DOCSLIB.ORG

Towards a Trustworthy Thin Terminal for Securing Enterprise Networks By

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Towards a Trustworthy Thin Terminal for Securing Enterprise Networks By Towards a Trustworthy Thin Terminal for Securing Enterprise Networks by Evan J. Frenn A Thesis Submitted to the Faculty of the WORCESTER POLYTECHNIC INSTITUTE in partial fulfillment of the requirements for the Degree of Master of Science in Computer Science May 2013 APPROVED: Dr. Craig A. Shue, Major Advisor Dr. Krishna K. Venkatasubramanian, Reader Dr. Craig E. Wills, Head of Department Abstract Organizations have many employees that lack the technical knowledge to securely operate their machines. These users may open malicious email attachments/links or install unverified software such as P2P programs. These actions introduce significant risk to an organizations network since they allow attackers to exploit the trust and access given to a client ma- chine. However, system administrators currently lack the control of client machines needed to prevent these security risks. A possible solution to address this issue lies in attestation. With respect to computer science, attestation is the ability of a machine to prove its current state. This capability can be used by client machines to remotely attest to their state, which can be used by other machines in the network when making trust decisions. Previous research in this area has focused on the use of a static root of trust (RoT), requiring the use of a chain of trust over the entire software stack. We would argue this approach is limited in feasibility, because it requires an understanding and evaluation of all the previous states of a machine. With the use of late launch, a dynamic root of trust introduced in the Trusted Platform Module (TPM) v1.2 specification, the required chain of trust is drastically shortened, minimizing the previous states of a machine that must be evaluated. This reduced chain of trust may allow a dynamic RoT to address the limitations of a static RoT. We are implementing a client terminal service that utilizes late launch to attest to its exe- cution. Further, the minimal functional requirements of the service facilitate strong software verification. The goal in designing this service is not to increase the security of the network, but rather to push the functionality, and therefore the security risks and responsibilities, of client machines to the networks servers. In doing so, we create a platform that can more easily be administered by those individuals best equipped to do so with the expectation that this will lead to better security practices. Through the use of late launch and remote attestation in our terminal service, the system administrators have a strong guarantee the clients connecting to their system are secure and can therefore focus their efforts on securing the server architecture. This effectively addresses our motivating problem as it forces user actions to occur under the control of system administrators. 1 Acknowledgements I would sincerely like to thank my research advisor, Professor Craig Shue, for his support and guidance throughout my education at WPI. His advice and assistance on my research, coursework, and general education were greatly appreciated. Specifically, he provided in- sightful and supportive criticism on my thesis and I am truly thankful for the time and effort he has given to supporting my education. I wish to thank all my teachers for their help and support. In particular, I would like to thank Professor Krishna Venkatasubramanian, my thesis reader, for his time and valuable effort. I would like to thank Dr. Nathanael Paul for his enthusiasm and introduction into the field covered in my thesis. I would also like to thank my fellow students in the ALAS lab for their intellectually stimulating conversations and thoroughly enjoyed working with all of them. Lastly, I would like to thank my family and friends for their support in accomplishing this thesis. Without the help of all those mentioned, this work would not be possible. 2 Contents 1 INTRODUCTION 7 2 BACKGROUND 10 2.1 Trusted Platform Module . 10 2.1.1 Remote Attestation . 10 2.1.2 Root of Trust for Measurement . 11 2.1.3 Root of Trust for Storage . 11 2.1.4 Root of Trust for Reporting . 12 2.1.5 Late Launch . 12 2.1.6 Intel Trusted Execution Technology . 12 2.2 ARM TrustZone . 13 2.2.1 TrustZone Hardware . 13 2.2.2 TrustZone Software . 14 3 RELATED WORK 14 3.1 Attestation . 15 3.1.1 Hardware-based Attestation . 15 3.1.2 Software-based Attestation . 18 3.1.3 Time Of Check, Time Of Use . 19 3.2 Isolation . 20 3.2.1 Mobile-based Approaches . 22 3.3 Related Applications . 23 4 Trusted Thin Terminal Design Overview 23 4.1 Adversary Model and Limitations . 25 5 Trusted Thin Terminal Architecture 27 5.1 Trusted Thin Terminal Display . 27 5.2 User Input . 29 5.3 Network Interface Card Support . 32 5.4 TCP/IP stack . 33 5.4.1 Link Layer . 33 5.4.2 Network Layer . 33 5.4.3 Transport Layer . 34 5.4.4 Application Layer . 34 5.5 Design and Implementation Issues . 34 3 6 Results 35 7 Future work 37 7.1 Driver Support . 37 7.2 Authentication . 38 8 Conclusion 38 4 Glossary AC module Authenticated Code module. ACPI Advanced Configuration and Power-management Inter- face. AIK Attestation Identity Key. APIC Advanced Programmable Interrupt Controller. BSP bootstrap processor. BYOD Bring Your Own Device. CoT Chain of Trust. CPL current privilege level. DMA Direct Memory Access. DMAR DMA Remapping. DRTM Dynamic Root of Trust for Measurement. EK Endorsement Key. FCS Frame Check Sequence. GDT Global Descriptor Table. I/O APIC IO APIC. IDT Interrupt Descriptor Table. ILP Initiating Logical Processor. IM Itermediate Driver. ISR Interrupt Service Routine. KBC keyboard controller. KBE keyboard encoder. LOC lines of code. Local APIC Local APIC. LPC bus Low Pin Count bus. 5 MLE Measured Launch Environment. MSR model-specific register. MTM Mobile Trusted Module. NDIS Network Driver Interface Specification. NIC Network Interface Card. NV memory Non-Volatile Memory. NW Normal World. OIC Other Interrupt Controller. OS Operating System. PAL Piece of Application Logic. PALs Pieces of Application Logic. PCH Platform Controller Hub. PCIe PCI Express. PCR Platform Configuration Register. PIC Programmable Interrupt Controller. PKI Public Key Encryption. PMR Protected Memory Region. RA Remote Attestation. RCBA Root Complex Base Address. RLP Responding Logical Processor. RoT Root of Trust. RTM Root of Trust for Measurement. RTR Root of Trust for Reporting. RTS Root of Trust for Storage. SMI System Management Interrupt. SMM System Management Mode. SMP Symmetric Multiprocessing. SMRAM System Management RAM. SMT Symmetric Multi-Threading. 6 SRK Storage Root Key. SRTM Static Root of Trust for Measurement. STM SMM Transfer Monitor. SW Secure World. TC Trusted Computing. TCB Trusted Computing Base. TCG Trusted Computing Group. TEE Trusted Execution Environment. TLR Trusted Language Runtime. TOCTOU Time Of Check, Time Of Use. TP Trusted Path. TPM Trusted Platform Module. TTT Trusted Thin Terminal. TXT Trusted Execution Technology. VGA Video Graphics Array. VM virtual machine. VMM Virtual Machine Monitor. VT-x Intel Virtualization Technology. vTPM virtual TPM. 7 1 INTRODUCTION A fundamental problem with respect to computer security lies in the disparity between the trust and trustworthiness of today's systems. Currently available commodity computers are designed to use Operating Systems (OSs) that require trust from any application running on the system. This trust is inherent to the privilege hierarchy of x86 systems, allowing any software executing in ring 0, namely the kernel, unrestricted access to any application running in ring 3, namely user applications. We formally define trust in the context of computer security as the dependence of A on B, such that the actions of B can influence the security goals of A. As a brief example, the confidentiality of any password input for an application, such as an email account or VPN client, is implicitly a security goal. Any application requiring password input from the user is required to place trust in the operating system as it provides access to user input and can directly affect the confidentiality of the password. While trust in the OS is intrinsic to the design of today's prominent systems, these systems are generally lacking in trustworthiness. We define trustworthiness as the ability of the previously mentioned entity B to ensure the security goals desired by A. There are several design characteristics common to today's prominent operating systems that inhibit their trustworthiness. One of the leading factors to OS's low assurance is their large code bases. For example, Linux 3.6 has roughly 16 million lines of code (LOC) [1] and while Microsoft has not released the size of Windows Vista, 7, or 8, the last released size of Windows XP was roughly 45 million LOC [2]. The extremely large code base of both operating systems is generally caused by over privileging many of their provided features and make it impractical to formally verify the system with regards to security. As an example of improper use of privilege domains commonly employed, device drivers generally do not need the full capabilities that come with running in kernel mode including complete access to system memory. They are, however, usually run within ring 0, needlessly increasing the code base that must be trusted, termed the Trusted Computing Base (TCB). A desirable feature currently lacking from commodity systems is the ability of software to authenticate itself to remote parties. This manifests in a lack of trustworthiness that an application can place in data received from a remote party, either inducing input validation and sanitization requirements or creating possible vulnerabilities. As an example taken from [3], game servers are not able to identify whether network input is coming from a valid version of client software or a version corrupted by a cheating user and must therefore either take precautions to validate client input or allow the user to cheat.
Load more

Recommended publications
  • User's Manual L Tqmx80uc UM 0102 L © 2020, TQ-Systems Gmbh Page I
    User's Manual l TQMx80UC UM 0102 l © 2020, TQ-Systems GmbH Page i TQMx80UC User's Manual TQMx80UC UM 0102 2020-02-04 User's Manual l TQMx80UC UM 0102 l © 2020, TQ-Systems GmbH Page i TABLE OF CONTENTS 1. ABOUT THIS MANUAL......................................................................................................................................................................... 1 1.1 Copyright and License Expenses .................................................................................................................................................... 1 1.2 Registered Trademarks ...................................................................................................................................................................... 1 1.3 Disclaimer ............................................................................................................................................................................................... 1 1.4 Imprint ..................................................................................................................................................................................................... 1 1.5 Service and Support ............................................................................................................................................................................ 1 1.6 Tips on Safety .......................................................................................................................................................................................
    [Show full text]
  • 21APPN003 E1 Appnote 003 Application Note
    21APPN003 E1 - 2002-12-18 Using P1/P501 Graphics on MEN 824x/ALI boards under ELinOS Application Note Embedded Solutions Board-Level Computers for Industrial Applications ® About this Document About this Document This document describes how to configure P1/P501 graphics mezzanines under ELinOS 2.1 on MEN’s 824x/ALI series PowerPC boards (F1N, B11, A12, D3, SC13). When you have followed these instructions, you'll be able to: • use a VGA monitor as a Linux text console. • access the graphics memory from an application program through /dev/fb0. • run QT/embedded programs. • run X-Window system server (on a frame buffer basis). History Edition Description Technical Content Date of Issue E1 First edition Klaus Popp 2002-12-18 Conventions This sign marks important notes or warnings concerning proper functionality of the ! product described in this document. You should read them in any case. italics Folder, file and function names are printed in italics. bold Bold type is used for emphasis. monospace A monospaced font type is used for listings, C function descriptions or wherever appropriate. hyperlink Hyperlinks are printed in blue color. The globe will show you where hyperlinks lead directly to the Internet, so you can look for the latest information online. MEN Mikro Elektronik GmbH 2 21APPN003 E1 - 2002-12-18 About this Document Copyright Information MEN reserves the right to make changes without further notice to any products herein. MEN makes no warranty, representation or guarantee regarding the suitability of its products for any particular purpose, nor does MEN assume any liability arising out of the application or use of any product or circuit, and specifically disclaims any and all liability, including without limitation consequential or incidental damages.
    [Show full text]
  • IBM VGA XGA Technical Refe
    Preliminary Draft May 19th 1992 Video Subsystem Preliminary Draft May 19th 1992 2 Preliminary Draft May 19th 1992 Video Subsystem Section 1. Introduction ....................... 1-1 Video Subsystem .......................... 1-2 Section 2. VGA Function ...................... 2-1 VGA Function Introduction ..................... 2-5 Major Components ......................... 2-7 Hardware Considerations ..................... 2-11 Modes of Operation ......................... 2-12 Video Memory Organization .................... 2-24 Registers ............................... 2-41 VGA Programming Considerations ................ 2-97 Video Digital-to-Analog Converter ............... 2-104 VGA Video Extensions ...................... 2-107 Section 3. XGA Function ...................... 3-1 XGA Function Introduction ..................... 3-7 VGA compatibility .......................... 3-16 132-Column Text Mode ....................... 3-16 Extended Graphics Mode ...................... 3-20 XGA Display Controller Registers ................. 3-34 Coprocessor Description ...................... 3-90 Coprocessor Registers ...................... 3-132 XGA System Interface ....................... 3-169 Virtual Memory Description ................... 3-177 | XGA Adapter Identification, Location and XGA Mode Setting 3-192 | VGA Modes ............................. 3-223 | Programming the XGA subsystem ............... 3-230 Section 4. Display Connector ................... 4-1 Display Connector Introduction .................. 4-2 Index .................................
    [Show full text]
  • Compile Your Own Linux Kernel Introduction
    LinuxFocus article number 252 http://linuxfocus.org by Philip de Groot Compile your own Linux kernel <philipg/at/authors.linuxfocus.org> About the author: I expect to receive my PhD from the Universiteit van Nijmegen during this year. My thesis is on what we call chemometrics. I'm presently working on computer technology applied to biology, at the Academic Medical Center in Amsterdam, the Netherlands. In addition I maintain my own page for Linux newbies Abstract: (in Dutch): it is one of the many initiatives by and for You will presently find out that you too can get, configure, compile, the linux community. I love and install your very own kernel. working with Linux and I frequently report on my experiences. _________________ _________________ _________________ Translated to English by: Nino R. Pereira <pereira/at/speakeasy.org> Introduction Why would you even want to compile and install a new kernel all your own? Possible reasons are: The new kernel has better hardware support. The new kernel offers certain advantages, such as better support for multiple-processor machines (SMP), or support for the USB. This applies to the 2.4.x kernels. The new kernel lacks old bugs. Your own kernel lacks superfluous elements and is therefore faster and more stable. It is a problem that compiling ("rolling") your own kernel demands a fair amount of computer savvy. Therefore a new Linux user will not attempt to get into compiling kernels lightly. This article shows screen dumps of the way to do compile the kernel using the command 'make xconfig'. With this command the user handles the kernel through a GUI, a Graphical User Interface, and the mouse.
    [Show full text]
  • Masters Thesis, Toomas Soome 2018
    UNIVERSITY OF TARTU Institute of Computer Science Computer Science Curriculum Toomas Soome Porting and Developing a Boot Loader Master’s Thesis (30 ECTS) Supervisor(s): Meelis Roos Tartu 2018 Porting and Developing a Boot Loader Abstract: This paper describes the project to replace outdated boot program in illumos project with alternative one, allowing to provide better support for modern and future computer systems and having an architecture to support extending and improving the implementation. Keywords: Boot Loader, Operating System, FreeBSD, illumos CERCS: P175 Informatics, systems theory Boot programmi portimine ja arendamine Lühikokkuvõte: See magistritöö kirjeldab projekti, mille eesmärk oli asendada illumos projektis aegunud boot programm alternatiivsega, mis võimaldab paremini toetada kaasaegseid ja tuleviku süsteeme ning mille arhitektuur võimaldab parenduste ja täienduste kirjutamist. Võtmesõnad: Boot Loader, Operating System, FreeBSD, illumos CERCS: P175 Informaatika, süsteemiteooria 2 Table of Contents 1 Introduction .............................................................................................................. 5 1.1 What is this all about ......................................................................................... 5 2 Boot Loader .............................................................................................................. 6 2.1 Boot Loader Components.................................................................................. 6 Access to the Storage ...............................................................................................
    [Show full text]
  • CHIPS 69000 Data Book
    69000 69000 HiQVideo Accelerator with Integrated Memory Data Sheet Revision 1.3 August 1998 PRELIMINARY Copyright Notice Copyright 1997-98 Chips and Technologies, Inc., a subsidiary of Intel Corporation. ALL RIGHTS RESERVED. This manual is copyrighted by Chips and Technologies, Inc., a subsidiary of Intel Corporation. You may not reproduce, transmit, transcribe, store in a retrieval system, or translate into any language or computer language, in any form or by any means - elec- tronic, mechanical, magnetic, optical, chemical, manual, or otherwise - any part of this publication without the express written permission of Chips and Technologies, Inc., a subsidiary of Intel Corporation. Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at 252.277-7013. Trademark Acknowledgment CHIPS Logo is a registered trademark of Chips and Technologies, Inc., a subsidiary of Intel Corporation. HiQVideo, is a trademark of Chips and Technologies, Inc., a subsidiary of Intel Corporation. All other trademarks are the property of their respective holders. Disclaimer This document provides general information for the customer. Chips and Technologies, Inc., a subsidiary of Intel Corporation, reserves the right to modify the information contained herein as necessary and the customer should ensure that it has the most recent revision of the document. CHIPS makes no warranty for the use of its products and bears no responsibility for any errors which may appear in this document. The customer should be on notice that many different parties hold patents on products, components, and processes within the personal computer industry.
    [Show full text]
  • Building Coreboot for Protectli Platforms
    Building coreboot for Protectli platforms Step-by-step guide 3MDEB CONTACT ul. Burgaska 9D/10 Piotr Król, 3mdeb CEO 80-287 Gdańsk, Poland +48 880 673 344 TAX ID: PL2530164147 [email protected] Website About Us Introduction This document describes how to build a coreboot image for Protectli platforms using the upstream coreboot repository. Although coreboot is an open-source firmware framework, building firmware for x86 architecture is currently impossible without certain blobs. These blobs consists of: CPU microcode (automatically included during build process) Intel Firmware Support Package - silicon initialization code in binary form require to initialize modern Intel CPU. May be automatically included in coreboot image or an explicitly selected blob file. VGA option ROM - a binary required for BIOS graphics output to display logo or boot menu Preparing environment In order to build coreboot image a Linux operating system is preferred. Additionally a docker container will be used in the build process to ensure all the libraries and utilities have correct versions, the appropriate toolchain is present and the build will proceed without errors. Install Docker for the Linux distribution you are using. You may refer to https://docs.docker.com/engine/install/ for installation process. The build process is also possible on Windows 10 machine. However it requires Pro version to have correct Docker support and it has not been thoroughly validated. If you are experienced enough, you may try Windows. Install git: sudo apt-get install git # or sudo yum install git # or sudo dnf install git . Clone the coreboot repository with its submodules: git clone --recurse-submodules https://review.coreboot.org/coreboot.git .
    [Show full text]
  • User-Space Debugging Simplifies Driver Development
    QNX Software Systems Ltd. 175 Terence Matthews Crescent Ottawa, Ontario, Canada, K2M 1W8 Voice: 1 800 676-0566 +1 613 591-0931 Email: [email protected] Web: www.qnx.com User-Space Debugging Simplifies Driver Development Chris McKillop QNX Software Systems Ltd. [email protected] Introduction The traditional approach to driver development, in which every driver is written and debugged as part of the OS kernel, can seriously hamper the progress of an embedded project. For instance, a single programming error in any kernel-space driver can crash the target system. As a result, driver developers often waste time rebuilding and rebooting the target instead of actually testing and debugging software. To complicate matters, most embedded systems lack the non-volatile storage needed to save a kernel core dump between reboots. This makes post- mortem debugging which would help locate the source of the system failure nearly impossible. As a further problem, kernel debuggers typically halt the entire system while the developer inspects the code or data of the driver being debugged. Because everything must run in lockstep with the debugger, the developer can easily miss bugs that would occur in a live system, where events happen asynchronously. Debugging Drivers in User Space Page 1 Fortunately, not all OSs rely on in-kernel drivers. The QNX® Neutrino® microkernel OS, for instance, treats every driver as a standard, user-space application. So, if any driver fails, the OS can cleanly terminate the driver and reclaim all the resources it was using; there’s no need to rebuild and reboot. Better yet, drivers can be debugged with the same, standard process-level debuggers used to debug regular applications.
    [Show full text]
  • VGA Function Specification Gxm/Mxi Processors
    VGA Function Specification GXm/MXi Processors January 16, 1998 - Rev. 0.1 Cyrix Corporation Confidential ©1998 Copyright Cyrix Corporation. All rights reserved. Printed in the United States of America Cyrix is a registered trademark of Cyrix Corporation. Cyrix Trademarks include: Cx5520, Cx5530, Display Compression Technology (DCT), MediaGX, XpressAUDIO, XpressGRAPHICS, XpressRAM, Virtual System Architecture (VSA) All other products mentioned herein are trademarks of their respective owners and are hereby recognized as such. Cyrix is a wholly-owned subsidiary of National Semiconductor® Corp. Cyrix Corporation 2703 North Central Expressway Richardson, Texas 75080 United States of America Cyrix Corporation (Cyrix) reserves the right to make changes in the devices or specification described herein without notice. Before design-in or order placement, customers are advised to verify that the information on which orders or design activities are based is current. Cyrix warrants its products to conform to current specifications in accordance with Cyrix’ standard warranty. Testing is performed to the extent necessary as determined by Cyrix to support this warranty. Unless explicitly specified by customer order requirements, and agreed to in writing by Cyrix, not all device characteristics are necessarily tested. Cyrix assumes no liability, unless specifically agreed to in writing, for customer’s product design or infringement of patents or copyrights of third parties arising from use of Cyrix devices. No license, either express or implied, to Cyrix patents, copyrights, or other intellectual property rights pertaining to any machine or combination of Cyrix devices is hereby granted. Cyrix products are not intended for use in any medical, life saving, or life sustaining systems.
    [Show full text]
  • P Relim~Inary
    ••••••••••••• ••••• ••••••••••••••• ••••• • •••• ~ni~~ ______________p_relim~inary 82C456/460 ENHANCED FLAT PANEL/CRT VGA CONTROLLER DATABOOK February 1990 Revision 0.03 STK# 10456-001 c .:::::= :=:~ ::::: •• ::::: \.t;ir-:, _____________________________ P_R_EL_IM_IN_A__ RY 82C456/460 ENHANCED FLAT PANEL / CRT VGA CONTROLLER • 100% IBM VGA-compatible II Text enhancement feature improves contrast on flat panel displays • Supports analog and digital CRT monitors and LCD, plasma, and electroluminescent II Programmable vertical compensation panels techniques increase usable display area • Up to 64 gray levels on monochrome &I IBM VGA monochrome CRT compatibility panels on monochrome panels • RGB color to grayscale reduction II Advanced SLEEP mode minimizes power techniques consumption • Drives color panels with 64 colors til Proven DOS and OS/2TM compatibility II SMARTMApTM intelligent color to grayscale • Full backwards compatibility with IBM conversion EGA, CGA, MDA and Hercules graphics standards ... 82C460 ~ Address Address I--- -----+ Buffer ~ Palette ..... -"'- DAC To CRT Data u Data .... -~ Xcvr .. Sync ........ r- 82C456 Driver BIOS '-- ~ ROM -- -----+ To Flat Video .. ... Panel .. Driver .. Control ... : Video Memory 82C456 SYSTEM BLOCK DIAGRAM STK # 10456-001 Printed in U.S.A 2190 Rev 0.03 •••••• •••• ••••• •••• ....... .. .:~: ...........• . '-" i r-:- ________________T_ab_le_o_f C_o_nt_e_nts Table of Contents ~S~e~ct~io~n~ ________________________ ~ Sect jon Eag.e, 82C456 Introduction........................................ 3 Programming
    [Show full text]
  • Is There a New Loader in Freebsd 13.0? by TOOMAS SOOME
    1 of 4 Is There a New Loader in FreeBSD 13.0? BY TOOMAS SOOME The short answer is “no, it is still the same good old loader.” But we are trying to make it more friendly and support more features. I started working with boot loaders that were not on FreeBSD but on illumos. At that time, illumos was using old grub 0.96 and supported only the BIOS boot. UEFI systems were already around at that time and illumos really needed to support UEFI systems. My initial work was to investigate newer grub. It was feature-rich, widely used but hard to manage, and its licensing is not friendly when you need to support features specific to file systems like zfs or to add operat- ing-system specific features. This led me to the FreeBSD boot loader and contributing to its de- velopment. When I started porting the FreeBSD boot loader to illumos, illumos supported a serial con- sole and VGA text mode console only. To support UEFI, I had to implement support for the UEFI framebuffer-based console for the illumos kernel. Once implemented, a logical step was to add the same feature for the loader, and when there is an option to draw the console on the UEFI framebuffer, then re-using the same code to draw on the Vesa BIOS Extensions (VBE) lin- ear framebuffer is just another logical step in development. Once done, we got public postings like this https://omnios.org/setup/fb: Figure 1 Loader with ascii art. FreeBSD Journal • March/April 2020 17 2 of 4 Figure 2 Loader with images.
    [Show full text]
  • RDT64 (Retro Dumb-Terminal) User's Manual
    RETRO DUMB-TERMINAL RDT64-1 CIRCUIT BOARD USER’S MANUAL 2020.11.12 Lucid Technologies http://www.lucidtechnologies.info/ Email: [email protected] Copyright © 2020 by Lucid Technologies All rights reserved The information in this manual has been carefully checked and is believed to be accurate. However, Lucid Technologies makes no warranty for the use of its products and assumes no responsibility for any errors which may appear in this document. Lucid Technologies reserves the right to make changes in the products contained in this manual in order to improve design or performance and to supply the best possible product. Lucid Technologies assumes no liability arising out of the application or use of any product or circuit described herein; neither does it convey any license under its patent rights, nor the rights of others. RDT64, Retro Dumb-Terminal 2 CONTENTS 1.0 Introduction 1.1 Specifications 2.0 VGA Terminal Design 2.1 Counting pixels and lines 2.2 Generating the video 2.3 Video color 2.4 Video static RAM 2.5 Keyboard interface 2.6 Host serial port 3.0 Software Description 3.1 Settings 4.0 RDT64-1 Circuit Board Assembly 4.1 Preparation 4.2 Assembly checklist 4.3 Circuit board checkout 5.0 Customization Appendix A RDT64-1 Printed Circuit Board (PCB) Parts List Appendix B RDT64-1 System Parts List Appendix C RS-232 Serial Interface Connector Appendix D PS/2 Keyboard Connector Appendix E VGA Display Connector Appendix F References Appendix G Response to Control Characters from Host Appendix H Response to Escape Sequences from Host Appendix I Character EPROM Appendix J Default Font Appendix K Schematics Appendix L Circuit Board Image RDT64, Retro Dumb-Terminal 3 1.0 Introduction The RDT64 (Retro Dumb-Terminal) is just what the name implies.
    [Show full text]