9 otap tracer, 10 security, 11 how to – Siemens XT65 User Manual
Page 62: Otap tracer, Security, How to
Java User’s Guide
8.9 OTAP Tracer
63
s
wm_java_usersguide_v12
Page 62 of 123
2008-02-25
Confidential / Released
8.9
OTAP Tracer
For easy debugging of the OTAP scenario, the OTAP procedure can be traced over the serial
interface. The trace output shows details of the OTAP procedure and the used parameters. To
enable the OTAP trace output use the AT command AT^SCFG, e.g.
AT^SCFG=Trace/Syslog/OTAP,1
The serial interface on which you issue this command is then exclusively used for the OTAP
tracer. All other functionality which is normally present (AT commands or CommConnection
and System.out in Java) is not available when the tracer is on.
This feature is intended to be used during development phase and not in deployed devices.
8.10
Security
Java Security as described in
also has consequences for OTAP. If the module is in
secured mode the MIDlet signature is also relevant to the OTAP procedure. This means:
•
If the application is an unsigned version of an installed signed version of the same applica-
tion then status code 910 is returned.
•
If the applications signature does not match the module’s certificate then status code 909
is returned.
8.11
How To
This chapter is a step-by-step guide for using OTAP.
1. Do you need OTAP? Is there any chance that it might be necessary to update the Java
application, install a new one or delete it? It could be that device is in the field and you can-
not or do not want to update it over the serial line. If the answer is “yes” then read through
the following steps, if the answer is “no” then consider simply setting the OTAP SMS pass-
word to protect your system. Then you are finished with OTAP.
2. Take a look at the parameters (
), which control OTAP. You need to decide which
of them you want to allow to be changed over the air (by SMS) and which you do not. This
is mainly a question of security and what can fit into a short message. Then set the
“unchangeable” parameters with the AT command (AT^SJOTAP).
3. Prepare the http server. The server must be accessible from your device over TCP/IP. That
means there is a route from your device over the air interface to the http server and back.
When in doubt, write a small Java application using the httpConnection Interface to test it.
4. Prepare the JAR and JAD files which are to be loaded over the air. Make sure that these
files conform to the requirements listed in
and that they represent a valid appli-
cation which can be started by AT^SJRA.
5. Put the files (JAR and JAD) on the http Server. The files can either be publicly available or
protected through basic authentication. When in doubt try to download the files from the
server by using a common Web browser on a PC, which can reach your http server over
TCP/IP.
6. Prepare the SM sender. The sender must be able to send SMs, which conform to
, to your device. When in doubt try to send “normal” SMs to your device which can than
be read out from the AT command interface.
7. Test with a local device. Send a suitable short message to your device, which completes
the necessary parameter, sets and starts the operation. The operation is finished when the