There are software based solutions which rely on install additional low level drivers onto the target for capturing packets. What if the target system is a non-PC and what if the packet is malformed? A logic anaylzer is the closest solution right now, but is limited in the analysis and can get expensive.
I was working on ]getting a software based USB on the STM8 as part of my work on HID Multimedia Dial. Windows fails to recognize the device as there are some bugs to work out. I tried a software based USB logger, but the software failed to capture the packet as it was not recognize by the operating system.
Also one of the hurdles of software based solution under Windows - code signing for low level driver. This is the fate of USBPcap that ran into a BSOD bug and requires code signing certificate for a bug fix.
With a transparent hardware device, no software is needed on the target. I am thinking of dumping raw USB packet onto a PC and writing to wireshark files for analysis.
The problem with USB is that it is a half duplex protocol and there are no receive only USB SIE (serial interface engine) for snooping the traffic. One could probably use a high end microcontroller with both Host and Device ports for transparently passing through packet while snooping. It is also possible to implement a custom SIE using hardware or software. e.g. V-USB is a pure software implementation, but is limited to Low Speed (1.5Mbps).
This project will focus on Low or Full speed USB and use a microcontroller with minimum of additional components. This project relaxes some of the hard real time requirements as it does not interact with the traffic. My initial thought was to take advantage of the SPI for sampling the serial stream and introduce a phase shift to sample the closer to the center of the data window. As I let my mind ponder the question while running some errant, I realized that I could simply sample the signal at 2X the data rate and worry about recovering the data afterwards.
While the datasheet specifies an upper limit of 18Mbps data rate, I have successfully overclock the SPI MOSI of the STM32F030 to 25Mbps in "Low Cost VGA Terminal Module". I hope the same would be true of the MISO input. DMA is require to move around data at 24Mbps (3M bytes/s).
USB waveforms looks something like this:
Source: AN57294 - USB 101: An Introduction to Universal Serial Bus 2.0
The signals for 1.5Mbps/12Mbps are full swing 3.3V logic level, so they can be interfaced to GPIO. A brief Single Ended Zero (SE0) state is used to indicate End Of Packet (EOP).
To detect this using an external interrupt, we would need to add an external logic gate. (I have also considered making a missing pulse detector out of a timer.) The interrupt would then terminate the DMA transfer. We have no way of knowing what packet type and length will be received until the PID field is decoded.
I have decided to use MOSI as the other data pin. It can be used for figuring out the connection speed.
For capturing, we have up to 32 clock cycles during the SYNC. According to ARM, the interrupt latency is 16 cycles which already includes pushing a few registers onto the stack.
This is an optimistic number as:
- The ARM core will be running from FLASH with 1 wait state.
- This latency applies to the core. There are additional cycles for external signals - synchronization crossing clock boundary, delays inside peripherals
The project picture is a composite from: