system, typical of the prior art. Thus, the present invention represents a new paradigm in smart card application development, enabling entry into the market of individual programmers and small development companies.