Using the SM130 RFID/NFC reader

Long time no blog, I know - and this post isn't even my usual. Don't worry, more posts are coming soon!

I've recently been playing around with Arduino, and with NFC tags and readers. Sparkfun (and their Aussie distributors, Little Bird Electronics sell a rather nifty NFC reader/writer, the SM130, by Sonmicro, along with a corresponding Arduino Shield for it. It has a fairly easy to use serial protocol, and supports both regular UART serial and I2C.

In order to use I2C, though, you need to flash the reader with a new firmware. Sonmicro will provide you the firmware for free, b ut the application to flash it to the device is Windows only, which puts a bit of a crimp in the plans of those of us who don't use that platform. I wanted to use the reader in I2C mode, so I decided to try and solve this not just for myself, but anyone else in the same situation.

First step was to obtain the firmware. Sonmicro promptly sent it to me when I asked, and even kindly agreed to allow me to redistribute it - so here it is, in a gist.

The first thing you might notice is that it's in a text format - hex encoded strings, line separated, all of the same length, and all with the same prefix, "FF39AA553368980B". This led me to believe that perhaps they're instructions to the SM130. This was further bolstered by the fact that FF is the start byte the SM130 uses for messages. The rest of the message doesn't seem to match, however- the third byte should be a length byte, but doesn't match.

Next, I installed windows in a VMWare instance, and installed Sonmicro's official flashing tool. I also installed a serial port monitor, so I could capture the communication that went on with the chip, and used a simple serial passthrough sketch for the arduino to cause it to transparently pass all serial communication to and from the SM130. Running the tool gave a pile of useful debug output, and the protocol was made clear - or at least, as clear as it needed to be.

The first thing the flashing tool does is send a command to the SM130, ff00019596. The manual lists this instruction (95) as 'not implemented' - clearly a bit of a fib. This instruction appears to put the device into a 'flashing' mode, and it responds with ff00029500ff, a valid response to the command, except that the checksum mysteriously does not match what the manual says it should for a standard response.

Next, the tool sends another, longer string to the device. This one doesn't match the usual command structure at all - in fact, it's the exact prefix that all the lines in the firmware files have. The device responds somewhat more succinctly than usual with a single 0x20 byte.

Then, the tool sends the firmware over. Each line in the file is decoded from hex, and sent as a single message, with the tool waiting for an 0x20 response after each. Finally, it sends another message similar to the first, which appears to set the module back to regular operation, on the new firmware.

Knowing all this, it was fairly straightforward to write a Python program that does the same thing. Here it is, in all its glory; I hope you find it useful. You can use it by passing it, in order, the path to the firmware image, the path to the serial device, and optionally, the serial baud rate to use.

Finally, as part of the project I was working on that used NFC tags, I was writing an Arduino library for interacting with the SM130. The project has turned out to be less practical than I'd hoped (I'm working on something different, though; stay tuned), so I'm not sure when I'll finish the library. In the meantime, here's my progress so far. It's not complete, but it does work, and allows you to execute basic commands against the device. A path to extending it for remaining commands should be clear to anyone who knows a little C++ and Arduino programming. An example app is in the Examples subdirectory.


blog comments powered by Disqus