Product

previewImage

February 16, 2017

Discovering Malfunctions & Inconsistencies in Remote Management of UICCs

Article published in COMPRION Customer Magazine “Testability Times“, January 2017

 

How the OTA Remote Management Translator Supports You in Ensuring Reliable OTA-Based Services 


From time to time companies such as mobile network operators (MNOs) or service providers have to change the content of a UICC after it has already been distributed and installed on the consumer’s device. They use the over-the-air (OTA) mechanisms as a core for secure remote management of files and applications. Remote file/application management (RFM/RAM) can be done by using three different transport protocols: HTTPS, CAT_TP, or SMS-PP (see figure 1).

 

Figure 1: Protocol stacks


Obviously, remote management operations are critical, because malfunctions can cause inconsistencies and momentous errors or even lead to wasted equipment. Thus, comprehensive testing is needed, as well as the facility to analyze the communication for debugging purposes. COMPRION’s OTA Remote Management Translator enables the user to display and analyze the complete OTA communication. It decrypts and unwraps data packages, sets them to the right order of command and response pairs, and translates them into a human- readable format. The OTA Remote Management views are available for COMPRION's monitoring and handset test tools. 


The Remote Management view represents the highest level of communication based on one of the three protocol stacks mentioned above. As you can see in figure 1, each protocol stack is composed of various layers and specific encrypting/decrypting algorithms. This is implemented in COMPRION OTA Remote Management Translator by dedicated layer views in order to visualize the complete data processing chain. In addition, comfortable key management is integrated that enables the operator to manage the security key as defined in the specifications. For example, the operator can create and manage security domain hierarchies (see figure 2).

 

 Figure 2: Management of key profiles 


The transmitted information can only be decrypted by OTA Remote Management Translator if the test operator enters the correct encryption key. The key can be either saved together with the monitored data or it can be entered for the current session only. In this case, the operator has to reenter the key every time a saved session is reopened. Test operators can decide which level of confidentiality is required (see figure 3).

 

Figure 3: RFM/RAM view


When the correct key is entered, the data is decrypted and can be easily analyzed by the user due to the very detailed information. The various layer views are synchronized; when a user clicks an item in one view, the corresponding entry in the different views is also highlighted.


OTA View Highlights:

  • Support of all relevant protocol types 
  • Visualization of most important layers of protocol stacks
  • Synchronization of different layer views

 

Ralph Kamp, Product Manager for Interoperability Test Solutions


Latest news

previewImage
New EMV Translator: TraceCase Now Offers Even More Detailed Troubleshooting of Payment Transactions

COMPRION’s field tester TraceCase now has an EMV Payment Translator that can interpret application-specific payment commands and thus enables even...

Read more

previewImage
How to Trigger on NFC Commands and Measure Timings

Often the biggest challenge when you analyze NFC is establishing proper trigger conditions that provide a stable display of waveforms. With...

Read more

Kathleen Knievel

Corporate Marketing Manager

Phone +49 5251 6859 154
kknievel@comprion.com

Related Products

OTAbility
COMPRION's unique modular approach to create use-case-specific OTA test solutions

Read more

Interoperability Test Center
The best-in-class software for comprehensive data analysis with COMPRION test systems

Read more

Read Also