Electronics > Beginners
Oscilloscope: How to trigger on 13.5MHz NFC conversation?
casper.bang:
I've been trying to capture the "active communication session" in a 13.54MHz NFC (Mifare Classic) signal, using a 10cm looped wire in between card and reader. I really only need to measure the length of a conversation, but that's no easy thing to do as an amateur, given the amplitude shift keying modulation. I have a Rigol DS1054Z so I should have memory to capture a good part, but knowing what to trigger on is a big question to me. Several run/stop and single-shot attempts have not allowed me to identify anything interesting, probably because it's well hidden in the constant 13.54MHz signal.
Does anyone have suggestions as to how I may go about measuring the length of a NFC conversation?
w2aew:
My recollection is a little rusty - but here's what I remember. Mifare Classic is a 14443-1 RFID standard device. It uses passive tags, meaning that the tag/card does not transmit anything. When it is interrogated by the reader, it responds by load modulating its loop antenna which changes the amount of RF energy absorbed by the tag/card, thus changing the amount of energy reflected back to the reader. This is called backscatter.
The reader starts up sending an unmodulated 13.56MHz carrier for a few hundred microseconds - this allows the tag/card to harvest enough energy to "turn on". Then, it used ASK (amplitude shift keying) to talk to (interrogate) the card - this interrogation lasts about 1.5ms if I recall correctly. Then the reader returns to unmodulated 13.56MHz carrier. The tag/card responds a few hundred microseconds later with its backskatter reponse. This takes the form of a 847kHz subcarrier that is ASK modulated. I think the message length can vary, but 1-2ms duration is typical. Once the tag finishes its response, the reader usually turns off a few hundred microseconds later.
Thus, the total transaction is on the order of about 4ms.
Note that is should be easy to see the ASK modulation of the interrogator/reader, it might be very difficult to see the tag response because the amplitude change observed in the 13.56MHz envelope can be quite small. And, since the response is an amplitude modulated 847kHz subcarrier, the response might just look like noise, depending on how well you're coupled.
porker1972:
I just read this:
http://keysight.electronicspecifier.com/tech-videos/nfc-testing-using-an-oscilloscope-part-1-benchtop-r-d-measurements
pix3l:
The peak peak voltage will be lower when the card/tag is modulating the field, you could probably trigger on that (depending on the trigger options that your scope has)
tatus1969:
build a simple envelope demodulator, all you need for that is a diode, and some resistors and capacitors. Using that you should be able to trigger on the load modulation as well (use osci AC coupling).
Navigation
[0] Message Index
[#] Next page
Go to full version