Author Topic: What to buy - Dedicated Logic Analyzer vs "The new Scopes" aka. SDS824/DHO924(S)  (Read 2317 times)

0 Members and 1 Guest are viewing this topic.

Offline TracelessTopic starter

  • Frequent Contributor
  • **
  • Posts: 253
  • Country: de
I agree that this may be a challenging project -- both on the analog side (picking up the potentially small power variations, which may sit on an uncorrelated background of other fluctuations), and on the digital/logic analysis side (getting from the fluctuation patterns to the actual key).

But if the planned approach involves physically opening the device and tapping into as many digital signals as you can access (outside of the chip under investigation), then it would certainly be a use case which benefits from a mixed-signal scope which captures and displays the analog and digital channels in sync.   

Challenging - definitely. I might be wrong but I think background noise might be less of a problem if you apply differential power analysis. You repeat your measurement multiple times and then correlate the signal across many experiments lets say a dozen or maybe a few hundred. This should basically eliminate your noise floor leaving mostly the common signal across all experiments intact. The tricky part is, that all your measurements need to be exactly over the same key related instruction sequence. I.e. every trace must start exactly when the crypto operation begins and stop when it ends.
 

Online tggzzz

  • Super Contributor
  • ***
  • Posts: 21228
  • Country: gb
  • Numbers, not adjectives
    • Having fun doing more, with less
I agree that this may be a challenging project -- both on the analog side (picking up the potentially small power variations, which may sit on an uncorrelated background of other fluctuations), and on the digital/logic analysis side (getting from the fluctuation patterns to the actual key).

But if the planned approach involves physically opening the device and tapping into as many digital signals as you can access (outside of the chip under investigation), then it would certainly be a use case which benefits from a mixed-signal scope which captures and displays the analog and digital channels in sync.   

Challenging - definitely. I might be wrong but I think background noise might be less of a problem if you apply differential power analysis. You repeat your measurement multiple times and then correlate the signal across many experiments lets say a dozen or maybe a few hundred. This should basically eliminate your noise floor leaving mostly the common signal across all experiments intact. The tricky part is, that all your measurements need to be exactly over the same key related instruction sequence. I.e. every trace must start exactly when the crypto operation begins and stop when it ends.

Well, "the solution to all signal processing problems is to integrate for longer".

Nonetheless it helps to reduce noise and increase the signal (as far as possible) before measuring it.
There are lies, damned lies, statistics - and ADC/DAC specs.
Glider pilot's aphorism: "there is no substitute for span". Retort: "There is a substitute: skill+imagination. But you can buy span".
Having fun doing more, with less
 

Offline awakephd

  • Regular Contributor
  • *
  • Posts: 167
  • Country: us
BTW: As far as I can tell from the specs the SDS824 has more memory than the lower SDS8XX versions. I assume using the unofficial upgrade path 804X -> 824X will unlock the 200MHz bandwidth but the additional memory is physically missing? Has anybody tried and can confirm that?

It doesn't look like anyone has answered this bit (apologies if I just missed it).

The upgrade path not only unlocks the bandwidth, but also the additional memory. IOW, the physical memory is present in the 804, just disabled.
 

Online nctnico

  • Super Contributor
  • ***
  • Posts: 28429
  • Country: nl
    • NCT Developments
I don't think the really cheap scopes bring much to the table where it comes to logic analysis due to limitations in triggering, display abilities and memory. Same for low cost USB 'logic analysers' which offer very little in terms of triggering. If you want to dig deep into a protocol, then a real logic analyser like Tektronix TLA700 / TLA7000 series is a much better option due to having elaborate trigger sequencing. Recently some information got released for these series of logic analysers ( https://groups.io/g/logicanalyzers/topic/109776434#msg803 ) which seemingly allows to create all kinds of wild protocol decoding algorithms to run on the logic analyser itself.

But that is not where it stops. On the TLA700 you can use the TLA7AA4 module which has 125ps time resolution (albeit in a short buffer). On the TLA7012 mainframe, you can use the TLA7BB4 module which has (IIRC) 25ps time resolution (albeit in a short buffer). On top of that these modules have analog outputs which allow to pick up any signal from the probe and feed that into an oscilloscope. Using the trigger output, this allows to show an event both in the analog and digital domain with extreme resolution (assuming using a low noise 12 bit oscilloscope). And I'm not done yet... The modules can use active FET probe heads which have a bandwidth of around 2GHz and which can be fitted straight onto a circuit board using a specific footprint. So if you want to analyse a TPM module, create an interposer board for it which can connect to the logic analyser probe and you can look at the signals through an almost perfect probing system.

Last but not least: these logic analyser systems aren't even expensive. Lowball some of the sellers on Ebay and I'm sure one will bite.
« Last Edit: December 01, 2024, 12:19:27 am by nctnico »
There are small lies, big lies and then there is what is on the screen of your oscilloscope.
 

Offline TracelessTopic starter

  • Frequent Contributor
  • **
  • Posts: 253
  • Country: de
The upgrade path not only unlocks the bandwidth, but also the additional memory. IOW, the physical memory is present in the 804, just disabled.

Hey awakephd, thank you for commenting I started reading your thread , didn't get all the way through though. Thank you for clarifying that the memory is present in all models.

I don't think the really cheap scopes bring much to the table where it comes to logic analysis due to limitations in triggering, display abilities and memory. Same for low cost USB 'logic analysers' which offer very little in terms of triggering. If you want to dig deep into a protocol, then a real logic analyser like Tektronix TLA700 / TLA7000 series is a much better option due to having elaborate trigger sequencing. Recently some information got released for these series of logic analysers ( https://groups.io/g/logicanalyzers/topic/109776434#msg803 ) which seemingly allows to create all kinds of wild protocol decoding algorithms to run on the logic analyser itself.

But that is not where it stops. On the TLA700 you can use the TLA7AA4 module which has 125ps time resolution (albeit in a short buffer). On the TLA7012 mainframe, you can use the TLA7BB4 module which has (IIRC) 25ps time resolution (albeit in a short buffer). On top of that these modules have analog outputs which allow to pick up any signal from the probe and feed that into an oscilloscope. Using the trigger output, this allows to show an event both in the analog and digital domain with extreme resolution (assuming using a low noise 12 bit oscilloscope). And I'm not done yet... The modules can use active FET probe heads which have a bandwidth of around 2GHz and which can be fitted straight onto a circuit board using a specific footprint. So if you want to analyse a TPM module, create an interposer board for it which can connect to the logic analyser probe and you can look at the signals through an almost perfect probing system.

Last but not least: these logic analyser systems aren't even expensive. Lowball some of the sellers on Ebay and I'm sure one will bite.

Hey nctnico, the TLAs sound tempting. I took a quick look at ebay there are tons of versions and addons there so I'd have to do some research before being able to tell them apart. But at a glance I currently see two problems. The items seem to be in the 2000-4000€ ballpark not sure low-balling @500€ will work. The 2nd and bigger problem might be - it won't fit on my bench ;D. I mean technically it will fit, but it will occupy the whole working area. A side rack/shelf on wheels would be a possible solution but that would require extremely long probe leads which I assume is gonna cause all kinds of issues at high frequencies.
« Last Edit: December 01, 2024, 01:01:30 pm by Traceless »
 
The following users thanked this post: awakephd

Offline pdeal

  • Newbie
  • Posts: 7
  • Country: us
I had a salea logic pro 8 but sold it. It worked well for my needs which was decoding spi signals. I had two complaints with it. The first is that the usb aspect i found to be a pain. Working on a project it seems to complicate and clutter life a lot having to use the pc both for writing and debugging code and as another instrument. I prefer stand alone instruments. The second is that while the salea works well it’s very expensive for what it is. A lot of what they’re selling will that is cuteness. So I sold it for pretty close to what i bought it for. I bought instead a scope with logic inputs with the proceeds. Haven’t yet used it so i can’t say if that was a good move or not.

Another thing, the salea analog inputs are a joke. Maybe for a few hundred hertz but for anything faster forget it.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf